Signer::decrypt() - Code Metrics - Inspection of "Merge branch 'master' of https://github.com/plinke..." - plinker-rpc/core - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 3aaf31...f42553 )

by Lawrence

created 2018-01-28 00:24 UTC

Signer::decrypt() A

↳ Parent: Signer

Complexity

Conditions	2
Paths	2

Size

Total Lines	15
Code Lines	9

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	6

Importance

Changes

Metric	Value
cc	2
eloc	9
nc	2
nop	2
dl	0
loc	15
ccs	0
cts	12
cp	0
crap	6
rs	9.4285
c	0
b	0
f	0

<?php
/*
 +------------------------------------------------------------------------+
 | Plinker-RPC PHP                                                        |
 +------------------------------------------------------------------------+
 | Copyright (c)2017-2018 (https://github.com/plinker-rpc/core)           |
 +------------------------------------------------------------------------+
 | This source file is subject to MIT License                             |
 | that is bundled with this package in the file LICENSE.                 |
 |                                                                        |
 | If you did not receive a copy of the license and are unable to         |
 | obtain it through the world-wide-web, please send an email             |
 | to [email protected] so we can send you a copy immediately.        |
 +------------------------------------------------------------------------+
 | Authors: Lawrence Cherone <[email protected]>                     |
 +------------------------------------------------------------------------+
 */

namespace Plinker\Core\Lib;

/**
 * Plinker\Core\Lib\Signer
 */
final class Signer
{
    /**
     * @var
     */
    private $config;

    /**
     * Class construct
     *
     * @param  array  $config  - config array which holds object configuration
     * @return void
     */
    public function __construct($config = [])
    {
        //
        $this->config = array_merge([
            "secret" => null
        ], $config);

        // hash secret
        if (isset($this->config["secret"])) {
            $this->config["secret"] = hash("sha256", gmdate("h").$this->config["secret"]);
        }
    }

    /**
     *
     */
    private function encrypt($plaintext, $password)
    {
        $method     = "AES-256-CBC";
        $key        = (string) hash("sha256", $password, true);
        $iv         = (string) openssl_random_pseudo_bytes(16);
        $ciphertext = (string) openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);

        $hash = (string) hash_hmac("sha256", $ciphertext, $key, true);

        return base64_encode($iv . $hash . $ciphertext);
    }

    /**
     *
     */
    private function decrypt($ciphertext, $password)
    {
        $ciphertext    = base64_decode($ciphertext);

        $method     = "AES-256-CBC";
        $iv         = substr($ciphertext, 0, 16);
        $hash       = substr($ciphertext, 16, 32);
        $ciphertext = substr($ciphertext, 48);
        $key        = (string) hash("sha256", $password, true);

        if (hash_hmac("sha256", $ciphertext, $key, true) !== $hash) {
            return null;
        }

        return openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
    }

    /**
     *
     */
    public function encode($data)
    {
        $data = serialize($data);

        return [
            "data"  => $this->encrypt($data, $this->config["secret"]),
            "token" => hash_hmac(
                "sha256",
                $data,
                $this->config["secret"]
            )
        ];
    }

    /**
     *
     */
    public function decode($data)
    {
        $data["data"] = $this->decrypt($data["data"], $this->config["secret"]);

        //
        if (hash_hmac(
            "sha256",
            $data["data"],
            $this->config["secret"]
        ) == $data["token"]) {
            return (array) unserialize($data["data"]);
        } else {
            return null;
        }
    }
}


1			<?php
2			/*
3			+------------------------------------------------------------------------+
4			\| Plinker-RPC PHP \|
5			+------------------------------------------------------------------------+
6			\| Copyright (c)2017-2018 (https://github.com/plinker-rpc/core) \|
7			+------------------------------------------------------------------------+
8			\| This source file is subject to MIT License \|
9			\| that is bundled with this package in the file LICENSE. \|
10			\| \|
11			\| If you did not receive a copy of the license and are unable to \|
12			\| obtain it through the world-wide-web, please send an email \|
13			\| to [email protected] so we can send you a copy immediately. \|
14			+------------------------------------------------------------------------+
15			\| Authors: Lawrence Cherone <[email protected]> \|
16			+------------------------------------------------------------------------+
17			*/
18
19			namespace Plinker\Core\Lib;
20
21			/**
22			* Plinker\Core\Lib\Signer
23			*/
24			final class Signer
25			{
26			/**
27			* @var
28			*/
29			private $config;
30
31			/**
32			* Class construct
33			*
34			* @param array $config - config array which holds object configuration
35			* @return void
36			*/
37			public function __construct($config = [])
38			{
39			//
40			$this->config = array_merge([
41			"secret" => null
42			], $config);
43
44			// hash secret
45			if (isset($this->config["secret"])) {
46			$this->config["secret"] = hash("sha256", gmdate("h").$this->config["secret"]);
47			}
48			}
49
50			/**
51			*
52			*/
53			private function encrypt($plaintext, $password)
54			{
55			$method = "AES-256-CBC";
56			$key = (string) hash("sha256", $password, true);
57			$iv = (string) openssl_random_pseudo_bytes(16);
58			$ciphertext = (string) openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);
59
60			$hash = (string) hash_hmac("sha256", $ciphertext, $key, true);
61
62			return base64_encode($iv . $hash . $ciphertext);
63			}
64
65			/**
66			*
67			*/
68			private function decrypt($ciphertext, $password)
69			{
70			$ciphertext = base64_decode($ciphertext);
71
72			$method = "AES-256-CBC";
73			$iv = substr($ciphertext, 0, 16);
74			$hash = substr($ciphertext, 16, 32);
75			$ciphertext = substr($ciphertext, 48);
76			$key = (string) hash("sha256", $password, true);
77
78			if (hash_hmac("sha256", $ciphertext, $key, true) !== $hash) {
79			return null;
80			}
81
82			return openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
83			}
84
85			/**
86			*
87			*/
88			public function encode($data)
89			{
90			$data = serialize($data);
91
92			return [
93			"data" => $this->encrypt($data, $this->config["secret"]),
94			"token" => hash_hmac(
95			"sha256",
96			$data,
97			$this->config["secret"]
98			)
99			];
100			}
101
102			/**
103			*
104			*/
105			public function decode($data)
106			{
107			$data["data"] = $this->decrypt($data["data"], $this->config["secret"]);
108
109			//
110			if (hash_hmac(
111			"sha256",
112			$data["data"],
113			$this->config["secret"]
114			) == $data["token"]) {
115			return (array) unserialize($data["data"]);
116			} else {
117			return null;
118			}
119			}
120			}
121

plinker-rpc / core

Push — master ( 3aaf31...f42553 )

Signer::decrypt() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like