diff --git a/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php b/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php index 555b38e0efbb5..fa87db457975f 100644 --- a/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php +++ b/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php @@ -692,7 +692,7 @@ private function getAbsoluteImagePath($path) { * @return string */ private function createInvitationToken(Message $iTipMessage, $lastOccurrence):string { - $token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS); + $token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC); /** @var VEvent $vevent */ $vevent = $iTipMessage->message->VEVENT; diff --git a/apps/dav/lib/Controller/DirectController.php b/apps/dav/lib/Controller/DirectController.php index bd77cef4872ad..955400998cf49 100644 --- a/apps/dav/lib/Controller/DirectController.php +++ b/apps/dav/lib/Controller/DirectController.php @@ -104,7 +104,7 @@ public function getUrl(int $fileId, int $expirationTime = 60 * 60 * 8): DataResp $direct->setUserId($this->userId); $direct->setFileId($fileId); - $token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS); + $token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC); $direct->setToken($token); $direct->setExpiration($this->timeFactory->getTime() + $expirationTime); diff --git a/apps/dav/tests/unit/Controller/DirectControllerTest.php b/apps/dav/tests/unit/Controller/DirectControllerTest.php index b85610f94d89d..00771e7f7a645 100644 --- a/apps/dav/tests/unit/Controller/DirectControllerTest.php +++ b/apps/dav/tests/unit/Controller/DirectControllerTest.php @@ -131,7 +131,7 @@ public function testGetUrlValid() { $this->random->method('generate') ->with( 60, - ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS + ISecureRandom::CHAR_ALPHANUMERIC )->willReturn('superduperlongtoken'); $this->directMapper->expects($this->once()) diff --git a/apps/federatedfilesharing/lib/TokenHandler.php b/apps/federatedfilesharing/lib/TokenHandler.php index 084d0b0e2a48e..ffa81dfd07462 100644 --- a/apps/federatedfilesharing/lib/TokenHandler.php +++ b/apps/federatedfilesharing/lib/TokenHandler.php @@ -52,7 +52,7 @@ public function __construct(ISecureRandom $secureRandom) { public function generateToken() { $token = $this->secureRandom->generate( self::TOKEN_LENGTH, - ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); + ISecureRandom::CHAR_ALPHANUMERIC); return $token; } } diff --git a/apps/federatedfilesharing/tests/TokenHandlerTest.php b/apps/federatedfilesharing/tests/TokenHandlerTest.php index 229cb017e335b..ab28fc0858b50 100644 --- a/apps/federatedfilesharing/tests/TokenHandlerTest.php +++ b/apps/federatedfilesharing/tests/TokenHandlerTest.php @@ -49,7 +49,7 @@ public function testGenerateToken() { $this->secureRandom->expects($this->once())->method('generate') ->with( $this->expectedTokenLength, - ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS + ISecureRandom::CHAR_ALPHANUMERIC ) ->willReturn('mytoken'); diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php index d6e090565cab5..392eb09e89e12 100644 --- a/apps/oauth2/lib/Controller/OauthApiController.php +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -147,7 +147,7 @@ public function getToken($grant_type, $code, $refresh_token, $client_id, $client } // Rotate the apptoken (so the old one becomes invalid basically) - $newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); + $newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_ALPHANUMERIC); $appToken = $this->tokenProvider->rotate( $appToken, @@ -160,7 +160,7 @@ public function getToken($grant_type, $code, $refresh_token, $client_id, $client $this->tokenProvider->updateToken($appToken); // Generate a new refresh token and encrypt the new apptoken in the DB - $newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); + $newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_ALPHANUMERIC); $accessToken->setHashedCode(hash('sha512', $newCode)); $accessToken->setEncryptedToken($this->crypto->encrypt($newToken, $newCode)); $this->accessTokenMapper->update($accessToken); diff --git a/apps/settings/lib/Mailer/NewUserMailHelper.php b/apps/settings/lib/Mailer/NewUserMailHelper.php index 4b89a000c5527..50502ed1d3924 100644 --- a/apps/settings/lib/Mailer/NewUserMailHelper.php +++ b/apps/settings/lib/Mailer/NewUserMailHelper.php @@ -104,9 +104,7 @@ public function generateTemplate(IUser $user, $generatePasswordResetToken = fals if ($generatePasswordResetToken) { $token = $this->secureRandom->generate( 21, - ISecureRandom::CHAR_DIGITS . - ISecureRandom::CHAR_LOWER . - ISecureRandom::CHAR_UPPER + ISecureRandom::CHAR_ALPHANUMERIC ); $tokenValue = $this->timeFactory->getTime() . ':' . $token; $mailAddress = (null !== $user->getEMailAddress()) ? $user->getEMailAddress() : ''; diff --git a/apps/settings/tests/Mailer/NewUserMailHelperTest.php b/apps/settings/tests/Mailer/NewUserMailHelperTest.php index 0fe1d922275f4..d1c5657f251c3 100644 --- a/apps/settings/tests/Mailer/NewUserMailHelperTest.php +++ b/apps/settings/tests/Mailer/NewUserMailHelperTest.php @@ -129,11 +129,7 @@ public function testGenerateTemplateWithPasswordResetToken() { $this->secureRandom ->expects($this->once()) ->method('generate') - ->with(21, - ISecureRandom::CHAR_DIGITS . - ISecureRandom::CHAR_LOWER . - ISecureRandom::CHAR_UPPER - ) + ->with(21, ISecureRandom::CHAR_ALPHANUMERIC) ->willReturn('MySuperLongSecureRandomToken'); $this->timeFactory ->expects($this->once()) diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php index 74e78c48d86c3..6fb60216031f4 100644 --- a/apps/sharebymail/lib/ShareByMailProvider.php +++ b/apps/sharebymail/lib/ShareByMailProvider.php @@ -224,7 +224,7 @@ protected function autoGeneratePassword($share) { $password = $passwordEvent->getPassword(); if ($password === null) { - $password = $this->secureRandom->generate(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); + $password = $this->secureRandom->generate(8, ISecureRandom::CHAR_HUMAN_READABLE); } return $password; diff --git a/apps/sharebymail/tests/ShareByMailProviderTest.php b/apps/sharebymail/tests/ShareByMailProviderTest.php index 64d81aab2544a..a82da164b78e3 100644 --- a/apps/sharebymail/tests/ShareByMailProviderTest.php +++ b/apps/sharebymail/tests/ShareByMailProviderTest.php @@ -301,7 +301,7 @@ public function testCreateSendPasswordByMailWithEnforcedPasswordProtection() { $this->secureRandom->expects($this->once()) ->method('generate') - ->with(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS) + ->with(8, ISecureRandom::CHAR_HUMAN_READABLE) ->willReturn('autogeneratedPassword'); $this->eventDispatcher->expects($this->once()) ->method('dispatchTyped') diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index afe675ea0eafd..a95fd208155cb 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -575,7 +575,7 @@ public function getId(): string { } if (empty($this->requestId)) { - $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; + $validChars = ISecureRandom::CHAR_ALPHANUMERIC; $this->requestId = $this->secureRandom->generate(20, $validChars); } diff --git a/lib/private/Cache/File.php b/lib/private/Cache/File.php index 362379c429b07..0ecd894d2d205 100644 --- a/lib/private/Cache/File.php +++ b/lib/private/Cache/File.php @@ -108,7 +108,7 @@ public function set($key, $value, $ttl = 0) { // unique id to avoid chunk collision, just in case $uniqueId = \OC::$server->getSecureRandom()->generate( 16, - ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER + ISecureRandom::CHAR_ALPHANUMERIC ); // use part file to prevent hasKey() to find the key diff --git a/lib/private/Setup/MySQL.php b/lib/private/Setup/MySQL.php index d1ca790adda29..8a12465fd8dfa 100644 --- a/lib/private/Setup/MySQL.php +++ b/lib/private/Setup/MySQL.php @@ -162,7 +162,7 @@ private function createSpecificUser($username, $connection) { $this->dbUser = $adminUser; //create a random password so we don't need to store the admin password in the config file - $this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER); + $this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_ALPHANUMERIC); $this->createDBUser($connection); diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php index bd4ef63d0abeb..bc24909dc3d92 100644 --- a/lib/private/Setup/PostgreSQL.php +++ b/lib/private/Setup/PostgreSQL.php @@ -31,6 +31,7 @@ use OC\DatabaseException; use OC\DB\Connection; use OC\DB\QueryBuilder\Literal; +use OCP\Security\ISecureRandom; class PostgreSQL extends AbstractDatabase { public $dbprettyname = 'PostgreSQL'; @@ -66,7 +67,7 @@ public function setupDatabase($username) { //add prefix to the postgresql user name to prevent collisions $this->dbUser = 'oc_' . strtolower($username); //create a new password so we don't need to store the admin config in the config file - $this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_DIGITS); + $this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC); $this->createDBUser($connection); } diff --git a/lib/public/Security/ISecureRandom.php b/lib/public/Security/ISecureRandom.php index 530a3b9df8f23..250ecd253582d 100644 --- a/lib/public/Security/ISecureRandom.php +++ b/lib/public/Security/ISecureRandom.php @@ -47,6 +47,7 @@ interface ISecureRandom { public const CHAR_LOWER = 'abcdefghijklmnopqrstuvwxyz'; public const CHAR_DIGITS = '0123456789'; public const CHAR_SYMBOLS = '!\"#$%&\\\'()*+,-./:;<=>?@[\]^_`{|}~'; + public const CHAR_ALPHANUMERIC = self::CHAR_UPPER . self::CHAR_LOWER . self::CHAR_DIGITS; /** * Characters that can be used for generate($length, $characters), to