getMediumStrengthGenerator is deprecated and does not do anything anymore

apps/encryption/lib/crypto/encryptall.php

@@ -344,7 +344,7 @@ class EncryptAll {
 	 * @return string password
 	 */
 	protected function generateOneTimePassword($uid) {
-		$password = $this->secureRandom->getMediumStrengthGenerator()->generate(8);
+		$password = $this->secureRandom->generate(8);
 		$this->userPasswords[$uid] = $password;
 		return $password;
 	}

apps/federation/api/ocsauthapi.php

@@ -139,7 +139,7 @@ class OCSAuthAPI {
 			return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
 		}
 
-		$sharedSecret = $this->secureRandom->getMediumStrengthGenerator()->generate(32);
+		$sharedSecret = $this->secureRandom->generate(32);
 
 		$this->trustedServers->addSharedSecret($url, $sharedSecret);
 		// reset token after the exchange of the shared secret was successful

apps/federation/lib/trustedservers.php

@@ -90,7 +90,7 @@ class TrustedServers {
 		$url = $this->updateProtocol($url);
 		$result = $this->dbHandler->addServer($url);
 		if ($result) {
-			$token = $this->secureRandom->getMediumStrengthGenerator()->generate(16);
+			$token = $this->secureRandom->generate(16);
 			$this->dbHandler->addToken($url, $token);
 			$this->jobList->add(
 				'OCA\Federation\BackgroundJob\RequestSharedSecret',

core/lostpassword/controller/lostcontroller.php

@@ -227,7 +227,7 @@ class LostController extends Controller {
 			);
 		}
 
-		$token = $this->secureRandom->getMediumStrengthGenerator()->generate(21,
+		$token = $this->secureRandom->generate(21,
 			ISecureRandom::CHAR_DIGITS.
 			ISecureRandom::CHAR_LOWER.
 			ISecureRandom::CHAR_UPPER);

lib/base.php

@@ -1076,7 +1076,7 @@ class OC {
 				if ($config->getSystemValue('debug', false)) {
 					self::$server->getLogger()->debug('Setting remember login to cookie', array('app' => 'core'));
 				}
-				$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32);
+				$token = \OC::$server->getSecureRandom()->generate(32);
 				$config->setUserValue($userId, 'login_token', $token, time());
 				OC_User::setMagicInCookie($userId, $token);
 			} else {

lib/private/db/mdb2schemamanager.php

@@ -75,7 +75,7 @@ class MDB2SchemaManager {
 	 * @return \OC\DB\Migrator
 	 */
 	public function getMigrator() {
-		$random = \OC::$server->getSecureRandom()->getMediumStrengthGenerator();
+		$random = \OC::$server->getSecureRandom();
 		$platform = $this->conn->getDatabasePlatform();
 		$config = \OC::$server->getConfig();
 		if ($platform instanceof SqlitePlatform) {

lib/private/session/cryptowrapper.php

@@ -74,7 +74,7 @@ class CryptoWrapper {
 		if (!is_null($request->getCookie(self::COOKIE_NAME))) {
 			$this->passphrase = $request->getCookie(self::COOKIE_NAME);
 		} else {
-			$this->passphrase = $this->random->getMediumStrengthGenerator()->generate(128);
+			$this->passphrase = $this->random->generate(128);
 			$secureCookie = $request->getServerProtocol() === 'https';
 			// FIXME: Required for CI
 			if (!defined('PHPUNIT_RUN')) {

lib/private/setup/mysql.php

@@ -143,7 +143,7 @@ class MySQL extends AbstractDatabase {
 							$this->dbUser = $adminUser;
 
 							//create a random password so we don't need to store the admin password in the config file
-							$this->dbPassword =  $this->random->getMediumStrengthGenerator()->generate(30);
+							$this->dbPassword =  $this->random->generate(30);
 
 							$this->createDBUser($connection);
 

lib/private/share/share.php

@@ -819,7 +819,7 @@ class Share extends Constants {
 				if (isset($oldToken)) {
 					$token = $oldToken;
 				} else {
-					$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(self::TOKEN_LENGTH,
+					$token = \OC::$server->getSecureRandom()->generate(self::TOKEN_LENGTH,
 						\OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_UPPER.
 						\OCP\Security\ISecureRandom::CHAR_DIGITS
 					);
@@ -860,7 +860,7 @@ class Share extends Constants {
 				throw new \Exception($message_t);
 			}
 
-			$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(self::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER .
+			$token = \OC::$server->getSecureRandom()->generate(self::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER .
 				\OCP\Security\ISecureRandom::CHAR_DIGITS);
 
 			$shareWith = $user . '@' . $remote;

lib/private/user.php

@@ -393,7 +393,7 @@ class OC_User {
 	 * generates a password
 	 */
 	public static function generatePassword() {
-		return \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(30);
+		return \OC::$server->getSecureRandom()->generate(30);
 	}
 
 	/**

lib/private/user/session.php

@@ -260,7 +260,7 @@ class Session implements IUserSession, Emitter {
 		}
 		// replace successfully used token with a new one
 		\OC::$server->getConfig()->deleteUserValue($uid, 'login_token', $currentToken);
-		$newToken = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32);
+		$newToken = \OC::$server->getSecureRandom()->generate(32);
 		\OC::$server->getConfig()->setUserValue($uid, 'login_token', $newToken, time());
 		$this->setMagicInCookie($user->getUID(), $newToken);
 

lib/private/util.php

@@ -1125,7 +1125,7 @@ class OC_Util {
 		// Check if a token exists
 		if (!\OC::$server->getSession()->exists('requesttoken')) {
 			// No valid token found, generate a new one.
-			$requestToken = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate($tokenLength);
+			$requestToken = \OC::$server->getSecureRandom()->generate($tokenLength);
 			\OC::$server->getSession()->set('requesttoken', $requestToken);
 		} else {
 			// Valid token already exists, send it
@@ -1133,7 +1133,7 @@ class OC_Util {
 		}
 
 		// XOR the token to mitigate breach-like attacks
-		$sharedSecret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate($tokenLength);
+		$sharedSecret = \OC::$server->getSecureRandom()->generate($tokenLength);
 		self::$obfuscatedToken =  base64_encode($requestToken ^ $sharedSecret) .':'.$sharedSecret;
 
 		return self::$obfuscatedToken;

tests/lib/dbschema.php

@@ -26,7 +26,7 @@ class Test_DBSchema extends \Test\TestCase {
 		$dbfile = OC::$SERVERROOT.'/tests/data/db_structure.xml';
 		$dbfile2 = OC::$SERVERROOT.'/tests/data/db_structure2.xml';
 
-		$r = '_' . \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->
+		$r = '_' . \OC::$server->getSecureRandom()->
 			generate(4, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS) . '_';
 		$content = file_get_contents( $dbfile );
 		$content = str_replace( '*dbprefix*', '*dbprefix*'.$r, $content );

tests/lib/security/securerandom.php

@@ -51,7 +51,7 @@ class SecureRandomTest extends \Test\TestCase {
 	 * @dataProvider stringGenerationProvider
 	 */
 	function testMediumLowStrengthGeneratorLength($length, $expectedLength) {
-		$generator = $this->rng->getMediumStrengthGenerator();
+		$generator = $this->rng;
 
 		$this->assertEquals($expectedLength, strlen($generator->generate($length)));
 	}
@@ -67,7 +67,7 @@ class SecureRandomTest extends \Test\TestCase {
 	 * @dataProvider charCombinations
 	 */
 	public function testScheme($charName, $chars) {
-		$generator = $this->rng->getMediumStrengthGenerator();
+		$generator = $this->rng;
 		$scheme = constant('OCP\Security\ISecureRandom::' . $charName);
 		$randomString = $generator->generate(100, $scheme);
 		$matchesRegex = preg_match('/^'.$chars.'+$/', $randomString);