KeyChecker - Code Metrics - web-token/jwt-framework - Measure and Improve Code Quality continuously with Scrutinizer

KeyChecker A
last analyzed 2019-10-31 23:09 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	90
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	1

Importance

Changes

Metric	Value
wmc	27
lcom	1
cbo	1
dl	0
loc	90
rs	10
c	0
b	0
f	0

4 Methods

Rating	Name	Size	Complexity
A	checkKeyUsage()	9	3
A	checkKeyAlgorithm()	9	3
C	checkOperation()	35	14
B	checkUsage()	22	7

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2019 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace Jose\Component\Core\Util;

use InvalidArgumentException;
use Jose\Component\Core\JWK;

/**
 * @internal
 */
class KeyChecker
{
    public static function checkKeyUsage(JWK $key, string $usage): void
    {
        if ($key->has('use')) {
            self::checkUsage($key, $usage);
        }
        if ($key->has('key_ops')) {
            self::checkOperation($key, $usage);
        }
    }

    /**
     * @throws InvalidArgumentException if the key is not suitable for the selected algorithm
     */
    public static function checkKeyAlgorithm(JWK $key, string $algorithm): void
    {
        if (!$key->has('alg')) {
            return;
        }
        if ($key->get('alg') !== $algorithm) {
            throw new InvalidArgumentException(sprintf('Key is only allowed for algorithm "%s".', $key->get('alg')));
        }
    }

    /**
     * @throws InvalidArgumentException if the key is not suitable for the selected operation
     */
    private static function checkOperation(JWK $key, string $usage): void
    {
        $ops = $key->get('key_ops');
        if (!\is_array($ops)) {
            throw new InvalidArgumentException('Invalid key parameter "key_ops". Should be a list of key operations');
        }
        switch ($usage) {
            case 'verification':
                if (!\in_array('verify', $ops, true)) {
                    throw new InvalidArgumentException('Key cannot be used to verify a signature');
                }

                break;
            case 'signature':
                if (!\in_array('sign', $ops, true)) {
                    throw new InvalidArgumentException('Key cannot be used to sign');
                }

                break;
            case 'encryption':
                if (!\in_array('encrypt', $ops, true) && !\in_array('wrapKey', $ops, true) && !\in_array('deriveKey', $ops, true)) {
                    throw new InvalidArgumentException('Key cannot be used to encrypt');
                }

                break;
            case 'decryption':
                if (!\in_array('decrypt', $ops, true) && !\in_array('unwrapKey', $ops, true) && !\in_array('deriveBits', $ops, true)) {
                    throw new InvalidArgumentException('Key cannot be used to decrypt');
                }

                break;
            default:
                throw new InvalidArgumentException('Unsupported key usage.');
        }
    }

    /**
     * @throws InvalidArgumentException if the key is not suitable for the selected operation
     */
    private static function checkUsage(JWK $key, string $usage): void
    {
        $use = $key->get('use');
        switch ($usage) {
            case 'verification':
            case 'signature':
                if ('sig' !== $use) {
                    throw new InvalidArgumentException('Key cannot be used to sign or verify a signature.');
                }

                break;
            case 'encryption':
            case 'decryption':
                if ('enc' !== $use) {
                    throw new InvalidArgumentException('Key cannot be used to encrypt or decrypt.');
                }

                break;
            default:
                throw new InvalidArgumentException('Unsupported key usage.');
        }
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2019 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace Jose\Component\Core\Util;
15
16			use InvalidArgumentException;
17			use Jose\Component\Core\JWK;
18
19			/**
20			* @internal
21			*/
22			class KeyChecker
23			{
24			public static function checkKeyUsage(JWK $key, string $usage): void
25			{
26			if ($key->has('use')) {
27			self::checkUsage($key, $usage);
28			}
29			if ($key->has('key_ops')) {
30			self::checkOperation($key, $usage);
31			}
32			}
33
34			/**
35			* @throws InvalidArgumentException if the key is not suitable for the selected algorithm
36			*/
37			public static function checkKeyAlgorithm(JWK $key, string $algorithm): void
38			{
39			if (!$key->has('alg')) {
40			return;
41			}
42			if ($key->get('alg') !== $algorithm) {
43			throw new InvalidArgumentException(sprintf('Key is only allowed for algorithm "%s".', $key->get('alg')));
44			}
45			}
46
47			/**
48			* @throws InvalidArgumentException if the key is not suitable for the selected operation
49			*/
50			private static function checkOperation(JWK $key, string $usage): void
51			{
52			$ops = $key->get('key_ops');
53			if (!\is_array($ops)) {
54			throw new InvalidArgumentException('Invalid key parameter "key_ops". Should be a list of key operations');
55			}
56			switch ($usage) {
57			case 'verification':
58			if (!\in_array('verify', $ops, true)) {
59			throw new InvalidArgumentException('Key cannot be used to verify a signature');
60			}
61
62			break;
63			case 'signature':
64			if (!\in_array('sign', $ops, true)) {
65			throw new InvalidArgumentException('Key cannot be used to sign');
66			}
67
68			break;
69			case 'encryption':
70			if (!\in_array('encrypt', $ops, true) && !\in_array('wrapKey', $ops, true) && !\in_array('deriveKey', $ops, true)) {
71			throw new InvalidArgumentException('Key cannot be used to encrypt');
72			}
73
74			break;
75			case 'decryption':
76			if (!\in_array('decrypt', $ops, true) && !\in_array('unwrapKey', $ops, true) && !\in_array('deriveBits', $ops, true)) {
77			throw new InvalidArgumentException('Key cannot be used to decrypt');
78			}
79
80			break;
81			default:
82			throw new InvalidArgumentException('Unsupported key usage.');
83			}
84			}
85
86			/**
87			* @throws InvalidArgumentException if the key is not suitable for the selected operation
88			*/
89			private static function checkUsage(JWK $key, string $usage): void
90			{
91			$use = $key->get('use');
92			switch ($usage) {
93			case 'verification':
94			case 'signature':
95			if ('sig' !== $use) {
96			throw new InvalidArgumentException('Key cannot be used to sign or verify a signature.');
97			}
98
99			break;
100			case 'encryption':
101			case 'decryption':
102			if ('enc' !== $use) {
103			throw new InvalidArgumentException('Key cannot be used to encrypt or decrypt.');
104			}
105
106			break;
107			default:
108			throw new InvalidArgumentException('Unsupported key usage.');
109			}
110			}
111			}
112

web-token / jwt-framework

KeyChecker A last analyzed 2019-10-31 23:09 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Importance

4 Methods

Duplication Side-by-Side

Filter issues like

KeyChecker A
last analyzed 2019-10-31 23:09 UTC