A256GCMKWAndA128CBC_HS256EncryptionTest - Code Metrics - Inspection of "Bugs fixed" - Spomky-Labs/jose - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( 686594...b5844e )

by Florent

created 2016-03-19 22:24 UTC

A256GCMKWAndA128CBC_HS256EncryptionTest A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	129
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	12

Importance

Changes	8
Bugs	5	Features	2

Metric	Value
wmc	2
c	8
b	5
f	2
lcom	1
cbo	12
dl	0
loc	129
rs	10

2 Methods

Rating	Name	Duplication	Size	Complexity
A	testA256GCMKWAndA128CBC_HS256Encryption()	0	67	1
A	testA256GCMKWAndA128CBC_HS256EncryptionBis()	0	51	1

<?php

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2016 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace Jose\Test\RFC7520;

use Base64Url\Base64Url;
use Jose\Factory\DecrypterFactory;
use Jose\Factory\EncrypterFactory;
use Jose\Factory\JWEFactory;
use Jose\Loader;
use Jose\Object\JWK;

/**
 * @see https://tools.ietf.org/html/rfc7520#section-5.7
 *
 * @group RFC7520
 */
class A256GCMKWAndA128CBC_HS256EncryptionTest extends \PHPUnit_Framework_TestCase
{
    /**
     * Please note that we cannot the encryption and get the same result as the example (IV, TAG and other data are always different).
     * The output given in the RFC is used and only decrypted.
     */
    public function testA256GCMKWAndA128CBC_HS256Encryption()
    {
        $expected_payload = "You can trust us to stick with you through thick and thin\xe2\x80\x93to the bitter end. And you can trust us to keep any secret of yours\xe2\x80\x93closer than you keep it yourself. But you cannot trust us to let you face trouble alone, and go off without a word. We are your friends, Frodo.";

        $private_key = new JWK([
            'kty' => 'oct',
            'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
            'use' => 'enc',
            'alg' => 'A256GCMKW',
            'k'   => 'qC57l_uxcm7Nm3K-ct4GFjx8tM1U8CZ0NLBvdQstiS8',
        ]);

        $protected_headers = [
            'alg' => 'A256GCMKW',
            'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
            'tag' => 'kfPduVQ3T3H6vnewt--ksw',
            'iv'  => 'KkYT0GX_2jHlfqN_',
            'enc' => 'A128CBC-HS256',
        ];

        $expected_compact_json = 'eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1NiJ9.lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok.gz6NjyEFNm_vm8Gj6FwoFQ.Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU.DKW7jrb4WaRSNfbXVPlT5g';

        /*
         * There is an error in this vector
         * In the RFC7520, the tag is 'DKW7jrb4WaRSNfbXVPlT5g' (see figure 147), but the tag from the flattened representation is 'NvBveHr_vonkvflfnUrmBQ'
         * Same goes for the protected header. The values are good, but as the order is different, the protected header value is different and the tag is not validated.
         */
        $expected_flattened_json = '{"protected":"eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1NiJ9","encrypted_key":"lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok","iv":"gz6NjyEFNm_vm8Gj6FwoFQ","ciphertext":"Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU","tag":"DKW7jrb4WaRSNfbXVPlT5g"}';
        $expected_json = '{"recipients":[{"encrypted_key":"lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok"}],"protected":"eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1NiJ9","iv":"gz6NjyEFNm_vm8Gj6FwoFQ","ciphertext":"Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU","tag":"DKW7jrb4WaRSNfbXVPlT5g"}';
        $expected_iv = 'gz6NjyEFNm_vm8Gj6FwoFQ';
        $expected_encrypted_key = 'lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok';
        $expected_ciphertext = 'Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU';
        $expected_tag = 'DKW7jrb4WaRSNfbXVPlT5g';

        $decrypter = DecrypterFactory::createDecrypter(['A256GCMKW', 'A128CBC-HS256']);

        $loaded_compact_json = Loader::load($expected_compact_json);
        $decrypter->decryptUsingKey($loaded_compact_json, $private_key);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        $loaded_flattened_json = Loader::load($expected_flattened_json);
        $decrypter->decryptUsingKey($loaded_flattened_json, $private_key);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        $loaded_json = Loader::load($expected_json);
        $decrypter->decryptUsingKey($loaded_json, $private_key);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        $this->assertEquals($expected_ciphertext, Base64Url::encode($loaded_compact_json->getCiphertext()));
        $this->assertEquals($protected_headers, $loaded_compact_json->getSharedProtectedHeaders());
        $this->assertEquals($expected_iv, Base64Url::encode($loaded_compact_json->getIV()));
        $this->assertEquals($expected_encrypted_key, Base64Url::encode($loaded_compact_json->getRecipient(0)->getEncryptedKey()));
        $this->assertEquals($expected_tag, Base64Url::encode($loaded_compact_json->getTag()));

        $this->assertEquals($expected_ciphertext, Base64Url::encode($loaded_flattened_json->getCiphertext()));
        $this->assertEquals($protected_headers, $loaded_flattened_json->getSharedProtectedHeaders());
        $this->assertEquals($expected_iv, Base64Url::encode($loaded_flattened_json->getIV()));
        $this->assertEquals($expected_encrypted_key, Base64Url::encode($loaded_flattened_json->getRecipient(0)->getEncryptedKey()));
        $this->assertEquals($expected_tag, Base64Url::encode($loaded_flattened_json->getTag()));

        $this->assertEquals($expected_ciphertext, Base64Url::encode($loaded_json->getCiphertext()));
        $this->assertEquals($protected_headers, $loaded_json->getSharedProtectedHeaders());
        $this->assertEquals($expected_iv, Base64Url::encode($loaded_json->getIV()));
        $this->assertEquals($expected_encrypted_key, Base64Url::encode($loaded_json->getRecipient(0)->getEncryptedKey()));
        $this->assertEquals($expected_tag, Base64Url::encode($loaded_json->getTag()));

        $this->assertEquals($expected_payload, $loaded_compact_json->getPayload());
        $this->assertEquals($expected_payload, $loaded_flattened_json->getPayload());
        $this->assertEquals($expected_payload, $loaded_json->getPayload());
    }

    /**
     * Same input as before, but we perform the encryption first.
     */
    public function testA256GCMKWAndA128CBC_HS256EncryptionBis()
    {
        $expected_payload = "You can trust us to stick with you through thick and thin\xe2\x80\x93to the bitter end. And you can trust us to keep any secret of yours\xe2\x80\x93closer than you keep it yourself. But you cannot trust us to let you face trouble alone, and go off without a word. We are your friends, Frodo.";

        $private_key = new JWK([
            'kty' => 'oct',
            'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
            'use' => 'enc',
            'alg' => 'A256GCMKW',
            'k'   => 'qC57l_uxcm7Nm3K-ct4GFjx8tM1U8CZ0NLBvdQstiS8',
        ]);

        $protected_headers = [
            'alg' => 'A256GCMKW',
            'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
            'enc' => 'A128CBC-HS256',
        ];

        $jwe = JWEFactory::createJWE($expected_payload, $protected_headers);
        $encrypter = EncrypterFactory::createEncrypter(['A256GCMKW', 'A128CBC-HS256']);

        $jwe = $jwe->addRecipient(
            $private_key
        );

        $encrypter->encrypt($jwe);

        $decrypter = DecrypterFactory::createDecrypter(['A256GCMKW', 'A128CBC-HS256']);

        $loaded_compact_json = Loader::load($jwe->toCompactJSON(0));
        $decrypter->decryptUsingKey($loaded_compact_json, $private_key);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        $loaded_flattened_json = Loader::load($jwe->toFlattenedJSON(0));
        $decrypter->decryptUsingKey($loaded_flattened_json, $private_key);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        $loaded_json = Loader::load($jwe->toJSON());
        $decrypter->decryptUsingKey($loaded_json, $private_key);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        $this->assertTrue(array_key_exists('iv', $loaded_compact_json->getSharedProtectedHeaders()));
        $this->assertTrue(array_key_exists('tag', $loaded_compact_json->getSharedProtectedHeaders()));

        $this->assertTrue(array_key_exists('iv', $loaded_flattened_json->getSharedProtectedHeaders()));
        $this->assertTrue(array_key_exists('tag', $loaded_flattened_json->getSharedProtectedHeaders()));

        $this->assertTrue(array_key_exists('iv', $loaded_json->getSharedProtectedHeaders()));
        $this->assertTrue(array_key_exists('tag', $loaded_json->getSharedProtectedHeaders()));

        $this->assertEquals($expected_payload, $loaded_compact_json->getPayload());
        $this->assertEquals($expected_payload, $loaded_flattened_json->getPayload());
        $this->assertEquals($expected_payload, $loaded_json->getPayload());
    }
}


1			<?php
2
3			/*
4			* The MIT License (MIT)
5			*
6			* Copyright (c) 2014-2016 Spomky-Labs
7			*
8			* This software may be modified and distributed under the terms
9			* of the MIT license. See the LICENSE file for details.
10			*/
11
12			namespace Jose\Test\RFC7520;
13
14			use Base64Url\Base64Url;
15			use Jose\Factory\DecrypterFactory;
16			use Jose\Factory\EncrypterFactory;
17			use Jose\Factory\JWEFactory;
18			use Jose\Loader;
19			use Jose\Object\JWK;
20
21			/**
22			* @see https://tools.ietf.org/html/rfc7520#section-5.7
23			*
24			* @group RFC7520
25			*/
26			class A256GCMKWAndA128CBC_HS256EncryptionTest extends \PHPUnit_Framework_TestCase
27			{
28			/**
29			* Please note that we cannot the encryption and get the same result as the example (IV, TAG and other data are always different).
30			* The output given in the RFC is used and only decrypted.
31			*/
32			public function testA256GCMKWAndA128CBC_HS256Encryption()
33			{
34			$expected_payload = "You can trust us to stick with you through thick and thin\xe2\x80\x93to the bitter end. And you can trust us to keep any secret of yours\xe2\x80\x93closer than you keep it yourself. But you cannot trust us to let you face trouble alone, and go off without a word. We are your friends, Frodo.";
35
36			$private_key = new JWK([
37			'kty' => 'oct',
38			'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
39			'use' => 'enc',
40			'alg' => 'A256GCMKW',
41			'k' => 'qC57l_uxcm7Nm3K-ct4GFjx8tM1U8CZ0NLBvdQstiS8',
42			]);
43
44			$protected_headers = [
45			'alg' => 'A256GCMKW',
46			'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
47			'tag' => 'kfPduVQ3T3H6vnewt--ksw',
48			'iv' => 'KkYT0GX_2jHlfqN_',
49			'enc' => 'A128CBC-HS256',
50			];
51
52			$expected_compact_json = 'eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1NiJ9.lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok.gz6NjyEFNm_vm8Gj6FwoFQ.Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU.DKW7jrb4WaRSNfbXVPlT5g';
53
54			/*
55			* There is an error in this vector
56			* In the RFC7520, the tag is 'DKW7jrb4WaRSNfbXVPlT5g' (see figure 147), but the tag from the flattened representation is 'NvBveHr_vonkvflfnUrmBQ'
57			* Same goes for the protected header. The values are good, but as the order is different, the protected header value is different and the tag is not validated.
58			*/
59			$expected_flattened_json = '{"protected":"eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1NiJ9","encrypted_key":"lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok","iv":"gz6NjyEFNm_vm8Gj6FwoFQ","ciphertext":"Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU","tag":"DKW7jrb4WaRSNfbXVPlT5g"}';
60			$expected_json = '{"recipients":[{"encrypted_key":"lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok"}],"protected":"eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1NiJ9","iv":"gz6NjyEFNm_vm8Gj6FwoFQ","ciphertext":"Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU","tag":"DKW7jrb4WaRSNfbXVPlT5g"}';
61			$expected_iv = 'gz6NjyEFNm_vm8Gj6FwoFQ';
62			$expected_encrypted_key = 'lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok';
63			$expected_ciphertext = 'Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3xWU';
64			$expected_tag = 'DKW7jrb4WaRSNfbXVPlT5g';
65
66			$decrypter = DecrypterFactory::createDecrypter(['A256GCMKW', 'A128CBC-HS256']);
67
68			$loaded_compact_json = Loader::load($expected_compact_json);
69			$decrypter->decryptUsingKey($loaded_compact_json, $private_key);
			0 ignored issues – show Bug introduced 2016-03-19 22:27 UTC by Report Bug Copy Issue Report It seems like `$loaded_compact_json` defined by `\Jose\Loader::load($expected_compact_json)` on line `68` can also be of type `object<Jose\Object\JWSInterface>`; however, `Jose\Decrypter::decryptUsingKey()` does only seem to accept `object<Jose\Object\JWEInterface>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
70
71			$loaded_flattened_json = Loader::load($expected_flattened_json);
72			$decrypter->decryptUsingKey($loaded_flattened_json, $private_key);
			0 ignored issues – show Bug introduced 2016-03-19 22:27 UTC by Report Bug Copy Issue Report It seems like `$loaded_flattened_json` defined by `\Jose\Loader::load($expected_flattened_json)` on line `71` can also be of type `object<Jose\Object\JWSInterface>`; however, `Jose\Decrypter::decryptUsingKey()` does only seem to accept `object<Jose\Object\JWEInterface>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
73
74			$loaded_json = Loader::load($expected_json);
75			$decrypter->decryptUsingKey($loaded_json, $private_key);
			0 ignored issues – show Bug introduced 2016-03-19 22:27 UTC by Report Bug Copy Issue Report It seems like `$loaded_json` defined by `\Jose\Loader::load($expected_json)` on line `74` can also be of type `object<Jose\Object\JWSInterface>`; however, `Jose\Decrypter::decryptUsingKey()` does only seem to accept `object<Jose\Object\JWEInterface>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
76
77			$this->assertEquals($expected_ciphertext, Base64Url::encode($loaded_compact_json->getCiphertext()));
78			$this->assertEquals($protected_headers, $loaded_compact_json->getSharedProtectedHeaders());
79			$this->assertEquals($expected_iv, Base64Url::encode($loaded_compact_json->getIV()));
80			$this->assertEquals($expected_encrypted_key, Base64Url::encode($loaded_compact_json->getRecipient(0)->getEncryptedKey()));
81			$this->assertEquals($expected_tag, Base64Url::encode($loaded_compact_json->getTag()));
82
83			$this->assertEquals($expected_ciphertext, Base64Url::encode($loaded_flattened_json->getCiphertext()));
84			$this->assertEquals($protected_headers, $loaded_flattened_json->getSharedProtectedHeaders());
85			$this->assertEquals($expected_iv, Base64Url::encode($loaded_flattened_json->getIV()));
86			$this->assertEquals($expected_encrypted_key, Base64Url::encode($loaded_flattened_json->getRecipient(0)->getEncryptedKey()));
87			$this->assertEquals($expected_tag, Base64Url::encode($loaded_flattened_json->getTag()));
88
89			$this->assertEquals($expected_ciphertext, Base64Url::encode($loaded_json->getCiphertext()));
90			$this->assertEquals($protected_headers, $loaded_json->getSharedProtectedHeaders());
91			$this->assertEquals($expected_iv, Base64Url::encode($loaded_json->getIV()));
92			$this->assertEquals($expected_encrypted_key, Base64Url::encode($loaded_json->getRecipient(0)->getEncryptedKey()));
93			$this->assertEquals($expected_tag, Base64Url::encode($loaded_json->getTag()));
94
95			$this->assertEquals($expected_payload, $loaded_compact_json->getPayload());
96			$this->assertEquals($expected_payload, $loaded_flattened_json->getPayload());
97			$this->assertEquals($expected_payload, $loaded_json->getPayload());
98			}
99
100			/**
101			* Same input as before, but we perform the encryption first.
102			*/
103			public function testA256GCMKWAndA128CBC_HS256EncryptionBis()
104			{
105			$expected_payload = "You can trust us to stick with you through thick and thin\xe2\x80\x93to the bitter end. And you can trust us to keep any secret of yours\xe2\x80\x93closer than you keep it yourself. But you cannot trust us to let you face trouble alone, and go off without a word. We are your friends, Frodo.";
106
107			$private_key = new JWK([
108			'kty' => 'oct',
109			'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
110			'use' => 'enc',
111			'alg' => 'A256GCMKW',
112			'k' => 'qC57l_uxcm7Nm3K-ct4GFjx8tM1U8CZ0NLBvdQstiS8',
113			]);
114
115			$protected_headers = [
116			'alg' => 'A256GCMKW',
117			'kid' => '18ec08e1-bfa9-4d95-b205-2b4dd1d4321d',
118			'enc' => 'A128CBC-HS256',
119			];
120
121			$jwe = JWEFactory::createJWE($expected_payload, $protected_headers);
122			$encrypter = EncrypterFactory::createEncrypter(['A256GCMKW', 'A128CBC-HS256']);
123
124			$jwe = $jwe->addRecipient(
125			$private_key
126			);
127
128			$encrypter->encrypt($jwe);
129
130			$decrypter = DecrypterFactory::createDecrypter(['A256GCMKW', 'A128CBC-HS256']);
131
132			$loaded_compact_json = Loader::load($jwe->toCompactJSON(0));
133			$decrypter->decryptUsingKey($loaded_compact_json, $private_key);
			0 ignored issues – show Bug introduced 2016-03-19 22:27 UTC by Report Bug Copy Issue Report It seems like `$loaded_compact_json` defined by `\Jose\Loader::load($jwe->toCompactJSON(0))` on line `132` can also be of type `object<Jose\Object\JWSInterface>`; however, `Jose\Decrypter::decryptUsingKey()` does only seem to accept `object<Jose\Object\JWEInterface>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
134
135			$loaded_flattened_json = Loader::load($jwe->toFlattenedJSON(0));
136			$decrypter->decryptUsingKey($loaded_flattened_json, $private_key);
			0 ignored issues – show Bug introduced 2016-03-19 22:27 UTC by Report Bug Copy Issue Report It seems like `$loaded_flattened_json` defined by `\Jose\Loader::load($jwe->toFlattenedJSON(0))` on line `135` can also be of type `object<Jose\Object\JWSInterface>`; however, `Jose\Decrypter::decryptUsingKey()` does only seem to accept `object<Jose\Object\JWEInterface>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
137
138			$loaded_json = Loader::load($jwe->toJSON());
139			$decrypter->decryptUsingKey($loaded_json, $private_key);
			0 ignored issues – show Bug introduced 2016-03-19 22:27 UTC by Report Bug Copy Issue Report It seems like `$loaded_json` defined by `\Jose\Loader::load($jwe->toJSON())` on line `138` can also be of type `object<Jose\Object\JWSInterface>`; however, `Jose\Decrypter::decryptUsingKey()` does only seem to accept `object<Jose\Object\JWEInterface>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
140
141			$this->assertTrue(array_key_exists('iv', $loaded_compact_json->getSharedProtectedHeaders()));
142			$this->assertTrue(array_key_exists('tag', $loaded_compact_json->getSharedProtectedHeaders()));
143
144			$this->assertTrue(array_key_exists('iv', $loaded_flattened_json->getSharedProtectedHeaders()));
145			$this->assertTrue(array_key_exists('tag', $loaded_flattened_json->getSharedProtectedHeaders()));
146
147			$this->assertTrue(array_key_exists('iv', $loaded_json->getSharedProtectedHeaders()));
148			$this->assertTrue(array_key_exists('tag', $loaded_json->getSharedProtectedHeaders()));
149
150			$this->assertEquals($expected_payload, $loaded_compact_json->getPayload());
151			$this->assertEquals($expected_payload, $loaded_flattened_json->getPayload());
152			$this->assertEquals($expected_payload, $loaded_json->getPayload());
153			}
154			}
155

Spomky-Labs / jose

Push — develop ( 686594...b5844e )

A256GCMKWAndA128CBC_HS256EncryptionTest A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

2 Methods

Duplication Side-by-Side

Filter issues like