mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
Browse Source

Increase device password entropy. Use lower- and upper-case characters and digits, but exclude ambiguous characters. The number of digits has also been increased to 25. 

Signed-off-by: Fabrizio Steiner <fabrizio.steiner@gmail.com>
tags/v12.0.0beta2
Fabrizio Steiner 7 years ago
parent
59ee22101f
commit
f2a2b34e46
4 changed files with 15 additions and 8 deletions
Split View Show Diff Stats
  1. 7
    0
      lib/public/Security/ISecureRandom.php
  2. 4
    4
      settings/Controller/AuthSettingsController.php
  3. 1
    1
      settings/css/settings.css
  4. 3
    3
      tests/Settings/Controller/AuthSettingsControllerTest.php

+ 7
- 0
lib/public/Security/ISecureRandom.php View File

@@ -44,6 +44,13 @@ interface ISecureRandom {
const CHAR_DIGITS = '0123456789';
const CHAR_SYMBOLS = '!\"#$%&\\\'()* +,-./:;<=>?@[\]^_`{|}~';

/**
* Characters that can be used for <code>generate($length, $characters)</code>, to
* generate human readable random strings. Lower- and upper-case characters and digits
* are included. Characters which are ambiguous are excluded, such as I, l, and 1 and so on.
*/
const CHAR_HUMAN_READABLE = "abcdefgijkmnopqrstwxyzABCDEFGHJKLMNPQRSTWXYZ23456789";

/**
* Convenience method to get a low strength random number generator.
*

+ 4
- 4
settings/Controller/AuthSettingsController.php View File

@@ -154,16 +154,16 @@ class AuthSettingsController extends Controller {
}

/**
* Return a 20 digit device password
* Return a 25 digit device password
*
* Example: ABCDE-FGHIJ-KLMNO-PQRST
* Example: AbCdE-fGhIj-KlMnO-pQrSt-12345
*
* @return string
*/
private function generateRandomDeviceToken() {
$groups = [];
for ($i = 0; $i < 4; $i++) {
$groups[] = $this->random->generate(5, implode('', range('A', 'Z')));
for ($i = 0; $i < 5; $i++) {
$groups[] = $this->random->generate(5, ISecureRandom::CHAR_HUMAN_READABLE);
}
return implode('-', $groups);
}

+ 1
- 1
settings/css/settings.css View File

@@ -343,7 +343,7 @@ table.nostyle td { padding: 0.2em 0; }

#new-app-login-name,
#new-app-password {
width: 186px;
width: 245px;
font-family: monospace;
background-color: lightyellow;
}

+ 3
- 3
tests/Settings/Controller/AuthSettingsControllerTest.php View File

@@ -133,11 +133,11 @@ class AuthSettingsControllerTest extends TestCase {
->method('getLoginName')
->will($this->returnValue('User13'));

$this->secureRandom->expects($this->exactly(4))
$this->secureRandom->expects($this->exactly(5))
->method('generate')
->with(5, implode('', range('A', 'Z')))
->with(5, ISecureRandom::CHAR_HUMAN_READABLE)
->will($this->returnValue('XXXXX'));
$newToken = 'XXXXX-XXXXX-XXXXX-XXXXX';
$newToken = 'XXXXX-XXXXX-XXXXX-XXXXX-XXXXX';

$this->tokenProvider->expects($this->once())
->method('generateToken')

Write Preview
Loading…
Cancel
Save