Issues in Security.php - Failed Issues - Inspection of "Simplify Apple Pay Merchant Identity certificate a..." - wp-pay-gateways/adyen - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — develop ( 5edab0...b80e50 )

by Reüel

created 2020-03-05 14:01 UTC

src/Security.php (2 issues)

Labels

Severity

Major 2

<?php
/**
 * Security
 *
 * @author    Pronamic <[email protected]>
 * @copyright 2005-2020 Pronamic
 * @license   GPL-3.0-or-later
 * @package   Pronamic\WordPress\Pay\Gateways\Adyen
 */

namespace Pronamic\WordPress\Pay\Gateways\Adyen;

/**
 * Title: Security
 * Description:
 * Copyright: 2005-2020 Pronamic
 * Company: Pronamic
 *
 * @author  Remco Tolsma
 * @version 1.0.7
 * @since   1.0.7
 */
class Security {
	/**
	 * Indicator for the begin of an certificate
	 *
	 * @var string
	 */
	const CERTIFICATE_BEGIN = '-----BEGIN CERTIFICATE-----';

	/**
	 * Indicator for the end of an certificate
	 *
	 * @var string
	 */
	const CERTIFICATE_END = '-----END CERTIFICATE-----';

	/**
	 * Get the sha1 fingerprint from the specified certificate
	 *
	 * @param string $certificate
	 *
	 * @return string Fingerprint or null on failure
	 */
	public static function get_sha_fingerprint( $certificate ) {
		return self::get_fingerprint( $certificate, 'sha1' );
	}

	/**
	 * Get the md5 fingerprint from the specified certificate
	 *
	 * @param string $certificate
	 *
	 * @return string Fingerprint or null on failure
	 */
	public static function get_md5_fingerprint( $certificate ) {
		return self::get_fingerprint( $certificate, 'md5' );
	}

	/**
	 * Get the fingerprint from the specified certificate
	 *
	 * @param string $certificate
	 *
	 * @return string Fingerprint or null on failure
	 */
	public static function get_fingerprint( $certificate, $hash = null ) {
		$fingerprint = null;

		// The openssl_x509_read() function will throw an warning if the supplied
		// parameter cannot be coerced into an X509 certificate
		// @codingStandardsIgnoreStart
		$resource = @openssl_x509_read( $certificate );
		// @codingStandardsIgnoreEnd

		if ( false === $resource ) {
			return false;

		}

		$output = null;

		$result = openssl_x509_export( $resource, $output );

		if ( false === $result ) {
			return false;

		}

		$output = str_replace( self::CERTIFICATE_BEGIN, '', $output );
		$output = str_replace( self::CERTIFICATE_END, '', $output );

		// Base64 decode
		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode
		$fingerprint = base64_decode( $output );

		// Hash
		if ( null !== $hash ) {
			$fingerprint = hash( $hash, $fingerprint );
		}

		/*
		 * Uppercase
		 *
		 * Cannot find private certificate file with fingerprint: b4845cb5cbcee3e1e0afef2662552a2365960e72
		 * (Note: Some acquirers only accept fingerprints in uppercase. Make the value of "KeyName" in your XML data uppercase.).
		 * https://www.ideal-checkout.nl/simulator/
		 *
		 * @since 1.1.11
		 */
		$fingerprint = strtoupper( $fingerprint );

		return $fingerprint;
	}
}


1			<?php
2			/**
3			* Security
4			*
5			* @author Pronamic <[email protected]>
6			* @copyright 2005-2020 Pronamic
7			* @license GPL-3.0-or-later
8			* @package Pronamic\WordPress\Pay\Gateways\Adyen
9			*/
10
11			namespace Pronamic\WordPress\Pay\Gateways\Adyen;
12
13			/**
14			* Title: Security
15			* Description:
16			* Copyright: 2005-2020 Pronamic
17			* Company: Pronamic
18			*
19			* @author Remco Tolsma
20			* @version 1.0.7
21			* @since 1.0.7
22			*/
23			class Security {
24			/**
25			* Indicator for the begin of an certificate
26			*
27			* @var string
28			*/
29			const CERTIFICATE_BEGIN = '-----BEGIN CERTIFICATE-----';
30
31			/**
32			* Indicator for the end of an certificate
33			*
34			* @var string
35			*/
36			const CERTIFICATE_END = '-----END CERTIFICATE-----';
37
38			/**
39			* Get the sha1 fingerprint from the specified certificate
40			*
41			* @param string $certificate
42			*
43			* @return string Fingerprint or null on failure
44			*/
45			public static function get_sha_fingerprint( $certificate ) {
46			return self::get_fingerprint( $certificate, 'sha1' );
47			}
48
49			/**
50			* Get the md5 fingerprint from the specified certificate
51			*
52			* @param string $certificate
53			*
54			* @return string Fingerprint or null on failure
55			*/
56			public static function get_md5_fingerprint( $certificate ) {
57			return self::get_fingerprint( $certificate, 'md5' );
58			}
59
60			/**
61			* Get the fingerprint from the specified certificate
62			*
63			* @param string $certificate
64			*
65			* @return string Fingerprint or null on failure
66			*/
67			public static function get_fingerprint( $certificate, $hash = null ) {
68			$fingerprint = null;
69
70			// The openssl_x509_read() function will throw an warning if the supplied
71			// parameter cannot be coerced into an X509 certificate
72			// @codingStandardsIgnoreStart
73			$resource = @openssl_x509_read( $certificate );
74			// @codingStandardsIgnoreEnd
75
76			if ( false === $resource ) {
77			return false;
			0 ignored issues – show Bug Best Practice introduced 2020-03-05 14:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return false` returns the type `false` which is incompatible with the documented return type `string`. Loading history...
78			}
79
80			$output = null;
81
82			$result = openssl_x509_export( $resource, $output );
83
84			if ( false === $result ) {
85			return false;
			0 ignored issues – show Bug Best Practice introduced 2020-03-05 14:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return false` returns the type `false` which is incompatible with the documented return type `string`. Loading history...
86			}
87
88			$output = str_replace( self::CERTIFICATE_BEGIN, '', $output );
89			$output = str_replace( self::CERTIFICATE_END, '', $output );
90
91			// Base64 decode
92			// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode
93			$fingerprint = base64_decode( $output );
94
95			// Hash
96			if ( null !== $hash ) {
97			$fingerprint = hash( $hash, $fingerprint );
98			}
99
100			/*
101			* Uppercase
102			*
103			* Cannot find private certificate file with fingerprint: b4845cb5cbcee3e1e0afef2662552a2365960e72
104			* (Note: Some acquirers only accept fingerprints in uppercase. Make the value of "KeyName" in your XML data uppercase.).
105			* https://www.ideal-checkout.nl/simulator/
106			*
107			* @since 1.1.11
108			*/
109			$fingerprint = strtoupper( $fingerprint );
110
111			return $fingerprint;
112			}
113			}
114

wp-pay-gateways / adyen

Push — develop ( 5edab0...b80e50 )

src/Security.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like