Merge pull request #27860 from J0WI/alphanumeric-rnd

Introduce ISecureRandom::CHAR_ALPHANUMERIC

apps/dav/lib/CalDAV/Schedule/IMipPlugin.php

@@ -692,7 +692,7 @@ class IMipPlugin extends SabreIMipPlugin {
 	 * @return string
 	 */
 	private function createInvitationToken(Message $iTipMessage, $lastOccurrence):string {
-		$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
+		$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC);
 
 		/** @var VEvent $vevent */
 		$vevent = $iTipMessage->message->VEVENT;

apps/dav/lib/Controller/DirectController.php

@@ -104,7 +104,7 @@ class DirectController extends OCSController {
 		$direct->setUserId($this->userId);
 		$direct->setFileId($fileId);
 
-		$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
+		$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC);
 		$direct->setToken($token);
 		$direct->setExpiration($this->timeFactory->getTime() + $expirationTime);
 

apps/dav/tests/unit/Controller/DirectControllerTest.php

@@ -131,7 +131,7 @@ class DirectControllerTest extends TestCase {
 		$this->random->method('generate')
 			->with(
 				60,
-				ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS
+				ISecureRandom::CHAR_ALPHANUMERIC
 			)->willReturn('superduperlongtoken');
 
 		$this->directMapper->expects($this->once())

apps/encryption/lib/Crypto/EncryptAll.php

@@ -394,7 +394,7 @@ class EncryptAll {
 	 * @return string password
 	 */
 	protected function generateOneTimePassword($uid) {
-		$password = $this->secureRandom->generate(8);
+		$password = $this->secureRandom->generate(16, ISecureRandom::CHAR_HUMAN_READABLE);
 		$this->userPasswords[$uid] = $password;
 		return $password;
 	}

apps/federatedfilesharing/lib/TokenHandler.php

@@ -52,7 +52,7 @@ class TokenHandler {
 	public function generateToken() {
 		$token = $this->secureRandom->generate(
 			self::TOKEN_LENGTH,
-			ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
+			ISecureRandom::CHAR_ALPHANUMERIC);
 		return $token;
 	}
 }

apps/federatedfilesharing/tests/TokenHandlerTest.php

@@ -49,7 +49,7 @@ class TokenHandlerTest extends \Test\TestCase {
 		$this->secureRandom->expects($this->once())->method('generate')
 			->with(
 				$this->expectedTokenLength,
-				ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS
+				ISecureRandom::CHAR_ALPHANUMERIC
 			)
 			->willReturn('mytoken');
 

apps/oauth2/lib/Controller/OauthApiController.php

@@ -147,7 +147,7 @@ class OauthApiController extends Controller {
 		}
 
 		// Rotate the apptoken (so the old one becomes invalid basically)
-		$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+		$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_ALPHANUMERIC);
 
 		$appToken = $this->tokenProvider->rotate(
 			$appToken,
@@ -160,7 +160,7 @@ class OauthApiController extends Controller {
 		$this->tokenProvider->updateToken($appToken);
 
 		// Generate a new refresh token and encrypt the new apptoken in the DB
-		$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+		$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_ALPHANUMERIC);
 		$accessToken->setHashedCode(hash('sha512', $newCode));
 		$accessToken->setEncryptedToken($this->crypto->encrypt($newToken, $newCode));
 		$this->accessTokenMapper->update($accessToken);

apps/settings/lib/Mailer/NewUserMailHelper.php

@@ -104,9 +104,7 @@ class NewUserMailHelper {
 		if ($generatePasswordResetToken) {
 			$token = $this->secureRandom->generate(
 				21,
-				ISecureRandom::CHAR_DIGITS .
-				ISecureRandom::CHAR_LOWER .
-				ISecureRandom::CHAR_UPPER
+				ISecureRandom::CHAR_ALPHANUMERIC
 			);
 			$tokenValue = $this->timeFactory->getTime() . ':' . $token;
 			$mailAddress = (null !== $user->getEMailAddress()) ? $user->getEMailAddress() : '';

apps/settings/tests/Mailer/NewUserMailHelperTest.php

@@ -129,11 +129,7 @@ class NewUserMailHelperTest extends TestCase {
 		$this->secureRandom
 			->expects($this->once())
 			->method('generate')
-			->with(21,
-				ISecureRandom::CHAR_DIGITS .
-				ISecureRandom::CHAR_LOWER .
-				ISecureRandom::CHAR_UPPER
-			)
+			->with(21, ISecureRandom::CHAR_ALPHANUMERIC)
 			->willReturn('MySuperLongSecureRandomToken');
 		$this->timeFactory
 			->expects($this->once())

apps/sharebymail/lib/ShareByMailProvider.php

@@ -224,7 +224,7 @@ class ShareByMailProvider implements IShareProvider {
 
 		$password = $passwordEvent->getPassword();
 		if ($password === null) {
-			$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
+			$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_HUMAN_READABLE);
 		}
 
 		return $password;

apps/sharebymail/tests/ShareByMailProviderTest.php

@@ -301,7 +301,7 @@ class ShareByMailProviderTest extends TestCase {
 
 		$this->secureRandom->expects($this->once())
 			->method('generate')
-			->with(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS)
+			->with(8, ISecureRandom::CHAR_HUMAN_READABLE)
 			->willReturn('autogeneratedPassword');
 		$this->eventDispatcher->expects($this->once())
 			->method('dispatchTyped')

lib/private/AppFramework/Http/Request.php

@@ -575,7 +575,7 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 		}
 
 		if (empty($this->requestId)) {
-			$validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS;
+			$validChars = ISecureRandom::CHAR_ALPHANUMERIC;
 			$this->requestId = $this->secureRandom->generate(20, $validChars);
 		}
 

lib/private/Cache/File.php

@@ -108,7 +108,7 @@ class File implements ICache {
 		// unique id to avoid chunk collision, just in case
 		$uniqueId = \OC::$server->getSecureRandom()->generate(
 			16,
-			ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER
+			ISecureRandom::CHAR_ALPHANUMERIC
 		);
 
 		// use part file to prevent hasKey() to find the key

lib/private/Setup/MySQL.php

@@ -162,7 +162,7 @@ class MySQL extends AbstractDatabase {
 						$this->dbUser = $adminUser;
 
 						//create a random password so we don't need to store the admin password in the config file
-						$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER);
+						$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
 
 						$this->createDBUser($connection);
 

lib/private/Setup/PostgreSQL.php

@@ -31,6 +31,7 @@ namespace OC\Setup;
 use OC\DatabaseException;
 use OC\DB\Connection;
 use OC\DB\QueryBuilder\Literal;
+use OCP\Security\ISecureRandom;
 
 class PostgreSQL extends AbstractDatabase {
 	public $dbprettyname = 'PostgreSQL';
@@ -66,7 +67,7 @@ class PostgreSQL extends AbstractDatabase {
 				//add prefix to the postgresql user name to prevent collisions
 				$this->dbUser = 'oc_' . strtolower($username);
 				//create a new password so we don't need to store the admin config in the config file
-				$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_DIGITS);
+				$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
 
 				$this->createDBUser($connection);
 			}

lib/public/Security/ISecureRandom.php

@@ -47,6 +47,7 @@ interface ISecureRandom {
 	public const CHAR_LOWER = 'abcdefghijklmnopqrstuvwxyz';
 	public const CHAR_DIGITS = '0123456789';
 	public const CHAR_SYMBOLS = '!\"#$%&\\\'()*+,-./:;<=>?@[\]^_`{|}~';
+	public const CHAR_ALPHANUMERIC = self::CHAR_UPPER . self::CHAR_LOWER . self::CHAR_DIGITS;
 
 	/**
 	 * Characters that can be used for <code>generate($length, $characters)</code>, to