hash.php ➔ hash_pbkdf2() - Code Metrics - Inspection of "Merge pull request #168 from kfern-github/develop" - ci-bonfire/Sprint - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( e54387...b62a26 )

by Lonnie

created 2016-07-21 17:22 UTC

hash.php ➔ hash_pbkdf2() F

↳ Parent: Project

Complexity

Conditions	21
Paths	237

Size

Total Lines	125
Code Lines	78

Duplication

Lines	34
Ratio	27.2 %

Importance

Changes

Metric	Value
cc	21
eloc	78
nc	237
nop	6
dl	34
loc	125
rs	3.8256
c	0
b	0
f	0

How to fix Long Method Complexity

<?php

/**
 * CodeIgniter
 *
 * An open source application development framework for PHP
 *
 * This content is released under the MIT License (MIT)
 *
 * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * @package	CodeIgniter
 * @author	EllisLab Dev Team
 * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
 * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
 * @license	http://opensource.org/licenses/MIT	MIT License
 * @link	http://codeigniter.com
 * @since	Version 3.0.0
 * @filesource
 */
defined('BASEPATH') OR exit('No direct script access allowed');

/**
 * PHP ext/hash compatibility package
 *
 * @package		CodeIgniter
 * @subpackage	CodeIgniter
 * @category	Compatibility
 * @author		Andrey Andreev
 * @link		http://codeigniter.com/user_guide/
 * @link		http://php.net/hash
 */

// ------------------------------------------------------------------------

if (is_php('5.6'))
{
	return;
}

// ------------------------------------------------------------------------

if ( ! function_exists('hash_equals'))
{
	/**
	 * hash_equals()
	 *
	 * @link	http://php.net/hash_equals
	 * @param	string	$known_string
	 * @param	string	$user_string
	 * @return	bool
	 */
	function hash_equals($known_string, $user_string)
	{
		if ( ! is_string($known_string))
		{
			trigger_error('hash_equals(): Expected known_string to be a string, '.strtolower(gettype($known_string)).' given', E_USER_WARNING);
			return FALSE;
		}
		elseif ( ! is_string($user_string))
		{
			trigger_error('hash_equals(): Expected user_string to be a string, '.strtolower(gettype($user_string)).' given', E_USER_WARNING);
			return FALSE;
		}
		elseif (($length = strlen($known_string)) !== strlen($user_string))
		{
			return FALSE;
		}

		$diff = 0;
		for ($i = 0; $i < $length; $i++)
		{
			$diff |= ord($known_string[$i]) ^ ord($user_string[$i]);
		}

		return ($diff === 0);
	}
}

// ------------------------------------------------------------------------

if (is_php('5.5'))
{
	return;
}

// ------------------------------------------------------------------------

if ( ! function_exists('hash_pbkdf2'))
{
	/**
	 * hash_pbkdf2()
	 *
	 * @link	http://php.net/hash_pbkdf2
	 * @param	string	$algo
	 * @param	string	$password
	 * @param	string	$salt
	 * @param	int	$iterations
	 * @param	int	$length
	 * @param	bool	$raw_output
	 * @return	string
	 */
	function hash_pbkdf2($algo, $password, $salt, $iterations, $length = 0, $raw_output = FALSE)
	{
		if ( ! in_array($algo, hash_algos(), TRUE))
		{
			trigger_error('hash_pbkdf2(): Unknown hashing algorithm: '.$algo, E_USER_WARNING);
			return FALSE;
		}

		if (($type = gettype($iterations)) !== 'integer')
		{
			if ($type === 'object' && method_exists($iterations, '__toString'))
			{
				$iterations = (string) $iterations;
			}

			if (is_string($iterations) && is_numeric($iterations))
			{
				$iterations = (int) $iterations;
			}
			else
			{
				trigger_error('hash_pbkdf2() expects parameter 4 to be long, '.$type.' given', E_USER_WARNING);
				return NULL;
			}
		}

		if ($iterations < 1)
		{
			trigger_error('hash_pbkdf2(): Iterations must be a positive integer: '.$iterations, E_USER_WARNING);
			return FALSE;
		}

		if (($type = gettype($length)) !== 'integer')
		{
			if ($type === 'object' && method_exists($length, '__toString'))
			{
				$length = (string) $length;
			}

			if (is_string($length) && is_numeric($length))
			{
				$length = (int) $length;
			}
			else
			{
				trigger_error('hash_pbkdf2() expects parameter 5 to be long, '.$type.' given', E_USER_WARNING);
				return NULL;
			}
		}

		if ($length < 0)
		{
			trigger_error('hash_pbkdf2(): Length must be greater than or equal to 0: '.$length, E_USER_WARNING);
			return FALSE;
		}

		$hash_length = strlen(hash($algo, NULL, TRUE));
		empty($length) && $length = $hash_length;

		// Pre-hash password inputs longer than the algorithm's block size
		// (i.e. prepare HMAC key) to mitigate potential DoS attacks.
		static $block_sizes;
		empty($block_sizes) && $block_sizes = array(
			'gost' => 32,
			'haval128,3' => 128,
			'haval160,3' => 128,
			'haval192,3' => 128,
			'haval224,3' => 128,
			'haval256,3' => 128,
			'haval128,4' => 128,
			'haval160,4' => 128,
			'haval192,4' => 128,
			'haval224,4' => 128,
			'haval256,4' => 128,
			'haval128,5' => 128,
			'haval160,5' => 128,
			'haval192,5' => 128,
			'haval224,5' => 128,
			'haval256,5' => 128,
			'md2' => 16,
			'md4' => 64,
			'md5' => 64,
			'ripemd128' => 64,
			'ripemd160' => 64,
			'ripemd256' => 64,
			'ripemd320' => 64,
			'salsa10' => 64,
			'salsa20' => 64,
			'sha1' => 64,
			'sha224' => 64,
			'sha256' => 64,
			'sha384' => 128,
			'sha512' => 128,
			'snefru' => 32,
			'snefru256' => 32,
			'tiger128,3' => 64,
			'tiger160,3' => 64,
			'tiger192,3' => 64,
			'tiger128,4' => 64,
			'tiger160,4' => 64,
			'tiger192,4' => 64,
			'whirlpool' => 64
		);

		if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo])
		{
			$password = hash($algo, $password, TRUE);
		}

		$hash = '';
		// Note: Blocks are NOT 0-indexed
		for ($bc = ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++)
		{
			$key = $derived_key = hash_hmac($algo, $salt.pack('N', $bi), $password, TRUE);
			for ($i = 1; $i < $iterations; $i++)
			{
				$derived_key ^= $key = hash_hmac($algo, $key, $password, TRUE);
			}

			$hash .= $derived_key;
		}

		// This is not RFC-compatible, but we're aiming for natural PHP compatibility
		return substr($raw_output ? $hash : bin2hex($hash), 0, $length);
	}
}


1		<?php
		0 ignored issues – show Coding Style Compatibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 70 and the first side effect is on line 38. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2		/**
3		* CodeIgniter
4		*
5		* An open source application development framework for PHP
6		*
7		* This content is released under the MIT License (MIT)
8		*
9		* Copyright (c) 2014 - 2015, British Columbia Institute of Technology
10		*
11		* Permission is hereby granted, free of charge, to any person obtaining a copy
12		* of this software and associated documentation files (the "Software"), to deal
13		* in the Software without restriction, including without limitation the rights
14		* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15		* copies of the Software, and to permit persons to whom the Software is
16		* furnished to do so, subject to the following conditions:
17		*
18		* The above copyright notice and this permission notice shall be included in
19		* all copies or substantial portions of the Software.
20		*
21		* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22		* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23		* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24		* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25		* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26		* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27		* THE SOFTWARE.
28		*
29		* @package CodeIgniter
30		* @author EllisLab Dev Team
31		* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
32		* @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
33		* @license http://opensource.org/licenses/MIT MIT License
34		* @link http://codeigniter.com
35		* @since Version 3.0.0
36		* @filesource
37		*/
38		defined('BASEPATH') OR exit('No direct script access allowed');
39
40		/**
41		* PHP ext/hash compatibility package
42		*
43		* @package CodeIgniter
44		* @subpackage CodeIgniter
45		* @category Compatibility
46		* @author Andrey Andreev
47		* @link http://codeigniter.com/user_guide/
48		* @link http://php.net/hash
49		*/
50
51		// ------------------------------------------------------------------------
52
53		if (is_php('5.6'))
54		{
55		return;
56		}
57
58		// ------------------------------------------------------------------------
59
60		if ( ! function_exists('hash_equals'))
61		{
62		/**
63		* hash_equals()
64		*
65		* @link http://php.net/hash_equals
66		* @param string $known_string
67		* @param string $user_string
68		* @return bool
69		*/
70		function hash_equals($known_string, $user_string)
71		{
72		if ( ! is_string($known_string))
73		{
74		trigger_error('hash_equals(): Expected known_string to be a string, '.strtolower(gettype($known_string)).' given', E_USER_WARNING);
75		return FALSE;
76		}
77		elseif ( ! is_string($user_string))
78		{
79		trigger_error('hash_equals(): Expected user_string to be a string, '.strtolower(gettype($user_string)).' given', E_USER_WARNING);
80		return FALSE;
81		}
82		elseif (($length = strlen($known_string)) !== strlen($user_string))
83		{
84		return FALSE;
85		}
86
87		$diff = 0;
88		for ($i = 0; $i < $length; $i++)
89		{
90		$diff \|= ord($known_string[$i]) ^ ord($user_string[$i]);
91		}
92
93		return ($diff === 0);
94		}
95		}
96
97		// ------------------------------------------------------------------------
98
99		if (is_php('5.5'))
100		{
101		return;
102		}
103
104		// ------------------------------------------------------------------------
105
106		if ( ! function_exists('hash_pbkdf2'))
107		{
108		/**
109		* hash_pbkdf2()
110		*
111		* @link http://php.net/hash_pbkdf2
112		* @param string $algo
113		* @param string $password
114		* @param string $salt
115		* @param int $iterations
116		* @param int $length
117		* @param bool $raw_output
118		* @return string
119		*/
120		function hash_pbkdf2($algo, $password, $salt, $iterations, $length = 0, $raw_output = FALSE)
121		{
122		if ( ! in_array($algo, hash_algos(), TRUE))
123		{
124		trigger_error('hash_pbkdf2(): Unknown hashing algorithm: '.$algo, E_USER_WARNING);
125		return FALSE;
126		}
127
128	View Code Duplication	if (($type = gettype($iterations)) !== 'integer')
129		{
130		if ($type === 'object' && method_exists($iterations, '__toString'))
131		{
132		$iterations = (string) $iterations;
133		}
134
135		if (is_string($iterations) && is_numeric($iterations))
136		{
137		$iterations = (int) $iterations;
138		}
139		else
140		{
141		trigger_error('hash_pbkdf2() expects parameter 4 to be long, '.$type.' given', E_USER_WARNING);
142		return NULL;
143		}
144		}
145
146		if ($iterations < 1)
147		{
148		trigger_error('hash_pbkdf2(): Iterations must be a positive integer: '.$iterations, E_USER_WARNING);
149		return FALSE;
150		}
151
152	View Code Duplication	if (($type = gettype($length)) !== 'integer')
153		{
154		if ($type === 'object' && method_exists($length, '__toString'))
155		{
156		$length = (string) $length;
157		}
158
159		if (is_string($length) && is_numeric($length))
160		{
161		$length = (int) $length;
162		}
163		else
164		{
165		trigger_error('hash_pbkdf2() expects parameter 5 to be long, '.$type.' given', E_USER_WARNING);
166		return NULL;
167		}
168		}
169
170		if ($length < 0)
171		{
172		trigger_error('hash_pbkdf2(): Length must be greater than or equal to 0: '.$length, E_USER_WARNING);
173		return FALSE;
174		}
175
176		$hash_length = strlen(hash($algo, NULL, TRUE));
177		empty($length) && $length = $hash_length;
178
179		// Pre-hash password inputs longer than the algorithm's block size
180		// (i.e. prepare HMAC key) to mitigate potential DoS attacks.
181		static $block_sizes;
182		empty($block_sizes) && $block_sizes = array(
183		'gost' => 32,
184		'haval128,3' => 128,
185		'haval160,3' => 128,
186		'haval192,3' => 128,
187		'haval224,3' => 128,
188		'haval256,3' => 128,
189		'haval128,4' => 128,
190		'haval160,4' => 128,
191		'haval192,4' => 128,
192		'haval224,4' => 128,
193		'haval256,4' => 128,
194		'haval128,5' => 128,
195		'haval160,5' => 128,
196		'haval192,5' => 128,
197		'haval224,5' => 128,
198		'haval256,5' => 128,
199		'md2' => 16,
200		'md4' => 64,
201		'md5' => 64,
202		'ripemd128' => 64,
203		'ripemd160' => 64,
204		'ripemd256' => 64,
205		'ripemd320' => 64,
206		'salsa10' => 64,
207		'salsa20' => 64,
208		'sha1' => 64,
209		'sha224' => 64,
210		'sha256' => 64,
211		'sha384' => 128,
212		'sha512' => 128,
213		'snefru' => 32,
214		'snefru256' => 32,
215		'tiger128,3' => 64,
216		'tiger160,3' => 64,
217		'tiger192,3' => 64,
218		'tiger128,4' => 64,
219		'tiger160,4' => 64,
220		'tiger192,4' => 64,
221		'whirlpool' => 64
222		);
223
224		if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo])
225		{
226		$password = hash($algo, $password, TRUE);
227		}
228
229		$hash = '';
230		// Note: Blocks are NOT 0-indexed
231		for ($bc = ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++)
232		{
233		$key = $derived_key = hash_hmac($algo, $salt.pack('N', $bi), $password, TRUE);
234		for ($i = 1; $i < $iterations; $i++)
235		{
236		$derived_key ^= $key = hash_hmac($algo, $key, $password, TRUE);
237		}
238
239		$hash .= $derived_key;
240		}
241
242		// This is not RFC-compatible, but we're aiming for natural PHP compatibility
243		return substr($raw_output ? $hash : bin2hex($hash), 0, $length);
244		}
245		}
246

ci-bonfire / Sprint

GitHub Access Token became invalid

Push — develop ( e54387...b62a26 )

hash.php ➔ hash_pbkdf2() F

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like