PBEScheme::fromAlgorithmIdentifier()   A
last analyzed

Complexity

Conditions 3
Paths 3

Size

Total Lines 15
Code Lines 10

Duplication

Lines 0
Ratio 0 %

Code Coverage

Tests 11
CRAP Score 3

Importance

Changes 0
Metric Value
eloc 10
dl 0
loc 15
c 0
b 0
f 0
ccs 11
cts 11
cp 1
rs 9.9332
cc 3
nc 3
nop 2
crap 3
1
<?php
2
3
declare(strict_types = 1);
4
5
namespace Sop\PKCS5;
6
7
use Sop\CryptoBridge\Crypto;
8
use Sop\PKCS5\ASN1\AlgorithmIdentifier\PBEAlgorithmIdentifier;
9
use Sop\PKCS5\ASN1\AlgorithmIdentifier\PBES1AlgorithmIdentifier;
10
use Sop\PKCS5\ASN1\AlgorithmIdentifier\PBES2AlgorithmIdentifier;
11
use Sop\PKCS5\PBEKD\PBEKDF;
12
use Sop\PKCS5\PRF\PRF;
13
14
/**
15
 * Base class for password-based encryption schemes.
16
 *
17
 * @see https://tools.ietf.org/html/rfc2898#section-6
18
 */
19
abstract class PBEScheme
20
{
21
    /**
22
     * Encrypt data.
23
     *
24
     * @param string $data     Plaintext
25
     * @param string $password Password
26
     *
27
     * @return string Ciphertext
28
     */
29
    abstract public function encrypt(string $data, string $password): string;
30
31
    /**
32
     * Encrypt data with pre-derived key.
33
     *
34
     * @param string $data Plaintext
35
     * @param string $key  Derived key
36
     *
37
     * @return string Ciphertext
38
     */
39
    abstract public function encryptWithKey(string $data, string $key): string;
40
41
    /**
42
     * Decrypt data.
43
     *
44
     * @param string $data     Ciphertext
45
     * @param string $password Password
46
     *
47
     * @return string Plaintext
48
     */
49
    abstract public function decrypt(string $data, string $password): string;
50
51
    /**
52
     * Decrypt data with pre-derived key.
53
     *
54
     * @param string $data Ciphertext
55
     * @param string $key  Derived key
56
     *
57
     * @return string Plaintext
58
     */
59
    abstract public function decryptWithKey(string $data, string $key): string;
60
61
    /**
62
     * Get key-derivation function.
63
     *
64
     * @return PBEKDF
65
     */
66
    abstract public function kdf(): PBEKDF;
67
68
    /**
69
     * Get PBEScheme by algorithm identifier.
70
     *
71
     * @param PBEAlgorithmIdentifier $algo   Algorithm identifier
72
     * @param null|Crypto            $crypto Crypto engine, use default if not set
73
     *
74
     * @throws \UnexpectedValueException
75
     *
76
     * @return self
77
     */
78 18
    public static function fromAlgorithmIdentifier(PBEAlgorithmIdentifier $algo,
79
        ?Crypto $crypto = null): PBEScheme
80
    {
81 18
        if ($algo instanceof PBES1AlgorithmIdentifier) {
82 14
            return new PBES1($algo->hashFunc(), $algo->blockCipher(),
83 14
                $algo->salt(), $algo->iterationCount(), $crypto);
84
        }
85 4
        if ($algo instanceof PBES2AlgorithmIdentifier) {
86 2
            $prf = PRF::fromAlgorithmIdentifier(
87 2
                $algo->kdfAlgorithmIdentifier()->prfAlgorithmIdentifier());
88 2
            return new PBES2($prf, $algo->esAlgorithmIdentifier(), $algo->salt(),
89 2
                $algo->iterationCount(), $crypto);
90
        }
91 2
        throw new \UnexpectedValueException(
92 2
            sprintf('No encryption scheme for %s algorithm.', $algo->name()));
93
    }
94
}
95