| line |
true |
false |
branch |
|
36
|
0 |
87 |
unless defined $key |
|
37
|
1 |
86 |
unless ref $key |
|
39
|
48 |
38 |
if ref $key eq "Crypt::PK::RSA" |
|
40
|
38 |
0 |
if ref $key eq "HASH" or ref $key eq "SCALAR" |
|
41
|
0 |
0 |
if ref $key eq "ARRAY" |
|
44
|
0 |
0 |
if (ref $key eq 'Crypt::OpenSSL::RSA') { } |
|
|
0 |
0 |
elsif (ref($key) =~ /^Crypt::(X509|OpenSSL::X509)$/) { } |
|
46
|
0 |
0 |
$key->is_private ? : |
|
53
|
0 |
0 |
if defined $str and not ref $str |
|
59
|
0 |
13 |
unless defined $key |
|
60
|
1 |
12 |
unless ref $key |
|
62
|
8 |
4 |
if ref $key eq "Crypt::PK::ECC" |
|
63
|
4 |
0 |
if ref $key eq "HASH" or ref $key eq "SCALAR" |
|
64
|
0 |
0 |
if ref $key eq "ARRAY" |
|
70
|
0 |
2 |
unless defined $key |
|
71
|
0 |
2 |
unless ref $key |
|
73
|
0 |
2 |
if ref $key eq "Crypt::PK::Ed25519" |
|
74
|
2 |
0 |
if ref $key eq "HASH" or ref $key eq "SCALAR" |
|
75
|
0 |
0 |
if ref $key eq "ARRAY" |
|
81
|
0 |
57 |
unless defined $key |
|
82
|
0 |
57 |
unless ref $key |
|
85
|
48 |
9 |
if ref($key) =~ /^Crypt::PK::(ECC|X25519)$/ |
|
87
|
9 |
0 |
if (ref $key eq "HASH" or ref $key eq "SCALAR") |
|
90
|
9 |
0 |
if defined $rv |
|
92
|
0 |
0 |
if (ref $key eq "ARRAY") |
|
95
|
0 |
0 |
if defined $rv |
|
102
|
0 |
254 |
unless defined $key |
|
103
|
7 |
247 |
if (ref $key eq 'HASH' and $key->{'k'} and $key->{'kty'} and $key->{'kty'} eq 'oct') { } |
|
|
247 |
0 |
elsif (not ref $key) { } |
|
114
|
0 |
4 |
unless defined $kid and defined $alg |
|
115
|
2 |
2 |
if $kid_keys and not ref $kid_keys |
|
116
|
0 |
4 |
if ref $kid_keys ne "HASH" |
|
118
|
4 |
0 |
if (exists $kid_keys->{'keys'} and ref $kid_keys->{'keys'} eq 'ARRAY') { } |
|
121
|
4 |
4 |
if ($_->{'kid'} and $_->{'kty'} and $_->{'kid'} eq $kid) |
|
130
|
0 |
0 |
if $kid_keys->{$kid} and not ref $kid_keys->{$kid} |
|
132
|
0 |
4 |
unless $found |
|
133
|
4 |
0 |
if $found->{'kty'} eq "oct" and $alg =~ /^(HS|dir|PBES2-HS|A)/ |
|
134
|
0 |
0 |
if $found->{'kty'} eq "OKP" and $alg =~ /^(EdDSA|ECDH-ES)/ |
|
135
|
0 |
0 |
if $found->{'kty'} eq "EC" and $alg =~ /^(ES|EC)/ |
|
136
|
0 |
0 |
if $found->{'kty'} eq "RSA" and $alg =~ /^(RS|PS)/ |
|
142
|
0 |
279 |
unless $b64url |
|
144
|
0 |
279 |
unless $json |
|
146
|
0 |
279 |
unless ref $hash eq "HASH" |
|
161
|
2 |
17 |
if $args{'auto_iat'} |
|
162
|
4 |
15 |
if defined $args{'relative_exp'} |
|
163
|
2 |
17 |
if defined $args{'relative_nbf'} |
|
169
|
1 |
266 |
if $args{'ignore_claims'} |
|
171
|
206 |
60 |
if (ref $payload ne "HASH") |
|
175
|
2 |
1428 |
if (defined $args{"verify_$claim"} and $args{"verify_$claim"} != 0) |
|
186
|
45 |
15 |
if (defined $payload->{'exp'}) { } |
|
|
0 |
30 |
elsif ($args{'verify_exp'} and $args{'verify_exp'} == 1) { } |
|
187
|
41 |
4 |
if (not defined $args{'verify_exp'} or $args{'verify_exp'} == 1) |
|
188
|
7 |
34 |
if $payload->{'exp'} + $leeway <= $now |
|
196
|
30 |
23 |
if (defined $payload->{'nbf'}) { } |
|
|
0 |
46 |
elsif ($args{'verify_nbf'} and $args{'verify_nbf'} == 1) { } |
|
197
|
29 |
1 |
if (not defined $args{'verify_nbf'} or $args{'verify_nbf'} == 1) |
|
198
|
3 |
26 |
if $payload->{'nbf'} - $leeway > $now |
|
206
|
4 |
46 |
if (exists $args{'verify_iat'}) |
|
207
|
4 |
0 |
if (defined $payload->{'iat'}) { } |
|
|
0 |
0 |
elsif ($args{'verify_iat'} and $args{'verify_iat'} == 1) { } |
|
208
|
3 |
1 |
if (not defined $args{'verify_iat'} or $args{'verify_iat'} == 1) |
|
209
|
2 |
1 |
if $payload->{'iat'} - $leeway > $now |
|
220
|
118 |
47 |
unless defined $check |
|
222
|
43 |
4 |
if (exists $payload->{$claim}) { } |
|
223
|
15 |
28 |
if (ref $check eq 'Regexp') { } |
|
|
14 |
14 |
elsif (ref $check eq 'CODE') { } |
|
|
14 |
0 |
elsif (not ref $check) { } |
|
225
|
1 |
14 |
unless defined $value |
|
226
|
5 |
10 |
unless $value =~ /$check/ |
|
229
|
4 |
10 |
unless &$check($payload->{$claim}) |
|
233
|
4 |
10 |
unless defined $value and $value eq $check |
|
248
|
2 |
2 |
ref $z eq 'ARRAY' ? : |
|
249
|
4 |
0 |
if ($zip[0] eq 'deflate') { } |
|
250
|
2 |
2 |
defined $zip[1] ? : |
|
254
|
0 |
4 |
unless $d->deflate($payload, $output) == Z_OK() |
|
255
|
0 |
4 |
unless $d->flush($output) == Z_OK() |
|
256
|
0 |
4 |
unless $output |
|
267
|
15 |
0 |
if ($z eq 'DEF') { } |
|
271
|
0 |
15 |
unless $output |
|
282
|
21 |
127 |
if (ref($payload) =~ /^(HASH|ARRAY)$/) { } |
|
286
|
0 |
127 |
unless utf8::downgrade($payload, 1) |
|
293
|
62 |
205 |
if defined $decode_payload and $decode_payload == 0 |
|
296
|
14 |
191 |
if ($decode_payload) { } |
|
297
|
0 |
14 |
unless $de |
|
301
|
51 |
140 |
defined $de ? : |
|
310
|
12 |
103 |
if ($alg eq "dir") |
|
316
|
55 |
48 |
if ($enc =~ /^A(128|192|256)GCM/) { } |
|
|
48 |
0 |
elsif ($enc =~ /^A(128|192|256)CBC/) { } |
|
323
|
18 |
85 |
if ($alg =~ /^A(128|192|256)KW$/) { } |
|
|
18 |
67 |
elsif ($alg =~ /^A(128|192|256)GCMKW$/) { } |
|
|
24 |
43 |
elsif ($alg =~ /^PBES2-HS(512|384|256)\+A(128|192|256)KW$/) { } |
|
|
18 |
25 |
elsif ($alg =~ /^RSA(-OAEP|-OAEP-256|1_5)$/) { } |
|
|
19 |
6 |
elsif ($alg =~ /^ECDH-ES\+A(128|192|256)KW$/) { } |
|
|
6 |
0 |
elsif ($alg eq 'ECDH-ES') { } |
|
335
|
0 |
24 |
&looks_like_number($hdr->{'p2s'}) && $hdr->{'p2s'} >= 8 && $hdr->{'p2s'} <= 9999 ? : |
|
337
|
0 |
24 |
&looks_like_number($hdr->{'p2c'}) ? : |
|
366
|
18 |
150 |
if ($alg eq 'dir') { } |
|
|
22 |
128 |
elsif ($alg =~ /^A(128|192|256)KW$/) { } |
|
|
22 |
106 |
elsif ($alg =~ /^A(128|192|256)GCMKW$/) { } |
|
|
39 |
67 |
elsif ($alg =~ /^PBES2-HS(512|384|256)\+A(128|192|256)KW$/) { } |
|
|
35 |
32 |
elsif ($alg =~ /^RSA(-OAEP|-OAEP-256|1_5)$/) { } |
|
|
22 |
10 |
elsif ($alg =~ /^ECDH-ES\+A(128|192|256)KW$/) { } |
|
|
10 |
0 |
elsif ($alg eq 'ECDH-ES') { } |
|
395
|
0 |
115 |
defined $b64u_aad ? : |
|
396
|
61 |
54 |
if ($enc =~ /^A(128|192|256)GCM$/) { } |
|
|
54 |
0 |
elsif ($enc =~ /^A(128|192|256)CBC-HS(256|384|512)$/) { } |
|
400
|
0 |
61 |
unless $len1 == $len2 |
|
411
|
0 |
54 |
unless $key_len == $size |
|
427
|
89 |
79 |
if ($enc =~ /^A(128|192|256)GCM$/) { } |
|
|
79 |
0 |
elsif ($enc =~ /^A(128|192|256)CBC-HS(256|384|512)$/) { } |
|
431
|
0 |
89 |
unless $len1 == $len2 |
|
440
|
0 |
79 |
unless $key_len == $size |
|
446
|
0 |
79 |
unless $sig eq $tag |
|
459
|
2 |
113 |
$args{'extra_headers'} ? : |
|
460
|
0 |
115 |
unless defined $enc |
|
461
|
0 |
115 |
unless defined $payload |
|
463
|
7 |
108 |
if ref $payload eq "HASH" |
|
467
|
2 |
113 |
if $args{'zip'} |
|
472
|
0 |
115 |
unless $args{'key'} |
|
473
|
0 |
115 |
defined $args{'keypass'} ? : |
|
479
|
0 |
115 |
defined $args{'aad'} ? : |
|
498
|
0 |
174 |
if $b64u_header and not $header |
|
499
|
0 |
174 |
if $b64u_ecek and not $ecek |
|
500
|
0 |
174 |
if $b64u_ct and not $ct |
|
501
|
0 |
174 |
if $b64u_iv and not $iv |
|
502
|
0 |
174 |
if $b64u_tag and not $tag |
|
505
|
172 |
2 |
if (exists $args{'key'}) { } |
|
|
2 |
0 |
elsif (exists $args{'kid_keys'}) { } |
|
506
|
0 |
172 |
defined $args{'keypass'} ? : |
|
512
|
0 |
2 |
unless defined $k |
|
515
|
0 |
174 |
unless defined $key |
|
518
|
1 |
173 |
if (ref $aa eq 'Regexp') { } |
|
|
5 |
168 |
elsif ($aa and ref $aa eq 'ARRAY' || !ref($aa)) { } |
|
519
|
1 |
0 |
unless $header->{'alg'} =~ /$aa/ |
|
522
|
2 |
3 |
ref $aa ? : |
|
523
|
2 |
3 |
unless $acca{$header->{'alg'}} |
|
527
|
1 |
170 |
if (ref $ae eq 'Regexp') { } |
|
|
5 |
165 |
elsif ($ae and ref $ae eq 'ARRAY' || !ref($ae)) { } |
|
528
|
1 |
0 |
unless $header->{'enc'} =~ /$ae/ |
|
531
|
2 |
3 |
ref $ae ? : |
|
532
|
2 |
3 |
unless $acce{$header->{'enc'}} |
|
537
|
0 |
168 |
defined $b64u_aad ? : |
|
539
|
10 |
158 |
if $header->{'zip'} |
|
547
|
1 |
32 |
if $alg eq "none" |
|
550
|
19 |
13 |
if ($alg =~ /^HS(256|384|512)$/) { } |
|
|
5 |
8 |
elsif ($alg =~ /^RS(256|384|512)/) { } |
|
|
3 |
5 |
elsif ($alg =~ /^PS(256|384|512)/) { } |
|
|
4 |
1 |
elsif ($alg =~ /^ES(256|256K|384|512)$/) { } |
|
|
1 |
0 |
elsif ($alg eq 'EdDSA') { } |
|
579
|
0 |
98 |
if $b64u_sig and not $sig |
|
582
|
0 |
98 |
if ($alg eq 'none') { } |
|
|
62 |
36 |
elsif ($alg =~ /^HS(256|384|512)$/) { } |
|
|
20 |
16 |
elsif ($alg =~ /^RS(256|384|512)/) { } |
|
|
6 |
10 |
elsif ($alg =~ /^PS(256|384|512)/) { } |
|
|
9 |
1 |
elsif ($alg =~ /^ES(256|256K|384|512)$/) { } |
|
|
1 |
0 |
elsif ($alg eq 'EdDSA') { } |
|
587
|
62 |
0 |
if $sig eq hmac("SHA$1", $key, $data) |
|
592
|
19 |
0 |
if $pk->verify_message($sig, $data, $hash, "v1.5") |
|
598
|
6 |
0 |
if $pk->verify_message($sig, $data, $hash, "pss", $hashlen) |
|
603
|
8 |
0 |
if $pk->verify_message_rfc7518($sig, $data, $hash) |
|
607
|
1 |
0 |
if $pk->verify_message($sig, $data) |
|
616
|
2 |
32 |
$args{'extra_headers'} ? : |
|
617
|
0 |
34 |
unless defined $payload |
|
618
|
1 |
33 |
if $alg eq "none" and not $args{'allow_none'} |
|
620
|
12 |
21 |
if ref $payload eq "HASH" |
|
624
|
2 |
31 |
if $args{'zip'} |
|
633
|
0 |
33 |
if not $args{'key'} and $alg ne "none" |
|
634
|
0 |
33 |
defined $args{'keypass'} ? : |
|
643
|
0 |
105 |
if $b64u_header and not $header |
|
644
|
1 |
104 |
if ref $unprotected_header ne "HASH" |
|
646
|
104 |
1 |
unless ($args{'ignore_signature'}) |
|
648
|
0 |
104 |
unless $alg |
|
649
|
1 |
103 |
if $alg eq "none" and not $args{'allow_none'} |
|
650
|
0 |
2 |
if $alg eq "none" and defined $b64u_sig and length $b64u_sig > 0 |
|
653
|
1 |
102 |
if (ref $aa eq 'Regexp') { } |
|
|
2 |
100 |
elsif (ref $aa eq 'ARRAY') { } |
|
|
3 |
97 |
elsif (defined $aa) { } |
|
654
|
1 |
0 |
unless $alg =~ /$aa/ |
|
658
|
1 |
1 |
unless $acca{$alg} |
|
661
|
1 |
2 |
if $aa ne $alg |
|
664
|
98 |
2 |
if ($alg ne "none") |
|
666
|
95 |
3 |
if (exists $args{'key'}) { } |
|
|
2 |
1 |
elsif (exists $args{'kid_keys'}) { } |
|
|
1 |
0 |
elsif ($args{'key_from_jwk_header'}) { } |
|
667
|
0 |
95 |
defined $args{'keypass'} ? : |
|
672
|
2 |
0 |
exists $header->{'kid'} ? : |
|
674
|
0 |
2 |
unless defined $k |
|
682
|
0 |
1 |
if not defined $k or ref $k ne "HASH" or not defined $k->{'kty'} |
|
683
|
0 |
1 |
unless $alg =~ /^(RS|PS|ES)/ and $k->{'kty'} =~ /^(RSA|EC)$/ |
|
684
|
0 |
1 |
if $k->{'d'} or $k->{'p'} or $k->{'q'} or $k->{'dp'} or $k->{'dq'} or $k->{'qi'} |
|
687
|
0 |
98 |
unless defined $key |
|
690
|
0 |
96 |
unless $valid |
|
694
|
0 |
99 |
if $b64u_payload and not $payload |
|
695
|
5 |
94 |
if $header->{'zip'} |
|
705
|
0 |
149 |
unless $args{'alg'} |
|
707
|
34 |
115 |
if ($args{'alg'} =~ /^(none|EdDSA|(HS|RS|PS)(256|384|512)|ES(256|256K|384|512))$/) { } |
|
|
115 |
0 |
elsif ($args{'alg'} =~ /^(dir|A(128|192|256)KW|A(128|192|256)GCMKW|PBES2-(HS256\+A128KW|HS384\+A192KW|HS512\+A256KW)|RSA-OAEP|RSA-OAEP-256|RSA1_5|ECDH-ES\+A(128|192|256)KW|ECDH-ES)$/) { } |
|
710
|
33 |
0 |
if ($ser eq 'compact') { } |
|
|
0 |
0 |
elsif ($ser eq 'flattened') { } |
|
711
|
0 |
33 |
if defined $args{'unprotected_headers'} |
|
716
|
0 |
0 |
if ref $args{'unprotected_headers'} eq "HASH" |
|
726
|
115 |
0 |
if ($ser eq 'compact') { } |
|
|
0 |
0 |
elsif ($ser eq 'flattened') { } |
|
727
|
0 |
115 |
if defined $args{'aad'} |
|
728
|
0 |
115 |
if defined $args{'unprotected_headers'} |
|
729
|
0 |
115 |
if defined $args{'shared_unprotected_headers'} |
|
741
|
0 |
0 |
if ref $args{'unprotected_headers'} eq "HASH" |
|
743
|
0 |
0 |
if ref $args{'shared_unprotected_headers'} eq "HASH" |
|
745
|
0 |
0 |
if defined $b64u_aad |
|
761
|
0 |
279 |
if (not $args{'token'}) { } |
|
|
276 |
3 |
elsif ($args{'token'} =~ /^([a-zA-Z0-9_-]+)=*\.([a-zA-Z0-9_-]*)=*\.([a-zA-Z0-9_-]*)=*(?:\.([a-zA-Z0-9_-]+)=*\.([a-zA-Z0-9_-]+)=*)?$/) { } |
|
|
3 |
0 |
elsif ($args{'token'} =~ /^\s*\{.*?\}\s*$/s) { } |
|
765
|
173 |
103 |
if (length $5) { } |
|
775
|
2 |
1 |
if (defined $hash->{'payload'} and $hash->{'protected'}) { } |
|
|
1 |
0 |
elsif ($hash->{'ciphertext'} and $hash->{'protected'}) { } |
|
790
|
8 |
228 |
if $args{'decode_header'} |