Skip to content

Commit

Permalink
Merge pull request #27860 from J0WI/alphanumeric-rnd
Browse files Browse the repository at this point in the history
Introduce ISecureRandom::CHAR_ALPHANUMERIC
  • Loading branch information
nickvergessen authored Jul 16, 2021
2 parents 23df99d + 91051d9 commit f86f594
Show file tree
Hide file tree
Showing 16 changed files with 18 additions and 22 deletions.
2 changes: 1 addition & 1 deletion apps/dav/lib/CalDAV/Schedule/IMipPlugin.php
Original file line number Diff line number Diff line change
Expand Up @@ -692,7 +692,7 @@ private function getAbsoluteImagePath($path) {
* @return string
*/
private function createInvitationToken(Message $iTipMessage, $lastOccurrence):string {
$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC);

/** @var VEvent $vevent */
$vevent = $iTipMessage->message->VEVENT;
Expand Down
2 changes: 1 addition & 1 deletion apps/dav/lib/Controller/DirectController.php
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ public function getUrl(int $fileId, int $expirationTime = 60 * 60 * 8): DataResp
$direct->setUserId($this->userId);
$direct->setFileId($fileId);

$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC);
$direct->setToken($token);
$direct->setExpiration($this->timeFactory->getTime() + $expirationTime);

Expand Down
2 changes: 1 addition & 1 deletion apps/dav/tests/unit/Controller/DirectControllerTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ public function testGetUrlValid() {
$this->random->method('generate')
->with(
60,
ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS
ISecureRandom::CHAR_ALPHANUMERIC
)->willReturn('superduperlongtoken');

$this->directMapper->expects($this->once())
Expand Down
2 changes: 1 addition & 1 deletion apps/encryption/lib/Crypto/EncryptAll.php
Original file line number Diff line number Diff line change
Expand Up @@ -394,7 +394,7 @@ protected function setupUserFS($uid) {
* @return string password
*/
protected function generateOneTimePassword($uid) {
$password = $this->secureRandom->generate(8);
$password = $this->secureRandom->generate(16, ISecureRandom::CHAR_HUMAN_READABLE);
$this->userPasswords[$uid] = $password;
return $password;
}
Expand Down
2 changes: 1 addition & 1 deletion apps/federatedfilesharing/lib/TokenHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ public function __construct(ISecureRandom $secureRandom) {
public function generateToken() {
$token = $this->secureRandom->generate(
self::TOKEN_LENGTH,
ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
ISecureRandom::CHAR_ALPHANUMERIC);
return $token;
}
}
2 changes: 1 addition & 1 deletion apps/federatedfilesharing/tests/TokenHandlerTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ public function testGenerateToken() {
$this->secureRandom->expects($this->once())->method('generate')
->with(
$this->expectedTokenLength,
ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS
ISecureRandom::CHAR_ALPHANUMERIC
)
->willReturn('mytoken');

Expand Down
4 changes: 2 additions & 2 deletions apps/oauth2/lib/Controller/OauthApiController.php
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@ public function getToken($grant_type, $code, $refresh_token, $client_id, $client
}

// Rotate the apptoken (so the old one becomes invalid basically)
$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_ALPHANUMERIC);

$appToken = $this->tokenProvider->rotate(
$appToken,
Expand All @@ -160,7 +160,7 @@ public function getToken($grant_type, $code, $refresh_token, $client_id, $client
$this->tokenProvider->updateToken($appToken);

// Generate a new refresh token and encrypt the new apptoken in the DB
$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_ALPHANUMERIC);
$accessToken->setHashedCode(hash('sha512', $newCode));
$accessToken->setEncryptedToken($this->crypto->encrypt($newToken, $newCode));
$this->accessTokenMapper->update($accessToken);
Expand Down
4 changes: 1 addition & 3 deletions apps/settings/lib/Mailer/NewUserMailHelper.php
Original file line number Diff line number Diff line change
Expand Up @@ -104,9 +104,7 @@ public function generateTemplate(IUser $user, $generatePasswordResetToken = fals
if ($generatePasswordResetToken) {
$token = $this->secureRandom->generate(
21,
ISecureRandom::CHAR_DIGITS .
ISecureRandom::CHAR_LOWER .
ISecureRandom::CHAR_UPPER
ISecureRandom::CHAR_ALPHANUMERIC
);
$tokenValue = $this->timeFactory->getTime() . ':' . $token;
$mailAddress = (null !== $user->getEMailAddress()) ? $user->getEMailAddress() : '';
Expand Down
6 changes: 1 addition & 5 deletions apps/settings/tests/Mailer/NewUserMailHelperTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -129,11 +129,7 @@ public function testGenerateTemplateWithPasswordResetToken() {
$this->secureRandom
->expects($this->once())
->method('generate')
->with(21,
ISecureRandom::CHAR_DIGITS .
ISecureRandom::CHAR_LOWER .
ISecureRandom::CHAR_UPPER
)
->with(21, ISecureRandom::CHAR_ALPHANUMERIC)
->willReturn('MySuperLongSecureRandomToken');
$this->timeFactory
->expects($this->once())
Expand Down
2 changes: 1 addition & 1 deletion apps/sharebymail/lib/ShareByMailProvider.php
Original file line number Diff line number Diff line change
Expand Up @@ -224,7 +224,7 @@ protected function autoGeneratePassword($share) {

$password = $passwordEvent->getPassword();
if ($password === null) {
$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_HUMAN_READABLE);
}

return $password;
Expand Down
2 changes: 1 addition & 1 deletion apps/sharebymail/tests/ShareByMailProviderTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -301,7 +301,7 @@ public function testCreateSendPasswordByMailWithEnforcedPasswordProtection() {

$this->secureRandom->expects($this->once())
->method('generate')
->with(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS)
->with(8, ISecureRandom::CHAR_HUMAN_READABLE)
->willReturn('autogeneratedPassword');
$this->eventDispatcher->expects($this->once())
->method('dispatchTyped')
Expand Down
2 changes: 1 addition & 1 deletion lib/private/AppFramework/Http/Request.php
Original file line number Diff line number Diff line change
Expand Up @@ -575,7 +575,7 @@ public function getId(): string {
}

if (empty($this->requestId)) {
$validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS;
$validChars = ISecureRandom::CHAR_ALPHANUMERIC;
$this->requestId = $this->secureRandom->generate(20, $validChars);
}

Expand Down
2 changes: 1 addition & 1 deletion lib/private/Cache/File.php
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ public function set($key, $value, $ttl = 0) {
// unique id to avoid chunk collision, just in case
$uniqueId = \OC::$server->getSecureRandom()->generate(
16,
ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER
ISecureRandom::CHAR_ALPHANUMERIC
);

// use part file to prevent hasKey() to find the key
Expand Down
2 changes: 1 addition & 1 deletion lib/private/Setup/MySQL.php
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ private function createSpecificUser($username, $connection) {
$this->dbUser = $adminUser;

//create a random password so we don't need to store the admin password in the config file
$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER);
$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);

$this->createDBUser($connection);

Expand Down
3 changes: 2 additions & 1 deletion lib/private/Setup/PostgreSQL.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
use OC\DatabaseException;
use OC\DB\Connection;
use OC\DB\QueryBuilder\Literal;
use OCP\Security\ISecureRandom;

class PostgreSQL extends AbstractDatabase {
public $dbprettyname = 'PostgreSQL';
Expand Down Expand Up @@ -66,7 +67,7 @@ public function setupDatabase($username) {
//add prefix to the postgresql user name to prevent collisions
$this->dbUser = 'oc_' . strtolower($username);
//create a new password so we don't need to store the admin config in the config file
$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_DIGITS);
$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);

$this->createDBUser($connection);
}
Expand Down
1 change: 1 addition & 0 deletions lib/public/Security/ISecureRandom.php
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ interface ISecureRandom {
public const CHAR_LOWER = 'abcdefghijklmnopqrstuvwxyz';
public const CHAR_DIGITS = '0123456789';
public const CHAR_SYMBOLS = '!\"#$%&\\\'()*+,-./:;<=>?@[\]^_`{|}~';
public const CHAR_ALPHANUMERIC = self::CHAR_UPPER . self::CHAR_LOWER . self::CHAR_DIGITS;

/**
* Characters that can be used for <code>generate($length, $characters)</code>, to
Expand Down

0 comments on commit f86f594

Please sign in to comment.