‪TYPO3CMS  ‪main
Random.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Crypto;
19 
20 use ‪TYPO3\CMS\Core\Exception\InvalidPasswordRulesException;
21 use ‪TYPO3\CMS\Core\Utility\StringUtility;
22 
26 class ‪Random
27 {
28  private const ‪DEFAULT_PASSWORD_LENGTH = 16;
29  private const ‪LOWERCASE_CHARACTERS = 'abcdefghijklmnopqrstuvwxyz';
30  private const ‪UPPERCASE_CHARACTERS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
31  private const ‪SPECIAL_CHARACTERS = '!"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~';
32  private const ‪DIGIT_CHARACTERS = '1234567890';
33 
37  public function ‪generateRandomBytes(int $length): string
38  {
39  return random_bytes($length);
40  }
41 
45  public function ‪generateRandomInteger(int $min, int $max): int
46  {
47  return random_int($min, $max);
48  }
49 
53  public function ‪generateRandomHexString(int $length): string
54  {
55  return substr(bin2hex($this->‪generateRandomBytes((int)(($length + 1) / 2))), 0, $length);
56  }
57 
63  public function ‪generateRandomPassword(array $passwordRules): string
64  {
65  $passwordLength = (int)($passwordRules['length'] ?? self::DEFAULT_PASSWORD_LENGTH);
66  if ($passwordLength < 8) {
67  throw new ‪InvalidPasswordRulesException(
68  'Password rules are invalid. Length must be at least 8.',
69  1667557900
70  );
71  }
72 
73  $password = '';
74 
75  if ($passwordRules['random'] ?? false) {
76  $password = match ((string)$passwordRules['random']) {
77  'hex' => $this->‪generateRandomHexString($passwordLength),
78  'base64' => $this->‪generateRandomBase64String($passwordLength),
79  default => throw new ‪InvalidPasswordRulesException('Invalid value for special password rule \'random\'. Valid options are: \'hex\' and \'base64\'', 1667557901),
80  };
81  } else {
82  $characters = [];
83  $characterSets = [];
84  if (filter_var($passwordRules['lowerCaseCharacters'] ?? true, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE)) {
85  $characters = array_merge($characters, str_split(self::LOWERCASE_CHARACTERS));
86  $characterSets[] = ‪self::LOWERCASE_CHARACTERS;
87  }
88  if (filter_var($passwordRules['upperCaseCharacters'] ?? true, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE)) {
89  $characters = array_merge($characters, str_split(self::UPPERCASE_CHARACTERS));
90  $characterSets[] = ‪self::UPPERCASE_CHARACTERS;
91  }
92  if (filter_var($passwordRules['digitCharacters'] ?? true, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE)) {
93  $characters = array_merge($characters, str_split(self::DIGIT_CHARACTERS));
94  $characterSets[] = ‪self::DIGIT_CHARACTERS;
95  }
96  if (filter_var($passwordRules['specialCharacters'] ?? false, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE)) {
97  $characters = array_merge($characters, str_split(self::SPECIAL_CHARACTERS));
98  $characterSets[] = ‪self::SPECIAL_CHARACTERS;
99  }
100 
101  if ($characterSets === []) {
102  throw new ‪InvalidPasswordRulesException(
103  'Password rules are invalid. At least one character set must be allowed.',
104  1667557902
105  );
106  }
107 
108  foreach ($characterSets as $characterSet) {
109  $password .= $characterSet[random_int(0, strlen($characterSet) - 1)];
110  }
111 
112  $charactersCount = count($characters);
113  for ($i = 0; $i < $passwordLength - count($characterSets); $i++) {
114  $password .= $characters[random_int(0, $charactersCount - 1)];
115  }
116 
117  str_shuffle($password);
118  }
119 
120  return $password;
121  }
122 
126  protected function ‪generateRandomBase64String(int $length): string
127  {
128  return substr(‪StringUtility::base64urlEncode($this->‪generateRandomBytes((int)ceil(($length / 4) * 3))), 0, $length);
129  }
130 }
‪TYPO3\CMS\Core\Exception\InvalidPasswordRulesException
Definition: InvalidPasswordRulesException.php:25
‪TYPO3\CMS\Core\Crypto\Random\LOWERCASE_CHARACTERS
‪const LOWERCASE_CHARACTERS
Definition: Random.php:29
‪TYPO3\CMS\Core\Utility\StringUtility\base64urlEncode
‪static string base64urlEncode(string $value)
Definition: StringUtility.php:176
‪TYPO3\CMS\Core\Crypto\Random\DIGIT_CHARACTERS
‪const DIGIT_CHARACTERS
Definition: Random.php:32
‪TYPO3\CMS\Core\Crypto\Random\generateRandomHexString
‪generateRandomHexString(int $length)
Definition: Random.php:53
‪TYPO3\CMS\Core\Crypto\Random\generateRandomPassword
‪generateRandomPassword(array $passwordRules)
Definition: Random.php:63
‪TYPO3\CMS\Core\Crypto\Random\SPECIAL_CHARACTERS
‪const SPECIAL_CHARACTERS
Definition: Random.php:31
‪TYPO3\CMS\Core\Crypto\Random\generateRandomBase64String
‪generateRandomBase64String(int $length)
Definition: Random.php:126
‪TYPO3\CMS\Core\Crypto\Random\UPPERCASE_CHARACTERS
‪const UPPERCASE_CHARACTERS
Definition: Random.php:30
‪TYPO3\CMS\Core\Crypto\Random\generateRandomInteger
‪generateRandomInteger(int $min, int $max)
Definition: Random.php:45
‪TYPO3\CMS\Core\Crypto\Random\DEFAULT_PASSWORD_LENGTH
‪const DEFAULT_PASSWORD_LENGTH
Definition: Random.php:28
‪TYPO3\CMS\Core\Crypto\Random
Definition: Random.php:27
‪TYPO3\CMS\Core\Crypto\Random\generateRandomBytes
‪generateRandomBytes(int $length)
Definition: Random.php:37
‪TYPO3\CMS\Core\Utility\StringUtility
Definition: StringUtility.php:24
‪TYPO3\CMS\Core\Crypto
Definition: HashService.php:18