Security::decodeMerchantParameters() - Code Metrics - Inspection of "Merge pull request #1 from PatronBase/webservice-s..." - PatronBase/omnipay-redsys - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 1570a8...0eac0a )

unknown

created 2017-05-18 05:46 UTC

Security::decodeMerchantParameters() A

↳ Parent: Security

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
dl	0
loc	4
ccs	2
cts	2
cp	1
rs	10
c	0
b	0
f	0
cc	1
eloc	2
nc	1
nop	1
crap	1

<?php

namespace Omnipay\Redsys\Message;

use Omnipay\Common\Exception\RuntimeException;

/**
 * Security
 *
 * This class provides common encoding, decoding and signing functions.
 * While all of this code could be called statically, it is left as a
 * regular class in order to faciliate unit testing. If alternate
 * encryption methods are provided later, the VERSION const can be
 * switched to a constructor option (and validated against a whitelist).
 */
class Security
{
    /** @var string */
    const VERSION = 'HMAC_SHA256_V1';

    /**
     * Encode merchant parameters
     *
     * @param array $data  The parameters to encode
     *
     * @return string Encoded data
     */
    public function encodeMerchantParameters($data)
    {
        return base64_encode(json_encode($data));
    }

    /**
     * Decode merchant parameters
     *
     * @param string $data  The encoded string of parameters
     *
     * @return array Decoded data
     */
    public function decodeMerchantParameters($data)
    {
        return (array)json_decode(base64_decode(strtr($data, '-_', '+/')));
    }

    /**
     * Encrypt message with given key and default IV
     *
     * @param string $message  The message to encrypt
     * @param string $key      The base64-encoded key used to encrypt the message
     *
     * @return string Encrypted message
     *
     * @throws RuntimeException
     */
    protected function encryptMessage($message, $key)
    {
        $key = base64_decode($key);
        $iv = implode(array_map('chr', array(0, 0, 0, 0, 0, 0, 0, 0)));

        if ($this->hasValidEncryptionMethod()) {
            $ciphertext = mcrypt_encrypt(MCRYPT_3DES, $key, $message, MCRYPT_MODE_CBC, $iv);
        } else {
            throw new RuntimeException('No valid encryption extension installed');
        }

        return $ciphertext;
    }

    /**
     * Check if the system has a valid encryption method available
     *
     * @return bool
     */
    public function hasValidEncryptionMethod()
    {
        return extension_loaded('mcrypt') && function_exists('mcrypt_encrypt');
    }

    /**
     * Create signature hash used to verify messages
     *
     * @todo Add if-check on algorithm to match against signature version as new param?
     *
     * @param string $message  The message to encrypt
     * @param string $salt     Unique salt used to generate the ciphertext
     * @param string $key      The base64-encoded key used to encrypt the message
     *
     * @return string Generated signature
     */
    public function createSignature($message, $salt, $key)
    {
        $ciphertext = $this->encryptMessage($salt, $key);
        return base64_encode(hash_hmac('sha256', $message, $ciphertext, true));
    }

    /**
     * Create signature hash used to verify messages back for Redirect gateway
     *
     * @param string $message  The message to encrypt
     * @param string $salt     Unique salt used to generate the ciphertext
     * @param string $key      The base64-encoded key used to encrypt the message
     *
     * @return string Generated signature
     */
    public function createReturnSignature($message, $salt, $key)
    {
        return strtr($this->createSignature($message, $salt, $key), '+/', '-_');
    }
}


1		<?php
2
3		namespace Omnipay\Redsys\Message;
4
5		use Omnipay\Common\Exception\RuntimeException;
6
7		/**
8		* Security
9		*
10		* This class provides common encoding, decoding and signing functions.
11		* While all of this code could be called statically, it is left as a
12		* regular class in order to faciliate unit testing. If alternate
13		* encryption methods are provided later, the VERSION const can be
14		* switched to a constructor option (and validated against a whitelist).
15		*/
16		class Security
17		{
18		/** @var string */
19		const VERSION = 'HMAC_SHA256_V1';
20
21		/**
22		* Encode merchant parameters
23		*
24		* @param array $data The parameters to encode
25		*
26		* @return string Encoded data
27		*/
28	2	public function encodeMerchantParameters($data)
29		{
30	2	return base64_encode(json_encode($data));
31		}
32
33		/**
34		* Decode merchant parameters
35		*
36		* @param string $data The encoded string of parameters
37		*
38		* @return array Decoded data
39		*/
40	10	public function decodeMerchantParameters($data)
41		{
42	10	return (array)json_decode(base64_decode(strtr($data, '-_', '+/')));
43		}
44
45		/**
46		* Encrypt message with given key and default IV
47		*
48		* @param string $message The message to encrypt
49		* @param string $key The base64-encoded key used to encrypt the message
50		*
51		* @return string Encrypted message
52		*
53		* @throws RuntimeException
54		*/
55	22	protected function encryptMessage($message, $key)
56		{
57	22	$key = base64_decode($key);
58	22	$iv = implode(array_map('chr', array(0, 0, 0, 0, 0, 0, 0, 0)));
59
60	22	if ($this->hasValidEncryptionMethod()) {
61	21	$ciphertext = mcrypt_encrypt(MCRYPT_3DES, $key, $message, MCRYPT_MODE_CBC, $iv);
62	21	} else {
63	1	throw new RuntimeException('No valid encryption extension installed');
64		}
65
66	21	return $ciphertext;
67		}
68
69		/**
70		* Check if the system has a valid encryption method available
71		*
72		* @return bool
73		*/
74	21	public function hasValidEncryptionMethod()
75		{
76	21	return extension_loaded('mcrypt') && function_exists('mcrypt_encrypt');
77		}
78
79		/**
80		* Create signature hash used to verify messages
81		*
82		* @todo Add if-check on algorithm to match against signature version as new param?
83		*
84		* @param string $message The message to encrypt
85		* @param string $salt Unique salt used to generate the ciphertext
86		* @param string $key The base64-encoded key used to encrypt the message
87		*
88		* @return string Generated signature
89		*/
90	20	public function createSignature($message, $salt, $key)
91		{
92	20	$ciphertext = $this->encryptMessage($salt, $key);
93	20	return base64_encode(hash_hmac('sha256', $message, $ciphertext, true));
94		}
95
96		/**
97		* Create signature hash used to verify messages back for Redirect gateway
98		*
99		* @param string $message The message to encrypt
100		* @param string $salt Unique salt used to generate the ciphertext
101		* @param string $key The base64-encoded key used to encrypt the message
102		*
103		* @return string Generated signature
104		*/
105	9	public function createReturnSignature($message, $salt, $key)
106		{
107	9	return strtr($this->createSignature($message, $salt, $key), '+/', '-_');
108		}
109		}
110

PatronBase / omnipay-redsys

Push — master ( 1570a8...0eac0a )

Security::decodeMerchantParameters() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like