1 /*
2   Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
3 
4   This program is free software; you can redistribute it and/or modify
5   it under the terms of the GNU General Public License, version 2.0,
6   as published by the Free Software Foundation.
7 
8   This program is also distributed with certain software (including
9   but not limited to OpenSSL) that is licensed under separate terms,
10   as designated in a particular file or component or in included license
11   documentation.  The authors of MySQL hereby grant you an additional
12   permission to link the program and your derivative works with the
13   separately licensed software that they have included with MySQL.
14 
15   This program is distributed in the hope that it will be useful,
16   but WITHOUT ANY WARRANTY; without even the implied warranty of
17   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18   GNU General Public License for more details.
19 
20   You should have received a copy of the GNU General Public License
21   along with this program; if not, write to the Free Software
22   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
23 */
24 
25 #include "random_generator.h"
26 
27 #include <assert.h>  // <cassert> is flawed: assert() lands in global namespace on Ubuntu 14.04, not std::
28 #include <algorithm>
29 #include <random>
30 #include <stdexcept>
31 #include <string>
32 
33 namespace mysql_harness {
34 
35 namespace {
36 const unsigned kMinPasswordLength = 8;
37 
38 const std::string kAlphabetDigits = "0123456789";
39 const std::string kAlphabetLowercase = "abcdefghijklmnopqrstuvwxyz";
40 const std::string kAlphabetUppercase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
41 const std::string kAlphabetSpecial = "~@#$^&*()-=+]}[{|;:.>,</?";
42 
get_alphabet(unsigned alphabet_mask)43 std::string get_alphabet(unsigned alphabet_mask) {
44   std::string result;
45   if (alphabet_mask & RandomGenerator::AlphabetDigits)
46     result += kAlphabetDigits;
47   if (alphabet_mask & RandomGenerator::AlphabetLowercase)
48     result += kAlphabetLowercase;
49   if (alphabet_mask & RandomGenerator::AlphabetUppercase)
50     result += kAlphabetUppercase;
51   if (alphabet_mask & RandomGenerator::AlphabetSpecial)
52     result += kAlphabetSpecial;
53 
54   return result;
55 }
56 }  // namespace
57 
58 RandomGeneratorInterface::~RandomGeneratorInterface() = default;
59 
generate_identifier(unsigned length,unsigned alphabet_mask)60 std::string RandomGenerator::generate_identifier(
61     unsigned length, unsigned alphabet_mask) /*override*/ {
62   std::string result;
63   std::random_device rd;
64   const std::string alphabet = get_alphabet(alphabet_mask);
65 
66   if (alphabet.length() < 1) {
67     throw std::invalid_argument(
68         "Wrong alphabet mask provided for generate_identifier(" +
69         std::to_string(alphabet_mask) + ")");
70   }
71 
72   std::uniform_int_distribution<unsigned long> dist(0, alphabet.length() - 1);
73 
74   for (unsigned i = 0; i < length; i++) result += alphabet[dist(rd)];
75 
76   return result;
77 }
78 
generate_strong_password(unsigned length)79 std::string RandomGenerator::generate_strong_password(
80     unsigned length) /*override*/ {
81   if (length < kMinPasswordLength) {
82     throw std::invalid_argument("The password needs to be at least " +
83                                 std::to_string(kMinPasswordLength) +
84                                 " charactes long");
85   }
86 
87   std::string result;
88   result += generate_identifier(1, AlphabetDigits);  // at least one digit
89   result += generate_identifier(
90       1, AlphabetLowercase);  // at least one lowercase letter
91   result += generate_identifier(
92       1, AlphabetUppercase);  // at least one upperrcase letter
93   result += generate_identifier(
94       1, AlphabetSpecial);  // at least one special character
95 
96   // fill the rest with random data from the whole characters set
97   length -= static_cast<unsigned>(result.length());
98   result += generate_identifier(length, AlphabetAll);
99 
100   std::shuffle(result.begin(), result.end(), urng);
101 
102   return result;
103 }
104 
105 // returns "012345678901234567890123...", truncated to length
generate_identifier(unsigned length,unsigned)106 std::string FakeRandomGenerator::generate_identifier(unsigned length,
107                                                      unsigned) /*override*/ {
108   std::string pwd;
109   for (unsigned i = 0; i < length; i++) pwd += static_cast<char>('0' + i % 10);
110   return pwd;
111 }
112 
113 // returns "012345678901234567890123...", truncated to length
generate_strong_password(unsigned length)114 std::string FakeRandomGenerator::generate_strong_password(
115     unsigned length) /*override*/ {
116   return generate_identifier(length, 0);
117 }
118 
119 }  // namespace mysql_harness
120