Issues in Security.php - Failed Issues - Inspection of "Add manual URL." - wp-pay-gateways/ideal-advanced-v3 - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — develop ( c3b633...127e22 )

by Reüel

created 2019-10-15 21:27 UTC

src/Security.php (2 issues)

Labels

Severity

Major 2

<?php

namespace Pronamic\WordPress\Pay\Gateways\IDealAdvancedV3;

/**
 * Title: Security
 * Description:
 * Copyright: 2005-2019 Pronamic
 * Company: Pronamic
 *
 * @author  Remco Tolsma
 * @version 2.0.0
 * @since   1.0.0
 */
class Security {
	/**
	 * Indicator for the begin of an certificate
	 *
	 * @var string
	 */
	const CERTIFICATE_BEGIN = '-----BEGIN CERTIFICATE-----';

	/**
	 * Indicator for the end of an certificate
	 *
	 * @var string
	 */
	const CERTIFICATE_END = '-----END CERTIFICATE-----';

	/**
	 * Get the sha1 fingerprint from the specified certificate
	 *
	 * @param string $certificate
	 *
	 * @return string Fingerprint or null on failure
	 */
	public static function get_sha_fingerprint( $certificate ) {
		return self::get_fingerprint( $certificate, 'sha1' );
	}

	/**
	 * Get the md5 fingerprint from the specified certificate
	 *
	 * @param string $certificate
	 *
	 * @return string Fingerprint or null on failure
	 */
	public static function get_md5_fingerprint( $certificate ) {
		return self::get_fingerprint( $certificate, 'md5' );
	}

	/**
	 * Get the fingerprint from the specified certificate
	 *
	 * @param string $certificate
	 *
	 * @return string Fingerprint or null on failure
	 */
	public static function get_fingerprint( $certificate, $hash = null ) {
		$fingerprint = null;

		// The openssl_x509_read() function will throw an warning if the supplied
		// parameter cannot be coerced into an X509 certificate
		// @codingStandardsIgnoreStart
		$resource = @openssl_x509_read( $certificate );
		// @codingStandardsIgnoreEnd

		if ( false === $resource ) {
			return false;

		}

		$output = null;

		$result = openssl_x509_export( $resource, $output );

		if ( false === $result ) {
			return false;

		}

		$output = str_replace( self::CERTIFICATE_BEGIN, '', $output );
		$output = str_replace( self::CERTIFICATE_END, '', $output );

		// Base64 decode
		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode
		$fingerprint = base64_decode( $output );

		// Hash
		if ( null !== $hash ) {
			$fingerprint = hash( $hash, $fingerprint );
		}

		/*
		 * Uppercase
		 *
		 * Cannot find private certificate file with fingerprint: b4845cb5cbcee3e1e0afef2662552a2365960e72
		 * (Note: Some acquirers only accept fingerprints in uppercase. Make the value of "KeyName" in your XML data uppercase.).
		 * https://www.ideal-checkout.nl/simulator/
		 *
		 * @since 1.1.11
		 */
		$fingerprint = strtoupper( $fingerprint );

		return $fingerprint;
	}
}


1			<?php
2
3			namespace Pronamic\WordPress\Pay\Gateways\IDealAdvancedV3;
4
5			/**
6			* Title: Security
7			* Description:
8			* Copyright: 2005-2019 Pronamic
9			* Company: Pronamic
10			*
11			* @author Remco Tolsma
12			* @version 2.0.0
13			* @since 1.0.0
14			*/
15			class Security {
16			/**
17			* Indicator for the begin of an certificate
18			*
19			* @var string
20			*/
21			const CERTIFICATE_BEGIN = '-----BEGIN CERTIFICATE-----';
22
23			/**
24			* Indicator for the end of an certificate
25			*
26			* @var string
27			*/
28			const CERTIFICATE_END = '-----END CERTIFICATE-----';
29
30			/**
31			* Get the sha1 fingerprint from the specified certificate
32			*
33			* @param string $certificate
34			*
35			* @return string Fingerprint or null on failure
36			*/
37			public static function get_sha_fingerprint( $certificate ) {
38			return self::get_fingerprint( $certificate, 'sha1' );
39			}
40
41			/**
42			* Get the md5 fingerprint from the specified certificate
43			*
44			* @param string $certificate
45			*
46			* @return string Fingerprint or null on failure
47			*/
48			public static function get_md5_fingerprint( $certificate ) {
49			return self::get_fingerprint( $certificate, 'md5' );
50			}
51
52			/**
53			* Get the fingerprint from the specified certificate
54			*
55			* @param string $certificate
56			*
57			* @return string Fingerprint or null on failure
58			*/
59			public static function get_fingerprint( $certificate, $hash = null ) {
60			$fingerprint = null;
61
62			// The openssl_x509_read() function will throw an warning if the supplied
63			// parameter cannot be coerced into an X509 certificate
64			// @codingStandardsIgnoreStart
65			$resource = @openssl_x509_read( $certificate );
66			// @codingStandardsIgnoreEnd
67
68			if ( false === $resource ) {
69			return false;
			0 ignored issues – show Bug Best Practice introduced 2018-10-23 12:38 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return false` returns the type `false` which is incompatible with the documented return type `string`. Loading history...
70			}
71
72			$output = null;
73
74			$result = openssl_x509_export( $resource, $output );
75
76			if ( false === $result ) {
77			return false;
			0 ignored issues – show Bug Best Practice introduced 2018-10-23 12:38 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return false` returns the type `false` which is incompatible with the documented return type `string`. Loading history...
78			}
79
80			$output = str_replace( self::CERTIFICATE_BEGIN, '', $output );
81			$output = str_replace( self::CERTIFICATE_END, '', $output );
82
83			// Base64 decode
84			// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode
85			$fingerprint = base64_decode( $output );
86
87			// Hash
88			if ( null !== $hash ) {
89			$fingerprint = hash( $hash, $fingerprint );
90			}
91
92			/*
93			* Uppercase
94			*
95			* Cannot find private certificate file with fingerprint: b4845cb5cbcee3e1e0afef2662552a2365960e72
96			* (Note: Some acquirers only accept fingerprints in uppercase. Make the value of "KeyName" in your XML data uppercase.).
97			* https://www.ideal-checkout.nl/simulator/
98			*
99			* @since 1.1.11
100			*/
101			$fingerprint = strtoupper( $fingerprint );
102
103			return $fingerprint;
104			}
105			}
106

wp-pay-gateways / ideal-advanced-v3

Push — develop ( c3b633...127e22 )

src/Security.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like