Swift_Signers_DKIMSigner - Code Metrics - Inspection of "[~]: add some more TODO-comments" - voku/swiftmailer - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 5.x ( 4bb56c...2a7c65 )

by Lars

created 2017-05-28 11:13 UTC

Swift_Signers_DKIMSigner D

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	781
Duplicated Lines	8.19 %

Coupling/Cohesion

Components	1
Dependencies	4

Test Coverage

Coverage

68.48%

Importance

Changes

Metric	Value
dl	64
loc	781
ccs	189
cts	276
cp	0.6848
rs	4
c	0
b	0
f	0
wmc	82
lcom	1
cbo	4

29 Methods

Rating	Name	Duplication	Size	Complexity
A	newInstance()	0	4	1
A	commit()	0	5	1
A	bind()	0	7	1
A	unbind()	11	11	3
A	flushBuffers()	0	4	1
A	setSignerIdentity()	0	6	1
A	setBodySignedLen()	0	15	3
A	setSignatureExpiration()	0	6	1
A	setDebugHeaders()	0	6	1
A	ignoreHeader()	0	6	1
A	_endOfHeaders()	0	3	1
A	__construct()	0	13	2
A	reset()	0	11	1
A	write()	0	7	2
A	setHashAlgorithm()	0	18	4
A	setBodyCanon()	0	10	2
A	setHeaderCanon()	0	10	2
A	setSignatureTimestamp()	0	6	1
A	startBody()	0	13	3
A	endBody()	0	4	1
A	getAlteredHeaders()	0	8	2
B	setHeaders()	16	24	6
D	addSignature()	0	68	11
A	_addHeader()	15	15	4
C	_canonicalizeBody()	22	54	13
A	_endOfBody()	0	9	2
A	_addToBodyHash()	0	11	2
A	_addToHeaderHash()	0	7	2
C	_getEncryptedHash()	0	30	7

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like Swift_Signers_DKIMSigner often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use Swift_Signers_DKIMSigner, and based on these observations, apply Extract Interface, too.

<?php

/*
 * This file is part of SwiftMailer.
 * (c) 2004-2009 Chris Corbyn
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

/**
 * DKIM Signer used to apply DKIM Signature to a message.
 *
 * @author Xavier De Cock <[email protected]>
 */
class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
namespace YourVendor;

class YourClass { }
{
    /**
     * PrivateKey.
     *
     * @var string
     */
    protected $_privateKey;

    /**
     * DomainName.
     *
     * @var string
     */
    protected $_domainName;

    /**
     * Selector.
     *
     * @var string
     */
    protected $_selector;

    /**
     * @var string
     */
    private $_passphrase = '';

    /**
     * Hash algorithm used.
     *
     * @see RFC6376 3.3: Signers MUST implement and SHOULD sign using rsa-sha256.
     *
     * @var string
     */
    protected $_hashAlgorithm = 'rsa-sha256';

    /**
     * Body canon method.
     *
     * @var string
     */
    protected $_bodyCanon = 'simple';

    /**
     * Header canon method.
     *
     * @var string
     */
    protected $_headerCanon = 'simple';

    /**
     * Headers not being signed.
     *
     * @var array
     */
    protected $_ignoredHeaders = array('return-path' => true);

    /**
     * Signer identity.
     *
     * @var string
     */
    protected $_signerIdentity;

    /**
     * BodyLength.
     *
     * @var int
     */
    protected $_bodyLen = 0;

    /**
     * Maximum signedLen.
     *
     * @var int
     */
    protected $_maxLen = PHP_INT_MAX;

    /**
     * Embbed bodyLen in signature.
     *
     * @var bool
     */
    protected $_showLen = false;

    /**
     * When the signature has been applied (true means time()), false means not embedded.
     *
     * @var mixed
     */
    protected $_signatureTimestamp = true;

    /**
     * When will the signature expires false means not embedded, if sigTimestamp is auto
     * Expiration is relative, otherwise it's absolute.
     *
     * @var int
     */
    protected $_signatureExpiration = false;

    /**
     * Must we embed signed headers?
     *
     * @var bool
     */
    protected $_debugHeaders = false;

    // work variables
    /**
     * Headers used to generate hash.
     *
     * @var array
     */
    protected $_signedHeaders = array();

    /**
     * If debugHeaders is set store debugData here.
     *
     * @var string
     */
    private $_debugHeadersData = '';

    /**
     * Stores the bodyHash.
     *
     * @var string
     */
    private $_bodyHash = '';

    /**
     * Stores the signature header.
     *
     * @var Swift_Mime_Headers_ParameterizedHeader
     */
    protected $_dkimHeader;

    /**
     * @var resource
     */
    private $_bodyHashHandler;

    /**
     * @var null
     *
     * no used?
     */
    private $_headerHash;

    /**
     * @var string
     */
    private $_headerCanonData = '';

    /**
     * @var int
     */
    private $_bodyCanonEmptyCounter = 0;

    /**
     * @var int
     */
    private $_bodyCanonIgnoreStart = 2;

    /**
     * @var bool
     */
    private $_bodyCanonSpace = false;

    /**
     * @var null|string
     */
    private $_bodyCanonLastChar = null;

    /**
     * @var string
     */
    private $_bodyCanonLine = '';

    /**
     * @var array
     */
    private $_bound = array();

    /**
     * Constructor.
     *
     * @param string $privateKey
     * @param string $domainName
     * @param string $selector
     * @param string $passphrase
     */
    public function __construct($privateKey, $domainName, $selector, $passphrase = '')
    {
        $this->_privateKey = $privateKey;
        $this->_domainName = $domainName;
        $this->_signerIdentity = '@' . $domainName;
        $this->_selector = $selector;
        $this->_passphrase = $passphrase;

        // keep fallback hash algorithm sha1 if php version is lower than 5.4.8
        if (PHP_VERSION_ID < 50408) {
            $this->_hashAlgorithm = 'rsa-sha1';
        }
    }

    /**
     * Instanciate DKIMSigner.
     *
     * @param string $privateKey
     * @param string $domainName
     * @param string $selector
     *
     * @return self
     */
    public static function newInstance($privateKey, $domainName, $selector)
    {
        return new static($privateKey, $domainName, $selector);
    }

    /**
     * Reset the Signer.
     *
     * @see Swift_Signer::reset()
     */
    public function reset()
    {
        $this->_headerHash = null;
        $this->_signedHeaders = array();
        $this->_bodyHash = null;
        $this->_bodyHashHandler = null;
        $this->_bodyCanonIgnoreStart = 2;
        $this->_bodyCanonEmptyCounter = 0;
        $this->_bodyCanonLastChar = null;
        $this->_bodyCanonSpace = false;
    }

    /**
     * Writes $bytes to the end of the stream.
     *
     * Writing may not happen immediately if the stream chooses to buffer. If
     * you want to write these bytes with immediate effect, call {@link commit()}
     * after calling write().
     *
     * This method returns the sequence ID of the write (i.e. 1 for first, 2 for
     * second, etc etc).
     *
     * @param string $bytes
     *
     * @throws Swift_IoException
     *
     * @return int
     */
    // TODO: fix return
    public function write($bytes)
    {
        $this->_canonicalizeBody($bytes);
        foreach ($this->_bound as $is) {
            $is->write($bytes);
        }
    }

    /**
     * For any bytes that are currently buffered inside the stream, force them
     * off the buffer.
     */
    public function commit()
    {
        // Nothing to do
        return;
    }

    /**
     * Attach $is to this stream.
     * The stream acts as an observer, receiving all data that is written.
     * All {@link write()} and {@link flushBuffers()} operations will be mirrored.
     *
     * @param Swift_InputByteStream $is
     */
    public function bind(Swift_InputByteStream $is)
    {
        // Don't have to mirror anything
        $this->_bound[] = $is;

        return;
    }

    /**
     * Remove an already bound stream.
     * If $is is not bound, no errors will be raised.
     * If the stream currently has any buffered data it will be written to $is
     * before unbinding occurs.
     *
     * @param Swift_InputByteStream $is
     */
    public function unbind(Swift_InputByteStream $is)

    {
        // Don't have to mirror anything
        foreach ($this->_bound as $k => $stream) {
            if ($stream === $is) {
                unset($this->_bound[$k]);

                return;
            }
        }
    }

    /**
     * Flush the contents of the stream (empty it) and set the internal pointer
     * to the beginning.
     *
     * @throws Swift_IoException
     */
    public function flushBuffers()
    {
        $this->reset();
    }

    /**
     * Set hash_algorithm, must be one of rsa-sha256 | rsa-sha1.
     *
     * @param string $hash 'rsa-sha1' or 'rsa-sha256'
     *
     * @throws Swift_SwiftException
     *
     * @return $this
     */
    public function setHashAlgorithm($hash)
    {
        switch ($hash) {
            case 'rsa-sha1':
                $this->_hashAlgorithm = 'rsa-sha1';
                break;
            case 'rsa-sha256':
                $this->_hashAlgorithm = 'rsa-sha256';
                if (!defined('OPENSSL_ALGO_SHA256')) {
                    throw new Swift_SwiftException('Unable to set sha256 as it is not supported by OpenSSL.');
                }
                break;
            default:
                throw new Swift_SwiftException('Unable to set the hash algorithm, must be one of rsa-sha1 or rsa-sha256 (%s given).', $hash);
        }

        return $this;
    }

    /**
     * Set the body canonicalization algorithm.
     *
     * @param string $canon
     *
     * @return $this
     */
    public function setBodyCanon($canon)
    {
        if ($canon === 'relaxed') {
            $this->_bodyCanon = 'relaxed';
        } else {
            $this->_bodyCanon = 'simple';
        }

        return $this;
    }

    /**
     * Set the header canonicalization algorithm.
     *
     * @param string $canon
     *
     * @return $this
     */
    public function setHeaderCanon($canon)
    {
        if ($canon === 'relaxed') {
            $this->_headerCanon = 'relaxed';
        } else {
            $this->_headerCanon = 'simple';
        }

        return $this;
    }

    /**
     * Set the signer identity.
     *
     * @param string $identity
     *
     * @return $this
     */
    public function setSignerIdentity($identity)
    {
        $this->_signerIdentity = $identity;

        return $this;
    }

    /**
     * Set the length of the body to sign.
     *
     * @param mixed $len (bool or int)
     *
     * @return $this
     */
    public function setBodySignedLen($len)
    {
        if ($len === true) {
            $this->_showLen = true;
            $this->_maxLen = PHP_INT_MAX;
        } elseif ($len === false) {
            $this->_showLen = false;
            $this->_maxLen = PHP_INT_MAX;
        } else {
            $this->_showLen = true;
            $this->_maxLen = (int) $len;
        }

        return $this;
    }

    /**
     * Set the signature timestamp.
     *
     * @param int $time A timestamp
     *
     * @return $this
     */
    public function setSignatureTimestamp($time)
    {
        $this->_signatureTimestamp = $time;

        return $this;
    }

    /**
     * Set the signature expiration timestamp.
     *
     * @param int $time A timestamp
     *
     * @return $this
     */
    public function setSignatureExpiration($time)
    {
        $this->_signatureExpiration = $time;

        return $this;
    }

    /**
     * Enable / disable the DebugHeaders.
     *
     * @param bool $debug
     *
     * @return Swift_Signers_DKIMSigner
     */
    public function setDebugHeaders($debug)
    {
        $this->_debugHeaders = (bool) $debug;

        return $this;
    }

    /**
     * Start Body.
     */
    public function startBody()
    {
        // Init
        switch ($this->_hashAlgorithm) {
            case 'rsa-sha256':
                $this->_bodyHashHandler = hash_init('sha256');
                break;
            case 'rsa-sha1':
                $this->_bodyHashHandler = hash_init('sha1');
                break;
        }
        $this->_bodyCanonLine = '';
    }

    /**
     * End Body.
     */
    public function endBody()
    {
        $this->_endOfBody();
    }

    /**
     * Returns the list of Headers Tampered by this plugin.
     *
     * @return string[]
     */
    public function getAlteredHeaders()
    {
        if ($this->_debugHeaders) {
            return array('DKIM-Signature', 'X-DebugHash');
        }

      return array('DKIM-Signature');
    }

    /**
     * Adds an ignored Header.
     *
     * @param string $header_name
     *
     * @return Swift_Signers_DKIMSigner
     */
    public function ignoreHeader($header_name)
    {
        $this->_ignoredHeaders[Swift::strtolowerWithStaticCache($header_name)] = true;

        return $this;
    }

    /**
     * Set the headers to sign.
     *
     * @param Swift_Mime_HeaderSet $headers
     *
     * @return Swift_Signers_DKIMSigner
     */
    public function setHeaders(Swift_Mime_HeaderSet $headers)
    {
        $this->_headerCanonData = '';
        // Loop through Headers
        $listHeaders = $headers->listAll();
        foreach ($listHeaders as $hName) {

            // Check if we need to ignore Header
            if (
                !isset($this->_ignoredHeaders[Swift::strtolowerWithStaticCache($hName)])
                &&
                $headers->has($hName)
            ) {
                $tmp = $headers->getAll($hName);
                foreach ($tmp as $header) {
                    if ($header->getFieldBody() != '') {
                        $this->_addHeader($header->toString());
                        $this->_signedHeaders[] = $header->getFieldName();
                    }
                }
            }
        }

        return $this;
    }

    /**
     * Add the signature to the given Headers.
     *
     * @param Swift_Mime_HeaderSet $headers
     *
     * @return Swift_Signers_DKIMSigner
     */
    public function addSignature(Swift_Mime_HeaderSet $headers)
    {
        // Prepare the DKIM-Signature
        $params = array(
            'v' => '1',
            'a' => $this->_hashAlgorithm,
            'bh' => base64_encode($this->_bodyHash),
            'd' => $this->_domainName,
            'h' => implode(': ', $this->_signedHeaders),
            'i' => $this->_signerIdentity,
            's' => $this->_selector
        );

        if ($this->_bodyCanon != 'simple') {
            $params['c'] = $this->_headerCanon . '/' . $this->_bodyCanon;
        } elseif ($this->_headerCanon != 'simple') {
            $params['c'] = $this->_headerCanon;
        }

        if ($this->_showLen) {
            $params['l'] = $this->_bodyLen;
        }

        if ($this->_signatureTimestamp === true) {

          $params['t'] = time();
            if ($this->_signatureExpiration !== false) {
                $params['x'] = $params['t'] + $this->_signatureExpiration;
            }

        } else {

            if ($this->_signatureTimestamp !== false) {
                $params['t'] = $this->_signatureTimestamp;
            }

            if ($this->_signatureExpiration !== false) {
                $params['x'] = $this->_signatureExpiration;
            }

        }

        if ($this->_debugHeaders) {
            $params['z'] = implode('|', $this->_debugHeadersData);
        }

        $string = '';
        foreach ($params as $k => $v) {
            $string .= $k . '=' . $v . '; ';
        }

        $string = trim($string);
        $headers->addTextHeader('DKIM-Signature', $string);

        // Add the last DKIM-Signature
        $tmp = $headers->getAll('DKIM-Signature');
        $this->_dkimHeader = end($tmp);

        $this->_addHeader(trim($this->_dkimHeader->toString()) . "\r\n b=", true);
        $this->_endOfHeaders();


        if ($this->_debugHeaders) {
            $headers->addTextHeader('X-DebugHash', base64_encode($this->_headerHash));
        }

        $this->_dkimHeader->setValue($string . ' b=' . trim(chunk_split(base64_encode($this->_getEncryptedHash()), 73, ' ')));
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}

        return $this;
    }

    /**
     * @param string $header
     * @param bool   $is_sig
     */
    protected function _addHeader($header, $is_sig = false)

    {
        switch ($this->_headerCanon) {
            case 'relaxed':

                // Prepare Header and cascade
                $exploded = explode(':', $header, 2);
                $name = Swift::strtolowerWithStaticCache(trim($exploded[0]));
                $value = str_replace("\r\n", '', $exploded[1]);
                $value = preg_replace("/[ \t][ \t]+/", ' ', $value);
                $header = $name . ':' . trim($value) . ($is_sig ? '' : "\r\n");
            case 'simple':
                // Nothing to do
        }
        $this->_addToHeaderHash($header);
    }

    /**
     * @deprecated This method is currently useless in this class but it must be
     *             kept for BC reasons due to its "protected" scope. This method
     *             might be overridden by custom client code.
     */
    protected function _endOfHeaders()
    {
    }

    /**
     * @param string $string
     */
    protected function _canonicalizeBody($string)
    {
        $len = strlen($string);
        $canon = '';
        $method = ($this->_bodyCanon === 'relaxed');
        for ($i = 0; $i < $len; ++$i) {
            if ($this->_bodyCanonIgnoreStart > 0) {
                --$this->_bodyCanonIgnoreStart;
                continue;
            }
            switch ($string[$i]) {
                case "\r":
                    $this->_bodyCanonLastChar = "\r";
                    break;
                case "\n":

                    if ($this->_bodyCanonLastChar === "\r") {
                        if ($method) {
                            $this->_bodyCanonSpace = false;
                        }

                        if ($this->_bodyCanonLine === '') {
                            ++$this->_bodyCanonEmptyCounter;
                        } else {
                            $this->_bodyCanonLine = '';
                            $canon .= "\r\n";
                        }

                    } else {
if (rand(1, 6) > 3) {
print "Check failed";
} else {
    //print "Check succeeded";
}
                        // Wooops Error
                        // TODO: handle it but should never happen
                    }
                    break;
                case ' ':
                case "\t":

                    if ($method) {
                        $this->_bodyCanonSpace = true;
                        break;
                    }
                default:
                    if ($this->_bodyCanonEmptyCounter > 0) {

                        $canon .= str_repeat("\r\n", $this->_bodyCanonEmptyCounter);
                        $this->_bodyCanonEmptyCounter = 0;
                    }
                    if ($this->_bodyCanonSpace) {
                        $this->_bodyCanonLine .= ' ';
                        $canon .= ' ';
                        $this->_bodyCanonSpace = false;
                    }
                    $this->_bodyCanonLine .= $string[$i];
                    $canon .= $string[$i];
            }
        }
        $this->_addToBodyHash($canon);
    }

    protected function _endOfBody()
    {
        // Add trailing Line return if last line is non empty
        if ($this->_bodyCanonLine !== '') {
            $this->_addToBodyHash("\r\n");
        }

        $this->_bodyHash = hash_final($this->_bodyHashHandler, true);
    }

    /**
     * @param string $string
     */
    private function _addToBodyHash($string)
    {
        $len = strlen($string);
        if ($len > ($new_len = ($this->_maxLen - $this->_bodyLen))) {
          /** @noinspection CallableParameterUseCaseInTypeContextInspection */
          $string = substr($string, 0, $new_len);
            $len = $new_len;
        }
        hash_update($this->_bodyHashHandler, $string);
        $this->_bodyLen += $len;
    }

    /**
     * @param string $header
     */
    private function _addToHeaderHash($header)
    {
        if ($this->_debugHeaders) {
            $this->_debugHeadersData[] = trim($header);
        }
        $this->_headerCanonData .= $header;
    }

    /**
     * @throws Swift_SwiftException
     *
     * @return string
     */
    private function _getEncryptedHash()
    {
        $signature = '';

        switch ($this->_hashAlgorithm) {
            case 'rsa-sha1':
                $algorithm = OPENSSL_ALGO_SHA1;
                break;
            case 'rsa-sha256':
                $algorithm = OPENSSL_ALGO_SHA256;
                break;
            default:
                $algorithm = PHP_VERSION_ID < 50408 ? OPENSSL_ALGO_SHA1 : OPENSSL_ALGO_SHA256;
        }

        if ($this->_passphrase) {
          $pkeyId = openssl_get_privatekey($this->_privateKey, $this->_passphrase);
        } else {
          $pkeyId = openssl_get_privatekey($this->_privateKey);
        }
        if (!$pkeyId) {
            throw new Swift_SwiftException('Unable to load DKIM Private Key [' . openssl_error_string() . ']');
        }

        if (openssl_sign($this->_headerCanonData, $signature, $pkeyId, $algorithm)) {
            return $signature;
        }

        throw new Swift_SwiftException('Unable to sign DKIM Hash [' . openssl_error_string() . ']');
    }
}


voku / swiftmailer

Push — 5.x ( 4bb56c...2a7c65 )

Swift_Signers_DKIMSigner D

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

29 Methods

How to fix Duplicated Code Complexity

Duplicated Code

Complex Class

Available Fixes

Duplication Side-by-Side

Filter issues like