ECDSAAlgorithm - Code Metrics - Inspection of "Remove abstract constructor" - sop/jwx - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 74ce6a...af33f1 )

by Joni

created 2016-06-14 07:45 UTC

ECDSAAlgorithm A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	148
Duplicated Lines	16.22 %

Coupling/Cohesion

Components	1
Dependencies	9

Test Coverage

Coverage

100%

Importance

Changes

Metric	Value
wmc	14
c	0
b	0
f	0
lcom	1
cbo	9
dl	24
loc	148
ccs	51
cts	51
cp	1
rs	10

8 Methods

Rating	Name	Duplication	Size	Complexity
	_curveName()	0	1	?
A	__construct()	0	13	2
A	fromPublicKey()	0	3	1
A	fromPrivateKey()	0	3	1
B	fromJWK()	24	24	6
A	computeSignature()	0	9	1
A	validateSignature()	0	12	2
A	headerParameters()	0	3	1

How to fix Duplicated Code

<?php

namespace JWX\JWS\Algorithm;

use CryptoUtil\ASN1\EC\ECDSASigValue;
use CryptoUtil\Conversion\ECConversion;
use JWX\JWA\JWA;
use JWX\JWK\EC\ECPrivateKeyJWK;
use JWX\JWK\EC\ECPublicKeyJWK;
use JWX\JWK\JWK;
use JWX\JWK\Parameter\CurveParameter;
use JWX\JWT\Parameter\AlgorithmParameter;
use JWX\JWT\Parameter\JWTParameter;


/**
 * Base class for algorithms implementing elliptic curve signature computation.
 *
 * @link https://tools.ietf.org/html/rfc7518#section-3.4
 */
abstract class ECDSAAlgorithm extends OpenSSLSignatureAlgorithm
{
	/**
	 * Mapping from algorithm name to class name.
	 *
	 * @internal
	 *
	 * @var array
	 */
	const MAP_NAME_TO_CLASS = array(
		/* @formatter:off */
		JWA::ALGO_ES256 => ES256Algorithm::class,
		JWA::ALGO_ES384 => ES384Algorithm::class,
		JWA::ALGO_ES512 => ES512Algorithm::class
		/* @formatter:on */
	);
	
	/**
	 * Signature size in bytes.
	 *
	 * @var int
	 */
	private $_signatureSize;
	
	/**
	 * Get the name of the curve used by this algorithm.
	 *
	 * @return string
	 */
	abstract protected function _curveName();
	
	/**
	 * Constructor
	 *
	 * @param ECPublicKeyJWK $pub_key
	 * @param ECPrivateKeyJWK $priv_key
	 */
	protected function __construct(ECPublicKeyJWK $pub_key, 
			ECPrivateKeyJWK $priv_key = null) {
		$curve = $pub_key->curveParameter()->value();
		if ($this->_curveName() != $curve) {
			throw new \InvalidArgumentException(
				"Key with " . $this->_curveName() .
					 " curve expected, got $curve.");
		}
		$this->_publicKey = $pub_key;
		$this->_privateKey = $priv_key;
		$key_size = $pub_key->curveParameter()->keySizeBits();
		$this->_signatureSize = ceil($key_size / 8) * 2;
$answer = 42;

$correct = false;

$correct = (bool) $answer;
	}
	
	/**
	 * Initialize from a public key.
	 *
	 * @param ECPublicKeyJWK $jwk
	 * @return self
	 */
	public static function fromPublicKey(ECPublicKeyJWK $jwk) {
		return new static($jwk);
	}
	
	/**
	 * Initialize from a private key.
	 *
	 * @param ECPrivateKeyJWK $jwk
	 * @return self
	 */
	public static function fromPrivateKey(ECPrivateKeyJWK $jwk) {
		return new static($jwk->publicKey(), $jwk);
	}
	
	/**
	 * Initialize from a JWK.
	 *
	 * If algorithm is not specified, look from JWK.
	 *
	 * @param JWK $jwk
	 * @param string|null $alg Optional algorithm name
	 * @throws \UnexpectedValueException
	 * @return self
	 */
	public static function fromJWK(JWK $jwk, $alg = null) {

		// if algorithm is not explicitly given, consult JWK
		if (!isset($alg)) {
			if (!$jwk->hasAlgorithmParameter()) {
				throw new \UnexpectedValueException(
					"Missing algorithm parameter.");
			}
			$alg = $jwk->algorithmParameter()->value();
		}
		if (!array_key_exists($alg, self::MAP_NAME_TO_CLASS)) {
			throw new \UnexpectedValueException(
				"Algorithm '$alg' not supported.");
		}
		$cls = self::MAP_NAME_TO_CLASS[$alg];
		$params = ECPrivateKeyJWK::MANAGED_PARAMS;
		if ($jwk->has(...$params)) {
			return $cls::fromPrivateKey(ECPrivateKeyJWK::fromJWK($jwk));
		}
		$params = ECPublicKeyJWK::MANAGED_PARAMS;
		if ($jwk->has(...$params)) {
			return $cls::fromPublicKey(ECPublicKeyJWK::fromJWK($jwk));
		}
		throw new \UnexpectedValueException("Not an EC key.");
	}
	
	/**
	 *
	 * @see \JWX\JWS\Algorithm\OpenSSLSignatureAlgorithm::computeSignature()
	 * @return string
	 */
	public function computeSignature($data) {
		// OpenSSL returns ECDSA signature as a DER encoded ECDSA-Sig-Value
		$der = parent::computeSignature($data);
		$sig = ECDSASigValue::fromDER($der);
		$mlen = floor($this->_signatureSize / 2);
		$signature = ECConversion::numberToOctets($sig->r(), $mlen) .
			 ECConversion::numberToOctets($sig->s(), $mlen);
		return $signature;
	}
	
	/**
	 *
	 * @see \JWX\JWS\Algorithm\OpenSSLSignatureAlgorithm::validateSignature()
	 * @return bool
	 */
	public function validateSignature($data, $signature) {
		if (strlen($signature) != $this->_signatureSize) {
			throw new \UnexpectedValueException("Invalid signature length.");
		}
		list($r_octets, $s_octets) = str_split($signature, 
			floor($this->_signatureSize / 2));
		// convert signature to DER sequence for OpenSSL
		$r = ECConversion::octetsToNumber($r_octets);
		$s = ECConversion::octetsToNumber($s_octets);
		$sig = new ECDSASigValue($r, $s);
		return parent::validateSignature($data, $sig->toDER());
	}
	
	/**
	 *
	 * @see \JWX\JWT\Header\HeaderParameters::headerParameters()
	 * @return JWTParameter[]
	 */
	public function headerParameters() {
		return array(AlgorithmParameter::fromAlgorithm($this));
	}
}


1			<?php
2
3			namespace JWX\JWS\Algorithm;
4
5			use CryptoUtil\ASN1\EC\ECDSASigValue;
6			use CryptoUtil\Conversion\ECConversion;
7			use JWX\JWA\JWA;
8			use JWX\JWK\EC\ECPrivateKeyJWK;
9			use JWX\JWK\EC\ECPublicKeyJWK;
10			use JWX\JWK\JWK;
11			use JWX\JWK\Parameter\CurveParameter;
12			use JWX\JWT\Parameter\AlgorithmParameter;
13			use JWX\JWT\Parameter\JWTParameter;
14
15
16			/**
17			* Base class for algorithms implementing elliptic curve signature computation.
18			*
19			* @link https://tools.ietf.org/html/rfc7518#section-3.4
20			*/
21			abstract class ECDSAAlgorithm extends OpenSSLSignatureAlgorithm
22			{
23			/**
24			* Mapping from algorithm name to class name.
25			*
26			* @internal
27			*
28			* @var array
29			*/
30			const MAP_NAME_TO_CLASS = array(
31			/* @formatter:off */
32			JWA::ALGO_ES256 => ES256Algorithm::class,
33			JWA::ALGO_ES384 => ES384Algorithm::class,
34			JWA::ALGO_ES512 => ES512Algorithm::class
35			/* @formatter:on */
36			);
37
38			/**
39			* Signature size in bytes.
40			*
41			* @var int
42			*/
43			private $_signatureSize;
44
45			/**
46			* Get the name of the curve used by this algorithm.
47			*
48			* @return string
49			*/
50			abstract protected function _curveName();
51
52			/**
53			* Constructor
54			*
55			* @param ECPublicKeyJWK $pub_key
56			* @param ECPrivateKeyJWK $priv_key
57			*/
58	11		protected function __construct(ECPublicKeyJWK $pub_key,
59			ECPrivateKeyJWK $priv_key = null) {
60	11		$curve = $pub_key->curveParameter()->value();
61	11		if ($this->_curveName() != $curve) {
62	1		throw new \InvalidArgumentException(
63	1		"Key with " . $this->_curveName() .
64	1		" curve expected, got $curve.");
65			}
66	10		$this->_publicKey = $pub_key;
67	10		$this->_privateKey = $priv_key;
68	10		$key_size = $pub_key->curveParameter()->keySizeBits();
69	10		$this->_signatureSize = ceil($key_size / 8) * 2;
			0 ignored issues – show Documentation Bug introduced 2016-06-14 07:50 UTC by Report Bug Copy Issue Report The property `$_signatureSize` was declared of type `integer`, but `ceil($key_size / 8) * 2` is of type `double`. Maybe add a type cast? This check looks for assignments to scalar types that may be of the wrong type. To ensure the code behaves as expected, it may be a good idea to add an explicit type cast. $answer = 42; $correct = false; $correct = (bool) $answer; Loading history...
70	10		}
71
72			/**
73			* Initialize from a public key.
74			*
75			* @param ECPublicKeyJWK $jwk
76			* @return self
77			*/
78	5		public static function fromPublicKey(ECPublicKeyJWK $jwk) {
79	5		return new static($jwk);
80			}
81
82			/**
83			* Initialize from a private key.
84			*
85			* @param ECPrivateKeyJWK $jwk
86			* @return self
87			*/
88	6		public static function fromPrivateKey(ECPrivateKeyJWK $jwk) {
89	6		return new static($jwk->publicKey(), $jwk);
90			}
91
92			/**
93			* Initialize from a JWK.
94			*
95			* If algorithm is not specified, look from JWK.
96			*
97			* @param JWK $jwk
98			* @param string\|null $alg Optional algorithm name
99			* @throws \UnexpectedValueException
100			* @return self
101			*/
102	8	View Code Duplication	public static function fromJWK(JWK $jwk, $alg = null) {
			0 ignored issues – show Duplication introduced 2016-06-14 07:50 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
103			// if algorithm is not explicitly given, consult JWK
104	8		if (!isset($alg)) {
105	3		if (!$jwk->hasAlgorithmParameter()) {
106	1		throw new \UnexpectedValueException(
107	1		"Missing algorithm parameter.");
108			}
109	2		$alg = $jwk->algorithmParameter()->value();
110	2		}
111	7		if (!array_key_exists($alg, self::MAP_NAME_TO_CLASS)) {
112	1		throw new \UnexpectedValueException(
113	1		"Algorithm '$alg' not supported.");
114			}
115	6		$cls = self::MAP_NAME_TO_CLASS[$alg];
116	6		$params = ECPrivateKeyJWK::MANAGED_PARAMS;
117	6		if ($jwk->has(...$params)) {
118	3		return $cls::fromPrivateKey(ECPrivateKeyJWK::fromJWK($jwk));
119			}
120	3		$params = ECPublicKeyJWK::MANAGED_PARAMS;
121	3		if ($jwk->has(...$params)) {
122	2		return $cls::fromPublicKey(ECPublicKeyJWK::fromJWK($jwk));
123			}
124	1		throw new \UnexpectedValueException("Not an EC key.");
125			}
126
127			/**
128			*
129			* @see \JWX\JWS\Algorithm\OpenSSLSignatureAlgorithm::computeSignature()
130			* @return string
131			*/
132	4		public function computeSignature($data) {
133			// OpenSSL returns ECDSA signature as a DER encoded ECDSA-Sig-Value
134	4		$der = parent::computeSignature($data);
135	4		$sig = ECDSASigValue::fromDER($der);
136	4		$mlen = floor($this->_signatureSize / 2);
137	4		$signature = ECConversion::numberToOctets($sig->r(), $mlen) .
138	4		ECConversion::numberToOctets($sig->s(), $mlen);
139	4		return $signature;
140			}
141
142			/**
143			*
144			* @see \JWX\JWS\Algorithm\OpenSSLSignatureAlgorithm::validateSignature()
145			* @return bool
146			*/
147	5		public function validateSignature($data, $signature) {
148	5		if (strlen($signature) != $this->_signatureSize) {
149	1		throw new \UnexpectedValueException("Invalid signature length.");
150			}
151	4		list($r_octets, $s_octets) = str_split($signature,
152	4		floor($this->_signatureSize / 2));
153			// convert signature to DER sequence for OpenSSL
154	4		$r = ECConversion::octetsToNumber($r_octets);
155	4		$s = ECConversion::octetsToNumber($s_octets);
156	4		$sig = new ECDSASigValue($r, $s);
157	4		return parent::validateSignature($data, $sig->toDER());
158			}
159
160			/**
161			*
162			* @see \JWX\JWT\Header\HeaderParameters::headerParameters()
163			* @return JWTParameter[]
164			*/
165	2		public function headerParameters() {
166	2		return array(AlgorithmParameter::fromAlgorithm($this));
167			}
168			}
169

sop / jwx

GitHub Access Token became invalid

Push — master ( 74ce6a...af33f1 )

ECDSAAlgorithm A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

8 Methods

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like