Handshake::hello() - Code Metrics - Inspection of "Implement db create, drop and list support, isolat..." - tbolier/php-rethink-ql - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Branch — master (ae31ea)

by Timon

created 2018-01-24 12:56 UTC

Handshake::hello() D

↳ Parent: Handshake

Complexity

Conditions	9
Paths	14

Size

Total Lines	38
Code Lines	22

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	13
CRAP Score	13.4798

Importance

Changes

Metric	Value
dl	0
loc	38
ccs	13
cts	21
cp	0.619
rs	4.909
c	0
b	0
f	0
cc	9
eloc	22
nc	14
nop	1
crap	13.4798

<?php
declare(strict_types=1);

/**
 * @license http://www.apache.org/licenses/ Apache License 2.0
 * @license https://github.com/danielmewes/php-rql Apache License 2.0
 * @Author Daniel Mewes https://github.com/danielmewes
 * @Author Timon Bolier https://github.com/tbolier
 *
 * The Handshake class contains parts of code copied from the original PHP-RQL library under the Apache License 2.0:
 * @see https://github.com/danielmewes/php-rql/blob/master/rdb/Handshake.php
 *
 * Stating the following changes have been done to the parts of the code copied in the Handshake Class:
 * - Amendments to code styles and control structures.
 * - Abstraction of code to new methods to improve readability.
 * - Removed obsolete code.
 */

namespace TBolier\RethinkQL\Connection\Socket;

use Psr\Http\Message\StreamInterface;

class Handshake implements HandshakeInterface
{
    /**
     * @var string
     */
    private $username;

    /**
     * @var string
     */
    private $password;

    /**
     * @var string
     */
    private $protocolVersion = 0;

    /**
     * @var int
     */
    private $state;

    /**
     * @var string
     */
    private $myR;

    /**
     * @var string
     */
    private $clientFirstMessage;

    /**
     * @var string
     */
    private $serverSignature;

    /**
     * @var int
     */
    private $version;

    /**
     * @param string $username
     * @param string $password
     * @param int $version
     */
    public function __construct(string $username, string $password, int $version)
    {
        $this->username = $username;
        $this->password = $password;
        $this->state = 0;
        $this->version = $version;
    }

    /**
     * @inheritdoc
     * @throws \RuntimeException
     * @throws Exception
     */
    public function hello(StreamInterface $stream): void
    {
        try {
            $handshakeResponse = null;
            while (true) {
                if (!$stream->isWritable()) {
                    throw new Exception('Not connected');
                }

                if ($handshakeResponse !== null && preg_match('/^ERROR:\s(.+)$/i', $handshakeResponse,
                        $errorMatch)) {
                    throw new Exception($errorMatch[1]);
                }

                try {
                    $msg = $this->nextMessage($handshakeResponse);
                } catch (Exception $e) {
                    $stream->close();
                    throw $e;
                }

                if ($msg === 'successful') {
                    break;
                }

                if ($msg !== '') {
                    $stream->write($msg);
                }

                // Read null-terminated response
                $handshakeResponse = $stream->getContents();
            }
        } catch (Exception $e) {
            $stream->close();
            throw $e;
        }

    }

    /**
     * @param $response
     * @return string
     * @throws Exception
     */
    private function nextMessage(string $response = null): ?string
    {
        switch ($this->state) {
            case 0:
switch ($expr) {
    case "A": { //wrong
        doSomething();
        break;
    }
    case "B"; //wrong
        doSomething();
        break;
    case "C": //right
        doSomething();
        break;
}
                return $this->createHandshakeMessage($response);
            case 1:
                return $this->verifyProtocol($response);
            case 2:
                return $this->createAuthenticationMessage($response);
            case 3:
                return $this->verifyAuthentication($response);
            default:
                throw new Exception('Illegal handshake state');
        }
    }

    /**
     * @param string $password
     * @param string $salt
     * @param int $iterations
     * @return string
     */
    private function pkbdf2Hmac(string $password, string $salt, int $iterations): string
    {
        $t = hash_hmac('sha256', $salt . "\x00\x00\x00\x01", $password, true);
        $u = $t;
        for ($i = 0; $i < $iterations - 1; ++$i) {
            $t = hash_hmac('sha256', $t, $password, true);
            $u ^= $t;
        }

        return $u;
    }

    /**
     * @param $response
     * @return string
     */
    private function createHandshakeMessage($response): string
    {
        $response === null or die('Illegal handshake state');

        $this->myR = base64_encode(openssl_random_pseudo_bytes(18));
        $this->clientFirstMessage = 'n=' . $this->username . ',r=' . $this->myR;

        $binaryVersion = pack('V', $this->version);

        $this->state = 1;

        return
            $binaryVersion
            . json_encode(
                [
                    'protocol_version' => $this->protocolVersion,
                    'authentication_method' => 'SCRAM-SHA-256',
                    'authentication' => 'n,,' . $this->clientFirstMessage,
                ]
            )
            . \chr(0);
    }

    /**
     * @param $response
     * @return string
     * @throws Exception
     */
    private function verifyProtocol($response): string
    {
        if (strpos($response, 'ERROR') === 0) {
            throw new Exception(
                'Received an unexpected reply. You may be attempting to connect to '
                . 'a RethinkDB server that is too old for this driver. The minimum '
                . 'supported server version is 2.3.0.'
            );
        }

        $json = json_decode($response, true);
        if ($json['success'] === false) {
            throw new Exception('Handshake failed: ' . $json["error"]);
        }
        if ($this->protocolVersion > $json['max_protocol_version']
            || $this->protocolVersion < $json['min_protocol_version']) {
            throw new Exception('Unsupported protocol version.');
        }

        $this->state = 2;

        return '';
    }

    /**
     * @param $response
     * @return string
     * @throws Exception
     */
    private function createAuthenticationMessage($response): string
    {
        $json = json_decode($response, true);
        if ($json['success'] === false) {
            throw new Exception('Handshake failed: ' . $json['error']);
        }
        $serverFirstMessage = $json['authentication'];
        $authentication = [];
        foreach (explode(',', $json['authentication']) as $var) {
            $pair = explode('=', $var);
            $authentication[$pair[0]] = $pair[1];
        }
        $serverR = $authentication['r'];
        if (strpos($serverR, $this->myR) !== 0) {
            throw new Exception('Invalid nonce from server.');
        }
        $salt = base64_decode($authentication['s']);
        $iterations = (int)$authentication['i'];

        $clientFinalMessageWithoutProof = 'c=biws,r=' . $serverR;
        $saltedPassword = $this->pkbdf2Hmac($this->password, $salt, $iterations);
        $clientKey = hash_hmac('sha256', 'Client Key', $saltedPassword, true);
        $storedKey = hash('sha256', $clientKey, true);

        $authMessage =
            $this->clientFirstMessage . ',' . $serverFirstMessage . ',' . $clientFinalMessageWithoutProof;

        $clientSignature = hash_hmac('sha256', $authMessage, $storedKey, true);

        $clientProof = $clientKey ^ $clientSignature;

        $serverKey = hash_hmac('sha256', 'Server Key', $saltedPassword, true);

        $this->serverSignature = hash_hmac('sha256', $authMessage, $serverKey, true);

        $this->state = 3;

        return
            json_encode(
                [
                    'authentication' => $clientFinalMessageWithoutProof . ',p=' . base64_encode($clientProof),
                ]
            )
            . \chr(0);
    }

    /**
     * @param $response
     * @return string
     * @throws Exception
     */
    private function verifyAuthentication($response): string
    {
        $json = json_decode($response, true);
        if ($json['success'] === false) {
            throw new Exception('Handshake failed: ' . $json['error']);
        }
        $authentication = [];
        foreach (explode(',', $json['authentication']) as $var) {
            $pair = explode('=', $var);
            $authentication[$pair[0]] = $pair[1];
        }

        $v = base64_decode($authentication['v']);

        // TODO: Use cryptographic comparison
        if ($v !== $this->serverSignature) {
            throw new Exception('Invalid server signature.');
        }

        $this->state = 4;

        return 'successful';
    }
}


1		<?php
2		declare(strict_types=1);
3
4		/**
5		* @license http://www.apache.org/licenses/ Apache License 2.0
6		* @license https://github.com/danielmewes/php-rql Apache License 2.0
7		* @Author Daniel Mewes https://github.com/danielmewes
8		* @Author Timon Bolier https://github.com/tbolier
9		*
10		* The Handshake class contains parts of code copied from the original PHP-RQL library under the Apache License 2.0:
11		* @see https://github.com/danielmewes/php-rql/blob/master/rdb/Handshake.php
12		*
13		* Stating the following changes have been done to the parts of the code copied in the Handshake Class:
14		* - Amendments to code styles and control structures.
15		* - Abstraction of code to new methods to improve readability.
16		* - Removed obsolete code.
17		*/
18
19		namespace TBolier\RethinkQL\Connection\Socket;
20
21		use Psr\Http\Message\StreamInterface;
22
23		class Handshake implements HandshakeInterface
24		{
25		/**
26		* @var string
27		*/
28		private $username;
29
30		/**
31		* @var string
32		*/
33		private $password;
34
35		/**
36		* @var string
37		*/
38		private $protocolVersion = 0;
39
40		/**
41		* @var int
42		*/
43		private $state;
44
45		/**
46		* @var string
47		*/
48		private $myR;
49
50		/**
51		* @var string
52		*/
53		private $clientFirstMessage;
54
55		/**
56		* @var string
57		*/
58		private $serverSignature;
59
60		/**
61		* @var int
62		*/
63		private $version;
64
65		/**
66		* @param string $username
67		* @param string $password
68		* @param int $version
69		*/
70	13	public function __construct(string $username, string $password, int $version)
71		{
72	13	$this->username = $username;
73	13	$this->password = $password;
74	13	$this->state = 0;
75	13	$this->version = $version;
76	13	}
77
78		/**
79		* @inheritdoc
80		* @throws \RuntimeException
81		* @throws Exception
82		*/
83	13	public function hello(StreamInterface $stream): void
84		{
85		try {
86	13	$handshakeResponse = null;
87	13	while (true) {
88	13	if (!$stream->isWritable()) {
89		throw new Exception('Not connected');
90		}
91
92	13	if ($handshakeResponse !== null && preg_match('/^ERROR:\s(.+)$/i', $handshakeResponse,
93	13	$errorMatch)) {
94		throw new Exception($errorMatch[1]);
95		}
96
97		try {
98	13	$msg = $this->nextMessage($handshakeResponse);
99		} catch (Exception $e) {
100		$stream->close();
101		throw $e;
102		}
103
104	13	if ($msg === 'successful') {
105	13	break;
106		}
107
108	13	if ($msg !== '') {
109	13	$stream->write($msg);
110		}
111
112		// Read null-terminated response
113	13	$handshakeResponse = $stream->getContents();
114		}
115		} catch (Exception $e) {
116		$stream->close();
117		throw $e;
118		}
119
120	13	}
121
122		/**
123		* @param $response
124		* @return string
125		* @throws Exception
126		*/
127	13	private function nextMessage(string $response = null): ?string
128		{
129	13	switch ($this->state) {
130	13	case 0:
		0 ignored issues – show Coding Style introduced 2018-01-22 13:12 UTC by Report Bug Copy Issue Report `case` statements should be defined using a colon. As per the PSR-2 coding standard, case statements should not be wrapped in curly braces. There is no need for braces, since each case is terminated by the next `break`. There is also the option to use a semicolon instead of a colon, this is discouraged because many programmers do not even know it works and the colon is universal between programming languages. switch ($expr) { case "A": { //wrong doSomething(); break; } case "B"; //wrong doSomething(); break; case "C": //right doSomething(); break; } To learn more about the PSR-2 coding standard, please refer to the PHP-Fig. Loading history...
131	13	return $this->createHandshakeMessage($response);
132	13	case 1:
133	13	return $this->verifyProtocol($response);
134	13	case 2:
135	13	return $this->createAuthenticationMessage($response);
136	13	case 3:
137	13	return $this->verifyAuthentication($response);
138		default:
139		throw new Exception('Illegal handshake state');
140		}
141		}
142
143		/**
144		* @param string $password
145		* @param string $salt
146		* @param int $iterations
147		* @return string
148		*/
149	13	private function pkbdf2Hmac(string $password, string $salt, int $iterations): string
150		{
151	13	$t = hash_hmac('sha256', $salt . "\x00\x00\x00\x01", $password, true);
152	13	$u = $t;
153	13	for ($i = 0; $i < $iterations - 1; ++$i) {
154		$t = hash_hmac('sha256', $t, $password, true);
155		$u ^= $t;
156		}
157
158	13	return $u;
159		}
160
161		/**
162		* @param $response
163		* @return string
164		*/
165	13	private function createHandshakeMessage($response): string
166		{
167	13	$response === null or die('Illegal handshake state');
168
169	13	$this->myR = base64_encode(openssl_random_pseudo_bytes(18));
170	13	$this->clientFirstMessage = 'n=' . $this->username . ',r=' . $this->myR;
171
172	13	$binaryVersion = pack('V', $this->version);
173
174	13	$this->state = 1;
175
176		return
177		$binaryVersion
178	13	. json_encode(
179		[
180	13	'protocol_version' => $this->protocolVersion,
181	13	'authentication_method' => 'SCRAM-SHA-256',
182	13	'authentication' => 'n,,' . $this->clientFirstMessage,
183		]
184		)
185	13	. \chr(0);
186		}
187
188		/**
189		* @param $response
190		* @return string
191		* @throws Exception
192		*/
193	13	private function verifyProtocol($response): string
194		{
195	13	if (strpos($response, 'ERROR') === 0) {
196		throw new Exception(
197		'Received an unexpected reply. You may be attempting to connect to '
198		. 'a RethinkDB server that is too old for this driver. The minimum '
199		. 'supported server version is 2.3.0.'
200		);
201		}
202
203	13	$json = json_decode($response, true);
204	13	if ($json['success'] === false) {
205		throw new Exception('Handshake failed: ' . $json["error"]);
206		}
207	13	if ($this->protocolVersion > $json['max_protocol_version']
208	13	\|\| $this->protocolVersion < $json['min_protocol_version']) {
209		throw new Exception('Unsupported protocol version.');
210		}
211
212	13	$this->state = 2;
213
214	13	return '';
215		}
216
217		/**
218		* @param $response
219		* @return string
220		* @throws Exception
221		*/
222	13	private function createAuthenticationMessage($response): string
223		{
224	13	$json = json_decode($response, true);
225	13	if ($json['success'] === false) {
226		throw new Exception('Handshake failed: ' . $json['error']);
227		}
228	13	$serverFirstMessage = $json['authentication'];
229	13	$authentication = [];
230	13	foreach (explode(',', $json['authentication']) as $var) {
231	13	$pair = explode('=', $var);
232	13	$authentication[$pair[0]] = $pair[1];
233		}
234	13	$serverR = $authentication['r'];
235	13	if (strpos($serverR, $this->myR) !== 0) {
236		throw new Exception('Invalid nonce from server.');
237		}
238	13	$salt = base64_decode($authentication['s']);
239	13	$iterations = (int)$authentication['i'];
240
241	13	$clientFinalMessageWithoutProof = 'c=biws,r=' . $serverR;
242	13	$saltedPassword = $this->pkbdf2Hmac($this->password, $salt, $iterations);
243	13	$clientKey = hash_hmac('sha256', 'Client Key', $saltedPassword, true);
244	13	$storedKey = hash('sha256', $clientKey, true);
245
246		$authMessage =
247	13	$this->clientFirstMessage . ',' . $serverFirstMessage . ',' . $clientFinalMessageWithoutProof;
248
249	13	$clientSignature = hash_hmac('sha256', $authMessage, $storedKey, true);
250
251	13	$clientProof = $clientKey ^ $clientSignature;
252
253	13	$serverKey = hash_hmac('sha256', 'Server Key', $saltedPassword, true);
254
255	13	$this->serverSignature = hash_hmac('sha256', $authMessage, $serverKey, true);
256
257	13	$this->state = 3;
258
259		return
260	13	json_encode(
261		[
262	13	'authentication' => $clientFinalMessageWithoutProof . ',p=' . base64_encode($clientProof),
263		]
264		)
265	13	. \chr(0);
266		}
267
268		/**
269		* @param $response
270		* @return string
271		* @throws Exception
272		*/
273	13	private function verifyAuthentication($response): string
274		{
275	13	$json = json_decode($response, true);
276	13	if ($json['success'] === false) {
277		throw new Exception('Handshake failed: ' . $json['error']);
278		}
279	13	$authentication = [];
280	13	foreach (explode(',', $json['authentication']) as $var) {
281	13	$pair = explode('=', $var);
282	13	$authentication[$pair[0]] = $pair[1];
283		}
284
285	13	$v = base64_decode($authentication['v']);
286
287		// TODO: Use cryptographic comparison
288	13	if ($v !== $this->serverSignature) {
289		throw new Exception('Invalid server signature.');
290		}
291
292	13	$this->state = 4;
293
294	13	return 'successful';
295		}
296		}
297

tbolier / php-rethink-ql

Branch — master (ae31ea)

Handshake::hello() D

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like