Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /var/www/html/libraries/vendor/web-token/jwt-library/KeyManagement/Analyzer/ZxcvbnKeyAnalyzer.php

ÐÐ°Ð·Ð°Ð´
<?php declare(strict_types=1); namespace Jose\Component\KeyManagement\Analyzer; use Jose\Component\Core\JWK; use Jose\Component\Core\Util\Base64UrlSafe; use Throwable; use ZxcvbnPhp\Zxcvbn; use function is_string; final class ZxcvbnKeyAnalyzer implements KeyAnalyzer { public function analyze(JWK $jwk, MessageBag $bag): void { if ($jwk->get('kty') !== 'oct') { return; } $k = $jwk->get('k'); if (! is_string($k)) { $bag->add(Message::high('The key is not valid')); return; } $k = Base64UrlSafe::decodeNoPadding($k); if (! class_exists(Zxcvbn::class)) { return; } $zxcvbn = new Zxcvbn(); try { $strength = $zxcvbn->passwordStrength($k); switch (true) { case $strength['score'] < 3: $bag->add( Message::high( 'The octet string is weak and easily guessable. Please change your key as soon as possible.' ) ); break; case $strength['score'] === 3: $bag->add(Message::medium('The octet string is safe, but a longer key is preferable.')); break; default: break; } } catch (Throwable) { $bag->add(Message::medium('The test of the weakness cannot be performed.')); } } }

| ver. 1.1 | | . | PHP 8.4.18 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°