Issues in AsymmetricEncryptionHelper.php (master) - Issues in master - Smoren/encryption-tools-php - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2)

src/Helpers/AsymmetricEncryptionHelper.php (1 issue)

Labels

Severity

Minor 1

<?php

namespace Smoren\EncryptionTools\Helpers;

use Smoren\EncryptionTools\Exceptions\AsymmetricEncryptionException;
use Smoren\EncryptionTools\Exceptions\JsonException;

/**
 * Class AsymmetricEncryptionHelper
 * @author Smoren <[email protected]>
 */
class AsymmetricEncryptionHelper
{
    /**
     * Generates RSA key pair
     * @return string[] [$privateKey, $publicKey]
     * @throws AsymmetricEncryptionException
     */
    public static function generateKeyPair(): array
    {
        $keyPair = openssl_pkey_new();
        if(!$keyPair) {
            throw new AsymmetricEncryptionException(
                'openssl_pkey_new() returned false',
                AsymmetricEncryptionException::OPENSSL_ERROR
            );
        }

        openssl_pkey_export($keyPair, $privateKey);
        $details = openssl_pkey_get_details($keyPair);
        if(!$details) {

            throw new AsymmetricEncryptionException(
                'openssl_pkey_get_details() returned false',
                AsymmetricEncryptionException::OPENSSL_ERROR
            );
        }

        $publicKey = $details["key"];

        return [$privateKey, $publicKey];
    }

    /**
     * Returns data encrypted by public key
     * @param mixed $data data to encrypt
     * @param string $publicKey public key
     * @return string encrypted data
     * @throws AsymmetricEncryptionException
     * @throws JsonException
     */
    public static function encryptByPublicKey($data, string $publicKey): string
    {
        static::validatePublicKey($publicKey);
        if(!openssl_public_encrypt(JsonHelper::encode($data), $dataEncrypted, $publicKey)) {
            throw new AsymmetricEncryptionException(
                'openssl_public_encrypt() returned false',
                AsymmetricEncryptionException::CANNOT_ENCRYPT
            );
        }
        return base64_encode($dataEncrypted);
    }

    /**
     * Returns data encrypted by private key
     * @param mixed $data data to encrypt
     * @param string $privateKey public key
     * @return string encrypted data
     * @throws AsymmetricEncryptionException
     * @throws JsonException
     */
    public static function encryptByPrivateKey($data, string $privateKey): string
    {
        static::validatePrivateKey($privateKey);
        if(!openssl_private_encrypt(JsonHelper::encode($data), $dataEncrypted, $privateKey)) {
            throw new AsymmetricEncryptionException(
                'openssl_private_encrypt() returned false',
                AsymmetricEncryptionException::CANNOT_ENCRYPT
            );
        }
        return base64_encode($dataEncrypted);
    }

    /**
     * Returns data decrypted by public key
     * @param string $dataEncrypted data to decrypt
     * @param string $publicKey public key
     * @return mixed decrypted data
     * @throws AsymmetricEncryptionException
     */
    public static function decryptByPublicKey(string $dataEncrypted, string $publicKey)
    {
        static::validatePublicKey($publicKey);
        openssl_public_decrypt(base64_decode($dataEncrypted), $dataDecrypted, $publicKey);

        if($dataDecrypted === null) {
            throw new AsymmetricEncryptionException(
                'cannot decrypt by public key',
                AsymmetricEncryptionException::CANNOT_DECRYPT
            );
        }

        return json_decode($dataDecrypted, true);
    }

    /**
     * Returns data decrypted by private key
     * @param string $dataEncrypted data to decrypt
     * @param string $privateKey private key
     * @return mixed decrypted data
     * @throws AsymmetricEncryptionException
     */
    public static function decryptByPrivateKey(string $dataEncrypted, string $privateKey)
    {
        static::validatePrivateKey($privateKey);
        openssl_private_decrypt(base64_decode($dataEncrypted), $dataDecrypted, $privateKey);

        if($dataDecrypted === null) {
            throw new AsymmetricEncryptionException(
                'cannot decrypt by private key',
                AsymmetricEncryptionException::CANNOT_DECRYPT
            );
        }

        return json_decode($dataDecrypted, true);
    }

    /**
     * Returns signature created for data with private key
     * @param mixed $data data to sign
     * @param string $privateKey private key
     * @param int $algorithm openssl algorithm
     * @return string signature
     * @throws AsymmetricEncryptionException
     * @throws JsonException
     */
    public static function sign($data, string $privateKey, int $algorithm = OPENSSL_ALGO_SHA256): string
    {
        static::validatePrivateKey($privateKey);
        openssl_sign(JsonHelper::encode($data), $signature, $privateKey, $algorithm);
        return $signature;
    }

    /**
     * Verifies the signature
     * @param mixed $data data to verify signature for
     * @param string $signature signature to verify
     * @param string $publicKey public key to verfy signature with
     * @param int $algorithm openssl algorithm
     * @throws AsymmetricEncryptionException if verification failure
     * @throws JsonException
     */
    public static function verify(
        $data,
        string $signature,
        string $publicKey,
        int $algorithm = OPENSSL_ALGO_SHA256
    ): void {
        static::validatePublicKey($publicKey);
        if(!openssl_verify(JsonHelper::encode($data), $signature, $publicKey, $algorithm)) {
            throw new AsymmetricEncryptionException('wrong signature', AsymmetricEncryptionException::CANNOT_VERIFY);
        }
    }

    /**
     * Validates public key
     * @param string $publicKey public key to validate
     * @throws AsymmetricEncryptionException if key is invalid
     */
    public static function validatePublicKey(string $publicKey): void
    {
        static::validateKey($publicKey, 'PUBLIC');
    }

    /**
     * Validates private key
     * @param string $privateKey private key to validate
     * @throws AsymmetricEncryptionException if key is invalid
     */
    public static function validatePrivateKey(string $privateKey): void
    {
        static::validateKey($privateKey, 'PRIVATE');
    }

    /**
     * Validates key
     * @param string $key key to validate
     * @param string $keyType key type (PUBLIC or PRIVATE)
     * @throws AsymmetricEncryptionException if key is invalid
     */
    protected static function validateKey(string $key, string $keyType): void
    {
        $arPublicKey = explode("\n", $key);
        $beginString = array_shift($arPublicKey);
        $endLineBreak = array_pop($arPublicKey);
        $endString = array_pop($arPublicKey);
        $lastPart = array_pop($arPublicKey);

        $isCorrect = true;

        if(
            $endLineBreak !== "" ||
            $beginString !== "-----BEGIN {$keyType} KEY-----" ||
            $endString !== "-----END {$keyType} KEY-----" ||
            !preg_match('/^.{1,63}$/', $lastPart ?? '')
        ) {
            $isCorrect = false;
        } else {
            foreach($arPublicKey as $part) {
                if(!preg_match('/^.{64}$/', $part)) {
                    $isCorrect = false;
                    break;
                }
            }
        }

        if(!$isCorrect) {
            throw new AsymmetricEncryptionException(
                'invalid key format',
                AsymmetricEncryptionException::INVALID_KEY_FORMAT
            );
        }
    }
}


1			<?php
2
3			namespace Smoren\EncryptionTools\Helpers;
4
5			use Smoren\EncryptionTools\Exceptions\AsymmetricEncryptionException;
6			use Smoren\EncryptionTools\Exceptions\JsonException;
7
8			/**
9			* Class AsymmetricEncryptionHelper
10			* @author Smoren <[email protected]>
11			*/
12			class AsymmetricEncryptionHelper
13			{
14			/**
15			* Generates RSA key pair
16			* @return string[] [$privateKey, $publicKey]
17			* @throws AsymmetricEncryptionException
18			*/
19			public static function generateKeyPair(): array
20			{
21			$keyPair = openssl_pkey_new();
22			if(!$keyPair) {
23			throw new AsymmetricEncryptionException(
24			'openssl_pkey_new() returned false',
25			AsymmetricEncryptionException::OPENSSL_ERROR
26			);
27			}
28
29			openssl_pkey_export($keyPair, $privateKey);
30			$details = openssl_pkey_get_details($keyPair);
31			if(!$details) {
			0 ignored issues – show Bug Best Practice introduced 2022-08-19 08:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$details` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
32			throw new AsymmetricEncryptionException(
33			'openssl_pkey_get_details() returned false',
34			AsymmetricEncryptionException::OPENSSL_ERROR
35			);
36			}
37
38			$publicKey = $details["key"];
39
40			return [$privateKey, $publicKey];
41			}
42
43			/**
44			* Returns data encrypted by public key
45			* @param mixed $data data to encrypt
46			* @param string $publicKey public key
47			* @return string encrypted data
48			* @throws AsymmetricEncryptionException
49			* @throws JsonException
50			*/
51			public static function encryptByPublicKey($data, string $publicKey): string
52			{
53			static::validatePublicKey($publicKey);
54			if(!openssl_public_encrypt(JsonHelper::encode($data), $dataEncrypted, $publicKey)) {
55			throw new AsymmetricEncryptionException(
56			'openssl_public_encrypt() returned false',
57			AsymmetricEncryptionException::CANNOT_ENCRYPT
58			);
59			}
60			return base64_encode($dataEncrypted);
61			}
62
63			/**
64			* Returns data encrypted by private key
65			* @param mixed $data data to encrypt
66			* @param string $privateKey public key
67			* @return string encrypted data
68			* @throws AsymmetricEncryptionException
69			* @throws JsonException
70			*/
71			public static function encryptByPrivateKey($data, string $privateKey): string
72			{
73			static::validatePrivateKey($privateKey);
74			if(!openssl_private_encrypt(JsonHelper::encode($data), $dataEncrypted, $privateKey)) {
75			throw new AsymmetricEncryptionException(
76			'openssl_private_encrypt() returned false',
77			AsymmetricEncryptionException::CANNOT_ENCRYPT
78			);
79			}
80			return base64_encode($dataEncrypted);
81			}
82
83			/**
84			* Returns data decrypted by public key
85			* @param string $dataEncrypted data to decrypt
86			* @param string $publicKey public key
87			* @return mixed decrypted data
88			* @throws AsymmetricEncryptionException
89			*/
90			public static function decryptByPublicKey(string $dataEncrypted, string $publicKey)
91			{
92			static::validatePublicKey($publicKey);
93			openssl_public_decrypt(base64_decode($dataEncrypted), $dataDecrypted, $publicKey);
94
95			if($dataDecrypted === null) {
96			throw new AsymmetricEncryptionException(
97			'cannot decrypt by public key',
98			AsymmetricEncryptionException::CANNOT_DECRYPT
99			);
100			}
101
102			return json_decode($dataDecrypted, true);
103			}
104
105			/**
106			* Returns data decrypted by private key
107			* @param string $dataEncrypted data to decrypt
108			* @param string $privateKey private key
109			* @return mixed decrypted data
110			* @throws AsymmetricEncryptionException
111			*/
112			public static function decryptByPrivateKey(string $dataEncrypted, string $privateKey)
113			{
114			static::validatePrivateKey($privateKey);
115			openssl_private_decrypt(base64_decode($dataEncrypted), $dataDecrypted, $privateKey);
116
117			if($dataDecrypted === null) {
118			throw new AsymmetricEncryptionException(
119			'cannot decrypt by private key',
120			AsymmetricEncryptionException::CANNOT_DECRYPT
121			);
122			}
123
124			return json_decode($dataDecrypted, true);
125			}
126
127			/**
128			* Returns signature created for data with private key
129			* @param mixed $data data to sign
130			* @param string $privateKey private key
131			* @param int $algorithm openssl algorithm
132			* @return string signature
133			* @throws AsymmetricEncryptionException
134			* @throws JsonException
135			*/
136			public static function sign($data, string $privateKey, int $algorithm = OPENSSL_ALGO_SHA256): string
137			{
138			static::validatePrivateKey($privateKey);
139			openssl_sign(JsonHelper::encode($data), $signature, $privateKey, $algorithm);
140			return $signature;
141			}
142
143			/**
144			* Verifies the signature
145			* @param mixed $data data to verify signature for
146			* @param string $signature signature to verify
147			* @param string $publicKey public key to verfy signature with
148			* @param int $algorithm openssl algorithm
149			* @throws AsymmetricEncryptionException if verification failure
150			* @throws JsonException
151			*/
152			public static function verify(
153			$data,
154			string $signature,
155			string $publicKey,
156			int $algorithm = OPENSSL_ALGO_SHA256
157			): void {
158			static::validatePublicKey($publicKey);
159			if(!openssl_verify(JsonHelper::encode($data), $signature, $publicKey, $algorithm)) {
160			throw new AsymmetricEncryptionException('wrong signature', AsymmetricEncryptionException::CANNOT_VERIFY);
161			}
162			}
163
164			/**
165			* Validates public key
166			* @param string $publicKey public key to validate
167			* @throws AsymmetricEncryptionException if key is invalid
168			*/
169			public static function validatePublicKey(string $publicKey): void
170			{
171			static::validateKey($publicKey, 'PUBLIC');
172			}
173
174			/**
175			* Validates private key
176			* @param string $privateKey private key to validate
177			* @throws AsymmetricEncryptionException if key is invalid
178			*/
179			public static function validatePrivateKey(string $privateKey): void
180			{
181			static::validateKey($privateKey, 'PRIVATE');
182			}
183
184			/**
185			* Validates key
186			* @param string $key key to validate
187			* @param string $keyType key type (PUBLIC or PRIVATE)
188			* @throws AsymmetricEncryptionException if key is invalid
189			*/
190			protected static function validateKey(string $key, string $keyType): void
191			{
192			$arPublicKey = explode("\n", $key);
193			$beginString = array_shift($arPublicKey);
194			$endLineBreak = array_pop($arPublicKey);
195			$endString = array_pop($arPublicKey);
196			$lastPart = array_pop($arPublicKey);
197
198			$isCorrect = true;
199
200			if(
201			$endLineBreak !== "" \|\|
202			$beginString !== "-----BEGIN {$keyType} KEY-----" \|\|
203			$endString !== "-----END {$keyType} KEY-----" \|\|
204			!preg_match('/^.{1,63}$/', $lastPart ?? '')
205			) {
206			$isCorrect = false;
207			} else {
208			foreach($arPublicKey as $part) {
209			if(!preg_match('/^.{64}$/', $part)) {
210			$isCorrect = false;
211			break;
212			}
213			}
214			}
215
216			if(!$isCorrect) {
217			throw new AsymmetricEncryptionException(
218			'invalid key format',
219			AsymmetricEncryptionException::INVALID_KEY_FORMAT
220			);
221			}
222			}
223			}
224

Smoren / encryption-tools-php

Issues (2)

src/Helpers/AsymmetricEncryptionHelper.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like