Md5PasswordHasher - Code Metrics - Inspection of "Improving salting" - Phauthentic/password-hashers - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#5)

by Florian

created 2020-05-05 17:01 UTC

Md5PasswordHasher A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	59
Duplicated Lines	0 %

Test Coverage

Coverage

70%

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	4
eloc	8
dl	0
loc	59
ccs	7
cts	10
cp	0.7
rs	10
c	1
b	0
f	0

4 Methods

Rating	Name	Size	Complexity
A	callHashFunction()	3	1
A	hash()	5	1
A	setRawOutput()	5	1
A	check()	3	1

<?php

/**
 * Copyright (c) Phauthentic (https://github.com/Phauthentic)
 *
 * Licensed under The MIT License
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Phauthentic (https://github.com/Phauthentic)
 * @link          https://github.com/Phauthentic
 * @license       https://opensource.org/licenses/mit-license.php MIT License
 */

declare(strict_types=1);

namespace Phauthentic\PasswordHasher;

/**
 * Md5 Password Hasher
 *
 * WARNING: This is UNSAFE and should NOT be used anymore!!! md5 has been
 * compromised! It is no longer a secure hash algorithm!
 *
 * This hasher just exists for legacy reasons and is thought to be used with
 * the Fallback hasher, to update the passwords transparently to a secure hash.
 */
class Md5PasswordHasher extends AbstractPasswordHasher
{
    /**
     * Raw sha1 output
     *
     * @var bool
     */
    protected $rawOutput = false;

    /**
     * Sets the raw output mode of sha1
     *
     * @link http://php.net/manual/en/function.sha1.php
     * @param bool $rawOutput Raw output
     * @return $this
     */
    public function setRawOutput(bool $rawOutput): self
    {
        $this->rawOutput = $rawOutput;

        return $this;
    }

    /**
     * Generates password hash.
     *
     * @param string $password Plain text password to hash required to generate
     * password hash.
     * @return string Password hash
     */
    public function hash(string $password): string
    {
        $password = $this->saltPassword($password);

        return $this->callHashFunction($password);
    }

    /**
     * Calls the actual php method that will do the hashing
     *
     * @param string $password Password string
     * @return string
     */
    protected function callHashFunction(string $password): string
    {
        return md5($password, $this->rawOutput);
    }

    /**
     * Check hash. Generate hash from user provided password string
     * and check against existing hash.
     *
     * @param string $password Plain text password to hash.
     * @param string $hashedPassword Existing hashed password.
     * @return bool True if hashes match else false.
     */
    public function check(string $password, string $hashedPassword): bool
    {
        return $this->hash($password) === $hashedPassword;
    }
}


1		<?php
2
3		/**
4		* Copyright (c) Phauthentic (https://github.com/Phauthentic)
5		*
6		* Licensed under The MIT License
7		* For full copyright and license information, please see the LICENSE.txt
8		* Redistributions of files must retain the above copyright notice.
9		*
10		* @copyright Copyright (c) Phauthentic (https://github.com/Phauthentic)
11		* @link https://github.com/Phauthentic
12		* @license https://opensource.org/licenses/mit-license.php MIT License
13		*/
14
15		declare(strict_types=1);
16
17		namespace Phauthentic\PasswordHasher;
18
19		/**
20		* Md5 Password Hasher
21		*
22		* WARNING: This is UNSAFE and should NOT be used anymore!!! md5 has been
23		* compromised! It is no longer a secure hash algorithm!
24		*
25		* This hasher just exists for legacy reasons and is thought to be used with
26		* the Fallback hasher, to update the passwords transparently to a secure hash.
27		*/
28		class Md5PasswordHasher extends AbstractPasswordHasher
29		{
30		/**
31		* Raw sha1 output
32		*
33		* @var bool
34		*/
35		protected $rawOutput = false;
36
37		/**
38		* Sets the raw output mode of sha1
39		*
40		* @link http://php.net/manual/en/function.sha1.php
41		* @param bool $rawOutput Raw output
42		* @return $this
43		*/
44		public function setRawOutput(bool $rawOutput): self
45		{
46		$this->rawOutput = $rawOutput;
47
48		return $this;
49		}
50
51		/**
52		* Generates password hash.
53		*
54		* @param string $password Plain text password to hash required to generate
55		* password hash.
56		* @return string Password hash
57		*/
58	8	public function hash(string $password): string
59		{
60	8	$password = $this->saltPassword($password);
61
62	8	return $this->callHashFunction($password);
63		}
64
65		/**
66		* Calls the actual php method that will do the hashing
67		*
68		* @param string $password Password string
69		* @return string
70		*/
71	4	protected function callHashFunction(string $password): string
72		{
73	4	return md5($password, $this->rawOutput);
74		}
75
76		/**
77		* Check hash. Generate hash from user provided password string
78		* and check against existing hash.
79		*
80		* @param string $password Plain text password to hash.
81		* @param string $hashedPassword Existing hashed password.
82		* @return bool True if hashes match else false.
83		*/
84	4	public function check(string $password, string $hashedPassword): bool
85		{
86	4	return $this->hash($password) === $hashedPassword;
87		}
88		}
89

Phauthentic / password-hashers

Pull Request — master (#5)

Md5PasswordHasher A

Complexity

Size/Duplication

Test Coverage

Importance

4 Methods

Duplication Side-by-Side

Filter issues like