Security::decryptElement() - Code Metrics - Inspection of "Implement XML encryption" - simplesamlphp/xml-security - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#26)

by Jaime Pérez

created 2022-01-01 23:36 UTC

Security::decryptElement() A

↳ Parent: Project

Complexity

Conditions	2
Paths	2

Size

Total Lines	14
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	2
eloc	4
c	1
b	0
f	0
nc	2
nop	3
dl	0
loc	14
rs	10

<?php

declare(strict_types=1);

namespace SimpleSAML\XMLSecurity\Utils;

use SimpleSAML\XMLSecurity\Constants as C;
use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException;

use function hash_equals;

/**
 * A collection of security-related functions.
 *
 * @package simplesamlphp/xml-security
 */
class Security
{
    /**
     * Compare two strings in constant time.
     *
     * This function allows us to compare two given strings without any timing side channels
     * leaking information about them.
     *
     * @param string $known The reference string.
     * @param string $user The user-provided string to test.
     *
     * @return bool True if both strings are equal, false otherwise.
     */
    public static function compareStrings(string $known, string $user): bool
    {
        return hash_equals($known, $user);
    }


    /**
     * Compute the hash for some data with a given algorithm.
     *
     * @param string $alg The identifier of the algorithm to use.
     * @param string $data The data to digest.
     * @param bool $encode Whether to bas64-encode the result or not. Defaults to true.
     *
     * @return string The (binary or base64-encoded) digest corresponding to the given data.
     *
     * @throws \SimpleSAML\XMLSecurity\Exception\InvalidArgumentException If $alg is not a valid
     *   identifier of a supported digest algorithm.
     */
    public static function hash(string $alg, string $data, bool $encode = true): string
    {
        if (!array_key_exists($alg, C::$DIGEST_ALGORITHMS)) {
            throw new InvalidArgumentException('Unsupported digest method "' . $alg . '"');
        }

        $digest = hash(C::$DIGEST_ALGORITHMS[$alg], $data, true);
        if ($encode) {
            $digest = base64_encode($digest);
        }
        return $digest;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\XMLSecurity\Utils;
6
7			use SimpleSAML\XMLSecurity\Constants as C;
8			use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException;
9
10			use function hash_equals;
11
12			/**
13			* A collection of security-related functions.
14			*
15			* @package simplesamlphp/xml-security
16			*/
17			class Security
18			{
19			/**
20			* Compare two strings in constant time.
21			*
22			* This function allows us to compare two given strings without any timing side channels
23			* leaking information about them.
24			*
25			* @param string $known The reference string.
26			* @param string $user The user-provided string to test.
27			*
28			* @return bool True if both strings are equal, false otherwise.
29			*/
30			public static function compareStrings(string $known, string $user): bool
31			{
32			return hash_equals($known, $user);
33			}
34
35
36			/**
37			* Compute the hash for some data with a given algorithm.
38			*
39			* @param string $alg The identifier of the algorithm to use.
40			* @param string $data The data to digest.
41			* @param bool $encode Whether to bas64-encode the result or not. Defaults to true.
42			*
43			* @return string The (binary or base64-encoded) digest corresponding to the given data.
44			*
45			* @throws \SimpleSAML\XMLSecurity\Exception\InvalidArgumentException If $alg is not a valid
46			* identifier of a supported digest algorithm.
47			*/
48			public static function hash(string $alg, string $data, bool $encode = true): string
49			{
50			if (!array_key_exists($alg, C::$DIGEST_ALGORITHMS)) {
51			throw new InvalidArgumentException('Unsupported digest method "' . $alg . '"');
52			}
53
54			$digest = hash(C::$DIGEST_ALGORITHMS[$alg], $data, true);
55			if ($encode) {
56			$digest = base64_encode($digest);
57			}
58			return $digest;
59			}
60			}
61

simplesamlphp / xml-security

Pull Request — master (#26)

Security::decryptElement() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like