Merge pull request #27860 from J0WI/alphanumeric-rnd

Introduce ISecureRandom::CHAR_ALPHANUMERIC

5 files changed, 6 insertions, 4 deletions

diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php
index afe675ea0ea..a95fd208155 100644
--- a/lib/private/AppFramework/Http/Request.php
+++ b/lib/private/AppFramework/Http/Request.php
@@ -575,7 +575,7 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 		}
 
 		if (empty($this->requestId)) {
-			$validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS;
+			$validChars = ISecureRandom::CHAR_ALPHANUMERIC;
 			$this->requestId = $this->secureRandom->generate(20, $validChars);
 		}
 
diff --git a/lib/private/Cache/File.php b/lib/private/Cache/File.php
index 362379c429b..0ecd894d2d2 100644
--- a/lib/private/Cache/File.php
+++ b/lib/private/Cache/File.php
@@ -108,7 +108,7 @@ class File implements ICache {
 		// unique id to avoid chunk collision, just in case
 		$uniqueId = \OC::$server->getSecureRandom()->generate(
 			16,
-			ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER
+			ISecureRandom::CHAR_ALPHANUMERIC
 		);
 
 		// use part file to prevent hasKey() to find the key
diff --git a/lib/private/Setup/MySQL.php b/lib/private/Setup/MySQL.php
index d1ca790adda..8a12465fd8d 100644
--- a/lib/private/Setup/MySQL.php
+++ b/lib/private/Setup/MySQL.php
@@ -162,7 +162,7 @@ class MySQL extends AbstractDatabase {
 						$this->dbUser = $adminUser;
 
 						//create a random password so we don't need to store the admin password in the config file
-						$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER);
+						$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
 
 						$this->createDBUser($connection);
 
diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php
index bd4ef63d0ab..bc24909dc3d 100644
--- a/lib/private/Setup/PostgreSQL.php
+++ b/lib/private/Setup/PostgreSQL.php
@@ -31,6 +31,7 @@ namespace OC\Setup;
 use OC\DatabaseException;
 use OC\DB\Connection;
 use OC\DB\QueryBuilder\Literal;
+use OCP\Security\ISecureRandom;
 
 class PostgreSQL extends AbstractDatabase {
 	public $dbprettyname = 'PostgreSQL';
@@ -66,7 +67,7 @@ class PostgreSQL extends AbstractDatabase {
 				//add prefix to the postgresql user name to prevent collisions
 				$this->dbUser = 'oc_' . strtolower($username);
 				//create a new password so we don't need to store the admin config in the config file
-				$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_DIGITS);
+				$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
 
 				$this->createDBUser($connection);
 			}
diff --git a/lib/public/Security/ISecureRandom.php b/lib/public/Security/ISecureRandom.php
index 530a3b9df8f..250ecd25358 100644
--- a/lib/public/Security/ISecureRandom.php
+++ b/lib/public/Security/ISecureRandom.php
@@ -47,6 +47,7 @@ interface ISecureRandom {
 	public const CHAR_LOWER = 'abcdefghijklmnopqrstuvwxyz';
 	public const CHAR_DIGITS = '0123456789';
 	public const CHAR_SYMBOLS = '!\"#$%&\\\'()*+,-./:;<=>?@[\]^_`{|}~';
+	public const CHAR_ALPHANUMERIC = self::CHAR_UPPER . self::CHAR_LOWER . self::CHAR_DIGITS;
 
 	/**
 	 * Characters that can be used for <code>generate($length, $characters)</code>, to