PBES2AESKW - Code Metrics - Inspection of "Bugs fixed and performance tests added" - Spomky-Labs/jose - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 610c21...319146 )

by Florent

created 2016-03-02 12:45 UTC

PBES2AESKW A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	117
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	3

Importance

Changes	7
Bugs	3	Features	1

Metric	Value
wmc	15
c	7
b	3
f	1
lcom	1
cbo	3
dl	0
loc	117
rs	10

10 Methods

Rating	Name	Size	Complexity
A	__construct()	5	1
A	getKeyManagementMode()	4	1
A	checkKey()	6	3
A	checkHeaderAlgorithm()	6	3
B	checkHeaderAdditionalParameters()	6	5
	getWrapper()	1	?
	getHashAlgorithm()	1	?
	getKeySize()	1	?
A	wrapKey()	18	1
A	unwrapKey()	16	1

<?php

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2016 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace Jose\Algorithm\KeyEncryption;

use Base64Url\Base64Url;
use Jose\Object\JWKInterface;
use Jose\Util\StringUtil;

/**
 * Class PBES2AESKW.
 */
abstract class PBES2AESKW implements KeyWrappingInterface
{
    /**
     * @var int
     */
    private $salt_size;

    /**
     * @var int
     */
    private $nb_count;

    /**
     * @param int $salt_size
     * @param int $nb_count
     */
    public function __construct($salt_size = 64, $nb_count = 4096)
    {
        $this->salt_size = $salt_size;
        $this->nb_count = $nb_count;
    }

    /**
     * {@inheritdoc}
     */
    public function wrapKey(JWKInterface $key, $cek, array $complete_headers, array &$additional_headers)
    {
        $this->checkKey($key);
        $this->checkHeaderAlgorithm($complete_headers);
        $wrapper = $this->getWrapper();
        $hash_algorithm = $this->getHashAlgorithm();
        $key_size = $this->getKeySize();
        $salt = StringUtil::generateRandomBytes($this->salt_size);
        $password = Base64Url::decode($key->get('k'));

        // We set headers parameters
        $additional_headers['p2s'] = Base64Url::encode($salt);
        $additional_headers['p2c'] = $this->nb_count;

        $derived_key = hash_pbkdf2($hash_algorithm, $password, $complete_headers['alg']."\x00".$salt, $this->nb_count, $key_size, true);

        return $wrapper->wrap($derived_key, $cek);
    }

    /**
     * {@inheritdoc}
     */
    public function unwrapKey(JWKInterface $key, $encrypted_cek, array $header)
    {
        $this->checkKey($key);
        $this->checkHeaderAlgorithm($header);
        $this->checkHeaderAdditionalParameters($header);
        $wrapper = $this->getWrapper();
        $hash_algorithm = $this->getHashAlgorithm();
        $key_size = $this->getKeySize();
        $salt = $header['alg']."\x00".Base64Url::decode($header['p2s']);
        $count = $header['p2c'];
        $password = Base64Url::decode($key->get('k'));

        $derived_key = hash_pbkdf2($hash_algorithm, $password, $salt, $count, $key_size, true);

        return $wrapper->unwrap($derived_key, $encrypted_cek);
    }

    /**
     * {@inheritdoc}
     */
    public function getKeyManagementMode()
    {
        return self::MODE_WRAP;
    }

    /**
     * @param JWKInterface $key
     */
    protected function checkKey(JWKInterface $key)
    {
        if ('oct' !== $key->get('kty') || !$key->has('k')) {
            throw new \InvalidArgumentException('The key is not valid');
        }
    }

    /**
     * @param array $header
     */
    protected function checkHeaderAlgorithm(array $header)
    {
        if (!isset($header['alg']) || empty($header['alg'])) {
            throw new \InvalidArgumentException("The header parameter 'alg' is missing or invalid.");
        }
    }

    /**
     * @param array $header
     */
    protected function checkHeaderAdditionalParameters(array $header)
    {
        if (!array_key_exists('p2s', $header) || !array_key_exists('p2c', $header) || empty($header['p2s']) || empty($header['p2c'])) {
            throw new \InvalidArgumentException("The header is not valid. 'p2s' or 'p2c' parameter is missing or invalid.");
        }
    }

    /**
     * @return \AESKW\A128KW|\AESKW\A192KW|\AESKW\A256KW
     */
    abstract protected function getWrapper();

    /**
     * @return string
     */
    abstract protected function getHashAlgorithm();

    /**
     * @return int
     */
    abstract protected function getKeySize();
}


1			<?php
2
3			/*
4			* The MIT License (MIT)
5			*
6			* Copyright (c) 2014-2016 Spomky-Labs
7			*
8			* This software may be modified and distributed under the terms
9			* of the MIT license. See the LICENSE file for details.
10			*/
11
12			namespace Jose\Algorithm\KeyEncryption;
13
14			use Base64Url\Base64Url;
15			use Jose\Object\JWKInterface;
16			use Jose\Util\StringUtil;
17
18			/**
19			* Class PBES2AESKW.
20			*/
21			abstract class PBES2AESKW implements KeyWrappingInterface
22			{
23			/**
24			* @var int
25			*/
26			private $salt_size;
27
28			/**
29			* @var int
30			*/
31			private $nb_count;
32
33			/**
34			* @param int $salt_size
35			* @param int $nb_count
36			*/
37			public function __construct($salt_size = 64, $nb_count = 4096)
38			{
39			$this->salt_size = $salt_size;
40			$this->nb_count = $nb_count;
41			}
42
43			/**
44			* {@inheritdoc}
45			*/
46			public function wrapKey(JWKInterface $key, $cek, array $complete_headers, array &$additional_headers)
47			{
48			$this->checkKey($key);
49			$this->checkHeaderAlgorithm($complete_headers);
50			$wrapper = $this->getWrapper();
51			$hash_algorithm = $this->getHashAlgorithm();
52			$key_size = $this->getKeySize();
53			$salt = StringUtil::generateRandomBytes($this->salt_size);
54			$password = Base64Url::decode($key->get('k'));
55
56			// We set headers parameters
57			$additional_headers['p2s'] = Base64Url::encode($salt);
58			$additional_headers['p2c'] = $this->nb_count;
59
60			$derived_key = hash_pbkdf2($hash_algorithm, $password, $complete_headers['alg']."\x00".$salt, $this->nb_count, $key_size, true);
61
62			return $wrapper->wrap($derived_key, $cek);
63			}
64
65			/**
66			* {@inheritdoc}
67			*/
68			public function unwrapKey(JWKInterface $key, $encrypted_cek, array $header)
69			{
70			$this->checkKey($key);
71			$this->checkHeaderAlgorithm($header);
72			$this->checkHeaderAdditionalParameters($header);
73			$wrapper = $this->getWrapper();
74			$hash_algorithm = $this->getHashAlgorithm();
75			$key_size = $this->getKeySize();
76			$salt = $header['alg']."\x00".Base64Url::decode($header['p2s']);
77			$count = $header['p2c'];
78			$password = Base64Url::decode($key->get('k'));
79
80			$derived_key = hash_pbkdf2($hash_algorithm, $password, $salt, $count, $key_size, true);
81
82			return $wrapper->unwrap($derived_key, $encrypted_cek);
83			}
84
85			/**
86			* {@inheritdoc}
87			*/
88			public function getKeyManagementMode()
89			{
90			return self::MODE_WRAP;
91			}
92
93			/**
94			* @param JWKInterface $key
95			*/
96			protected function checkKey(JWKInterface $key)
97			{
98			if ('oct' !== $key->get('kty') \|\| !$key->has('k')) {
99			throw new \InvalidArgumentException('The key is not valid');
100			}
101			}
102
103			/**
104			* @param array $header
105			*/
106			protected function checkHeaderAlgorithm(array $header)
107			{
108			if (!isset($header['alg']) \|\| empty($header['alg'])) {
109			throw new \InvalidArgumentException("The header parameter 'alg' is missing or invalid.");
110			}
111			}
112
113			/**
114			* @param array $header
115			*/
116			protected function checkHeaderAdditionalParameters(array $header)
117			{
118			if (!array_key_exists('p2s', $header) \|\| !array_key_exists('p2c', $header) \|\| empty($header['p2s']) \|\| empty($header['p2c'])) {
119			throw new \InvalidArgumentException("The header is not valid. 'p2s' or 'p2c' parameter is missing or invalid.");
120			}
121			}
122
123			/**
124			* @return \AESKW\A128KW\|\AESKW\A192KW\|\AESKW\A256KW
125			*/
126			abstract protected function getWrapper();
127
128			/**
129			* @return string
130			*/
131			abstract protected function getHashAlgorithm();
132
133			/**
134			* @return int
135			*/
136			abstract protected function getKeySize();
137			}
138

Spomky-Labs / jose

Push — master ( 610c21...319146 )

PBES2AESKW A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

10 Methods

Duplication Side-by-Side

Filter issues like