OpenSSL::getStrength() - Code Metrics - ircmaxell/RandomLib - Measure and Improve Code Quality continuously with Scrutinizer

OpenSSL::getStrength() B
last analyzed 2016-09-07 16:00 UTC

↳ Parent: OpenSSL

Complexity

Conditions	6
Paths	4

Size

Total Lines	31
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes	4
Bugs	0	Features	1

Metric	Value
c	4
b	0
f	1
dl	0
loc	31
rs	8.439
cc	6
eloc	8
nc	4
nop	0

<?php

/*
 * The RandomLib library for securely generating random numbers and strings in PHP
 *
 * @author     Anthony Ferrara <[email protected]>
 * @copyright  2011 The Authors
 * @license    http://www.opensource.org/licenses/mit-license.html  MIT License
 * @version    Build @@version@@
 */

/**
 * The OpenSSL Random Number Source
 *
 * This uses the OS's secure generator to generate high strength numbers
 *
 * PHP version 5.3
 *
 * @category   PHPCryptLib
 * @package    Random
 * @subpackage Source
 *
 * @author     Anthony Ferrara <[email protected]>
 * @copyright  2011 The Authors
 * @license    http://www.opensource.org/licenses/mit-license.html  MIT License
 *
 * @version    Build @@version@@
 */
namespace RandomLib\Source;

use SecurityLib\Strength;

/**
 * The OpenSSL Random Number Source
 *
 * This uses the OS's secure generator to generate high strength numbers
 *
 * @category   PHPCryptLib
 * @package    Random
 * @subpackage Source
 *
 * @author     Anthony Ferrara <[email protected]>
 * @codeCoverageIgnore
 */
class OpenSSL extends \RandomLib\AbstractSource
{

    /**
     * Return an instance of Strength indicating the strength of the source
     *
     * @return \SecurityLib\Strength An instance of one of the strength classes
     */
    public static function getStrength()
    {
        /**
         * Prior to PHP 5.6.12 (see https://bugs.php.net/bug.php?id=70014) the "openssl_random_pseudo_bytes"
         * was using "RAND_pseudo_bytes" (predictable) instead of "RAND_bytes" (unpredictable).
         * Release notes: http://php.net/ChangeLog-5.php#5.6.12
         */
        if (PHP_VERSION_ID >= 50612) {
            return new Strength(Strength::HIGH);
        }
        
        /**
         * Prior to PHP 5.5.28 (see https://bugs.php.net/bug.php?id=70014) the "openssl_random_pseudo_bytes"
         * was using "RAND_pseudo_bytes" (predictable) instead of "RAND_bytes" (unpredictable).
         * Release notes: http://php.net/ChangeLog-5.php#5.5.28
         */
        if (PHP_VERSION_ID >= 50528 && PHP_VERSION_ID < 50600) {
            return new Strength(Strength::HIGH);
        }
        
        /**
         * Prior to PHP 5.4.44 (see https://bugs.php.net/bug.php?id=70014) the "openssl_random_pseudo_bytes"
         * was using "RAND_pseudo_bytes" (predictable) instead of "RAND_bytes" (unpredictable).
         * Release notes: http://php.net/ChangeLog-5.php#5.4.44
         */
        if (PHP_VERSION_ID >= 50444 && PHP_VERSION_ID < 50500) {
            return new Strength(Strength::HIGH);
        }
        
        return new Strength(Strength::MEDIUM);
    }

    /**
     * If the source is currently available.
     * Reasons might be because the library is not installed
     *
     * @return bool
     */
    public static function isSupported()
    {
        return function_exists('openssl_random_pseudo_bytes');
    }

    /**
     * Generate a random string of the specified size
     *
     * @param int $size The size of the requested random string
     *
     * @return string A string of the requested size
     */
    public function generate($size)
    {
        if ($size < 1) {
            return str_repeat(chr(0), $size);
        }
        /**
         * Note, normally we would check the return of of $crypto_strong to
         * ensure that we generated a good random string.  However, since we're
         * using this as one part of many sources a low strength random number
         * shouldn't be much of an issue.
         */
        return openssl_random_pseudo_bytes($size);
    }
}


1			<?php
2
3			/*
4			* The RandomLib library for securely generating random numbers and strings in PHP
5			*
6			* @author Anthony Ferrara <[email protected]>
7			* @copyright 2011 The Authors
8			* @license http://www.opensource.org/licenses/mit-license.html MIT License
9			* @version Build @@version@@
10			*/
11
12			/**
13			* The OpenSSL Random Number Source
14			*
15			* This uses the OS's secure generator to generate high strength numbers
16			*
17			* PHP version 5.3
18			*
19			* @category PHPCryptLib
20			* @package Random
21			* @subpackage Source
22			*
23			* @author Anthony Ferrara <[email protected]>
24			* @copyright 2011 The Authors
25			* @license http://www.opensource.org/licenses/mit-license.html MIT License
26			*
27			* @version Build @@version@@
28			*/
29			namespace RandomLib\Source;
30
31			use SecurityLib\Strength;
32
33			/**
34			* The OpenSSL Random Number Source
35			*
36			* This uses the OS's secure generator to generate high strength numbers
37			*
38			* @category PHPCryptLib
39			* @package Random
40			* @subpackage Source
41			*
42			* @author Anthony Ferrara <[email protected]>
43			* @codeCoverageIgnore
44			*/
45			class OpenSSL extends \RandomLib\AbstractSource
46			{
47
48			/**
49			* Return an instance of Strength indicating the strength of the source
50			*
51			* @return \SecurityLib\Strength An instance of one of the strength classes
52			*/
53			public static function getStrength()
54			{
55			/**
56			* Prior to PHP 5.6.12 (see https://bugs.php.net/bug.php?id=70014) the "openssl_random_pseudo_bytes"
57			* was using "RAND_pseudo_bytes" (predictable) instead of "RAND_bytes" (unpredictable).
58			* Release notes: http://php.net/ChangeLog-5.php#5.6.12
59			*/
60			if (PHP_VERSION_ID >= 50612) {
61			return new Strength(Strength::HIGH);
62			}
63
64			/**
65			* Prior to PHP 5.5.28 (see https://bugs.php.net/bug.php?id=70014) the "openssl_random_pseudo_bytes"
66			* was using "RAND_pseudo_bytes" (predictable) instead of "RAND_bytes" (unpredictable).
67			* Release notes: http://php.net/ChangeLog-5.php#5.5.28
68			*/
69			if (PHP_VERSION_ID >= 50528 && PHP_VERSION_ID < 50600) {
70			return new Strength(Strength::HIGH);
71			}
72
73			/**
74			* Prior to PHP 5.4.44 (see https://bugs.php.net/bug.php?id=70014) the "openssl_random_pseudo_bytes"
75			* was using "RAND_pseudo_bytes" (predictable) instead of "RAND_bytes" (unpredictable).
76			* Release notes: http://php.net/ChangeLog-5.php#5.4.44
77			*/
78			if (PHP_VERSION_ID >= 50444 && PHP_VERSION_ID < 50500) {
79			return new Strength(Strength::HIGH);
80			}
81
82			return new Strength(Strength::MEDIUM);
83			}
84
85			/**
86			* If the source is currently available.
87			* Reasons might be because the library is not installed
88			*
89			* @return bool
90			*/
91			public static function isSupported()
92			{
93			return function_exists('openssl_random_pseudo_bytes');
94			}
95
96			/**
97			* Generate a random string of the specified size
98			*
99			* @param int $size The size of the requested random string
100			*
101			* @return string A string of the requested size
102			*/
103			public function generate($size)
104			{
105			if ($size < 1) {
106			return str_repeat(chr(0), $size);
107			}
108			/**
109			* Note, normally we would check the return of of $crypto_strong to
110			* ensure that we generated a good random string. However, since we're
111			* using this as one part of many sources a low strength random number
112			* shouldn't be much of an issue.
113			*/
114			return openssl_random_pseudo_bytes($size);
115			}
116			}
117

ircmaxell / RandomLib

OpenSSL::getStrength() B last analyzed 2016-09-07 16:00 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

OpenSSL::getStrength() B
last analyzed 2016-09-07 16:00 UTC