Signer::encrypt() - Code Metrics - Inspection of "[since: v3.1.4] 07-May-2018 - fix for php 5.6" - plinker-rpc/core - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( fad20c...da5feb )

by Lawrence

created 2018-05-07 23:15 UTC

Signer::encrypt() A

↳ Parent: Signer

Complexity

Conditions	1
Paths	1

Size

Total Lines	10
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
cc	1
eloc	6
nc	1
nop	2
dl	0
loc	10
rs	9.4285
c	0
b	0
f	0
ccs	0
cts	0
cp	0
crap	2

<?php
/*
 +------------------------------------------------------------------------+
 | Plinker-RPC PHP                                                        |
 +------------------------------------------------------------------------+
 | Copyright (c)2017-2018 (https://github.com/plinker-rpc/core)           |
 +------------------------------------------------------------------------+
 | This source file is subject to MIT License                             |
 | that is bundled with this package in the file LICENSE.                 |
 |                                                                        |
 | If you did not receive a copy of the license and are unable to         |
 | obtain it through the world-wide-web, please send an email             |
 | to [email protected] so we can send you a copy immediately.        |
 +------------------------------------------------------------------------+
 | Authors: Lawrence Cherone <[email protected]>                     |
 +------------------------------------------------------------------------+
 */

namespace Plinker\Core\Lib;

/**
 * Plinker\Core\Lib\Signer
 */
final class Signer
{
    /**
     * @var
     */
    private $config;

    /**
     * Class construct
     *
     * @param  array  $config  - config array which holds object configuration
     * @return void
     */
    public function __construct($config = [])
    {
        //
        $this->config = array_merge([
            "secret" => null
        ], $config);

        // hash secret
        if (isset($this->config["secret"])) {
            $this->config["secret"] = hash("sha256", gmdate("h").$this->config["secret"]);
        }
    }

    /**
     * @codeCoverageIgnore
     */
    private function encrypt($plaintext, $password)
    {
        $method     = "AES-256-CBC";
        $key        = (string) hash("sha256", $password, true);
        $iv         = (string) openssl_random_pseudo_bytes(16);
        $ciphertext = (string) openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);

        $hash = (string) hash_hmac("sha256", $ciphertext, $key, true);

        return base64_encode($iv . $hash . $ciphertext);
    }

    /**
     * @codeCoverageIgnore
     */
    private function decrypt($ciphertext, $password)
    {
        $ciphertext    = base64_decode($ciphertext);

        $method     = "AES-256-CBC";
        $iv         = substr($ciphertext, 0, 16);
        $hash       = substr($ciphertext, 16, 32);
        $ciphertext = substr($ciphertext, 48);
        $key        = (string) hash("sha256", $password, true);

        if (hash_hmac("sha256", $ciphertext, $key, true) !== $hash) {
            return null;
        }

        return openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
    }

    /**
     * Sign and encrypt into payload array.
     *
     * @codeCoverageIgnore
     *
     * @return array
     */
    public function encode($data)
    {
        $data = serialize($data);

        return [
            "data"  => $this->encrypt($data, $this->config["secret"]),
            "token" => hash_hmac(
                "sha256",
                $data,
                $this->config["secret"]
            )
        ];
    }

    /**
     * Decrypt, verify and unserialize payload.
     *
     * @codeCoverageIgnore
     *
     * @return mixed
     */
    public function decode($data)
    {
        $data["data"] = $this->decrypt($data["data"], $this->config["secret"]);

        if (hash_hmac(
            "sha256",
            $data["data"],
            $this->config["secret"]
        ) == $data["token"]) {
            return unserialize($data["data"]);
        } else {
            throw new \Exception('Failed to verify payload');
        }
    }
}


1		<?php
2		/*
3		+------------------------------------------------------------------------+
4		\| Plinker-RPC PHP \|
5		+------------------------------------------------------------------------+
6		\| Copyright (c)2017-2018 (https://github.com/plinker-rpc/core) \|
7		+------------------------------------------------------------------------+
8		\| This source file is subject to MIT License \|
9		\| that is bundled with this package in the file LICENSE. \|
10		\| \|
11		\| If you did not receive a copy of the license and are unable to \|
12		\| obtain it through the world-wide-web, please send an email \|
13		\| to [email protected] so we can send you a copy immediately. \|
14		+------------------------------------------------------------------------+
15		\| Authors: Lawrence Cherone <[email protected]> \|
16		+------------------------------------------------------------------------+
17		*/
18
19		namespace Plinker\Core\Lib;
20
21		/**
22		* Plinker\Core\Lib\Signer
23		*/
24		final class Signer
25		{
26		/**
27		* @var
28		*/
29		private $config;
30
31		/**
32		* Class construct
33		*
34		* @param array $config - config array which holds object configuration
35		* @return void
36		*/
37	2	public function __construct($config = [])
38		{
39		//
40	2	$this->config = array_merge([
41	2	"secret" => null
42	2	], $config);
43
44		// hash secret
45	2	if (isset($this->config["secret"])) {
46	2	$this->config["secret"] = hash("sha256", gmdate("h").$this->config["secret"]);
47		}
48	2	}
49
50		/**
51		* @codeCoverageIgnore
52		*/
53		private function encrypt($plaintext, $password)
54		{
55		$method = "AES-256-CBC";
56		$key = (string) hash("sha256", $password, true);
57		$iv = (string) openssl_random_pseudo_bytes(16);
58		$ciphertext = (string) openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);
59
60		$hash = (string) hash_hmac("sha256", $ciphertext, $key, true);
61
62		return base64_encode($iv . $hash . $ciphertext);
63		}
64
65		/**
66		* @codeCoverageIgnore
67		*/
68		private function decrypt($ciphertext, $password)
69		{
70		$ciphertext = base64_decode($ciphertext);
71
72		$method = "AES-256-CBC";
73		$iv = substr($ciphertext, 0, 16);
74		$hash = substr($ciphertext, 16, 32);
75		$ciphertext = substr($ciphertext, 48);
76		$key = (string) hash("sha256", $password, true);
77
78		if (hash_hmac("sha256", $ciphertext, $key, true) !== $hash) {
79		return null;
80		}
81
82		return openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
83		}
84
85		/**
86		* Sign and encrypt into payload array.
87		*
88		* @codeCoverageIgnore
89		*
90		* @return array
91		*/
92		public function encode($data)
93		{
94		$data = serialize($data);
95
96		return [
97		"data" => $this->encrypt($data, $this->config["secret"]),
98		"token" => hash_hmac(
99		"sha256",
100		$data,
101		$this->config["secret"]
102		)
103		];
104		}
105
106		/**
107		* Decrypt, verify and unserialize payload.
108		*
109		* @codeCoverageIgnore
110		*
111		* @return mixed
112		*/
113		public function decode($data)
114		{
115		$data["data"] = $this->decrypt($data["data"], $this->config["secret"]);
116
117		if (hash_hmac(
118		"sha256",
119		$data["data"],
120		$this->config["secret"]
121		) == $data["token"]) {
122		return unserialize($data["data"]);
123		} else {
124		throw new \Exception('Failed to verify payload');
125		}
126		}
127		}
128

plinker-rpc / core

Push — master ( fad20c...da5feb )

Signer::encrypt() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like