generateIv::generateInsecureIv() - Code Metrics - Inspection of "Really made namespaces a thing" - stymiee/php-simple-encryption - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Branch — master (b41ac8)

by John

created 2020-05-11 15:10 UTC

generateIv::generateInsecureIv() A

↳ Parent: generateIv

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	10
CRAP Score	2

Importance

Changes

Metric	Value
dl	0
loc	16
ccs	10
cts	10
cp	1
rs	9.7333
c	0
b	0
f	0
cc	2
nc	2
nop	1
crap	2

<?php

declare(strict_types=1);

namespace Encryption\Traits;


use Exception;
use RuntimeException;

trait generateIv

{
    protected function generateInsecureIv(int $length): string
    {
        $permitted_chars = implode(

            '',
            array_merge( // @codeCoverageIgnore
                range('A', 'z'),
                range(0, 9),
                str_split('~!@#$%&*()-=+{};:"<>,.?/\'')
            )
        );
        $random = '';
        for ($i = 0; $i < $length; $i++) {
            $random .= $permitted_chars[mt_rand(0, ($length) - 1)];

        }
        return $random;
    }

    public function generateIv(bool $allowLessSecureIv = false): string
    {
        $success = false;
        $random = openssl_random_pseudo_bytes(openssl_cipher_iv_length(static::CIPHER), $success);
        if (!$success) {
$a = canBeFalseAndNull();

// Instead of
if ( ! $a) { }

// Better use one of the explicit versions:
if ($a !== null) { }
if ($a !== false) { }
if ($a !== null && $a !== false) { }
            try {
                $random = random_bytes(static::IV_LENGTH);
            } catch (Exception $e) {
                if ($allowLessSecureIv) {
                    $random = $this->generateInsecureIv(static::IV_LENGTH);
                } else {
                    throw new RuntimeException('Unable to generate initialization vector (IV)');
                }
            }
        }
        return $random;
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		namespace Encryption\Traits;
6
7
8		use Exception;
9		use RuntimeException;
10
11		trait generateIv
		0 ignored issues – show Coding Style introduced 2020-05-11 13:01 UTC by Report Bug Copy Issue Report `generateIv` does not seem to conform to the naming convention (`^[A-Z][a-zA-Z0-9]*$`). This check examines a number of code elements and verifies that they conform to the given naming conventions. You can set conventions for local variables, abstract classes, utility classes, constant, properties, methods, parameters, interfaces, classes, exceptions and special methods. Loading history...
12		{
13	1	protected function generateInsecureIv(int $length): string
14		{
15	1	$permitted_chars = implode(
		0 ignored issues – show Coding Style introduced 2020-05-11 13:01 UTC by Report Bug Copy Issue Report `$permitted_chars` does not seem to conform to the naming convention (`^[a-z][a-zA-Z0-9]*$`). This check examines a number of code elements and verifies that they conform to the given naming conventions. You can set conventions for local variables, abstract classes, utility classes, constant, properties, methods, parameters, interfaces, classes, exceptions and special methods. Loading history...
16	1	'',
17		array_merge( // @codeCoverageIgnore
18	1	range('A', 'z'),
19	1	range(0, 9),
20	1	str_split('~!@#$%&*()-=+{};:"<>,.?/\'')
21		)
22		);
23	1	$random = '';
24	1	for ($i = 0; $i < $length; $i++) {
25	1	$random .= $permitted_chars[mt_rand(0, ($length) - 1)];
		0 ignored issues – show Coding Style introduced 2020-05-11 13:01 UTC by Report Bug Copy Issue Report `$permitted_chars` does not seem to conform to the naming convention (`^[a-z][a-zA-Z0-9]*$`). This check examines a number of code elements and verifies that they conform to the given naming conventions. You can set conventions for local variables, abstract classes, utility classes, constant, properties, methods, parameters, interfaces, classes, exceptions and special methods. Loading history...
26		}
27	1	return $random;
28		}
29
30	1	public function generateIv(bool $allowLessSecureIv = false): string
31		{
32	1	$success = false;
33	1	$random = openssl_random_pseudo_bytes(openssl_cipher_iv_length(static::CIPHER), $success);
34	1	if (!$success) {
		0 ignored issues – show Bug Best Practice introduced 2020-05-11 13:01 UTC by Report Bug Copy Issue Report The expression `$success` of type `boolean\|null` is loosely compared to `false`; this is ambiguous if the boolean can be false. You might want to explicitly use `!== null` instead. If an expression can have both `false`, and `null` as possible values. It is generally a good practice to always use strict comparison to clearly distinguish between those two values. $a = canBeFalseAndNull(); // Instead of if ( ! $a) { } // Better use one of the explicit versions: if ($a !== null) { } if ($a !== false) { } if ($a !== null && $a !== false) { } Loading history...
35		try {
36		$random = random_bytes(static::IV_LENGTH);
37		} catch (Exception $e) {
38		if ($allowLessSecureIv) {
39		$random = $this->generateInsecureIv(static::IV_LENGTH);
40		} else {
41		throw new RuntimeException('Unable to generate initialization vector (IV)');
42		}
43		}
44		}
45	1	return $random;
46		}
47		}
48

stymiee / php-simple-encryption

Branch — master (b41ac8)

generateIv::generateInsecureIv() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like