Sign upLogin

vakata/certificate

View on GitHub
Star
src/P7S.php

Summary

Maintainability
D
2 days
Test Coverage
F
0%

Function validatePDF has a Cognitive Complexity of 41 (exceeds 5 allowed). Consider refactoring.
Open

    public static function validatePDF(string $pdf) : array
    {
        $signers = [];
        $matches = [];
        $current = -1;
Severity: Minor
Found in src/P7S.php - About 6 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

The class P7S has an overall complexity of 63 which is very high. The configured complexity threshold is 50.
Open

class P7S
{
    protected $p7s;
    protected $raw;
Severity: Minor
Found in src/P7S.php by phpmd

Method validateXML has 72 lines of code (exceeds 25 allowed). Consider refactoring.
Open

    public static function validateXML(string $xmlContent, ?Certificate $crt = null) : array
    {
        $xml = new \DOMDocument();
        $xml->preserveWhiteSpace = true;
        $xml->formatOutput = false;
Severity: Major
Found in src/P7S.php - About 2 hrs to fix

    File P7S.php has 275 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    <?php

namespace vakata\certificate;

use vakata\asn1\ASN1;
    Severity: Minor
    Found in src/P7S.php - About 2 hrs to fix

      Function getSigners has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
      Open

          public function getSigners() : array
    {
        $signers = [];
        foreach ($this->p7s->toArray()['data']['signerInfos'] as $k => $v) {
            $signers[$k] = [
      Severity: Minor
      Found in src/P7S.php - About 2 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method validatePDF has 50 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

          public static function validatePDF(string $pdf) : array
    {
        $signers = [];
        $matches = [];
        $current = -1;
      Severity: Minor
      Found in src/P7S.php - About 2 hrs to fix

        Function validateXML has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
        Open

            public static function validateXML(string $xmlContent, ?Certificate $crt = null) : array
    {
        $xml = new \DOMDocument();
        $xml->preserveWhiteSpace = true;
        $xml->formatOutput = false;
        Severity: Minor
        Found in src/P7S.php - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method getSigners has 47 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

            public function getSigners() : array
    {
        $signers = [];
        foreach ($this->p7s->toArray()['data']['signerInfos'] as $k => $v) {
            $signers[$k] = [
        Severity: Minor
        Found in src/P7S.php - About 1 hr to fix

          Function validate has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
          Open

              protected function validate(string $data, bool $hashOnly = false) : array
    {
        $signers = $this->getSigners();
        foreach ($this->p7s->toArray()['data']['signerInfos'] as $k => $v) {
            $signers[$k]['valid'] = false;
          Severity: Minor
          Found in src/P7S.php - About 35 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          The method validatePDF() has a Cyclomatic Complexity of 20. The configured cyclomatic complexity threshold is 10.
          Open

              public static function validatePDF(string $pdf) : array
    {
        $signers = [];
        $matches = [];
        $current = -1;
          Severity: Minor
          Found in src/P7S.php by phpmd

          CyclomaticComplexity

          Since: 0.1

          Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.

          Example

          // Cyclomatic Complexity = 11
class Foo {
1   public function example() {
2       if ($a == $b) {
3           if ($a1 == $b1) {
                fiddle();
4           } elseif ($a2 == $b2) {
                fiddle();
            } else {
                fiddle();
            }
5       } elseif ($c == $d) {
6           while ($c == $d) {
                fiddle();
            }
7        } elseif ($e == $f) {
8           for ($n = 0; $n < $h; $n++) {
                fiddle();
            }
        } else {
            switch ($z) {
9               case 1:
                    fiddle();
                    break;
10              case 2:
                    fiddle();
                    break;
11              case 3:
                    fiddle();
                    break;
                default:
                    fiddle();
                    break;
            }
        }
    }
}

          Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity

          The method validateXML() has a Cyclomatic Complexity of 10. The configured cyclomatic complexity threshold is 10.
          Open

              public static function validateXML(string $xmlContent, ?Certificate $crt = null) : array
    {
        $xml = new \DOMDocument();
        $xml->preserveWhiteSpace = true;
        $xml->formatOutput = false;
          Severity: Minor
          Found in src/P7S.php by phpmd

          CyclomaticComplexity

          Since: 0.1

          Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.

          Example

          // Cyclomatic Complexity = 11
class Foo {
1   public function example() {
2       if ($a == $b) {
3           if ($a1 == $b1) {
                fiddle();
4           } elseif ($a2 == $b2) {
                fiddle();
            } else {
                fiddle();
            }
5       } elseif ($c == $d) {
6           while ($c == $d) {
                fiddle();
            }
7        } elseif ($e == $f) {
8           for ($n = 0; $n < $h; $n++) {
                fiddle();
            }
        } else {
            switch ($z) {
9               case 1:
                    fiddle();
                    break;
10              case 2:
                    fiddle();
                    break;
11              case 3:
                    fiddle();
                    break;
                default:
                    fiddle();
                    break;
            }
        }
    }
}

          Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity

          Missing class import via use statement (line '232', column '28').
          Open

                          $tmp = new \DOMDocument();
          Severity: Minor
          Found in src/P7S.php by phpmd

          MissingImport

          Since: 2.7.0

          Importing all external classes in a file through use statements makes them clearly visible.

          Example

          function make() {
    return new \stdClass();
}

          Source http://phpmd.org/rules/cleancode.html#MissingImport

          Missing class import via use statement (line '209', column '20').
          Open

                  $xml = new \DOMDocument();
          Severity: Minor
          Found in src/P7S.php by phpmd

          MissingImport

          Since: 2.7.0

          Importing all external classes in a file through use statements makes them clearly visible.

          Example

          function make() {
    return new \stdClass();
}

          Source http://phpmd.org/rules/cleancode.html#MissingImport

          Avoid using static access to class '\vakata\asn1\Encoder' in method 'validateXML'.
          Open

                          $sig = Encoder::encode([
                    'i1' => substr($sig, 0, strlen($sig) / 2),
                    'i2' => substr($sig, strlen($sig) / 2),
                ], $map);
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class 'vakata\certificate\Signature' in method 'validateXML'.
          Open

                              (Signature::verify($dat1, $sig, $pub, $alg) || Signature::verify($dat2, $sig, $pub, $alg))
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class '\vakata\asn1\structures\TimestampResponse' in method 'getSigners'.
          Open

                              )->map(TimestampResponse::mapToken());
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class '\vakata\asn1\structures\P7S' in method '__construct'.
          Open

                      $raw = Parser::map();
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class 'vakata\certificate\Signature' in method 'validate'.
          Open

                          $signers[$k]['valid'] = $dHash === $signers[$k]['hash'] && Signature::verify(
                    $signed,
                    base64_decode($v['signature']),
                    Certificate::fromString($signers[$k]['certificate'])->getPublicKey(),
                    $signers[$k]['algorithm']
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class '\vakata\asn1\ASN1' in method 'getSigners'.
          Open

                          'algorithm'   => ASN1::OIDtoText($v['digest_algo']['algorithm']),
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class 'vakata\certificate\Certificate' in method 'validateXML'.
          Open

                              $crt = Certificate::fromString(base64_decode($crt));
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class 'vakata\certificate\Signature' in method 'validateXML'.
          Open

                              (Signature::verify($dat1, $sig, $pub, $alg) || Signature::verify($dat2, $sig, $pub, $alg))
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class '\vakata\asn1\ASN1' in method 'getSigners'.
          Open

                                          ASN1::OIDtoText(
                                    $timestamp['messageImprint']['hashAlgorithm']['algorithm']
                                ),
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class 'vakata\certificate\Certificate' in method 'getSigners'.
          Open

                              $cert = Certificate::fromString(
                        $this->raw['data']['certificates'][$kk]
                    );
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid using static access to class '\vakata\asn1\structures\P7S' in method '__construct'.
          Open

                      $this->p7s = Parser::fromString($data);
          Severity: Minor
          Found in src/P7S.php by phpmd

          StaticAccess

          Since: 1.4.0

          Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

          Example

          class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

          Source https://phpmd.org/rules/cleancode.html#staticaccess

          Avoid unused local variables such as '$sHash'.
          Open

                      $sHash = $dHash;
          Severity: Minor
          Found in src/P7S.php by phpmd

          UnusedLocalVariable

          Since: 0.2

          Detects when a local variable is declared and/or assigned, but not used.

          Example

          class Foo {
    public function doSomething()
    {
        $i = 5; // Unused
    }
}

          Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable

          Line exceeds 120 characters; contains 124 characters
          Open

                      $raw['children']['data']['children']['signerInfos']['repeat']['children']['signed']['tag'] = ASN1::TYPE_ANY_DER;
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Line exceeds 120 characters; contains 135 characters
          Open

                          $ranges = explode(' ', trim(explode(']', (explode('[', (explode('ByteRange', $obj, 2)[1] ?? ''), 2)[1] ?? ''), 2)[0]));
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Line exceeds 120 characters; contains 136 characters
          Open

                              $signature = hex2bin(explode('>', explode('/Contents<', str_replace(["\r","\n","\t", " "], '', $obj), 2)[1], 2)[0]);
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Multi-line function call not indented correctly; expected 28 spaces but found 32
          Open

                                          true
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Multi-line function call not indented correctly; expected 24 spaces but found 28
          Open

                                      )
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Multi-line function call not indented correctly; expected 28 spaces but found 32
          Open

                                          base64_decode($v['signature']),
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Closing brace must be on a line by itself
          Open

                      } catch (\Throwable $e) { continue; }
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Multi-line function call not indented correctly; expected 28 spaces but found 32
          Open

                                          ASN1::OIDtoText(
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Newline required after opening brace
          Open

                      } catch (\Throwable $e) { continue; }
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          Whitespace found at end of line
          Open

                          'valid'       => $dig === $tmp &&
          Severity: Minor
          Found in src/P7S.php by phpcodesniffer

          There are no issues that match your filters.

          Category
          Status