Increase 2fa backup codes entropy
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
parent
203436b16b
commit
3b76699c9c
|
@ -33,6 +33,8 @@ use OCP\Security\ISecureRandom;
|
|||
|
||||
class BackupCodeStorage {
|
||||
|
||||
private static $CODE_LENGTH = 16;
|
||||
|
||||
/** @var BackupCodeMapper */
|
||||
private $mapper;
|
||||
|
||||
|
@ -48,6 +50,13 @@ class BackupCodeStorage {
|
|||
/** @var ILogger */
|
||||
private $logger;
|
||||
|
||||
/**
|
||||
* @param BackupCodeMapper $mapper
|
||||
* @param ISecureRandom $random
|
||||
* @param IHasher $hasher
|
||||
* @param IManager $activityManager
|
||||
* @param ILogger $logger
|
||||
*/
|
||||
public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher,
|
||||
IManager $activityManager, ILogger $logger) {
|
||||
$this->mapper = $mapper;
|
||||
|
@ -69,7 +78,7 @@ class BackupCodeStorage {
|
|||
|
||||
$uid = $user->getUID();
|
||||
foreach (range(1, min([$number, 20])) as $i) {
|
||||
$code = $this->random->generate(10, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789');
|
||||
$code = $this->random->generate(self::$CODE_LENGTH, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789');
|
||||
|
||||
$dbCode = new BackupCode();
|
||||
$dbCode->setUserId($uid);
|
||||
|
|
|
@ -77,7 +77,7 @@ class BackupCodeStorageTest extends TestCase {
|
|||
->will($this->returnValue('fritz'));
|
||||
$this->random->expects($this->exactly($number))
|
||||
->method('generate')
|
||||
->with(10, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
|
||||
->with(16, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
|
||||
->will($this->returnValue('CODEABCDEF'));
|
||||
$this->hasher->expects($this->exactly($number))
|
||||
->method('hash')
|
||||
|
|
Loading…
Reference in New Issue