PBES2AESKW - Code Metrics - Inspection of "Bump to v4" - Spomky-Labs/jose - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( d8c018...19ac78 )

by Florent

created 2016-06-13 21:01 UTC

PBES2AESKW A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	116
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	3

Importance

Changes	6
Bugs	3	Features	2

Metric	Value
wmc	7
c	6
b	3
f	2
lcom	1
cbo	3
dl	0
loc	116
rs	10

10 Methods

Rating	Name	Size	Complexity
A	__construct()	5	1
A	unwrapKey()	16	1
A	checkHeaderAlgorithm()	5	1
A	checkHeaderAdditionalParameters()	7	1
A	checkKey()	5	1
A	wrapKey()	18	1
A	getKeyManagementMode()	4	1
	getWrapper()	1	?
	getHashAlgorithm()	1	?
	getKeySize()	1	?

<?php

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2016 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace Jose\Algorithm\KeyEncryption;

use Assert\Assertion;
use Base64Url\Base64Url;
use Jose\Object\JWKInterface;

/**
 * Class PBES2AESKW.
 */
abstract class PBES2AESKW implements KeyWrappingInterface
{
    /**
     * @var int
     */
    private $salt_size;

    /**
     * @var int
     */
    private $nb_count;

    /**
     * @param int $salt_size
     * @param int $nb_count
     */
    public function __construct($salt_size = 64, $nb_count = 4096)
    {
        $this->salt_size = $salt_size;
        $this->nb_count = $nb_count;
    }

    /**
     * {@inheritdoc}
     */
    public function wrapKey(JWKInterface $key, $cek, array $complete_headers, array &$additional_headers)
    {
        $this->checkKey($key);
        $this->checkHeaderAlgorithm($complete_headers);
        $wrapper = $this->getWrapper();
        $hash_algorithm = $this->getHashAlgorithm();
        $key_size = $this->getKeySize();
        $salt = random_bytes($this->salt_size);
        $password = Base64Url::decode($key->get('k'));

        // We set headers parameters
        $additional_headers['p2s'] = Base64Url::encode($salt);
        $additional_headers['p2c'] = $this->nb_count;

        $derived_key = hash_pbkdf2($hash_algorithm, $password, $complete_headers['alg']."\x00".$salt, $this->nb_count, $key_size, true);

        return $wrapper->wrap($derived_key, $cek);
    }

    /**
     * {@inheritdoc}
     */
    public function unwrapKey(JWKInterface $key, $encrypted_cek, array $header)
    {
        $this->checkKey($key);
        $this->checkHeaderAlgorithm($header);
        $this->checkHeaderAdditionalParameters($header);
        $wrapper = $this->getWrapper();
        $hash_algorithm = $this->getHashAlgorithm();
        $key_size = $this->getKeySize();
        $salt = $header['alg']."\x00".Base64Url::decode($header['p2s']);
        $count = $header['p2c'];
        $password = Base64Url::decode($key->get('k'));

        $derived_key = hash_pbkdf2($hash_algorithm, $password, $salt, $count, $key_size, true);

        return $wrapper->unwrap($derived_key, $encrypted_cek);
    }

    /**
     * {@inheritdoc}
     */
    public function getKeyManagementMode()
    {
        return self::MODE_WRAP;
    }

    /**
     * @param JWKInterface $key
     */
    protected function checkKey(JWKInterface $key)
    {
        Assertion::eq($key->get('kty'), 'oct', 'Wrong key type.');
        Assertion::true($key->has('k'), 'The key parameter "k" is missing.');
    }

    /**
     * @param array $header
     */
    protected function checkHeaderAlgorithm(array $header)
    {
        Assertion::keyExists($header, 'alg', 'The header parameter "alg" is missing.');
        Assertion::notEmpty($header['alg'], 'The header parameter "alg" is not valid.');
    }

    /**
     * @param array $header
     */
    protected function checkHeaderAdditionalParameters(array $header)
    {
        Assertion::keyExists($header, 'p2s', 'The header parameter "p2s" is missing.');
        Assertion::notEmpty($header['p2s'], 'The header parameter "p2s" is not valid.');
        Assertion::keyExists($header, 'p2c', 'The header parameter "p2c" is missing.');
        Assertion::notEmpty($header['p2c'], 'The header parameter "p2c" is not valid.');
    }

    /**
     * @return \AESKW\A128KW|\AESKW\A192KW|\AESKW\A256KW
     */
    abstract protected function getWrapper();

    /**
     * @return string
     */
    abstract protected function getHashAlgorithm();

    /**
     * @return int
     */
    abstract protected function getKeySize();
}


1			<?php
2
3			/*
4			* The MIT License (MIT)
5			*
6			* Copyright (c) 2014-2016 Spomky-Labs
7			*
8			* This software may be modified and distributed under the terms
9			* of the MIT license. See the LICENSE file for details.
10			*/
11
12			namespace Jose\Algorithm\KeyEncryption;
13
14			use Assert\Assertion;
15			use Base64Url\Base64Url;
16			use Jose\Object\JWKInterface;
17
18			/**
19			* Class PBES2AESKW.
20			*/
21			abstract class PBES2AESKW implements KeyWrappingInterface
22			{
23			/**
24			* @var int
25			*/
26			private $salt_size;
27
28			/**
29			* @var int
30			*/
31			private $nb_count;
32
33			/**
34			* @param int $salt_size
35			* @param int $nb_count
36			*/
37			public function __construct($salt_size = 64, $nb_count = 4096)
38			{
39			$this->salt_size = $salt_size;
40			$this->nb_count = $nb_count;
41			}
42
43			/**
44			* {@inheritdoc}
45			*/
46			public function wrapKey(JWKInterface $key, $cek, array $complete_headers, array &$additional_headers)
47			{
48			$this->checkKey($key);
49			$this->checkHeaderAlgorithm($complete_headers);
50			$wrapper = $this->getWrapper();
51			$hash_algorithm = $this->getHashAlgorithm();
52			$key_size = $this->getKeySize();
53			$salt = random_bytes($this->salt_size);
54			$password = Base64Url::decode($key->get('k'));
55
56			// We set headers parameters
57			$additional_headers['p2s'] = Base64Url::encode($salt);
58			$additional_headers['p2c'] = $this->nb_count;
59
60			$derived_key = hash_pbkdf2($hash_algorithm, $password, $complete_headers['alg']."\x00".$salt, $this->nb_count, $key_size, true);
61
62			return $wrapper->wrap($derived_key, $cek);
63			}
64
65			/**
66			* {@inheritdoc}
67			*/
68			public function unwrapKey(JWKInterface $key, $encrypted_cek, array $header)
69			{
70			$this->checkKey($key);
71			$this->checkHeaderAlgorithm($header);
72			$this->checkHeaderAdditionalParameters($header);
73			$wrapper = $this->getWrapper();
74			$hash_algorithm = $this->getHashAlgorithm();
75			$key_size = $this->getKeySize();
76			$salt = $header['alg']."\x00".Base64Url::decode($header['p2s']);
77			$count = $header['p2c'];
78			$password = Base64Url::decode($key->get('k'));
79
80			$derived_key = hash_pbkdf2($hash_algorithm, $password, $salt, $count, $key_size, true);
81
82			return $wrapper->unwrap($derived_key, $encrypted_cek);
83			}
84
85			/**
86			* {@inheritdoc}
87			*/
88			public function getKeyManagementMode()
89			{
90			return self::MODE_WRAP;
91			}
92
93			/**
94			* @param JWKInterface $key
95			*/
96			protected function checkKey(JWKInterface $key)
97			{
98			Assertion::eq($key->get('kty'), 'oct', 'Wrong key type.');
99			Assertion::true($key->has('k'), 'The key parameter "k" is missing.');
100			}
101
102			/**
103			* @param array $header
104			*/
105			protected function checkHeaderAlgorithm(array $header)
106			{
107			Assertion::keyExists($header, 'alg', 'The header parameter "alg" is missing.');
108			Assertion::notEmpty($header['alg'], 'The header parameter "alg" is not valid.');
109			}
110
111			/**
112			* @param array $header
113			*/
114			protected function checkHeaderAdditionalParameters(array $header)
115			{
116			Assertion::keyExists($header, 'p2s', 'The header parameter "p2s" is missing.');
117			Assertion::notEmpty($header['p2s'], 'The header parameter "p2s" is not valid.');
118			Assertion::keyExists($header, 'p2c', 'The header parameter "p2c" is missing.');
119			Assertion::notEmpty($header['p2c'], 'The header parameter "p2c" is not valid.');
120			}
121
122			/**
123			* @return \AESKW\A128KW\|\AESKW\A192KW\|\AESKW\A256KW
124			*/
125			abstract protected function getWrapper();
126
127			/**
128			* @return string
129			*/
130			abstract protected function getHashAlgorithm();
131
132			/**
133			* @return int
134			*/
135			abstract protected function getKeySize();
136			}
137

Spomky-Labs / jose

Push — master ( d8c018...19ac78 )

PBES2AESKW A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

10 Methods

Duplication Side-by-Side

Filter issues like