Skip to content

Commit

Permalink
Refactor OC\Server::getSecureRandom
Browse files Browse the repository at this point in the history
  • Loading branch information
summersab committed Aug 29, 2023
1 parent 613cd16 commit b59ae1c
Show file tree
Hide file tree
Showing 11 changed files with 21 additions and 14 deletions.
3 changes: 2 additions & 1 deletion core/Command/Maintenance/Install.php
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
use OC\Setup;
use OC\SystemConfig;
use OCP\Defaults;
use OCP\Security\ISecureRandom;
use Psr\Log\LoggerInterface;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Helper\QuestionHelper;
Expand Down Expand Up @@ -80,7 +81,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
$server->getL10N('lib'),
$server->query(Defaults::class),
$server->get(LoggerInterface::class),
$server->getSecureRandom(),
$server->get(ISecureRandom::class),
\OC::$server->query(Installer::class)
);
$sysInfo = $setupHelper->getSystemInfo(true);
Expand Down
2 changes: 1 addition & 1 deletion lib/private/Cache/File.php
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ public function set($key, $value, $ttl = 0) {
$storage = $this->getStorage();
$result = false;
// unique id to avoid chunk collision, just in case
$uniqueId = \OC::$server->getSecureRandom()->generate(
$uniqueId = \OC::$server->get(ISecureRandom::class)->generate(
16,
ISecureRandom::CHAR_ALPHANUMERIC
);
Expand Down
3 changes: 2 additions & 1 deletion lib/private/DB/Connection.php
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@
use OCP\IRequestId;
use OCP\PreConditionNotMetException;
use OCP\Profiler\IProfiler;
use OCP\Security\ISecureRandom;
use OC\DB\QueryBuilder\QueryBuilder;
use OC\SystemConfig;
use Psr\Log\LoggerInterface;
Expand Down Expand Up @@ -592,7 +593,7 @@ public function migrateToSchema(Schema $toSchema, bool $dryRun = false) {

private function getMigrator() {
// TODO properly inject those dependencies
$random = \OC::$server->getSecureRandom();
$random = \OC::$server->get(ISecureRandom::class);
$platform = $this->getDatabasePlatform();
$config = \OC::$server->getConfig();
$dispatcher = \OC::$server->get(\OCP\EventDispatcher\IEventDispatcher::class);
Expand Down
2 changes: 1 addition & 1 deletion lib/private/Security/SecureRandom.php
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
* use a fallback.
*
* Usage:
* \OC::$server->getSecureRandom()->generate(10);
* \OC::$server->get(ISecureRandom::class)->generate(10);
* @package OC\Security
*/
class SecureRandom implements ISecureRandom {
Expand Down
2 changes: 1 addition & 1 deletion lib/private/Setup.php
Original file line number Diff line number Diff line change
Expand Up @@ -510,7 +510,7 @@ public static function updateHtaccess() {
\OC::$server->getL10N('lib'),
\OCP\Server::get(Defaults::class),
\OC::$server->get(LoggerInterface::class),
\OC::$server->getSecureRandom(),
\OC::$server->get(ISecureRandom::class),
\OCP\Server::get(Installer::class)
);

Expand Down
2 changes: 1 addition & 1 deletion lib/private/Setup/PostgreSQL.php
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ public function setupDatabase($username) {
//add prefix to the postgresql user name to prevent collisions
$this->dbUser = 'oc_' . strtolower($username);
//create a new password so we don't need to store the admin config in the config file
$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
$this->dbPassword = \OC::$server->get(ISecureRandom::class)->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);

$this->createDBUser($connection);

Expand Down
7 changes: 4 additions & 3 deletions lib/private/Share20/ProviderFactory.php
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@
use OCP\Defaults;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\IServerContainer;
use OCP\Security\ISecureRandom;
use OCP\Share\IManager;
use OCP\Share\IProviderFactory;
use OCP\Share\IShare;
Expand Down Expand Up @@ -146,7 +147,7 @@ protected function federatedShareProvider() {
$this->serverContainer->get(LoggerInterface::class),
);
$tokenHandler = new TokenHandler(
$this->serverContainer->getSecureRandom()
$this->serverContainer->get(ISecureRandom::class)
);

$this->federatedProvider = new FederatedShareProvider(
Expand Down Expand Up @@ -188,7 +189,7 @@ protected function getShareByMailProvider() {
$this->shareByMailProvider = new ShareByMailProvider(
$this->serverContainer->getConfig(),
$this->serverContainer->getDatabaseConnection(),
$this->serverContainer->getSecureRandom(),
$this->serverContainer->get(ISecureRandom::class),
$this->serverContainer->getUserManager(),
$this->serverContainer->getLazyRootFolder(),
$this->serverContainer->getL10N('sharebymail'),
Expand Down Expand Up @@ -230,7 +231,7 @@ protected function getShareByCircleProvider() {
if ($this->shareByCircleProvider === null) {
$this->shareByCircleProvider = new \OCA\Circles\ShareByCircleProvider(
$this->serverContainer->getDatabaseConnection(),
$this->serverContainer->getSecureRandom(),
$this->serverContainer->get(ISecureRandom::class),
$this->serverContainer->getUserManager(),
$this->serverContainer->getLazyRootFolder(),
$this->serverContainer->getL10N('circles'),
Expand Down
5 changes: 3 additions & 2 deletions lib/private/legacy/OC_Util.php
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@
use OCP\IGroupManager;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\Security\ISecureRandom;
use OCP\Share\IManager;
use Psr\Log\LoggerInterface;

Expand Down Expand Up @@ -518,7 +519,7 @@ public static function checkServer(\OC\SystemConfig $config) {
\OC::$server->getL10N('lib'),
\OC::$server->get(\OCP\Defaults::class),
\OC::$server->get(LoggerInterface::class),
\OC::$server->getSecureRandom(),
\OC::$server->get(ISecureRandom::class),
\OC::$server->get(\OC\Installer::class)
);

Expand Down Expand Up @@ -845,7 +846,7 @@ public static function getInstanceId() {
$id = \OC::$server->getSystemConfig()->getValue('instanceid', null);
if (is_null($id)) {
// We need to guarantee at least one letter in instanceid so it can be used as the session_name
$id = 'oc' . \OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
$id = 'oc' . \OC::$server->get(ISecureRandom::class)->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
\OC::$server->getSystemConfig()->setValue('instanceid', $id);
}
return $id;
Expand Down
4 changes: 3 additions & 1 deletion lib/public/Security/ISecureRandom.php
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,15 @@
*/
namespace OCP\Security;

use OCP\Security\ISecureRandom;

/**
* Class SecureRandom provides a wrapper around the random_int function to generate
* secure random strings. For PHP 7 the native CSPRNG is used, older versions do
* use a fallback.
*
* Usage:
* \OC::$server->getSecureRandom()->generate(10);
* \OC::$server->get(ISecureRandom::class)->generate(10);
*
* @since 8.0.0
*/
Expand Down
3 changes: 2 additions & 1 deletion tests/lib/DB/MigratorTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
use OC\DB\SQLiteMigrator;
use OCP\DB\Types;
use OCP\IConfig;
use OCP\Security\ISecureRandom;

/**
* Class MigratorTest
Expand Down Expand Up @@ -61,7 +62,7 @@ protected function setUp(): void {

private function getMigrator(): Migrator {
$platform = $this->connection->getDatabasePlatform();
$random = \OC::$server->getSecureRandom();
$random = \OC::$server->get(ISecureRandom::class);
$dispatcher = \OC::$server->get(\OCP\EventDispatcher\IEventDispatcher::class);
if ($platform instanceof SqlitePlatform) {
return new SQLiteMigrator($this->connection, $this->config, $dispatcher);
Expand Down
2 changes: 1 addition & 1 deletion tests/lib/TestCase.php
Original file line number Diff line number Diff line change
Expand Up @@ -255,7 +255,7 @@ protected static function invokePrivate($object, $methodName, array $parameters
* @return string
*/
protected static function getUniqueID($prefix = '', $length = 13) {
return $prefix . \OC::$server->getSecureRandom()->generate(
return $prefix . \OC::$server->get(ISecureRandom::class)->generate(
$length,
// Do not use dots and slashes as we use the value for file names
ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER
Expand Down

0 comments on commit b59ae1c

Please sign in to comment.