@@ -344,7 +344,7 @@ class EncryptAll { | |||
* @return string password | |||
*/ | |||
protected function generateOneTimePassword($uid) { | |||
$password = $this->secureRandom->getMediumStrengthGenerator()->generate(8); | |||
$password = $this->secureRandom->generate(8); | |||
$this->userPasswords[$uid] = $password; | |||
return $password; | |||
} |
@@ -139,7 +139,7 @@ class OCSAuthAPI { | |||
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN); | |||
} | |||
$sharedSecret = $this->secureRandom->getMediumStrengthGenerator()->generate(32); | |||
$sharedSecret = $this->secureRandom->generate(32); | |||
$this->trustedServers->addSharedSecret($url, $sharedSecret); | |||
// reset token after the exchange of the shared secret was successful |
@@ -90,7 +90,7 @@ class TrustedServers { | |||
$url = $this->updateProtocol($url); | |||
$result = $this->dbHandler->addServer($url); | |||
if ($result) { | |||
$token = $this->secureRandom->getMediumStrengthGenerator()->generate(16); | |||
$token = $this->secureRandom->generate(16); | |||
$this->dbHandler->addToken($url, $token); | |||
$this->jobList->add( | |||
'OCA\Federation\BackgroundJob\RequestSharedSecret', |
@@ -227,7 +227,7 @@ class LostController extends Controller { | |||
); | |||
} | |||
$token = $this->secureRandom->getMediumStrengthGenerator()->generate(21, | |||
$token = $this->secureRandom->generate(21, | |||
ISecureRandom::CHAR_DIGITS. | |||
ISecureRandom::CHAR_LOWER. | |||
ISecureRandom::CHAR_UPPER); |
@@ -1076,7 +1076,7 @@ class OC { | |||
if ($config->getSystemValue('debug', false)) { | |||
self::$server->getLogger()->debug('Setting remember login to cookie', array('app' => 'core')); | |||
} | |||
$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32); | |||
$token = \OC::$server->getSecureRandom()->generate(32); | |||
$config->setUserValue($userId, 'login_token', $token, time()); | |||
OC_User::setMagicInCookie($userId, $token); | |||
} else { |
@@ -75,7 +75,7 @@ class MDB2SchemaManager { | |||
* @return \OC\DB\Migrator | |||
*/ | |||
public function getMigrator() { | |||
$random = \OC::$server->getSecureRandom()->getMediumStrengthGenerator(); | |||
$random = \OC::$server->getSecureRandom(); | |||
$platform = $this->conn->getDatabasePlatform(); | |||
$config = \OC::$server->getConfig(); | |||
if ($platform instanceof SqlitePlatform) { |
@@ -74,7 +74,7 @@ class CryptoWrapper { | |||
if (!is_null($request->getCookie(self::COOKIE_NAME))) { | |||
$this->passphrase = $request->getCookie(self::COOKIE_NAME); | |||
} else { | |||
$this->passphrase = $this->random->getMediumStrengthGenerator()->generate(128); | |||
$this->passphrase = $this->random->generate(128); | |||
$secureCookie = $request->getServerProtocol() === 'https'; | |||
// FIXME: Required for CI | |||
if (!defined('PHPUNIT_RUN')) { |
@@ -143,7 +143,7 @@ class MySQL extends AbstractDatabase { | |||
$this->dbUser = $adminUser; | |||
//create a random password so we don't need to store the admin password in the config file | |||
$this->dbPassword = $this->random->getMediumStrengthGenerator()->generate(30); | |||
$this->dbPassword = $this->random->generate(30); | |||
$this->createDBUser($connection); | |||
@@ -819,7 +819,7 @@ class Share extends Constants { | |||
if (isset($oldToken)) { | |||
$token = $oldToken; | |||
} else { | |||
$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(self::TOKEN_LENGTH, | |||
$token = \OC::$server->getSecureRandom()->generate(self::TOKEN_LENGTH, | |||
\OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_UPPER. | |||
\OCP\Security\ISecureRandom::CHAR_DIGITS | |||
); | |||
@@ -860,7 +860,7 @@ class Share extends Constants { | |||
throw new \Exception($message_t); | |||
} | |||
$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(self::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER . | |||
$token = \OC::$server->getSecureRandom()->generate(self::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER . | |||
\OCP\Security\ISecureRandom::CHAR_DIGITS); | |||
$shareWith = $user . '@' . $remote; |
@@ -393,7 +393,7 @@ class OC_User { | |||
* generates a password | |||
*/ | |||
public static function generatePassword() { | |||
return \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(30); | |||
return \OC::$server->getSecureRandom()->generate(30); | |||
} | |||
/** |
@@ -260,7 +260,7 @@ class Session implements IUserSession, Emitter { | |||
} | |||
// replace successfully used token with a new one | |||
\OC::$server->getConfig()->deleteUserValue($uid, 'login_token', $currentToken); | |||
$newToken = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32); | |||
$newToken = \OC::$server->getSecureRandom()->generate(32); | |||
\OC::$server->getConfig()->setUserValue($uid, 'login_token', $newToken, time()); | |||
$this->setMagicInCookie($user->getUID(), $newToken); | |||
@@ -1125,7 +1125,7 @@ class OC_Util { | |||
// Check if a token exists | |||
if (!\OC::$server->getSession()->exists('requesttoken')) { | |||
// No valid token found, generate a new one. | |||
$requestToken = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate($tokenLength); | |||
$requestToken = \OC::$server->getSecureRandom()->generate($tokenLength); | |||
\OC::$server->getSession()->set('requesttoken', $requestToken); | |||
} else { | |||
// Valid token already exists, send it | |||
@@ -1133,7 +1133,7 @@ class OC_Util { | |||
} | |||
// XOR the token to mitigate breach-like attacks | |||
$sharedSecret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate($tokenLength); | |||
$sharedSecret = \OC::$server->getSecureRandom()->generate($tokenLength); | |||
self::$obfuscatedToken = base64_encode($requestToken ^ $sharedSecret) .':'.$sharedSecret; | |||
return self::$obfuscatedToken; |
@@ -26,7 +26,7 @@ class Test_DBSchema extends \Test\TestCase { | |||
$dbfile = OC::$SERVERROOT.'/tests/data/db_structure.xml'; | |||
$dbfile2 = OC::$SERVERROOT.'/tests/data/db_structure2.xml'; | |||
$r = '_' . \OC::$server->getSecureRandom()->getMediumStrengthGenerator()-> | |||
$r = '_' . \OC::$server->getSecureRandom()-> | |||
generate(4, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS) . '_'; | |||
$content = file_get_contents( $dbfile ); | |||
$content = str_replace( '*dbprefix*', '*dbprefix*'.$r, $content ); |
@@ -51,7 +51,7 @@ class SecureRandomTest extends \Test\TestCase { | |||
* @dataProvider stringGenerationProvider | |||
*/ | |||
function testMediumLowStrengthGeneratorLength($length, $expectedLength) { | |||
$generator = $this->rng->getMediumStrengthGenerator(); | |||
$generator = $this->rng; | |||
$this->assertEquals($expectedLength, strlen($generator->generate($length))); | |||
} | |||
@@ -67,7 +67,7 @@ class SecureRandomTest extends \Test\TestCase { | |||
* @dataProvider charCombinations | |||
*/ | |||
public function testScheme($charName, $chars) { | |||
$generator = $this->rng->getMediumStrengthGenerator(); | |||
$generator = $this->rng; | |||
$scheme = constant('OCP\Security\ISecureRandom::' . $charName); | |||
$randomString = $generator->generate(100, $scheme); | |||
$matchesRegex = preg_match('/^'.$chars.'+$/', $randomString); |