Conditions | 2 |
Paths | 2 |
Total Lines | 127 |
Lines | 0 |
Ratio | 0 % |
Changes | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
1 | <?php |
||
90 | private function getAlgorithmMessages(): array |
||
91 | { |
||
92 | $messages = [ |
||
93 | 'none' => [ |
||
94 | 'severity' => 'severity-low', |
||
95 | 'message' => 'This algorithm is not secured. Please use with caution.', |
||
96 | ], |
||
97 | 'HS256/64' => [ |
||
98 | 'severity' => 'severity-low', |
||
99 | 'message' => 'Experimental. Please use for testing purpose only.', |
||
100 | ], |
||
101 | 'RS1' => [ |
||
102 | 'severity' => 'severity-high', |
||
103 | 'message' => 'Experimental. Please use for testing purpose only. SHA-1 hashing function is not recommended.', |
||
104 | ], |
||
105 | 'RS256' => [ |
||
106 | 'severity' => 'severity-medium', |
||
107 | 'message' => 'RSAES-PKCS1-v1_5 based algorithms are not recommended.', |
||
108 | ], |
||
109 | 'RS384' => [ |
||
110 | 'severity' => 'severity-medium', |
||
111 | 'message' => 'RSAES-PKCS1-v1_5 based algorithms are not recommended.', |
||
112 | ], |
||
113 | 'RS512' => [ |
||
114 | 'severity' => 'severity-medium', |
||
115 | 'message' => 'RSAES-PKCS1-v1_5 based algorithms are not recommended.', |
||
116 | ], |
||
117 | 'HS1' => [ |
||
118 | 'severity' => 'severity-high', |
||
119 | 'message' => 'This algorithm has known vulnerabilities. See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-17">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-17</a>. SHA-1 hashing function is not recommended.', |
||
120 | ], |
||
121 | 'A128CTR' => [ |
||
122 | 'severity' => 'severity-high', |
||
123 | 'message' => 'This algorithm is prohibited. For compatibility with old application only. See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11</a>.', |
||
124 | ], |
||
125 | 'A192CTR' => [ |
||
126 | 'severity' => 'severity-high', |
||
127 | 'message' => 'This algorithm is prohibited. For compatibility with old application only. See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11</a>.', |
||
128 | ], |
||
129 | 'A256CTR' => [ |
||
130 | 'severity' => 'severity-high', |
||
131 | 'message' => 'This algorithm is prohibited. For compatibility with old application only. See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11</a>.', |
||
132 | ], |
||
133 | 'A128CBC' => [ |
||
134 | 'severity' => 'severity-high', |
||
135 | 'message' => 'This algorithm is prohibited. For compatibility with old application only. See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11</a>.', |
||
136 | ], |
||
137 | 'A192CBC' => [ |
||
138 | 'severity' => 'severity-high', |
||
139 | 'message' => 'This algorithm is prohibited. For compatibility with old application only. See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11</a>.', |
||
140 | ], |
||
141 | 'A256CBC' => [ |
||
142 | 'severity' => 'severity-high', |
||
143 | 'message' => 'This algorithm is prohibited. For compatibility with old application only. See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-11</a>.', |
||
144 | ], |
||
145 | 'chacha20-poly1305' => [ |
||
146 | 'severity' => 'severity-low', |
||
147 | 'message' => 'Experimental. Please use for testing purpose only.', |
||
148 | ], |
||
149 | 'RSA-OAEP-384' => [ |
||
150 | 'severity' => 'severity-low', |
||
151 | 'message' => 'Experimental. Please use for testing purpose only.', |
||
152 | ], |
||
153 | 'RSA-OAEP-512' => [ |
||
154 | 'severity' => 'severity-low', |
||
155 | 'message' => 'Experimental. Please use for testing purpose only.', |
||
156 | ], |
||
157 | 'A128CCM-16-64' => [ |
||
158 | 'severity' => 'severity-low', |
||
159 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
160 | ], |
||
161 | 'A256CCM-16-64' => [ |
||
162 | 'severity' => 'severity-low', |
||
163 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
164 | ], |
||
165 | 'A128CCM-64-64' => [ |
||
166 | 'severity' => 'severity-low', |
||
167 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
168 | ], |
||
169 | 'A256CCM-64-64' => [ |
||
170 | 'severity' => 'severity-low', |
||
171 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
172 | ], |
||
173 | 'A128CCM-16-128' => [ |
||
174 | 'severity' => 'severity-low', |
||
175 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
176 | ], |
||
177 | 'A256CCM-16-128' => [ |
||
178 | 'severity' => 'severity-low', |
||
179 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
180 | ], |
||
181 | 'A128CCM-64-128' => [ |
||
182 | 'severity' => 'severity-low', |
||
183 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
184 | ], |
||
185 | 'A256CCM-64-128' => [ |
||
186 | 'severity' => 'severity-low', |
||
187 | 'message' => 'Experimental and subject to changes. Please use for testing purpose only.', |
||
188 | ], |
||
189 | 'RSA1_5' => [ |
||
190 | 'severity' => 'severity-high', |
||
191 | 'message' => 'This algorithm is not secured (known attacks). See <a target="_blank" href="https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-5">https://tools.ietf.org/html/draft-irtf-cfrg-webcrypto-algorithms-00#section-5</a>.', |
||
192 | ], |
||
193 | ]; |
||
194 | if (!\function_exists('openssl_pkey_derive')) { |
||
195 | $messages += [ |
||
196 | 'ECDH-ES' => [ |
||
197 | 'severity' => 'severity-medium', |
||
198 | 'message' => 'This algorithm is very slow when used with curves P-256, P-384, P-521 with php 7.2 and below.', |
||
199 | ], |
||
200 | 'ECDH-ES+A128KW' => [ |
||
201 | 'severity' => 'severity-medium', |
||
202 | 'message' => 'This algorithm is very slow when used with curves P-256, P-384, P-521 with php 7.2 and below.', |
||
203 | ], |
||
204 | 'ECDH-ES+A192KW' => [ |
||
205 | 'severity' => 'severity-medium', |
||
206 | 'message' => 'This algorithm is very slow when used with curves P-256, P-384, P-521 with php 7.2 and below.', |
||
207 | ], |
||
208 | 'ECDH-ES+A256KW' => [ |
||
209 | 'severity' => 'severity-medium', |
||
210 | 'message' => 'This algorithm is very slow when used with curves P-256, P-384, P-521 with php 7.2 and below.', |
||
211 | ], |
||
212 | ]; |
||
213 | } |
||
214 | |||
215 | return $messages; |
||
216 | } |
||
217 | } |
||
218 |