diff options
-rw-r--r-- | apps/dav/lib/CalDAV/Schedule/IMipPlugin.php | 2 | ||||
-rw-r--r-- | apps/dav/lib/Controller/DirectController.php | 2 | ||||
-rw-r--r-- | apps/dav/tests/unit/Controller/DirectControllerTest.php | 2 | ||||
-rw-r--r-- | apps/encryption/lib/Crypto/EncryptAll.php | 2 | ||||
-rw-r--r-- | apps/federatedfilesharing/lib/TokenHandler.php | 2 | ||||
-rw-r--r-- | apps/federatedfilesharing/tests/TokenHandlerTest.php | 2 | ||||
-rw-r--r-- | apps/oauth2/lib/Controller/OauthApiController.php | 4 | ||||
-rw-r--r-- | apps/settings/lib/Mailer/NewUserMailHelper.php | 4 | ||||
-rw-r--r-- | apps/settings/tests/Mailer/NewUserMailHelperTest.php | 6 | ||||
-rw-r--r-- | apps/sharebymail/lib/ShareByMailProvider.php | 2 | ||||
-rw-r--r-- | apps/sharebymail/tests/ShareByMailProviderTest.php | 2 | ||||
-rw-r--r-- | lib/private/AppFramework/Http/Request.php | 2 | ||||
-rw-r--r-- | lib/private/Cache/File.php | 2 | ||||
-rw-r--r-- | lib/private/Setup/MySQL.php | 2 | ||||
-rw-r--r-- | lib/private/Setup/PostgreSQL.php | 3 | ||||
-rw-r--r-- | lib/public/Security/ISecureRandom.php | 1 |
16 files changed, 18 insertions, 22 deletions
diff --git a/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php b/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php index 555b38e0efb..fa87db45797 100644 --- a/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php +++ b/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php @@ -692,7 +692,7 @@ class IMipPlugin extends SabreIMipPlugin { * @return string */ private function createInvitationToken(Message $iTipMessage, $lastOccurrence):string { - $token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS); + $token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC); /** @var VEvent $vevent */ $vevent = $iTipMessage->message->VEVENT; diff --git a/apps/dav/lib/Controller/DirectController.php b/apps/dav/lib/Controller/DirectController.php index bd77cef4872..955400998cf 100644 --- a/apps/dav/lib/Controller/DirectController.php +++ b/apps/dav/lib/Controller/DirectController.php @@ -104,7 +104,7 @@ class DirectController extends OCSController { $direct->setUserId($this->userId); $direct->setFileId($fileId); - $token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS); + $token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC); $direct->setToken($token); $direct->setExpiration($this->timeFactory->getTime() + $expirationTime); diff --git a/apps/dav/tests/unit/Controller/DirectControllerTest.php b/apps/dav/tests/unit/Controller/DirectControllerTest.php index b85610f94d8..00771e7f7a6 100644 --- a/apps/dav/tests/unit/Controller/DirectControllerTest.php +++ b/apps/dav/tests/unit/Controller/DirectControllerTest.php @@ -131,7 +131,7 @@ class DirectControllerTest extends TestCase { $this->random->method('generate') ->with( 60, - ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS + ISecureRandom::CHAR_ALPHANUMERIC )->willReturn('superduperlongtoken'); $this->directMapper->expects($this->once()) diff --git a/apps/encryption/lib/Crypto/EncryptAll.php b/apps/encryption/lib/Crypto/EncryptAll.php index c8c302f10c7..1889c557cdc 100644 --- a/apps/encryption/lib/Crypto/EncryptAll.php +++ b/apps/encryption/lib/Crypto/EncryptAll.php @@ -394,7 +394,7 @@ class EncryptAll { * @return string password */ protected function generateOneTimePassword($uid) { - $password = $this->secureRandom->generate(8); + $password = $this->secureRandom->generate(16, ISecureRandom::CHAR_HUMAN_READABLE); $this->userPasswords[$uid] = $password; return $password; } diff --git a/apps/federatedfilesharing/lib/TokenHandler.php b/apps/federatedfilesharing/lib/TokenHandler.php index 084d0b0e2a4..ffa81dfd074 100644 --- a/apps/federatedfilesharing/lib/TokenHandler.php +++ b/apps/federatedfilesharing/lib/TokenHandler.php @@ -52,7 +52,7 @@ class TokenHandler { public function generateToken() { $token = $this->secureRandom->generate( self::TOKEN_LENGTH, - ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); + ISecureRandom::CHAR_ALPHANUMERIC); return $token; } } diff --git a/apps/federatedfilesharing/tests/TokenHandlerTest.php b/apps/federatedfilesharing/tests/TokenHandlerTest.php index 229cb017e33..ab28fc0858b 100644 --- a/apps/federatedfilesharing/tests/TokenHandlerTest.php +++ b/apps/federatedfilesharing/tests/TokenHandlerTest.php @@ -49,7 +49,7 @@ class TokenHandlerTest extends \Test\TestCase { $this->secureRandom->expects($this->once())->method('generate') ->with( $this->expectedTokenLength, - ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS + ISecureRandom::CHAR_ALPHANUMERIC ) ->willReturn('mytoken'); diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php index d6e090565ca..392eb09e89e 100644 --- a/apps/oauth2/lib/Controller/OauthApiController.php +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -147,7 +147,7 @@ class OauthApiController extends Controller { } // Rotate the apptoken (so the old one becomes invalid basically) - $newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); + $newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_ALPHANUMERIC); $appToken = $this->tokenProvider->rotate( $appToken, @@ -160,7 +160,7 @@ class OauthApiController extends Controller { $this->tokenProvider->updateToken($appToken); // Generate a new refresh token and encrypt the new apptoken in the DB - $newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); + $newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_ALPHANUMERIC); $accessToken->setHashedCode(hash('sha512', $newCode)); $accessToken->setEncryptedToken($this->crypto->encrypt($newToken, $newCode)); $this->accessTokenMapper->update($accessToken); diff --git a/apps/settings/lib/Mailer/NewUserMailHelper.php b/apps/settings/lib/Mailer/NewUserMailHelper.php index 4b89a000c55..50502ed1d39 100644 --- a/apps/settings/lib/Mailer/NewUserMailHelper.php +++ b/apps/settings/lib/Mailer/NewUserMailHelper.php @@ -104,9 +104,7 @@ class NewUserMailHelper { if ($generatePasswordResetToken) { $token = $this->secureRandom->generate( 21, - ISecureRandom::CHAR_DIGITS . - ISecureRandom::CHAR_LOWER . - ISecureRandom::CHAR_UPPER + ISecureRandom::CHAR_ALPHANUMERIC ); $tokenValue = $this->timeFactory->getTime() . ':' . $token; $mailAddress = (null !== $user->getEMailAddress()) ? $user->getEMailAddress() : ''; diff --git a/apps/settings/tests/Mailer/NewUserMailHelperTest.php b/apps/settings/tests/Mailer/NewUserMailHelperTest.php index 0fe1d922275..d1c5657f251 100644 --- a/apps/settings/tests/Mailer/NewUserMailHelperTest.php +++ b/apps/settings/tests/Mailer/NewUserMailHelperTest.php @@ -129,11 +129,7 @@ class NewUserMailHelperTest extends TestCase { $this->secureRandom ->expects($this->once()) ->method('generate') - ->with(21, - ISecureRandom::CHAR_DIGITS . - ISecureRandom::CHAR_LOWER . - ISecureRandom::CHAR_UPPER - ) + ->with(21, ISecureRandom::CHAR_ALPHANUMERIC) ->willReturn('MySuperLongSecureRandomToken'); $this->timeFactory ->expects($this->once()) diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php index 74e78c48d86..6fb60216031 100644 --- a/apps/sharebymail/lib/ShareByMailProvider.php +++ b/apps/sharebymail/lib/ShareByMailProvider.php @@ -224,7 +224,7 @@ class ShareByMailProvider implements IShareProvider { $password = $passwordEvent->getPassword(); if ($password === null) { - $password = $this->secureRandom->generate(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); + $password = $this->secureRandom->generate(8, ISecureRandom::CHAR_HUMAN_READABLE); } return $password; diff --git a/apps/sharebymail/tests/ShareByMailProviderTest.php b/apps/sharebymail/tests/ShareByMailProviderTest.php index 64d81aab254..a82da164b78 100644 --- a/apps/sharebymail/tests/ShareByMailProviderTest.php +++ b/apps/sharebymail/tests/ShareByMailProviderTest.php @@ -301,7 +301,7 @@ class ShareByMailProviderTest extends TestCase { $this->secureRandom->expects($this->once()) ->method('generate') - ->with(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS) + ->with(8, ISecureRandom::CHAR_HUMAN_READABLE) ->willReturn('autogeneratedPassword'); $this->eventDispatcher->expects($this->once()) ->method('dispatchTyped') diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index afe675ea0ea..a95fd208155 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -575,7 +575,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { } if (empty($this->requestId)) { - $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; + $validChars = ISecureRandom::CHAR_ALPHANUMERIC; $this->requestId = $this->secureRandom->generate(20, $validChars); } diff --git a/lib/private/Cache/File.php b/lib/private/Cache/File.php index 362379c429b..0ecd894d2d2 100644 --- a/lib/private/Cache/File.php +++ b/lib/private/Cache/File.php @@ -108,7 +108,7 @@ class File implements ICache { // unique id to avoid chunk collision, just in case $uniqueId = \OC::$server->getSecureRandom()->generate( 16, - ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER + ISecureRandom::CHAR_ALPHANUMERIC ); // use part file to prevent hasKey() to find the key diff --git a/lib/private/Setup/MySQL.php b/lib/private/Setup/MySQL.php index d1ca790adda..8a12465fd8d 100644 --- a/lib/private/Setup/MySQL.php +++ b/lib/private/Setup/MySQL.php @@ -162,7 +162,7 @@ class MySQL extends AbstractDatabase { $this->dbUser = $adminUser; //create a random password so we don't need to store the admin password in the config file - $this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER); + $this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_ALPHANUMERIC); $this->createDBUser($connection); diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php index bd4ef63d0ab..bc24909dc3d 100644 --- a/lib/private/Setup/PostgreSQL.php +++ b/lib/private/Setup/PostgreSQL.php @@ -31,6 +31,7 @@ namespace OC\Setup; use OC\DatabaseException; use OC\DB\Connection; use OC\DB\QueryBuilder\Literal; +use OCP\Security\ISecureRandom; class PostgreSQL extends AbstractDatabase { public $dbprettyname = 'PostgreSQL'; @@ -66,7 +67,7 @@ class PostgreSQL extends AbstractDatabase { //add prefix to the postgresql user name to prevent collisions $this->dbUser = 'oc_' . strtolower($username); //create a new password so we don't need to store the admin config in the config file - $this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_DIGITS); + $this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC); $this->createDBUser($connection); } diff --git a/lib/public/Security/ISecureRandom.php b/lib/public/Security/ISecureRandom.php index 530a3b9df8f..250ecd25358 100644 --- a/lib/public/Security/ISecureRandom.php +++ b/lib/public/Security/ISecureRandom.php @@ -47,6 +47,7 @@ interface ISecureRandom { public const CHAR_LOWER = 'abcdefghijklmnopqrstuvwxyz'; public const CHAR_DIGITS = '0123456789'; public const CHAR_SYMBOLS = '!\"#$%&\\\'()*+,-./:;<=>?@[\]^_`{|}~'; + public const CHAR_ALPHANUMERIC = self::CHAR_UPPER . self::CHAR_LOWER . self::CHAR_DIGITS; /** * Characters that can be used for <code>generate($length, $characters)</code>, to |