AESKW - Code Metrics - Inspection of "composer.lock removed" - Spomky-Labs/aes-key-wrap - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 29edef...6d302d )

by Florent

created 2017-10-28 16:15 UTC

AESKW A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	207
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	0

Importance

Changes	7
Bugs	3	Features	0

Metric	Value
wmc	30
c	7
b	3
f	0
lcom	1
cbo	0
dl	0
loc	207
rs	10

10 Methods

Rating	Name	Size	Complexity
A	toXBits()	4	1
A	getMSB()	4	1
A	getLSB()	4	1
A	getInitialValue()	14	2
C	checkInitialValue()	34	8
A	checkKeySize()	9	4
B	wrap()	27	5
B	unwrap()	32	6
A	encrypt()	4	1
A	decrypt()	4	1

<?php

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2016 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace AESKW;

trait AESKW
{
    /**
     * The initial value used to wrap the key and check the integrity when unwrapped.
     * The RFC3394 set this value to 0xA6A6A6A6A6A6A6A6
     * The RFC5649 set this value to 0xA65959A6XXXXXXXX (The part with XXXXXXXX is the MLI, depends on the padding).
     *
     * @param string $key             The key
     * @param bool   $padding_enabled Enable padding (RFC5649)
     *
     * @return string
     *
     * @see https://tools.ietf.org/html/rfc3394#section-2.2.3.1
     */
    private static function getInitialValue(string &$key, bool $padding_enabled): string
    {
        if (false === $padding_enabled) {
            return hex2bin('A6A6A6A6A6A6A6A6');
        }

        $MLI = mb_strlen($key, '8bit');
        $iv = hex2bin('A65959A6').self::toXBits(32, $MLI);

        $n = intval(ceil($MLI / 8));
        $key = str_pad($key, 8 * $n, "\0", STR_PAD_RIGHT);

        return $iv;
    }

    /**
     * @param string $key
     * @param bool   $padding_enabled
     * @param string $iv
     *
     * @return bool
     */
    private static function checkInitialValue(string &$key, bool $padding_enabled, string $iv): bool
    {
        // RFC3394 compliant
        if ($iv === hex2bin('A6A6A6A6A6A6A6A6')) {
            return true;
        }

        // The RFC3394 is required but the previous check is not satisfied => invalid
        if (false === $padding_enabled) {
            return false;
        }

        // The high-order half of the AIV according to the RFC5649
        if (hex2bin('A65959A6') !== self::getMSB($iv)) {
            return false;
        }

        $n = mb_strlen($key, '8bit') / 8;
        $MLI = hexdec(bin2hex(ltrim(self::getLSB($iv), "\0")));

        if (!(8 * ($n - 1) < $MLI && $MLI <= 8 * $n)) {
            return false;
        }

        $b = 8 * $n - $MLI;
        for ($i = 0; $i < $b; ++$i) {
            if ("\0" !== mb_substr($key, $MLI + $i, 1, '8bit')) {
                return false;
            }
        }
        $key = mb_substr($key, 0, $MLI, '8bit');

        return true;
    }

    /**
     * @param string $key             The Key to wrap
     * @param bool   $padding_enabled
     */
    private static function checkKeySize(string $key, bool $padding_enabled)
    {
        if (empty($key)) {
            throw new \InvalidArgumentException('Bad key size');
        }
        if (false === $padding_enabled && 0 !== mb_strlen($key, '8bit') % 8) {
            throw new \InvalidArgumentException('Bad key size');
        }
    }

    /**
     * @param string $kek             The Key Encryption Key
     * @param string $key             The key to wrap
     * @param bool   $padding_enabled If false, the key to wrap must be a sequence of one or more 64-bit blocks (RFC3394 compliant), else the key size must be at least one octet (RFC5649 compliant)
     *
     * @return string The wrapped key
     */
    public static function wrap(string $kek, string $key, bool $padding_enabled = false): string
    {
        $A = self::getInitialValue($key, $padding_enabled);
        self::checkKeySize($key, $padding_enabled);
        $P = str_split($key, 8);
        $N = count($P);
        $C = [];

        if (1 === $N) {
            $B = self::encrypt($kek, $A.$P[0]);
            $C[0] = self::getMSB($B);
            $C[1] = self::getLSB($B);
        } elseif (1 < $N) {
            $R = $P;
            for ($j = 0; $j <= 5; ++$j) {
                for ($i = 1; $i <= $N; ++$i) {
                    $B = self::encrypt($kek, $A.$R[$i - 1]);
                    $t = $i + $j * $N;
                    $A = self::toXBits(64, $t) ^ self::getMSB($B);
                    $R[$i - 1] = self::getLSB($B);
                }
            }
            $C = array_merge([$A], $R);
        }

        return implode('', $C);
    }

    /**
     * @param string $kek             The Key Encryption Key
     * @param string $key             The key to unwrap
     * @param bool   $padding_enabled If false, the AIV check must be RFC3394 compliant, else it must be RFC5649 or RFC3394 compliant
     *
     * @return string The key unwrapped
     */
    public static function unwrap(string $kek, string $key, bool $padding_enabled = false): string
    {
        $P = str_split($key, 8);
        $A = $P[0];
        $N = count($P);

        if (2 > $N) {
            throw new \InvalidArgumentException('Bad data');
        } elseif (2 === $N) {
            $B = self::decrypt($kek, $P[0].$P[1]);
            $unwrapped = self::getLSB($B);
            $A = self::getMSB($B);
        } else {
            $R = $P;
            for ($j = 5; $j >= 0; --$j) {
                for ($i = $N - 1; $i >= 1; --$i) {
                    $t = $i + $j * ($N - 1);
                    $B = self::decrypt($kek, (self::toXBits(64, $t) ^ $A).$R[$i]);
                    $A = self::getMSB($B);
                    $R[$i] = self::getLSB($B);
                }
            }
            unset($R[0]);

            $unwrapped = implode('', $R);
        }
        if (false === self::checkInitialValue($unwrapped, $padding_enabled, $A)) {
            throw new \InvalidArgumentException('Integrity check failed!');
        }

        return $unwrapped;
    }

    /**
     * @param int $bits
     * @param int $value
     *
     * @return string
     */
    private static function toXBits(int $bits, int $value): string
    {
        return hex2bin(str_pad(dechex($value), $bits / 4, '0', STR_PAD_LEFT));
    }

    /**
     * @param string $value
     *
     * @return string
     */
    private static function getMSB(string $value): string
    {
        return mb_substr($value, 0, mb_strlen($value, '8bit') / 2, '8bit');
    }

    /**
     * @param string $value
     *
     * @return string
     */
    private static function getLSB(string $value): string
    {
        return mb_substr($value, mb_strlen($value, '8bit') / 2, null, '8bit');
    }

    /**
     * {@inheritdoc}
     */
    private static function encrypt(string $kek, string $data): string
    {
        return openssl_encrypt($data, self::getMethod($kek), $kek, OPENSSL_ZERO_PADDING | OPENSSL_RAW_DATA);
    }

    /**
     * {@inheritdoc}
     */
    private static function decrypt(string $kek, string $data): string
    {
        return openssl_decrypt($data, self::getMethod($kek), $kek, OPENSSL_ZERO_PADDING | OPENSSL_RAW_DATA);
    }
}


1			<?php
2
3			/*
4			* The MIT License (MIT)
5			*
6			* Copyright (c) 2014-2016 Spomky-Labs
7			*
8			* This software may be modified and distributed under the terms
9			* of the MIT license. See the LICENSE file for details.
10			*/
11
12			namespace AESKW;
13
14			trait AESKW
15			{
16			/**
17			* The initial value used to wrap the key and check the integrity when unwrapped.
18			* The RFC3394 set this value to 0xA6A6A6A6A6A6A6A6
19			* The RFC5649 set this value to 0xA65959A6XXXXXXXX (The part with XXXXXXXX is the MLI, depends on the padding).
20			*
21			* @param string $key The key
22			* @param bool $padding_enabled Enable padding (RFC5649)
23			*
24			* @return string
25			*
26			* @see https://tools.ietf.org/html/rfc3394#section-2.2.3.1
27			*/
28			private static function getInitialValue(string &$key, bool $padding_enabled): string
29			{
30			if (false === $padding_enabled) {
31			return hex2bin('A6A6A6A6A6A6A6A6');
32			}
33
34			$MLI = mb_strlen($key, '8bit');
35			$iv = hex2bin('A65959A6').self::toXBits(32, $MLI);
36
37			$n = intval(ceil($MLI / 8));
38			$key = str_pad($key, 8 * $n, "\0", STR_PAD_RIGHT);
39
40			return $iv;
41			}
42
43			/**
44			* @param string $key
45			* @param bool $padding_enabled
46			* @param string $iv
47			*
48			* @return bool
49			*/
50			private static function checkInitialValue(string &$key, bool $padding_enabled, string $iv): bool
51			{
52			// RFC3394 compliant
53			if ($iv === hex2bin('A6A6A6A6A6A6A6A6')) {
54			return true;
55			}
56
57			// The RFC3394 is required but the previous check is not satisfied => invalid
58			if (false === $padding_enabled) {
59			return false;
60			}
61
62			// The high-order half of the AIV according to the RFC5649
63			if (hex2bin('A65959A6') !== self::getMSB($iv)) {
64			return false;
65			}
66
67			$n = mb_strlen($key, '8bit') / 8;
68			$MLI = hexdec(bin2hex(ltrim(self::getLSB($iv), "\0")));
69
70			if (!(8 * ($n - 1) < $MLI && $MLI <= 8 * $n)) {
71			return false;
72			}
73
74			$b = 8 * $n - $MLI;
75			for ($i = 0; $i < $b; ++$i) {
76			if ("\0" !== mb_substr($key, $MLI + $i, 1, '8bit')) {
77			return false;
78			}
79			}
80			$key = mb_substr($key, 0, $MLI, '8bit');
81
82			return true;
83			}
84
85			/**
86			* @param string $key The Key to wrap
87			* @param bool $padding_enabled
88			*/
89			private static function checkKeySize(string $key, bool $padding_enabled)
90			{
91			if (empty($key)) {
92			throw new \InvalidArgumentException('Bad key size');
93			}
94			if (false === $padding_enabled && 0 !== mb_strlen($key, '8bit') % 8) {
95			throw new \InvalidArgumentException('Bad key size');
96			}
97			}
98
99			/**
100			* @param string $kek The Key Encryption Key
101			* @param string $key The key to wrap
102			* @param bool $padding_enabled If false, the key to wrap must be a sequence of one or more 64-bit blocks (RFC3394 compliant), else the key size must be at least one octet (RFC5649 compliant)
103			*
104			* @return string The wrapped key
105			*/
106			public static function wrap(string $kek, string $key, bool $padding_enabled = false): string
107			{
108			$A = self::getInitialValue($key, $padding_enabled);
109			self::checkKeySize($key, $padding_enabled);
110			$P = str_split($key, 8);
111			$N = count($P);
112			$C = [];
113
114			if (1 === $N) {
115			$B = self::encrypt($kek, $A.$P[0]);
116			$C[0] = self::getMSB($B);
117			$C[1] = self::getLSB($B);
118			} elseif (1 < $N) {
119			$R = $P;
120			for ($j = 0; $j <= 5; ++$j) {
121			for ($i = 1; $i <= $N; ++$i) {
122			$B = self::encrypt($kek, $A.$R[$i - 1]);
123			$t = $i + $j * $N;
124			$A = self::toXBits(64, $t) ^ self::getMSB($B);
125			$R[$i - 1] = self::getLSB($B);
126			}
127			}
128			$C = array_merge([$A], $R);
129			}
130
131			return implode('', $C);
132			}
133
134			/**
135			* @param string $kek The Key Encryption Key
136			* @param string $key The key to unwrap
137			* @param bool $padding_enabled If false, the AIV check must be RFC3394 compliant, else it must be RFC5649 or RFC3394 compliant
138			*
139			* @return string The key unwrapped
140			*/
141			public static function unwrap(string $kek, string $key, bool $padding_enabled = false): string
142			{
143			$P = str_split($key, 8);
144			$A = $P[0];
145			$N = count($P);
146
147			if (2 > $N) {
148			throw new \InvalidArgumentException('Bad data');
149			} elseif (2 === $N) {
150			$B = self::decrypt($kek, $P[0].$P[1]);
151			$unwrapped = self::getLSB($B);
152			$A = self::getMSB($B);
153			} else {
154			$R = $P;
155			for ($j = 5; $j >= 0; --$j) {
156			for ($i = $N - 1; $i >= 1; --$i) {
157			$t = $i + $j * ($N - 1);
158			$B = self::decrypt($kek, (self::toXBits(64, $t) ^ $A).$R[$i]);
159			$A = self::getMSB($B);
160			$R[$i] = self::getLSB($B);
161			}
162			}
163			unset($R[0]);
164
165			$unwrapped = implode('', $R);
166			}
167			if (false === self::checkInitialValue($unwrapped, $padding_enabled, $A)) {
168			throw new \InvalidArgumentException('Integrity check failed!');
169			}
170
171			return $unwrapped;
172			}
173
174			/**
175			* @param int $bits
176			* @param int $value
177			*
178			* @return string
179			*/
180			private static function toXBits(int $bits, int $value): string
181			{
182			return hex2bin(str_pad(dechex($value), $bits / 4, '0', STR_PAD_LEFT));
183			}
184
185			/**
186			* @param string $value
187			*
188			* @return string
189			*/
190			private static function getMSB(string $value): string
191			{
192			return mb_substr($value, 0, mb_strlen($value, '8bit') / 2, '8bit');
193			}
194
195			/**
196			* @param string $value
197			*
198			* @return string
199			*/
200			private static function getLSB(string $value): string
201			{
202			return mb_substr($value, mb_strlen($value, '8bit') / 2, null, '8bit');
203			}
204
205			/**
206			* {@inheritdoc}
207			*/
208			private static function encrypt(string $kek, string $data): string
209			{
210			return openssl_encrypt($data, self::getMethod($kek), $kek, OPENSSL_ZERO_PADDING \| OPENSSL_RAW_DATA);
211			}
212
213			/**
214			* {@inheritdoc}
215			*/
216			private static function decrypt(string $kek, string $data): string
217			{
218			return openssl_decrypt($data, self::getMethod($kek), $kek, OPENSSL_ZERO_PADDING \| OPENSSL_RAW_DATA);
219			}
220			}
221

Spomky-Labs / aes-key-wrap

Push — master ( 29edef...6d302d )

AESKW A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

10 Methods

Duplication Side-by-Side

Filter issues like