Merge pull request #357 from nextcloud/backport/356/stable24v24.0.1rc1v24.0.1

1 files changed, 13 insertions, 6 deletions

diff --git a/lib/Generator.php b/lib/Generator.php
index 1328054..ca9ea63 100644
--- a/lib/Generator.php
+++ b/lib/Generator.php
@@ -52,7 +52,8 @@ class Generator {
 	 * @throws HintException
 	 */
 	public function generate(): string {
-		$lenght = $this->config->getMinLength();
+		$minLength = max($this->config->getMinLength(), 8);
+		$length = $minLength;
 
 		$password = '';
 		$chars = '';
@@ -62,19 +63,19 @@ class Generator {
 			if ($this->config->getEnforceUpperLowerCase()) {
 				$password .= $this->random->generate(1, ISecureRandom::CHAR_UPPER);
 				$password .= $this->random->generate(1, ISecureRandom::CHAR_LOWER);
-				$lenght -= 2;
+				$length -= 2;
 				$chars .= ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER;
 			}
 
 			if ($this->config->getEnforceNumericCharacters()) {
 				$password .= $this->random->generate(1, ISecureRandom::CHAR_DIGITS);
-				$lenght -= 1;
+				$length -= 1;
 				$chars .= ISecureRandom::CHAR_DIGITS;
 			}
 
 			if ($this->config->getEnforceSpecialCharacters()) {
 				$password .= $this->random->generate(1, ISecureRandom::CHAR_SYMBOLS);
-				$lenght -= 1;
+				$length -= 1;
 				$chars .= ISecureRandom::CHAR_SYMBOLS;
 			}
 
@@ -82,10 +83,16 @@ class Generator {
 				$chars = ISecureRandom::CHAR_HUMAN_READABLE;
 			}
 
-			$password .= $chars = $this->random->generate($lenght, $chars);
+			$password .= $chars = $this->random->generate($length, $chars);
 
 			try {
 				$this->validator->validate($password);
+
+				if ($password === null || $password === '') {
+					// something went wrong
+					break;
+				}
+
 				$found = true;
 				break;
 			} catch (HintException $e) {
@@ -93,7 +100,7 @@ class Generator {
 				 * Invalid so lets go for another round
 				 * Reset the length so we don't run below zero
 				 */
-				$lenght = $this->config->getMinLength();
+				$length = $minLength;
 			}
 		}