Issues in Encryption.php - All Issues - Inspection of "Travis CI." - Carteni/crypto-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 725072...b8e92f )

by Francesco

created 2017-03-16 09:05 UTC

Encryption.php (4 issues)

Labels

Severity

Minor 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/*
 * This file is part of the MesCryptoBundle package.
 *
 * (c) Francesco Cartenì <http://www.multimediaexperiencestudio.it/>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Mes\Security\CryptoBundle;

use Defuse\Crypto\Crypto as BaseCrypto;
use Mes\Security\CryptoBundle\Model\Key;
use Mes\Security\CryptoBundle\Model\KeyInterface;

/**
 * Class Encryption.
 */
final class Encryption extends AbstractEncryption
{
    /**
     * {@inheritdoc}
     *
     * @throw \Defuse\Crypto\Exception\EnvironmentIsBrokenException
     */
    public function encrypt($plaintext, KeyInterface $key)
    {
        return BaseCrypto::encrypt($plaintext, $this->unlockKey($key));

    }

    /**
     * {@inheritdoc}
     *
     * @throws \Defuse\Crypto\Exception\EnvironmentIsBrokenException
     * @throws \Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException
     */
    public function decrypt($ciphertext, KeyInterface $key)
    {
        return BaseCrypto::decrypt($ciphertext, $this->unlockKey($key));

    }

    /**
     * @param Key|KeyInterface $key
     *
     * @return \Defuse\Crypto\Key|\Defuse\Crypto\KeyProtectedByPassword
     */
    private function unlockKey(Key $key)
    {
        return $key->unlock()
                   ->getRawKey();
    }
}


1		<?php
2
3		/*
4		* This file is part of the MesCryptoBundle package.
5		*
6		* (c) Francesco Cartenì <http://www.multimediaexperiencestudio.it/>
7		*
8		* For the full copyright and license information, please view the LICENSE
9		* file that was distributed with this source code.
10		*/
11
12		namespace Mes\Security\CryptoBundle;
13
14		use Defuse\Crypto\Crypto as BaseCrypto;
15		use Mes\Security\CryptoBundle\Model\Key;
16		use Mes\Security\CryptoBundle\Model\KeyInterface;
17
18		/**
19		* Class Encryption.
20		*/
21		final class Encryption extends AbstractEncryption
22		{
23		/**
24		* {@inheritdoc}
25		*
26		* @throw \Defuse\Crypto\Exception\EnvironmentIsBrokenException
27		*/
28	2	public function encrypt($plaintext, KeyInterface $key)
29		{
30	2	return BaseCrypto::encrypt($plaintext, $this->unlockKey($key));
		0 ignored issues – show Compatibility introduced 2017-03-16 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$key` of type `object<Mes\Security\Cryp...dle\Model\KeyInterface>` is not a sub-type of `object<Mes\Security\CryptoBundle\Model\Key>`. It seems like you assume a concrete implementation of the interface `Mes\Security\CryptoBundle\Model\KeyInterface` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history... Bug introduced 2017-03-16 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->unlockKey($key)` targeting `Mes\Security\CryptoBundle\Encryption::unlockKey()` can also be of type `object<Defuse\Crypto\KeyProtectedByPassword>`; however, `Defuse\Crypto\Crypto::encrypt()` does only seem to accept `object<Defuse\Crypto\Key>`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
31		}
32
33		/**
34		* {@inheritdoc}
35		*
36		* @throws \Defuse\Crypto\Exception\EnvironmentIsBrokenException
37		* @throws \Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException
38		*/
39	5	public function decrypt($ciphertext, KeyInterface $key)
40		{
41	5	return BaseCrypto::decrypt($ciphertext, $this->unlockKey($key));
		0 ignored issues – show Compatibility introduced 2017-03-16 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$key` of type `object<Mes\Security\Cryp...dle\Model\KeyInterface>` is not a sub-type of `object<Mes\Security\CryptoBundle\Model\Key>`. It seems like you assume a concrete implementation of the interface `Mes\Security\CryptoBundle\Model\KeyInterface` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history... Bug introduced 2017-03-16 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$this->unlockKey($key)` targeting `Mes\Security\CryptoBundle\Encryption::unlockKey()` can also be of type `object<Defuse\Crypto\KeyProtectedByPassword>`; however, `Defuse\Crypto\Crypto::decrypt()` does only seem to accept `object<Defuse\Crypto\Key>`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
42		}
43
44		/**
45		* @param Key\|KeyInterface $key
46		*
47		* @return \Defuse\Crypto\Key\|\Defuse\Crypto\KeyProtectedByPassword
48		*/
49	7	private function unlockKey(Key $key)
50		{
51	7	return $key->unlock()
52	6	->getRawKey();
53		}
54		}
55

Carteni / crypto-bundle

Push — master ( 725072...b8e92f )

Encryption.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like