Security::validate_signature() - Code Metrics - Inspection of "Work in progress." - wp-pay-gateways/omnikassa-2 - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — feature/post-pay ( 4d43ec...e3663d )

by Remco

created 2018-10-12 14:34 UTC

Security::validate_signature() A

↳ Parent: Security

Complexity

Conditions	3
Paths	2

Size

Total Lines	7
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	3.1406

Importance

Changes

Metric	Value
cc	3
eloc	3
nc	2
nop	2
dl	0
loc	7
ccs	3
cts	4
cp	0.75
crap	3.1406
rs	10
c	0
b	0
f	0

<?php
/**
 * Security
 *
 * @author    Pronamic <[email protected]>
 * @copyright 2005-2018 Pronamic
 * @license   GPL-3.0-or-later
 * @package   Pronamic\WordPress\Pay\Gateways\OmniKassa2
 */

namespace Pronamic\WordPress\Pay\Gateways\OmniKassa2;

/**
 * Security
 *
 * @author  Remco Tolsma
 * @version 2.0.2
 * @since   1.0.0
 */
class Security {
	/**
	 * Calculdate signature for specific data.
	 *
	 * @param Signable $signable    Signable object.
	 * @param string   $signing_key Signing Key.
	 * @return string|null
	 */
	public static function get_signature( Signable $signable, $signing_key ) {
		$data = $signable->get_signature_data();

		if ( empty( $data ) ) {
			return null;
		}

		if ( empty( $signing_key ) ) {
			return null;
		}

		$decoded_signing_key = base64_decode( $signing_key );

		if ( false === $decoded_signing_key ) {
			return null;
		}

		$combined = implode( ',', $data );

		var_dump( $combined );


		$signature = hash_hmac(
			'sha512',
			$combined,
			$decoded_signing_key
		);

		return $signature;
	}

	/**
	 * Validate signature.
	 *
	 * @param string $signature_a Signature A.
	 * @param string $signature_b Signature B.
	 * @return bool True if valid, false otherwise.
	 */
	public static function validate_signature( $signature_a, $signature_b ) {
		if ( empty( $signature_a ) || empty( $signature_b ) ) {
			// Empty signature string or null from calculation.
			return false;
		}

		return ( 0 === strcasecmp( $signature_a, $signature_b ) );
	}
}


1		<?php
2		/**
3		* Security
4		*
5		* @author Pronamic <[email protected]>
6		* @copyright 2005-2018 Pronamic
7		* @license GPL-3.0-or-later
8		* @package Pronamic\WordPress\Pay\Gateways\OmniKassa2
9		*/
10
11		namespace Pronamic\WordPress\Pay\Gateways\OmniKassa2;
12
13		/**
14		* Security
15		*
16		* @author Remco Tolsma
17		* @version 2.0.2
18		* @since 1.0.0
19		*/
20		class Security {
21		/**
22		* Calculdate signature for specific data.
23		*
24		* @param Signable $signable Signable object.
25		* @param string $signing_key Signing Key.
26		* @return string\|null
27		*/
28	4	public static function get_signature( Signable $signable, $signing_key ) {
29	4	$data = $signable->get_signature_data();
30
31	4	if ( empty( $data ) ) {
32		return null;
33		}
34
35	4	if ( empty( $signing_key ) ) {
36		return null;
37		}
38
39	4	$decoded_signing_key = base64_decode( $signing_key );
40
41	4	if ( false === $decoded_signing_key ) {
42		return null;
43		}
44
45	4	$combined = implode( ',', $data );
46
47	4	var_dump( $combined );
		0 ignored issues – show Security Debugging Code introduced 2018-10-12 14:39 UTC by Report Bug Copy Issue Report `var_dump($combined)` looks like debug code. Are you sure you do not want to remove it? Loading history...
48
49	4	$signature = hash_hmac(
50	4	'sha512',
51	4	$combined,
52	4	$decoded_signing_key
53		);
54
55	4	return $signature;
56		}
57
58		/**
59		* Validate signature.
60		*
61		* @param string $signature_a Signature A.
62		* @param string $signature_b Signature B.
63		* @return bool True if valid, false otherwise.
64		*/
65	3	public static function validate_signature( $signature_a, $signature_b ) {
66	3	if ( empty( $signature_a ) \|\| empty( $signature_b ) ) {
67		// Empty signature string or null from calculation.
68		return false;
69		}
70
71	3	return ( 0 === strcasecmp( $signature_a, $signature_b ) );
72		}
73		}
74

wp-pay-gateways / omnikassa-2

Push — feature/post-pay ( 4d43ec...e3663d )

Security::validate_signature() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like