Password generated with jose is not strong accordingly to pwquality

[sarroutbi]

In case /etc/security/pwquality.conf is configured so that generated passwords have special strength (such as, for example, no more than 4 characters of the same type), clevis is dumping error on binding. This is due to cryptsetup, which takes into consideration the information in such file. This is independent of the usage of jose (instead of pwmake), which is fixed in #418.

As generated passwords are mostly built with characters, I propose "sedding" generated password so that the number of characters is reduced. Something like this, works for me:

downcase="abcdefghijklmnopqrstuvwxyz"
upcase="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
numbers="0123456789"
signs="_|<>\.,/!#$%^&*()-]"

get_random_short_str() {
    if [ $(printf "%.1s" ${RANDOM}) -lt 5 ]; then
        echo "${downcase:$(( RANDOM % ${#downcase} )):1}${numbers:$(( RANDOM % ${#numbers} )):1}${signs:$(( RANDOM % ${#signs} )):1}"
    else
        echo "${upcase:$(( RANDOM % ${#downcase} )):1}${numbers:$(( RANDOM % ${#numbers} )):1}${signs:$(( RANDOM % ${#signs} )):1}"
    fi
}
...
    random_short_str=${get_random_short_str}
    jose jwk gen --input="${input}" --output=- | \
        jose fmt --json=- --object --get k --unquote=- \
        | sed -e "s/[a-z]\{3,\}/${random_short_str}/g"\
        | sed -e "s/[A-Z]\{3\}/${random_short_str}/g"\
        | sed -e "s/[0-9]\{3\}/${random_short_str}/g"

[sarroutbi]

We will resolve this issue directly in #418. We will use --force-password on luks operations using passwords