1 /*
2 Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2.0,
6 as published by the Free Software Foundation.
7
8 This program is also distributed with certain software (including
9 but not limited to OpenSSL) that is licensed under separate terms,
10 as designated in a particular file or component or in included license
11 documentation. The authors of MySQL hereby grant you an additional
12 permission to link the program and your derivative works with the
13 separately licensed software that they have included with MySQL.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
23 */
24
25 #include "random_generator.h"
26
27 #include <assert.h> // <cassert> is flawed: assert() lands in global namespace on Ubuntu 14.04, not std::
28 #include <algorithm>
29 #include <random>
30 #include <stdexcept>
31 #include <string>
32
33 namespace mysql_harness {
34
35 namespace {
36 const unsigned kMinPasswordLength = 8;
37
38 const std::string kAlphabetDigits = "0123456789";
39 const std::string kAlphabetLowercase = "abcdefghijklmnopqrstuvwxyz";
40 const std::string kAlphabetUppercase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
41 const std::string kAlphabetSpecial = "~@#$^&*()-=+]}[{|;:.>,</?";
42
get_alphabet(unsigned alphabet_mask)43 std::string get_alphabet(unsigned alphabet_mask) {
44 std::string result;
45 if (alphabet_mask & RandomGenerator::AlphabetDigits)
46 result += kAlphabetDigits;
47 if (alphabet_mask & RandomGenerator::AlphabetLowercase)
48 result += kAlphabetLowercase;
49 if (alphabet_mask & RandomGenerator::AlphabetUppercase)
50 result += kAlphabetUppercase;
51 if (alphabet_mask & RandomGenerator::AlphabetSpecial)
52 result += kAlphabetSpecial;
53
54 return result;
55 }
56 } // namespace
57
58 RandomGeneratorInterface::~RandomGeneratorInterface() = default;
59
generate_identifier(unsigned length,unsigned alphabet_mask)60 std::string RandomGenerator::generate_identifier(
61 unsigned length, unsigned alphabet_mask) /*override*/ {
62 std::string result;
63 std::random_device rd;
64 const std::string alphabet = get_alphabet(alphabet_mask);
65
66 if (alphabet.length() < 1) {
67 throw std::invalid_argument(
68 "Wrong alphabet mask provided for generate_identifier(" +
69 std::to_string(alphabet_mask) + ")");
70 }
71
72 std::uniform_int_distribution<unsigned long> dist(0, alphabet.length() - 1);
73
74 for (unsigned i = 0; i < length; i++) result += alphabet[dist(rd)];
75
76 return result;
77 }
78
generate_strong_password(unsigned length)79 std::string RandomGenerator::generate_strong_password(
80 unsigned length) /*override*/ {
81 if (length < kMinPasswordLength) {
82 throw std::invalid_argument("The password needs to be at least " +
83 std::to_string(kMinPasswordLength) +
84 " charactes long");
85 }
86
87 std::string result;
88 result += generate_identifier(1, AlphabetDigits); // at least one digit
89 result += generate_identifier(
90 1, AlphabetLowercase); // at least one lowercase letter
91 result += generate_identifier(
92 1, AlphabetUppercase); // at least one upperrcase letter
93 result += generate_identifier(
94 1, AlphabetSpecial); // at least one special character
95
96 // fill the rest with random data from the whole characters set
97 length -= static_cast<unsigned>(result.length());
98 result += generate_identifier(length, AlphabetAll);
99
100 std::shuffle(result.begin(), result.end(), urng);
101
102 return result;
103 }
104
105 // returns "012345678901234567890123...", truncated to length
generate_identifier(unsigned length,unsigned)106 std::string FakeRandomGenerator::generate_identifier(unsigned length,
107 unsigned) /*override*/ {
108 std::string pwd;
109 for (unsigned i = 0; i < length; i++) pwd += static_cast<char>('0' + i % 10);
110 return pwd;
111 }
112
113 // returns "012345678901234567890123...", truncated to length
generate_strong_password(unsigned length)114 std::string FakeRandomGenerator::generate_strong_password(
115 unsigned length) /*override*/ {
116 return generate_identifier(length, 0);
117 }
118
119 } // namespace mysql_harness
120