CryptographyService::verifyPublicKey() - Code Metrics - Inspection of "Verify paths to private and public key [closes #23..." - slevomat/eet-client - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 70be8d...b5e6ba )

by Jan

created 2020-02-17 17:01 UTC

CryptographyService::verifyPublicKey() A

↳ Parent: CryptographyService

Complexity

Conditions	3
Paths	3

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	12

Importance

Changes

Metric	Value
dl	0
loc	12
ccs	0
cts	0
cp	0
rs	9.8666
c	0
b	0
f	0
cc	3
nc	3
nop	1
crap	12

<?php declare(strict_types = 1);

namespace SlevomatEET\Cryptography;

use DOMDocument;
use RobRichards\WsePhp\WSSESoap;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecurityKey;
use const OPENSSL_ALGO_SHA256;
use function is_file;

class CryptographyService
{

	/** @var string */
	private $privateKeyFile;

	/** @var string */
	private $privateKeyPassword;

	/** @var string */
	private $publicKeyFile;

	/** @var bool */
	private $publicKeyVerified;

	public function __construct(string $privateKeyFile, string $publicKeyFile, string $privateKeyPassword = '')
	{
		if (!is_file($privateKeyFile)) {
			throw new PrivateKeyFileNotFoundException($privateKeyFile);
		}
		if (!is_file($publicKeyFile)) {
			throw new PublicKeyFileNotFoundException($publicKeyFile);
		}
		$this->privateKeyFile = $privateKeyFile;
		$this->publicKeyFile = $publicKeyFile;
		$this->privateKeyPassword = $privateKeyPassword;
	}

	/**
	 * @param mixed[] $body
	 * @return string
	 */
	public function getPkpCode(array $body): string
	{
		$values = [
			$body['dic_popl'],
			$body['id_provoz'],
			$body['id_pokl'],
			$body['porad_cis'],
			$body['dat_trzby'],
			$body['celk_trzba'],
		];

		$plaintext = implode('|', $values);

		$privateKey = (string) file_get_contents($this->privateKeyFile);
		$privateKeyId = openssl_pkey_get_private($privateKey, $this->privateKeyPassword);
		if ($privateKeyId === false) {
			throw new PrivateKeyFileException($this->privateKeyFile);
		}

		$ok = openssl_sign($plaintext, $signature, $privateKeyId, OPENSSL_ALGO_SHA256);
		if (!$ok) {
			throw new SigningFailedException($values);
		}

		openssl_free_key($privateKeyId);

		return $signature;
	}

	public function getBkpCode(string $pkpCode): string
	{
		$bkp = strtoupper(sha1($pkpCode));

		return implode('-', str_split($bkp, 8));
	}

	public function addWSESignature(string $request): string
	{
		$publicKey = (string) file_get_contents($this->publicKeyFile);
		$this->verifyPublicKey($publicKey);
		$securityKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, ['type' => 'private']);
		$document = new DOMDocument('1.0');
		$document->loadXML($request);
		$wse = new WSSESoap($document);
		$securityKey->passphrase = $this->privateKeyPassword;
		$securityKey->loadKey($this->privateKeyFile, true);
		$wse->addTimestamp();
		$wse->signSoapDoc($securityKey, ['algorithm' => XMLSecurityDSig::SHA256]);
		$binaryToken = $wse->addBinaryToken($publicKey);
		$wse->attachTokentoSig($binaryToken);

		return $wse->saveXML();
	}

	private function verifyPublicKey(string $fileContents): void
	{
		if ($this->publicKeyVerified) {
			return;
		}
		$publicKeyResource = openssl_get_publickey($fileContents);
		if ($publicKeyResource === false) {
			throw new InvalidPublicKeyException($this->publicKeyFile, (string) openssl_error_string());
		}
		openssl_free_key($publicKeyResource);
		$this->publicKeyVerified = true;
	}

}


1		<?php declare(strict_types = 1);
2
3		namespace SlevomatEET\Cryptography;
4
5		use DOMDocument;
6		use RobRichards\WsePhp\WSSESoap;
7		use RobRichards\XMLSecLibs\XMLSecurityDSig;
8		use RobRichards\XMLSecLibs\XMLSecurityKey;
9		use const OPENSSL_ALGO_SHA256;
10		use function is_file;
11
12		class CryptographyService
13		{
14
15		/** @var string */
16		private $privateKeyFile;
17
18		/** @var string */
19		private $privateKeyPassword;
20
21		/** @var string */
22	6	private $publicKeyFile;
23
24	6	/** @var bool */
25	6	private $publicKeyVerified;
26	6
27	6	public function __construct(string $privateKeyFile, string $publicKeyFile, string $privateKeyPassword = '')
28		{
29		if (!is_file($privateKeyFile)) {
30		throw new PrivateKeyFileNotFoundException($privateKeyFile);
31		}
32		if (!is_file($publicKeyFile)) {
33	3	throw new PublicKeyFileNotFoundException($publicKeyFile);
34		}
35		$this->privateKeyFile = $privateKeyFile;
36	3	$this->publicKeyFile = $publicKeyFile;
37	3	$this->privateKeyPassword = $privateKeyPassword;
38	3	}
39	3
40	3	/**
41	3	* @param mixed[] $body
42		* @return string
43		*/
44	3	public function getPkpCode(array $body): string
45		{
46	3	$values = [
47	3	$body['dic_popl'],
48	3	$body['id_provoz'],
49	1	$body['id_pokl'],
50		$body['porad_cis'],
51		$body['dat_trzby'],
52	2	$body['celk_trzba'],
53	2	];
54	1
55		$plaintext = implode('\|', $values);
56
57	1	$privateKey = (string) file_get_contents($this->privateKeyFile);
58		$privateKeyId = openssl_pkey_get_private($privateKey, $this->privateKeyPassword);
59	1	if ($privateKeyId === false) {
60		throw new PrivateKeyFileException($this->privateKeyFile);
61		}
62	1
63		$ok = openssl_sign($plaintext, $signature, $privateKeyId, OPENSSL_ALGO_SHA256);
64	1	if (!$ok) {
65		throw new SigningFailedException($values);
66	1	}
67
68		openssl_free_key($privateKeyId);
69	3
70		return $signature;
71	3	}
72	3
73	3	public function getBkpCode(string $pkpCode): string
74	3	{
75	3	$bkp = strtoupper(sha1($pkpCode));
76	3
77	3	return implode('-', str_split($bkp, 8));
78	3	}
79	2
80	2	public function addWSESignature(string $request): string
81		{
82	2	$publicKey = (string) file_get_contents($this->publicKeyFile);
83		$this->verifyPublicKey($publicKey);
84		$securityKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, ['type' => 'private']);
85		$document = new DOMDocument('1.0');
86		$document->loadXML($request);
87		$wse = new WSSESoap($document);
88		$securityKey->passphrase = $this->privateKeyPassword;
89		$securityKey->loadKey($this->privateKeyFile, true);
90		$wse->addTimestamp();
91		$wse->signSoapDoc($securityKey, ['algorithm' => XMLSecurityDSig::SHA256]);
92		$binaryToken = $wse->addBinaryToken($publicKey);
93		$wse->attachTokentoSig($binaryToken);
94
95		return $wse->saveXML();
96		}
97
98		private function verifyPublicKey(string $fileContents): void
99		{
100		if ($this->publicKeyVerified) {
101		return;
102		}
103		$publicKeyResource = openssl_get_publickey($fileContents);
104		if ($publicKeyResource === false) {
105		throw new InvalidPublicKeyException($this->publicKeyFile, (string) openssl_error_string());
106		}
107		openssl_free_key($publicKeyResource);
108		$this->publicKeyVerified = true;
109		}
110
111		}
112

slevomat / eet-client

Push — master ( 70be8d...b5e6ba )

CryptographyService::verifyPublicKey() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like