diff --git a/apps/encryption/lib/crypto/encryptall.php b/apps/encryption/lib/crypto/encryptall.php
index ef67523d7e26ba2abfec4a3a8fb66667f4c359b0..3bc2746f5fa91d6e04ef06cf8d42b135f9330073 100644
--- a/apps/encryption/lib/crypto/encryptall.php
+++ b/apps/encryption/lib/crypto/encryptall.php
@@ -344,7 +344,7 @@ class EncryptAll {
* @return string password
*/
protected function generateOneTimePassword($uid) {
- $password = $this->secureRandom->getMediumStrengthGenerator()->generate(8);
+ $password = $this->secureRandom->generate(8);
$this->userPasswords[$uid] = $password;
return $password;
}
diff --git a/apps/federation/api/ocsauthapi.php b/apps/federation/api/ocsauthapi.php
index b94550fd4f2bb24b9416330af4ab42760bc6cb1b..c089c89f9d4b88ddcf3df0520386cb87ac427d28 100644
--- a/apps/federation/api/ocsauthapi.php
+++ b/apps/federation/api/ocsauthapi.php
@@ -139,7 +139,7 @@ class OCSAuthAPI {
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
- $sharedSecret = $this->secureRandom->getMediumStrengthGenerator()->generate(32);
+ $sharedSecret = $this->secureRandom->generate(32);
$this->trustedServers->addSharedSecret($url, $sharedSecret);
// reset token after the exchange of the shared secret was successful
diff --git a/apps/federation/lib/trustedservers.php b/apps/federation/lib/trustedservers.php
index 96a291780760e60975e130ea02ff6fe419573b73..d1a27bf12201eea0371e46836eea700a4840a34d 100644
--- a/apps/federation/lib/trustedservers.php
+++ b/apps/federation/lib/trustedservers.php
@@ -90,7 +90,7 @@ class TrustedServers {
$url = $this->updateProtocol($url);
$result = $this->dbHandler->addServer($url);
if ($result) {
- $token = $this->secureRandom->getMediumStrengthGenerator()->generate(16);
+ $token = $this->secureRandom->generate(16);
$this->dbHandler->addToken($url, $token);
$this->jobList->add(
'OCA\Federation\BackgroundJob\RequestSharedSecret',
diff --git a/apps/federation/tests/api/ocsauthapitest.php b/apps/federation/tests/api/ocsauthapitest.php
index e6a95af8585daa23d7183cdf483c1debeaba278f..0a708a0a9f27ab839feadfde2f85ffab4a8f3c58 100644
--- a/apps/federation/tests/api/ocsauthapitest.php
+++ b/apps/federation/tests/api/ocsauthapitest.php
@@ -155,8 +155,6 @@ class OCSAuthAPITest extends TestCase {
->method('isValidToken')->with($url, $token)->willReturn($isValidToken);
if($expected === Http::STATUS_OK) {
- $this->secureRandom->expects($this->once())->method('getMediumStrengthGenerator')
- ->willReturn($this->secureRandom);
$this->secureRandom->expects($this->once())->method('generate')->with(32)
->willReturn('secret');
$this->trustedServers->expects($this->once())
diff --git a/apps/federation/tests/lib/trustedserverstest.php b/apps/federation/tests/lib/trustedserverstest.php
index d067cd1c1857f2b5057390181d3c33e8e699ab3b..c1b3f83d69f7386704299be14d6f6b5f68e82382 100644
--- a/apps/federation/tests/lib/trustedserverstest.php
+++ b/apps/federation/tests/lib/trustedserverstest.php
@@ -113,8 +113,6 @@ class TrustedServersTest extends TestCase {
->willReturn($success);
if ($success) {
- $this->secureRandom->expects($this->once())->method('getMediumStrengthGenerator')
- ->willReturn($this->secureRandom);
$this->secureRandom->expects($this->once())->method('generate')
->willReturn('token');
$this->dbHandler->expects($this->once())->method('addToken')->with('https://url', 'token');
diff --git a/apps/files_sharing/tests/controller/sharecontroller.php b/apps/files_sharing/tests/controller/sharecontroller.php
index 398538f09438b09bd577a662d82e22fd6a56a815..87b9e2839d72b4d29bef2d2c0c4d2fc20ddf1e3e 100644
--- a/apps/files_sharing/tests/controller/sharecontroller.php
+++ b/apps/files_sharing/tests/controller/sharecontroller.php
@@ -76,7 +76,7 @@ class ShareControllerTest extends \Test\TestCase {
$this->oldUser = \OC_User::getUser();
// Create a dummy user
- $this->user = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(12, ISecureRandom::CHAR_LOWER);
+ $this->user = \OC::$server->getSecureRandom()->generate(12, ISecureRandom::CHAR_LOWER);
\OC::$server->getUserManager()->createUser($this->user, $this->user);
\OC_Util::tearDownFS();
diff --git a/core/lostpassword/controller/lostcontroller.php b/core/lostpassword/controller/lostcontroller.php
index 0cd6fcd30a4355b70f0cb3ad9151c1ccc13ddadc..88e6fe0f638f4fdde335c003cfc42103878dbc96 100644
--- a/core/lostpassword/controller/lostcontroller.php
+++ b/core/lostpassword/controller/lostcontroller.php
@@ -227,7 +227,7 @@ class LostController extends Controller {
);
}
- $token = $this->secureRandom->getMediumStrengthGenerator()->generate(21,
+ $token = $this->secureRandom->generate(21,
ISecureRandom::CHAR_DIGITS.
ISecureRandom::CHAR_LOWER.
ISecureRandom::CHAR_UPPER);
diff --git a/lib/base.php b/lib/base.php
index 80b1a2bafcd71fc39049f0a09261b5588fdf7f2c..6f0cd14b5b4b6e2071477ca77c9028166f597086 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -1076,7 +1076,7 @@ class OC {
if ($config->getSystemValue('debug', false)) {
self::$server->getLogger()->debug('Setting remember login to cookie', array('app' => 'core'));
}
- $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32);
+ $token = \OC::$server->getSecureRandom()->generate(32);
$config->setUserValue($userId, 'login_token', $token, time());
OC_User::setMagicInCookie($userId, $token);
} else {
diff --git a/lib/private/appframework/http/request.php b/lib/private/appframework/http/request.php
index 6ba1d8f644dc6ae35dd63d238f64ab269fe49aeb..94e58cfc679597a7dc5283fc3bacf13d8b7a330a 100644
--- a/lib/private/appframework/http/request.php
+++ b/lib/private/appframework/http/request.php
@@ -465,7 +465,7 @@ class Request implements \ArrayAccess, \Countable, IRequest {
}
if(empty($this->requestId)) {
- $this->requestId = $this->secureRandom->getLowStrengthGenerator()->generate(20);
+ $this->requestId = $this->secureRandom->generate(20);
}
return $this->requestId;
diff --git a/lib/private/cache/file.php b/lib/private/cache/file.php
index 31d4718d18ae61e2a5530937ce10b5b20d8f4dfe..c531f8c610b05c0874a089a66914a7972be31564 100644
--- a/lib/private/cache/file.php
+++ b/lib/private/cache/file.php
@@ -99,7 +99,7 @@ class File implements ICache {
$storage = $this->getStorage();
$result = false;
// unique id to avoid chunk collision, just in case
- $uniqueId = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(
+ $uniqueId = \OC::$server->getSecureRandom()->generate(
16,
ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER
);
diff --git a/lib/private/db/mdb2schemamanager.php b/lib/private/db/mdb2schemamanager.php
index 6fa9a63ec0024b1cb5c2c51998e6cefc74fb8ea1..5cf1172e64fe607367d1de97fa540c5fc27ae092 100644
--- a/lib/private/db/mdb2schemamanager.php
+++ b/lib/private/db/mdb2schemamanager.php
@@ -75,7 +75,7 @@ class MDB2SchemaManager {
* @return \OC\DB\Migrator
*/
public function getMigrator() {
- $random = \OC::$server->getSecureRandom()->getMediumStrengthGenerator();
+ $random = \OC::$server->getSecureRandom();
$platform = $this->conn->getDatabasePlatform();
$config = \OC::$server->getConfig();
if ($platform instanceof SqlitePlatform) {
diff --git a/lib/private/security/crypto.php b/lib/private/security/crypto.php
index 46d0c750b2fcdf904a6f89649f8ccb912a8b41e7..6737902640fe626a9760f0b90e88750d092c0683 100644
--- a/lib/private/security/crypto.php
+++ b/lib/private/security/crypto.php
@@ -90,7 +90,7 @@ class Crypto implements ICrypto {
}
$this->cipher->setPassword($password);
- $iv = $this->random->getLowStrengthGenerator()->generate($this->ivLength);
+ $iv = $this->random->generate($this->ivLength);
$this->cipher->setIV($iv);
$ciphertext = bin2hex($this->cipher->encrypt($plaintext));
diff --git a/lib/private/session/cryptowrapper.php b/lib/private/session/cryptowrapper.php
index 177f11ffb70d51ff49bc073ee5c8f04181b0e3ce..4875788530ae82b84675d514ba14bcf274b328bc 100644
--- a/lib/private/session/cryptowrapper.php
+++ b/lib/private/session/cryptowrapper.php
@@ -74,7 +74,7 @@ class CryptoWrapper {
if (!is_null($request->getCookie(self::COOKIE_NAME))) {
$this->passphrase = $request->getCookie(self::COOKIE_NAME);
} else {
- $this->passphrase = $this->random->getMediumStrengthGenerator()->generate(128);
+ $this->passphrase = $this->random->generate(128);
$secureCookie = $request->getServerProtocol() === 'https';
// FIXME: Required for CI
if (!defined('PHPUNIT_RUN')) {
diff --git a/lib/private/setup.php b/lib/private/setup.php
index 770f5cdab523d2ad2d3dd1b96c3a2f22719247ca..d318e5f05751f65ab4032d879ea9beadc25c35d2 100644
--- a/lib/private/setup.php
+++ b/lib/private/setup.php
@@ -310,9 +310,9 @@ class Setup {
}
//generate a random salt that is used to salt the local user passwords
- $salt = $this->random->getLowStrengthGenerator()->generate(30);
+ $salt = $this->random->generate(30);
// generate a secret
- $secret = $this->random->getMediumStrengthGenerator()->generate(48);
+ $secret = $this->random->generate(48);
//write the config file
$this->config->setSystemValues([
diff --git a/lib/private/setup/mysql.php b/lib/private/setup/mysql.php
index e8b88eb3489bdcced4ead0b1df58f9800651af10..63ded13ede7bb3a6389a55c64b1cf264e76f44f0 100644
--- a/lib/private/setup/mysql.php
+++ b/lib/private/setup/mysql.php
@@ -143,7 +143,7 @@ class MySQL extends AbstractDatabase {
$this->dbUser = $adminUser;
//create a random password so we don't need to store the admin password in the config file
- $this->dbPassword = $this->random->getMediumStrengthGenerator()->generate(30);
+ $this->dbPassword = $this->random->generate(30);
$this->createDBUser($connection);
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index 63639461f0ab60f6e0f2f3b3b36b3549758fb57a..960ed539847da4ac9bcb0c25f361df9d104fe7b5 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -819,7 +819,7 @@ class Share extends Constants {
if (isset($oldToken)) {
$token = $oldToken;
} else {
- $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(self::TOKEN_LENGTH,
+ $token = \OC::$server->getSecureRandom()->generate(self::TOKEN_LENGTH,
\OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_UPPER.
\OCP\Security\ISecureRandom::CHAR_DIGITS
);
@@ -860,7 +860,7 @@ class Share extends Constants {
throw new \Exception($message_t);
}
- $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(self::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER .
+ $token = \OC::$server->getSecureRandom()->generate(self::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER .
\OCP\Security\ISecureRandom::CHAR_DIGITS);
$shareWith = $user . '@' . $remote;
diff --git a/lib/private/user.php b/lib/private/user.php
index fa1cea9072f7e7fc29956a75cd5e51a5506e8819..9595ec5f12342b31693e46a49342a5408486f221 100644
--- a/lib/private/user.php
+++ b/lib/private/user.php
@@ -393,7 +393,7 @@ class OC_User {
* generates a password
*/
public static function generatePassword() {
- return \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(30);
+ return \OC::$server->getSecureRandom()->generate(30);
}
/**
diff --git a/lib/private/user/session.php b/lib/private/user/session.php
index be38b1b1d8e537cb81afdb0aacc9873259695030..7030f3ddbc950fbc95e34dd6ba5ea61fd9a7139c 100644
--- a/lib/private/user/session.php
+++ b/lib/private/user/session.php
@@ -260,7 +260,7 @@ class Session implements IUserSession, Emitter {
}
// replace successfully used token with a new one
\OC::$server->getConfig()->deleteUserValue($uid, 'login_token', $currentToken);
- $newToken = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32);
+ $newToken = \OC::$server->getSecureRandom()->generate(32);
\OC::$server->getConfig()->setUserValue($uid, 'login_token', $newToken, time());
$this->setMagicInCookie($user->getUID(), $newToken);
diff --git a/lib/private/util.php b/lib/private/util.php
index 4bcde68c355236d10786fb310a02f35b830a0288..ff28f7823826bb54e11a48710e51bfc67657c018 100644
--- a/lib/private/util.php
+++ b/lib/private/util.php
@@ -1097,7 +1097,7 @@ class OC_Util {
$id = \OC::$server->getSystemConfig()->getValue('instanceid', null);
if (is_null($id)) {
// We need to guarantee at least one letter in instanceid so it can be used as the session_name
- $id = 'oc' . \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
+ $id = 'oc' . \OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
\OC::$server->getSystemConfig()->setValue('instanceid', $id);
}
return $id;
@@ -1125,7 +1125,7 @@ class OC_Util {
// Check if a token exists
if (!\OC::$server->getSession()->exists('requesttoken')) {
// No valid token found, generate a new one.
- $requestToken = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate($tokenLength);
+ $requestToken = \OC::$server->getSecureRandom()->generate($tokenLength);
\OC::$server->getSession()->set('requesttoken', $requestToken);
} else {
// Valid token already exists, send it
@@ -1133,7 +1133,7 @@ class OC_Util {
}
// XOR the token to mitigate breach-like attacks
- $sharedSecret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate($tokenLength);
+ $sharedSecret = \OC::$server->getSecureRandom()->generate($tokenLength);
self::$obfuscatedToken = base64_encode($requestToken ^ $sharedSecret) .':'.$sharedSecret;
return self::$obfuscatedToken;
diff --git a/tests/core/lostpassword/controller/lostcontrollertest.php b/tests/core/lostpassword/controller/lostcontrollertest.php
index eb0447f278b2ce4fc34353472d8bbf5642c84488..0843d82da3fcf0ef6f8d77c14da253a27e531163 100644
--- a/tests/core/lostpassword/controller/lostcontrollertest.php
+++ b/tests/core/lostpassword/controller/lostcontrollertest.php
@@ -167,7 +167,6 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
}
public function testEmailSuccessful() {
- $randomToken = $this->secureRandom;
$this->secureRandom
->expects($this->once())
->method('generate')
@@ -187,10 +186,6 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
->expects($this->once())
->method('getTime')
->will($this->returnValue(12348));
- $this->secureRandom
- ->expects($this->once())
- ->method('getMediumStrengthGenerator')
- ->will($this->returnValue($randomToken));
$this->config
->expects($this->once())
->method('setUserValue')
@@ -233,7 +228,6 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
}
public function testEmailCantSendException() {
- $randomToken = $this->secureRandom;
$this->secureRandom
->expects($this->once())
->method('generate')
@@ -249,10 +243,6 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
->method('get')
->with('ExistingUser')
->willReturn($this->existingUser);
- $this->secureRandom
- ->expects($this->once())
- ->method('getMediumStrengthGenerator')
- ->will($this->returnValue($randomToken));
$this->config
->expects($this->once())
->method('setUserValue')
diff --git a/tests/lib/appframework/http/RequestTest.php b/tests/lib/appframework/http/RequestTest.php
index 32603d0da599350e726e0c600eb234204589e2df..ab79eb498fa1589d38a4e9900879e9e08f2c4836 100644
--- a/tests/lib/appframework/http/RequestTest.php
+++ b/tests/lib/appframework/http/RequestTest.php
@@ -352,18 +352,11 @@ class RequestTest extends \Test\TestCase {
}
public function testGetIdWithoutModUnique() {
- $lowRandomSource = $this->getMockBuilder('\OCP\Security\ISecureRandom')
- ->disableOriginalConstructor()->getMock();
- $lowRandomSource->expects($this->once())
+ $this->secureRandom->expects($this->once())
->method('generate')
->with('20')
->will($this->returnValue('GeneratedByOwnCloudItself'));
- $this->secureRandom
- ->expects($this->once())
- ->method('getLowStrengthGenerator')
- ->will($this->returnValue($lowRandomSource));
-
$request = new Request(
[],
$this->secureRandom,
diff --git a/tests/lib/dbschema.php b/tests/lib/dbschema.php
index d96f81957707675e30cf1d98ebe99ecc51a0d22d..11eacbf397f9aa4e1e6be1e19c2f4e237f6a5c9f 100644
--- a/tests/lib/dbschema.php
+++ b/tests/lib/dbschema.php
@@ -26,7 +26,7 @@ class Test_DBSchema extends \Test\TestCase {
$dbfile = OC::$SERVERROOT.'/tests/data/db_structure.xml';
$dbfile2 = OC::$SERVERROOT.'/tests/data/db_structure2.xml';
- $r = '_' . \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->
+ $r = '_' . \OC::$server->getSecureRandom()->
generate(4, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS) . '_';
$content = file_get_contents( $dbfile );
$content = str_replace( '*dbprefix*', '*dbprefix*'.$r, $content );
diff --git a/tests/lib/security/securerandom.php b/tests/lib/security/securerandom.php
index af437640805c4cd446d64ce49d41b1fe3aa6b44d..526066d92ee8a7850d494b10f328d65f608c7b21 100644
--- a/tests/lib/security/securerandom.php
+++ b/tests/lib/security/securerandom.php
@@ -42,7 +42,7 @@ class SecureRandomTest extends \Test\TestCase {
* @dataProvider stringGenerationProvider
*/
function testGetLowStrengthGeneratorLength($length, $expectedLength) {
- $generator = $this->rng->getLowStrengthGenerator();
+ $generator = $this->rng;
$this->assertEquals($expectedLength, strlen($generator->generate($length)));
}
@@ -51,7 +51,7 @@ class SecureRandomTest extends \Test\TestCase {
* @dataProvider stringGenerationProvider
*/
function testMediumLowStrengthGeneratorLength($length, $expectedLength) {
- $generator = $this->rng->getMediumStrengthGenerator();
+ $generator = $this->rng;
$this->assertEquals($expectedLength, strlen($generator->generate($length)));
}
@@ -67,7 +67,7 @@ class SecureRandomTest extends \Test\TestCase {
* @dataProvider charCombinations
*/
public function testScheme($charName, $chars) {
- $generator = $this->rng->getMediumStrengthGenerator();
+ $generator = $this->rng;
$scheme = constant('OCP\Security\ISecureRandom::' . $charName);
$randomString = $generator->generate(100, $scheme);
$matchesRegex = preg_match('/^'.$chars.'+$/', $randomString);
diff --git a/tests/lib/testcase.php b/tests/lib/testcase.php
index 93b354863a98c59d700e00e4796280769254220c..38d5cf49320e5625c6035c6e1a999ecd3f9f03f3 100644
--- a/tests/lib/testcase.php
+++ b/tests/lib/testcase.php
@@ -150,7 +150,7 @@ abstract class TestCase extends \PHPUnit_Framework_TestCase {
* @return string
*/
protected static function getUniqueID($prefix = '', $length = 13) {
- return $prefix . \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(
+ return $prefix . \OC::$server->getSecureRandom()->generate(
$length,
// Do not use dots and slashes as we use the value for file names
ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER