Issues in RSA.php - New Issues - Inspection of "Optimizations" - Spomky-Labs/jose - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — PHPSecLib_Rid ( fca9fd...3a3eb8 )

by Florent

created 2016-07-30 20:38 UTC

src/Algorithm/KeyEncryption/RSA.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2016 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace Jose\Algorithm\KeyEncryption;

use Assert\Assertion;
use Jose\KeyConverter\RSAKey;
use Jose\Object\JWKInterface;
use Jose\Util\RSA as JoseRSA;

/**
 * Class RSA.
 */
abstract class RSA implements KeyEncryptionInterface
{
    /**
     * Optimal Asymmetric Encryption Padding (OAEP).
     */
    const ENCRYPTION_OAEP = 1;

    /**
     * Use PKCS#1 padding.
     */
    const ENCRYPTION_PKCS1 = 2;

    /**
     * {@inheritdoc}
     */
    public function encryptKey(JWKInterface $key, $cek, array $complete_headers, array &$additional_headers)
    {
        $this->checkKey($key);

        $pub = RSAKey::toPublic(new RSAKey($key));

        if (self::ENCRYPTION_OAEP === $this->getEncryptionMode()) {
            $encrypted = JoseRSA::encrypt($pub, $cek, $this->getHashAlgorithm());
            Assertion::string($encrypted, 'Unable to encrypt the data.');

            return $encrypted;
        } else {
            $res = openssl_public_encrypt($cek, $encrypted, $pub->toPEM(), OPENSSL_PKCS1_PADDING | OPENSSL_RAW_DATA);
            Assertion::true($res, 'Unable to encrypt the data.');

            return $encrypted;
        }
    }

    /**
     * {@inheritdoc}
     */
    public function decryptKey(JWKInterface $key, $encrypted_key, array $header)
    {
        $this->checkKey($key);
        Assertion::true($key->has('d'), 'The key is not a private key');

        $priv = new RSAKey($key);

        if (self::ENCRYPTION_OAEP === $this->getEncryptionMode()) {
            $decrypted = JoseRSA::decrypt($priv, $encrypted_key, $this->getHashAlgorithm());

            Assertion::string($decrypted, 'Unable to decrypt the data.');

            return $decrypted;
        } else {
            $res = openssl_private_decrypt($encrypted_key, $decrypted, $priv->toPEM(), OPENSSL_PKCS1_PADDING | OPENSSL_RAW_DATA);
            Assertion::true($res, 'Unable to decrypt the data.');

            return $decrypted;
        }
    }

    /**
     * {@inheritdoc}
     */
    public function getKeyManagementMode()
    {
        return self::MODE_ENCRYPT;
    }

    /**
     * @param JWKInterface $key
     */
    protected function checkKey(JWKInterface $key)
    {
        Assertion::eq($key->get('kty'), 'RSA', 'Wrong key type.');
    }

    /**
     * @return int
     */
    abstract protected function getEncryptionMode();

    /**
     * @return string
     */
    abstract protected function getHashAlgorithm();
}


1			<?php
2
3			/*
4			* The MIT License (MIT)
5			*
6			* Copyright (c) 2014-2016 Spomky-Labs
7			*
8			* This software may be modified and distributed under the terms
9			* of the MIT license. See the LICENSE file for details.
10			*/
11
12			namespace Jose\Algorithm\KeyEncryption;
13
14			use Assert\Assertion;
15			use Jose\KeyConverter\RSAKey;
16			use Jose\Object\JWKInterface;
17			use Jose\Util\RSA as JoseRSA;
18
19			/**
20			* Class RSA.
21			*/
22			abstract class RSA implements KeyEncryptionInterface
23			{
24			/**
25			* Optimal Asymmetric Encryption Padding (OAEP).
26			*/
27			const ENCRYPTION_OAEP = 1;
28
29			/**
30			* Use PKCS#1 padding.
31			*/
32			const ENCRYPTION_PKCS1 = 2;
33
34			/**
35			* {@inheritdoc}
36			*/
37			public function encryptKey(JWKInterface $key, $cek, array $complete_headers, array &$additional_headers)
38			{
39			$this->checkKey($key);
40
41			$pub = RSAKey::toPublic(new RSAKey($key));
42
43			if (self::ENCRYPTION_OAEP === $this->getEncryptionMode()) {
44			$encrypted = JoseRSA::encrypt($pub, $cek, $this->getHashAlgorithm());
45			Assertion::string($encrypted, 'Unable to encrypt the data.');
46
47			return $encrypted;
48			} else {
49			$res = openssl_public_encrypt($cek, $encrypted, $pub->toPEM(), OPENSSL_PKCS1_PADDING \| OPENSSL_RAW_DATA);
50			Assertion::true($res, 'Unable to encrypt the data.');
51
52			return $encrypted;
53			}
54			}
55
56			/**
57			* {@inheritdoc}
58			*/
59			public function decryptKey(JWKInterface $key, $encrypted_key, array $header)
60			{
61			$this->checkKey($key);
62			Assertion::true($key->has('d'), 'The key is not a private key');
63
64			$priv = new RSAKey($key);
65
66			if (self::ENCRYPTION_OAEP === $this->getEncryptionMode()) {
67			$decrypted = JoseRSA::decrypt($priv, $encrypted_key, $this->getHashAlgorithm());
			0 ignored issues – show Comprehensibility Best Practice introduced 2016-07-30 20:41 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `\Jose\Util\RSA::decrypt(...s->getHashAlgorithm());` of type `false\|string` adds `false` to the return on line 70 which is incompatible with the return type declared by the interface `Jose\Algorithm\KeyEncryp...onInterface::decryptKey` of type `string`. It seems like you forgot to handle an error condition. Loading history...
68			Assertion::string($decrypted, 'Unable to decrypt the data.');
69
70			return $decrypted;
71			} else {
72			$res = openssl_private_decrypt($encrypted_key, $decrypted, $priv->toPEM(), OPENSSL_PKCS1_PADDING \| OPENSSL_RAW_DATA);
73			Assertion::true($res, 'Unable to decrypt the data.');
74
75			return $decrypted;
76			}
77			}
78
79			/**
80			* {@inheritdoc}
81			*/
82			public function getKeyManagementMode()
83			{
84			return self::MODE_ENCRYPT;
85			}
86
87			/**
88			* @param JWKInterface $key
89			*/
90			protected function checkKey(JWKInterface $key)
91			{
92			Assertion::eq($key->get('kty'), 'RSA', 'Wrong key type.');
93			}
94
95			/**
96			* @return int
97			*/
98			abstract protected function getEncryptionMode();
99
100			/**
101			* @return string
102			*/
103			abstract protected function getHashAlgorithm();
104			}
105

Spomky-Labs / jose

Push — PHPSecLib_Rid ( fca9fd...3a3eb8 )

src/Algorithm/KeyEncryption/RSA.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like