JWA - Code Metrics - sop/jwx - Measure and Improve Code Quality continuously with Scrutinizer

JWA A
last analyzed 2022-09-07 10:08 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	218
Duplicated Lines	0 %

Test Coverage

Coverage

100%

Importance

Changes

Metric	Value
wmc	7
eloc	50
dl	0
loc	218
ccs	13
cts	13
cp	1
rs	10
c	0
b	0
f	0

1 Method

Rating	Name	Duplication	Size	Complexity
B	deriveAlgorithmName()	0	20	7

<?php

declare(strict_types = 1);

namespace Sop\JWX\JWA;

use Sop\JWX\JWK\JWK;
use Sop\JWX\JWT\Header\Header;

/**
 * Container for the algorithm name contants.
 *
 * @see http://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
 * @see http://www.iana.org/assignments/jose/jose.xhtml#web-encryption-compression-algorithms
 */
abstract class JWA
{
    /**
     * HMAC using SHA-256.
     */
    public const ALGO_HS256 = 'HS256';

    /**
     * HMAC using SHA-384.
     */
    public const ALGO_HS384 = 'HS384';

    /**
     * HMAC using SHA-512.
     */
    public const ALGO_HS512 = 'HS512';

    /**
     * RSASSA-PKCS1-v1_5 using SHA-256.
     */
    public const ALGO_RS256 = 'RS256';

    /**
     * RSASSA-PKCS1-v1_5 using SHA-384.
     */
    public const ALGO_RS384 = 'RS384';

    /**
     * RSASSA-PKCS1-v1_5 using SHA-512.
     */
    public const ALGO_RS512 = 'RS512';

    /**
     * ECDSA using P-256 and SHA-256.
     */
    public const ALGO_ES256 = 'ES256';

    /**
     * ECDSA using P-384 and SHA-384.
     */
    public const ALGO_ES384 = 'ES384';

    /**
     * ECDSA using P-521 and SHA-512.
     */
    public const ALGO_ES512 = 'ES512';

    /**
     * RSASSA-PSS using SHA-256 and MGF1 with SHA-256.
     */
    public const ALGO_PS256 = 'PS256';

    /**
     * RSASSA-PSS using SHA-384 and MGF1 with SHA-384.
     */
    public const ALGO_PS384 = 'PS384';

    /**
     * RSASSA-PSS using SHA-512 and MGF1 with SHA-512.
     */
    public const ALGO_PS512 = 'PS512';

    /**
     * No digital signature or MAC performed.
     */
    public const ALGO_NONE = 'none';

    /**
     * RSAES-PKCS1-v1_5.
     */
    public const ALGO_RSA1_5 = 'RSA1_5';

    /**
     * RSAES OAEP using default parameters.
     */
    public const ALGO_RSA_OAEP = 'RSA-OAEP';

    /**
     * RSAES OAEP using SHA-256 and MGF1 with SHA-256.
     */
    public const ALGO_RSA_OAEP256 = 'RSA-OAEP-256';

    /**
     * AES Key Wrap using 128-bit key.
     */
    public const ALGO_A128KW = 'A128KW';

    /**
     * AES Key Wrap using 192-bit key.
     */
    public const ALGO_A192KW = 'A192KW';

    /**
     * AES Key Wrap using 256-bit key.
     */
    public const ALGO_A256KW = 'A256KW';

    /**
     * Direct use of a shared symmetric key.
     */
    public const ALGO_DIR = 'dir';

    /**
     * ECDH-ES using Concat KDF.
     */
    public const ALGO_ECDH_ES = 'ECDH-ES';

    /**
     * ECDH-ES using Concat KDF and "A128KW" wrapping.
     */
    public const ALGO_ECDH_ES_A128KW = 'ECDH-ES+A128KW';

    /**
     * ECDH-ES using Concat KDF and "A192KW" wrapping.
     */
    public const ALGO_ECDH_ES_A192KW = 'ECDH-ES+A192KW';

    /**
     * ECDH-ES using Concat KDF and "A256KW" wrapping.
     */
    public const ALGO_ECDH_ES_A256KW = 'ECDH-ES+A256KW';

    /**
     * Key wrapping with AES GCM using 128-bit key.
     */
    public const ALGO_A128GCMKW = 'A128GCMKW';

    /**
     * Key wrapping with AES GCM using 192-bit key.
     */
    public const ALGO_A192GCMKW = 'A192GCMKW';

    /**
     * Key wrapping with AES GCM using 256-bit key.
     */
    public const ALGO_A256GCMKW = 'A256GCMKW';

    /**
     * PBES2 with HMAC SHA-256 and "A128KW" wrapping.
     */
    public const ALGO_PBES2_HS256_A128KW = 'PBES2-HS256+A128KW';

    /**
     * PBES2 with HMAC SHA-384 and "A192KW" wrapping.
     */
    public const ALGO_PBES2_HS384_A192KW = 'PBES2-HS384+A192KW';

    /**
     * PBES2 with HMAC SHA-512 and "A256KW" wrapping.
     */
    public const ALGO_PBES2_HS512_A256KW = 'PBES2-HS512+A256KW';

    /**
     * AES_128_CBC_HMAC_SHA_256 authenticated encryption algorithm.
     */
    public const ALGO_A128CBC_HS256 = 'A128CBC-HS256';

    /**
     * AES_192_CBC_HMAC_SHA_384 authenticated encryption algorithm.
     */
    public const ALGO_A192CBC_HS384 = 'A192CBC-HS384';

    /**
     * AES_256_CBC_HMAC_SHA_512 authenticated encryption algorithm.
     */
    public const ALGO_A256CBC_HS512 = 'A256CBC-HS512';

    /**
     * AES GCM using 128-bit key.
     */
    public const ALGO_A128GCM = 'A128GCM';

    /**
     * AES GCM using 192-bit key.
     */
    public const ALGO_A192GCM = 'A192GCM';

    /**
     * AES GCM using 256-bit key.
     */
    public const ALGO_A256GCM = 'A256GCM';

    /**
     * DEFLATE compression.
     */
    public const ALGO_DEFLATE = 'DEF';

    /**
     * Derive algorithm name from the header and optionally from the given JWK.
     *
     * @param Header $header Header
     * @param JWK    $jwk    Optional JWK
     *
     * @throws \UnexpectedValueException if algorithm parameter is not present
     *                                   or header and JWK algorithms differ
     *
     * @return string Algorithm name
     */
    public static function deriveAlgorithmName(Header $header, ?JWK $jwk = null): string
    {
        if ($header->hasAlgorithm()) {
            $alg = $header->algorithm()->value();
        }
        // if JWK is set, and has an algorithm parameter
        if (isset($jwk) && $jwk->hasAlgorithmParameter()) {
            $jwk_alg = $jwk->algorithmParameter()->value();
            // check that algorithms match
            if (isset($alg) && $alg !== $jwk_alg) {
                throw new \UnexpectedValueException(
                    "JWK algorithm '{$jwk_alg}' doesn't match" .
                         " the header's algorithm '{$alg}'.");
            }
            $alg = $jwk_alg;
        }
        if (!isset($alg)) {
            throw new \UnexpectedValueException('No algorithm parameter.');
        }
        return $alg;
    }
}


1		<?php
2
3		declare(strict_types = 1);
4
5		namespace Sop\JWX\JWA;
6
7		use Sop\JWX\JWK\JWK;
8		use Sop\JWX\JWT\Header\Header;
9
10		/**
11		* Container for the algorithm name contants.
12		*
13		* @see http://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
14		* @see http://www.iana.org/assignments/jose/jose.xhtml#web-encryption-compression-algorithms
15		*/
16		abstract class JWA
17		{
18		/**
19		* HMAC using SHA-256.
20		*/
21		public const ALGO_HS256 = 'HS256';
22
23		/**
24		* HMAC using SHA-384.
25		*/
26		public const ALGO_HS384 = 'HS384';
27
28		/**
29		* HMAC using SHA-512.
30		*/
31		public const ALGO_HS512 = 'HS512';
32
33		/**
34		* RSASSA-PKCS1-v1_5 using SHA-256.
35		*/
36		public const ALGO_RS256 = 'RS256';
37
38		/**
39		* RSASSA-PKCS1-v1_5 using SHA-384.
40		*/
41		public const ALGO_RS384 = 'RS384';
42
43		/**
44		* RSASSA-PKCS1-v1_5 using SHA-512.
45		*/
46		public const ALGO_RS512 = 'RS512';
47
48		/**
49		* ECDSA using P-256 and SHA-256.
50		*/
51		public const ALGO_ES256 = 'ES256';
52
53		/**
54		* ECDSA using P-384 and SHA-384.
55		*/
56		public const ALGO_ES384 = 'ES384';
57
58		/**
59		* ECDSA using P-521 and SHA-512.
60		*/
61		public const ALGO_ES512 = 'ES512';
62
63		/**
64		* RSASSA-PSS using SHA-256 and MGF1 with SHA-256.
65		*/
66		public const ALGO_PS256 = 'PS256';
67
68		/**
69		* RSASSA-PSS using SHA-384 and MGF1 with SHA-384.
70		*/
71		public const ALGO_PS384 = 'PS384';
72
73		/**
74		* RSASSA-PSS using SHA-512 and MGF1 with SHA-512.
75		*/
76		public const ALGO_PS512 = 'PS512';
77
78		/**
79		* No digital signature or MAC performed.
80		*/
81		public const ALGO_NONE = 'none';
82
83		/**
84		* RSAES-PKCS1-v1_5.
85		*/
86		public const ALGO_RSA1_5 = 'RSA1_5';
87
88		/**
89		* RSAES OAEP using default parameters.
90		*/
91		public const ALGO_RSA_OAEP = 'RSA-OAEP';
92
93		/**
94		* RSAES OAEP using SHA-256 and MGF1 with SHA-256.
95		*/
96		public const ALGO_RSA_OAEP256 = 'RSA-OAEP-256';
97
98		/**
99		* AES Key Wrap using 128-bit key.
100		*/
101		public const ALGO_A128KW = 'A128KW';
102
103		/**
104		* AES Key Wrap using 192-bit key.
105		*/
106		public const ALGO_A192KW = 'A192KW';
107
108		/**
109		* AES Key Wrap using 256-bit key.
110		*/
111		public const ALGO_A256KW = 'A256KW';
112
113		/**
114		* Direct use of a shared symmetric key.
115		*/
116		public const ALGO_DIR = 'dir';
117
118		/**
119		* ECDH-ES using Concat KDF.
120		*/
121		public const ALGO_ECDH_ES = 'ECDH-ES';
122
123		/**
124		* ECDH-ES using Concat KDF and "A128KW" wrapping.
125		*/
126		public const ALGO_ECDH_ES_A128KW = 'ECDH-ES+A128KW';
127
128		/**
129		* ECDH-ES using Concat KDF and "A192KW" wrapping.
130		*/
131		public const ALGO_ECDH_ES_A192KW = 'ECDH-ES+A192KW';
132
133		/**
134		* ECDH-ES using Concat KDF and "A256KW" wrapping.
135		*/
136		public const ALGO_ECDH_ES_A256KW = 'ECDH-ES+A256KW';
137
138		/**
139		* Key wrapping with AES GCM using 128-bit key.
140		*/
141		public const ALGO_A128GCMKW = 'A128GCMKW';
142
143		/**
144		* Key wrapping with AES GCM using 192-bit key.
145		*/
146		public const ALGO_A192GCMKW = 'A192GCMKW';
147
148		/**
149		* Key wrapping with AES GCM using 256-bit key.
150		*/
151		public const ALGO_A256GCMKW = 'A256GCMKW';
152
153		/**
154		* PBES2 with HMAC SHA-256 and "A128KW" wrapping.
155		*/
156		public const ALGO_PBES2_HS256_A128KW = 'PBES2-HS256+A128KW';
157
158		/**
159		* PBES2 with HMAC SHA-384 and "A192KW" wrapping.
160		*/
161		public const ALGO_PBES2_HS384_A192KW = 'PBES2-HS384+A192KW';
162
163		/**
164		* PBES2 with HMAC SHA-512 and "A256KW" wrapping.
165		*/
166		public const ALGO_PBES2_HS512_A256KW = 'PBES2-HS512+A256KW';
167
168		/**
169		* AES_128_CBC_HMAC_SHA_256 authenticated encryption algorithm.
170		*/
171		public const ALGO_A128CBC_HS256 = 'A128CBC-HS256';
172
173		/**
174		* AES_192_CBC_HMAC_SHA_384 authenticated encryption algorithm.
175		*/
176		public const ALGO_A192CBC_HS384 = 'A192CBC-HS384';
177
178		/**
179		* AES_256_CBC_HMAC_SHA_512 authenticated encryption algorithm.
180		*/
181		public const ALGO_A256CBC_HS512 = 'A256CBC-HS512';
182
183		/**
184		* AES GCM using 128-bit key.
185		*/
186		public const ALGO_A128GCM = 'A128GCM';
187
188		/**
189		* AES GCM using 192-bit key.
190		*/
191		public const ALGO_A192GCM = 'A192GCM';
192
193		/**
194		* AES GCM using 256-bit key.
195		*/
196		public const ALGO_A256GCM = 'A256GCM';
197
198		/**
199		* DEFLATE compression.
200		*/
201		public const ALGO_DEFLATE = 'DEF';
202
203		/**
204		* Derive algorithm name from the header and optionally from the given JWK.
205		*
206		* @param Header $header Header
207		* @param JWK $jwk Optional JWK
208		*
209		* @throws \UnexpectedValueException if algorithm parameter is not present
210		* or header and JWK algorithms differ
211		*
212		* @return string Algorithm name
213		*/
214	65	public static function deriveAlgorithmName(Header $header, ?JWK $jwk = null): string
215		{
216	65	if ($header->hasAlgorithm()) {
217	54	$alg = $header->algorithm()->value();
218		}
219		// if JWK is set, and has an algorithm parameter
220	65	if (isset($jwk) && $jwk->hasAlgorithmParameter()) {
221	18	$jwk_alg = $jwk->algorithmParameter()->value();
222		// check that algorithms match
223	18	if (isset($alg) && $alg !== $jwk_alg) {
224	1	throw new \UnexpectedValueException(
225	1	"JWK algorithm '{$jwk_alg}' doesn't match" .
226	1	" the header's algorithm '{$alg}'.");
227		}
228	17	$alg = $jwk_alg;
229		}
230	64	if (!isset($alg)) {
231	3	throw new \UnexpectedValueException('No algorithm parameter.');
232		}
233	61	return $alg;
234		}
235		}
236

sop / jwx

GitHub Access Token became invalid

JWA A last analyzed 2022-09-07 10:08 UTC

Complexity

Size/Duplication

Test Coverage

Importance

1 Method

Duplication Side-by-Side

Filter issues like

JWA A
last analyzed 2022-09-07 10:08 UTC