These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Copyright 2015 OpenStack Foundation |
||
4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
5 | * you may not use this file except in compliance with the License. |
||
6 | * You may obtain a copy of the License at |
||
7 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
8 | * Unless required by applicable law or agreed to in writing, software |
||
9 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
10 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
11 | * See the License for the specific language governing permissions and |
||
12 | * limitations under the License. |
||
13 | **/ |
||
14 | |||
15 | namespace jwe\impl; |
||
16 | |||
17 | use jwa\cryptographic_algorithms\content_encryption\ContentEncryptionAlgorithm; |
||
18 | use jwa\cryptographic_algorithms\EncryptionAlgorithm; |
||
19 | use jwe\KeyManagementModeValues; |
||
20 | use security\Key; |
||
21 | use utils\services\Utils_Registry; |
||
22 | |||
23 | /** |
||
24 | * Class ContentEncryptionKeyFactory |
||
25 | * |
||
26 | * Creates the CEK |
||
27 | * |
||
28 | * @package jwe\impl |
||
29 | */ |
||
30 | final class ContentEncryptionKeyFactory |
||
31 | { |
||
32 | |||
33 | /** |
||
34 | * @param Key $management_key |
||
35 | * @param $key_management_mode |
||
36 | * @param ContentEncryptionAlgorithm $enc |
||
37 | * @return Key |
||
38 | * @throws \Exception |
||
39 | */ |
||
40 | static public function build(Key $management_key, $key_management_mode, ContentEncryptionAlgorithm $enc) |
||
0 ignored issues
–
show
Coding Style
introduced
by
Loading history...
|
|||
41 | { |
||
42 | |||
43 | $cek = null; |
||
0 ignored issues
–
show
$cek is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
44 | |||
45 | switch ($key_management_mode) { |
||
46 | /** |
||
47 | * When Key Wrapping, Key Encryption, or Key Agreement with Key |
||
48 | * Wrapping are employed, generate a random CEK value |
||
49 | */ |
||
50 | case KeyManagementModeValues::KeyWrapping: |
||
51 | case KeyManagementModeValues::KeyEncryption: |
||
52 | case KeyManagementModeValues::KeyAgreementWithKeyWrapping: |
||
0 ignored issues
–
show
CASE statements must be defined using a colon
As per the PSR-2 coding standard, case statements should not be wrapped in curly braces.
There is no need for braces, since each case is terminated by the next switch ($expr) {
case "A": { //wrong
doSomething();
break;
}
case "B": //right
doSomething();
break;
}
To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.
Loading history...
|
|||
53 | { |
||
54 | // calculate it |
||
55 | $generator = Utils_Registry::getInstance()->get(Utils_Registry::RandomNumberGeneratorService); |
||
56 | /** |
||
57 | * The CEK MUST have a length equal to that required for the |
||
58 | * content encryption algorithm. |
||
59 | */ |
||
60 | $rnd = $generator->invoke($enc->getMinKeyLen()/8); |
||
0 ignored issues
–
show
The call to
IService::invoke() has too many arguments starting with $enc->getMinKeyLen() / 8 .
This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the
Loading history...
|
|||
61 | $cek = new _ContentEncryptionKey($enc->getName(), 'RAW', $rnd); |
||
62 | } |
||
63 | break; |
||
64 | case KeyManagementModeValues::DirectEncryption: |
||
0 ignored issues
–
show
CASE statements must be defined using a colon
As per the PSR-2 coding standard, case statements should not be wrapped in curly braces.
There is no need for braces, since each case is terminated by the next switch ($expr) {
case "A": { //wrong
doSomething();
break;
}
case "B": //right
doSomething();
break;
}
To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.
Loading history...
|
|||
65 | { |
||
66 | $cek = $management_key; |
||
67 | } |
||
68 | break; |
||
69 | case KeyManagementModeValues::DirectKeyAgreement: |
||
0 ignored issues
–
show
CASE statements must be defined using a colon
As per the PSR-2 coding standard, case statements should not be wrapped in curly braces.
There is no need for braces, since each case is terminated by the next switch ($expr) {
case "A": { //wrong
doSomething();
break;
}
case "B": //right
doSomething();
break;
}
To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.
Loading history...
|
|||
70 | { |
||
71 | throw new \Exception('unsupported KKM!'); |
||
72 | } |
||
73 | break; |
||
0 ignored issues
–
show
break; does not seem to be reachable.
This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed. Unreachable code is most often the result of function fx() {
try {
doSomething();
return true;
}
catch (\Exception $e) {
return false;
}
return false;
}
In the above example, the last
Loading history...
|
|||
74 | default: |
||
0 ignored issues
–
show
DEFAULT statements must be defined using a colon
As per the PSR-2 coding standard, default statements should not be wrapped in curly braces. switch ($expr) {
default: { //wrong
doSomething();
break;
}
}
switch ($expr) {
default: //right
doSomething();
break;
}
To learn more about the PSR-2 coding standard, please refer to the PHP-Fig.
Loading history...
|
|||
75 | { |
||
76 | throw new \Exception('unsupported KKM!'); |
||
77 | } |
||
78 | break; |
||
0 ignored issues
–
show
break; does not seem to be reachable.
This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed. Unreachable code is most often the result of function fx() {
try {
doSomething();
return true;
}
catch (\Exception $e) {
return false;
}
return false;
}
In the above example, the last
Loading history...
|
|||
79 | } |
||
80 | return $cek; |
||
81 | } |
||
82 | |||
83 | /** |
||
84 | * @param string $value |
||
85 | * @param EncryptionAlgorithm $alg |
||
86 | * @return Key |
||
87 | */ |
||
88 | static public function fromRaw($value, EncryptionAlgorithm $alg){ |
||
0 ignored issues
–
show
|
|||
89 | return new _ContentEncryptionKey($alg->getName(), 'RAW', $value); |
||
90 | } |
||
91 | } |