HasBaseEncryption::getDecryptedValue() - Code Metrics - Inspection of "fix aad + add tests" - lekoala/silverstripe-encrypt - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 1d51bb...57a30c )

by Thomas

created 2023-05-31 10:43 UTC

HasBaseEncryption::getDecryptedValue() A

↳ Parent: HasBaseEncryption

Complexity

Conditions	2
Paths	2

Size

Total Lines	6
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	3
c	1
b	0
f	0
dl	0
loc	6
rs	10
cc	2
nc	2
nop	0

<?php

namespace LeKoala\Encrypt;

use Exception;
use SilverStripe\ORM\DataObject;
use ParagonIE\CipherSweet\EncryptedField;
use ParagonIE\CipherSweet\Exception\InvalidCiphertextException;

trait HasBaseEncryption
{
    /**
     * @var Exception
     */
    protected $encryptionException;

    /**
     * @var string
     */
    protected $encryptionAad = '';

    /**
     * @var string
     */
    protected $previousEncryptionAad = '';

    /**
     * @return Exception
     */
    public function getEncryptionException()
    {
        return $this->encryptionException;
    }

    /**
     * @param CipherSweet $engine
filter:
    dependency_paths: ["lib/*"]
     * @return EncryptedField
     */
    public function getEncryptedField($engine = null)
    {
        if ($engine === null) {
            $engine = EncryptHelper::getCipherSweet();
        }
        $encryptedField = new EncryptedField($engine, $this->tableName, $this->name);
        return $encryptedField;
    }

    /**
     * Decrypt current value using underlying EncryptedField instance
     *
     * @return string
     */
    public function getDecryptedValue()
    {
        if (EncryptHelper::isEncrypted($this->value)) {
            return $this->decryptValue($this->value);
        }
        return $this->value;
    }

    /**
     * @param DataObject $record
     * @return void
     */
    protected function setEncryptionAad($record)
    {
        $field = EncryptHelper::getAadSource();
        if (!$field) {
            return;
        }
        if ($record && isset($record->$field)) {
            $this->encryptionAad = (string)$record->$field;
        }
    }

    /**
     * Decrypt a value using underlying EncryptedField instance
     *
     * @param string $value
     * @return string
     */
    protected function decryptValue($value)
    {
        if (!$value) {
            return $value;
        }
        if (!EncryptHelper::isEncrypted($value)) {
            return $value;
        }
        $decrypted = null;

        $aad = $this->encryptionAad;
        try {
            $decrypted = $this->getEncryptedField()->decryptValue($value, $aad);
        } catch (InvalidCiphertextException $ex) {
            $this->encryptionException = $ex;
            // rotate backend ?
            if (EncryptHelper::getAutomaticRotation()) {
                $encryption = EncryptHelper::getEncryption($value);
                $engine = EncryptHelper::getEngineForEncryption($encryption);
                $oldEncryptedField = $this->getEncryptedField($engine);
                $decrypted = $oldEncryptedField->decryptValue($value, $aad);
            } else {
                $decrypted = $value;
            }
        } catch (Exception $ex) {
            // This is a temporary fix for records written with AAD enabled but saved improperly
            // This is not needed if resetFieldValues is used
            if ($ex->getMessage() == "Invalid ciphertext" && $aad) {
                try {
                    $decrypted = $this->getEncryptedField()->decryptValue($value, "0");
                } catch (Exception $ex) {
                    $this->encryptionException = $ex;
                }
            } else {
                $this->encryptionException = $ex;
            }
        }
        return $decrypted;
    }
}


1			<?php
2
3			namespace LeKoala\Encrypt;
4
5			use Exception;
6			use SilverStripe\ORM\DataObject;
7			use ParagonIE\CipherSweet\EncryptedField;
8			use ParagonIE\CipherSweet\Exception\InvalidCiphertextException;
9
10			trait HasBaseEncryption
11			{
12			/**
13			* @var Exception
14			*/
15			protected $encryptionException;
16
17			/**
18			* @var string
19			*/
20			protected $encryptionAad = '';
21
22			/**
23			* @var string
24			*/
25			protected $previousEncryptionAad = '';
26
27			/**
28			* @return Exception
29			*/
30			public function getEncryptionException()
31			{
32			return $this->encryptionException;
33			}
34
35			/**
36			* @param CipherSweet $engine
			0 ignored issues – show Bug introduced 2020-12-15 11:14 UTC by Report Bug Copy Issue Report The type `LeKoala\Encrypt\CipherSweet` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
37			* @return EncryptedField
38			*/
39			public function getEncryptedField($engine = null)
40			{
41			if ($engine === null) {
42			$engine = EncryptHelper::getCipherSweet();
43			}
44			$encryptedField = new EncryptedField($engine, $this->tableName, $this->name);
45			return $encryptedField;
46			}
47
48			/**
49			* Decrypt current value using underlying EncryptedField instance
50			*
51			* @return string
52			*/
53			public function getDecryptedValue()
54			{
55			if (EncryptHelper::isEncrypted($this->value)) {
56			return $this->decryptValue($this->value);
57			}
58			return $this->value;
59			}
60
61			/**
62			* @param DataObject $record
63			* @return void
64			*/
65			protected function setEncryptionAad($record)
66			{
67			$field = EncryptHelper::getAadSource();
68			if (!$field) {
69			return;
70			}
71			if ($record && isset($record->$field)) {
72			$this->encryptionAad = (string)$record->$field;
73			}
74			}
75
76			/**
77			* Decrypt a value using underlying EncryptedField instance
78			*
79			* @param string $value
80			* @return string
81			*/
82			protected function decryptValue($value)
83			{
84			if (!$value) {
85			return $value;
86			}
87			if (!EncryptHelper::isEncrypted($value)) {
88			return $value;
89			}
90			$decrypted = null;
			0 ignored issues – show Unused Code introduced 2021-07-12 12:25 UTC by Report Bug Copy Issue Report The assignment to `$decrypted` is dead and can be removed. Loading history...
91			$aad = $this->encryptionAad;
92			try {
93			$decrypted = $this->getEncryptedField()->decryptValue($value, $aad);
94			} catch (InvalidCiphertextException $ex) {
95			$this->encryptionException = $ex;
96			// rotate backend ?
97			if (EncryptHelper::getAutomaticRotation()) {
98			$encryption = EncryptHelper::getEncryption($value);
99			$engine = EncryptHelper::getEngineForEncryption($encryption);
100			$oldEncryptedField = $this->getEncryptedField($engine);
101			$decrypted = $oldEncryptedField->decryptValue($value, $aad);
102			} else {
103			$decrypted = $value;
104			}
105			} catch (Exception $ex) {
106			// This is a temporary fix for records written with AAD enabled but saved improperly
107			// This is not needed if resetFieldValues is used
108			if ($ex->getMessage() == "Invalid ciphertext" && $aad) {
109			try {
110			$decrypted = $this->getEncryptedField()->decryptValue($value, "0");
111			} catch (Exception $ex) {
112			$this->encryptionException = $ex;
113			}
114			} else {
115			$this->encryptionException = $ex;
116			}
117			}
118			return $decrypted;
119			}
120			}
121

lekoala / silverstripe-encrypt

Push — master ( 1d51bb...57a30c )

HasBaseEncryption::getDecryptedValue() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like