| line |
true |
false |
branch |
|
36
|
0 |
87 |
unless defined $key |
|
37
|
1 |
86 |
unless ref $key |
|
39
|
48 |
38 |
if ref $key eq "Crypt::PK::RSA" |
|
40
|
38 |
0 |
if ref $key eq "HASH" or ref $key eq "SCALAR" |
|
41
|
0 |
0 |
if ref $key eq "ARRAY" |
|
44
|
0 |
0 |
if (ref $key eq 'Crypt::OpenSSL::RSA') { } |
|
|
0 |
0 |
elsif (ref($key) =~ /^Crypt::(X509|OpenSSL::X509)$/) { } |
|
46
|
0 |
0 |
$key->is_private ? : |
|
53
|
0 |
0 |
if defined $str and not ref $str |
|
59
|
0 |
16 |
unless defined $key |
|
60
|
1 |
15 |
unless ref $key |
|
62
|
8 |
7 |
if ref $key eq "Crypt::PK::ECC" |
|
63
|
7 |
0 |
if ref $key eq "HASH" or ref $key eq "SCALAR" |
|
64
|
0 |
0 |
if ref $key eq "ARRAY" |
|
70
|
0 |
2 |
unless defined $key |
|
71
|
0 |
2 |
unless ref $key |
|
73
|
0 |
2 |
if ref $key eq "Crypt::PK::Ed25519" |
|
74
|
2 |
0 |
if ref $key eq "HASH" or ref $key eq "SCALAR" |
|
75
|
0 |
0 |
if ref $key eq "ARRAY" |
|
81
|
0 |
57 |
unless defined $key |
|
82
|
0 |
57 |
unless ref $key |
|
85
|
48 |
9 |
if ref($key) =~ /^Crypt::PK::(ECC|X25519)$/ |
|
87
|
9 |
0 |
if (ref $key eq "HASH" or ref $key eq "SCALAR") |
|
90
|
9 |
0 |
if defined $rv |
|
92
|
0 |
0 |
if (ref $key eq "ARRAY") |
|
95
|
0 |
0 |
if defined $rv |
|
102
|
0 |
283 |
unless defined $key |
|
103
|
7 |
276 |
if (ref $key eq 'HASH' and $key->{'k'} and $key->{'kty'} and $key->{'kty'} eq 'oct') { } |
|
|
276 |
0 |
elsif (not ref $key) { } |
|
114
|
0 |
4 |
unless defined $kid and defined $alg |
|
115
|
2 |
2 |
if $kid_keys and not ref $kid_keys |
|
116
|
0 |
4 |
if ref $kid_keys ne "HASH" |
|
118
|
4 |
0 |
if (exists $kid_keys->{'keys'} and ref $kid_keys->{'keys'} eq 'ARRAY') { } |
|
121
|
4 |
4 |
if ($_->{'kid'} and $_->{'kty'} and $_->{'kid'} eq $kid) |
|
130
|
0 |
0 |
if $kid_keys->{$kid} and not ref $kid_keys->{$kid} |
|
132
|
0 |
4 |
unless $found |
|
133
|
4 |
0 |
if $found->{'kty'} eq "oct" and $alg =~ /^(HS|dir|PBES2-HS|A)/ |
|
134
|
0 |
0 |
if $found->{'kty'} eq "OKP" and $alg =~ /^(EdDSA|ECDH-ES)/ |
|
135
|
0 |
0 |
if $found->{'kty'} eq "EC" and $alg =~ /^(ES|EC)/ |
|
136
|
0 |
0 |
if $found->{'kty'} eq "RSA" and $alg =~ /^(RS|PS)/ |
|
142
|
0 |
306 |
unless $b64url |
|
144
|
0 |
306 |
unless $json |
|
146
|
0 |
306 |
unless ref $hash eq "HASH" |
|
161
|
2 |
22 |
if $args{'auto_iat'} |
|
162
|
4 |
20 |
if defined $args{'relative_exp'} |
|
163
|
2 |
22 |
if defined $args{'relative_nbf'} |
|
171
|
240 |
18 |
unless defined $check |
|
173
|
12 |
6 |
if (exists $header->{'typ'}) { } |
|
174
|
4 |
8 |
if (ref $check eq 'Regexp') { } |
|
|
4 |
4 |
elsif (ref $check eq 'CODE') { } |
|
|
4 |
0 |
elsif (not ref $check) { } |
|
176
|
0 |
4 |
unless defined $value |
|
177
|
2 |
2 |
unless $value =~ /$check/ |
|
180
|
2 |
2 |
unless &$check($header->{'typ'}) |
|
184
|
2 |
2 |
unless defined $value and $value eq $check |
|
199
|
1 |
291 |
if $args{'ignore_claims'} |
|
201
|
207 |
84 |
if (ref $payload ne "HASH") |
|
205
|
2 |
1435 |
if (defined $args{"verify_$claim"} and $args{"verify_$claim"} != 0) |
|
216
|
45 |
39 |
if (defined $payload->{'exp'}) { } |
|
|
0 |
78 |
elsif ($args{'verify_exp'} and $args{'verify_exp'} == 1) { } |
|
217
|
41 |
4 |
if (not defined $args{'verify_exp'} or $args{'verify_exp'} == 1) |
|
218
|
7 |
34 |
if $payload->{'exp'} + $leeway <= $now |
|
226
|
30 |
47 |
if (defined $payload->{'nbf'}) { } |
|
|
0 |
94 |
elsif ($args{'verify_nbf'} and $args{'verify_nbf'} == 1) { } |
|
227
|
29 |
1 |
if (not defined $args{'verify_nbf'} or $args{'verify_nbf'} == 1) |
|
228
|
3 |
26 |
if $payload->{'nbf'} - $leeway > $now |
|
236
|
4 |
70 |
if (exists $args{'verify_iat'}) |
|
237
|
4 |
0 |
if (defined $payload->{'iat'}) { } |
|
|
0 |
0 |
elsif ($args{'verify_iat'} and $args{'verify_iat'} == 1) { } |
|
238
|
3 |
1 |
if (not defined $args{'verify_iat'} or $args{'verify_iat'} == 1) |
|
239
|
2 |
1 |
if $payload->{'iat'} - $leeway > $now |
|
248
|
23 |
49 |
if (defined $args{'verify_aud'}) |
|
250
|
22 |
1 |
if (exists $payload->{'aud'}) { } |
|
253
|
6 |
16 |
ref $payload->{'aud'} eq 'ARRAY' ? : |
|
255
|
10 |
18 |
if (ref $check eq 'Regexp') { } |
|
|
9 |
9 |
elsif (ref $check eq 'CODE') { } |
|
|
9 |
0 |
elsif (not ref $check) { } |
|
256
|
1 |
9 |
unless defined $value |
|
257
|
5 |
5 |
if $value =~ /$check/ |
|
260
|
5 |
4 |
if &$check($value) |
|
263
|
5 |
4 |
if defined $value and $value eq $check |
|
266
|
7 |
15 |
unless $match |
|
276
|
150 |
30 |
unless defined $check |
|
278
|
27 |
3 |
if (exists $payload->{$claim}) { } |
|
279
|
9 |
18 |
if (ref $check eq 'Regexp') { } |
|
|
9 |
9 |
elsif (ref $check eq 'CODE') { } |
|
|
9 |
0 |
elsif (not ref $check) { } |
|
281
|
0 |
9 |
unless defined $value |
|
282
|
3 |
6 |
unless $value =~ /$check/ |
|
285
|
3 |
6 |
unless &$check($payload->{$claim}) |
|
289
|
3 |
6 |
unless defined $value and $value eq $check |
|
304
|
2 |
2 |
ref $z eq 'ARRAY' ? : |
|
305
|
4 |
0 |
if ($zip[0] eq 'deflate') { } |
|
306
|
2 |
2 |
defined $zip[1] ? : |
|
310
|
0 |
4 |
unless $d->deflate($payload, $output) == Z_OK() |
|
311
|
0 |
4 |
unless $d->flush($output) == Z_OK() |
|
312
|
0 |
4 |
unless $output |
|
323
|
15 |
0 |
if ($z eq 'DEF') { } |
|
327
|
0 |
15 |
unless $output |
|
338
|
26 |
127 |
if (ref($payload) =~ /^(HASH|ARRAY)$/) { } |
|
342
|
0 |
127 |
unless utf8::downgrade($payload, 1) |
|
349
|
63 |
229 |
if defined $decode_payload and $decode_payload == 0 |
|
352
|
14 |
215 |
if ($decode_payload) { } |
|
353
|
0 |
14 |
unless $de |
|
357
|
75 |
140 |
defined $de ? : |
|
366
|
12 |
105 |
if ($alg eq "dir") |
|
372
|
57 |
48 |
if ($enc =~ /^A(128|192|256)GCM/) { } |
|
|
48 |
0 |
elsif ($enc =~ /^A(128|192|256)CBC/) { } |
|
379
|
18 |
87 |
if ($alg =~ /^A(128|192|256)KW$/) { } |
|
|
18 |
69 |
elsif ($alg =~ /^A(128|192|256)GCMKW$/) { } |
|
|
26 |
43 |
elsif ($alg =~ /^PBES2-HS(512|384|256)\+A(128|192|256)KW$/) { } |
|
|
18 |
25 |
elsif ($alg =~ /^RSA(-OAEP|-OAEP-256|1_5)$/) { } |
|
|
19 |
6 |
elsif ($alg =~ /^ECDH-ES\+A(128|192|256)KW$/) { } |
|
|
6 |
0 |
elsif ($alg eq 'ECDH-ES') { } |
|
391
|
0 |
26 |
&looks_like_number($hdr->{'p2s'}) && $hdr->{'p2s'} >= 8 && $hdr->{'p2s'} <= 9999 ? : |
|
393
|
0 |
26 |
&looks_like_number($hdr->{'p2c'}) ? : |
|
422
|
18 |
159 |
if ($alg eq 'dir') { } |
|
|
22 |
137 |
elsif ($alg =~ /^A(128|192|256)KW$/) { } |
|
|
22 |
115 |
elsif ($alg =~ /^A(128|192|256)GCMKW$/) { } |
|
|
48 |
67 |
elsif ($alg =~ /^PBES2-HS(512|384|256)\+A(128|192|256)KW$/) { } |
|
|
35 |
32 |
elsif ($alg =~ /^RSA(-OAEP|-OAEP-256|1_5)$/) { } |
|
|
22 |
10 |
elsif ($alg =~ /^ECDH-ES\+A(128|192|256)KW$/) { } |
|
|
10 |
0 |
elsif ($alg eq 'ECDH-ES') { } |
|
451
|
0 |
117 |
defined $b64u_aad ? : |
|
452
|
63 |
54 |
if ($enc =~ /^A(128|192|256)GCM$/) { } |
|
|
54 |
0 |
elsif ($enc =~ /^A(128|192|256)CBC-HS(256|384|512)$/) { } |
|
456
|
0 |
63 |
unless $len1 == $len2 |
|
467
|
0 |
54 |
unless $key_len == $size |
|
483
|
98 |
79 |
if ($enc =~ /^A(128|192|256)GCM$/) { } |
|
|
79 |
0 |
elsif ($enc =~ /^A(128|192|256)CBC-HS(256|384|512)$/) { } |
|
487
|
0 |
98 |
unless $len1 == $len2 |
|
496
|
0 |
79 |
unless $key_len == $size |
|
502
|
0 |
79 |
unless $sig eq $tag |
|
515
|
3 |
114 |
$args{'extra_headers'} ? : |
|
516
|
0 |
117 |
unless defined $enc |
|
517
|
0 |
117 |
unless defined $payload |
|
519
|
9 |
108 |
if ref $payload eq "HASH" |
|
523
|
2 |
115 |
if $args{'zip'} |
|
528
|
0 |
117 |
unless $args{'key'} |
|
529
|
0 |
117 |
defined $args{'keypass'} ? : |
|
535
|
0 |
117 |
defined $args{'aad'} ? : |
|
554
|
0 |
183 |
if $b64u_header and not $header |
|
555
|
0 |
183 |
if $b64u_ecek and not $ecek |
|
556
|
0 |
183 |
if $b64u_ct and not $ct |
|
557
|
0 |
183 |
if $b64u_iv and not $iv |
|
558
|
0 |
183 |
if $b64u_tag and not $tag |
|
561
|
181 |
2 |
if (exists $args{'key'}) { } |
|
|
2 |
0 |
elsif (exists $args{'kid_keys'}) { } |
|
562
|
0 |
181 |
defined $args{'keypass'} ? : |
|
568
|
0 |
2 |
unless defined $k |
|
571
|
0 |
183 |
unless defined $key |
|
574
|
1 |
182 |
if (ref $aa eq 'Regexp') { } |
|
|
5 |
177 |
elsif ($aa and ref $aa eq 'ARRAY' || !ref($aa)) { } |
|
575
|
1 |
0 |
unless $header->{'alg'} =~ /$aa/ |
|
578
|
2 |
3 |
ref $aa ? : |
|
579
|
2 |
3 |
unless $acca{$header->{'alg'}} |
|
583
|
1 |
179 |
if (ref $ae eq 'Regexp') { } |
|
|
5 |
174 |
elsif ($ae and ref $ae eq 'ARRAY' || !ref($ae)) { } |
|
584
|
1 |
0 |
unless $header->{'enc'} =~ /$ae/ |
|
587
|
2 |
3 |
ref $ae ? : |
|
588
|
2 |
3 |
unless $acce{$header->{'enc'}} |
|
593
|
0 |
177 |
defined $b64u_aad ? : |
|
595
|
10 |
167 |
if $header->{'zip'} |
|
604
|
1 |
35 |
if $alg eq "none" |
|
607
|
22 |
13 |
if ($alg =~ /^HS(256|384|512)$/) { } |
|
|
5 |
8 |
elsif ($alg =~ /^RS(256|384|512)/) { } |
|
|
3 |
5 |
elsif ($alg =~ /^PS(256|384|512)/) { } |
|
|
4 |
1 |
elsif ($alg =~ /^ES(256|256K|384|512)$/) { } |
|
|
1 |
0 |
elsif ($alg eq 'EdDSA') { } |
|
636
|
0 |
116 |
if $b64u_sig and not $sig |
|
639
|
0 |
116 |
if ($alg eq 'none') { } |
|
|
77 |
39 |
elsif ($alg =~ /^HS(256|384|512)$/) { } |
|
|
20 |
19 |
elsif ($alg =~ /^RS(256|384|512)/) { } |
|
|
6 |
13 |
elsif ($alg =~ /^PS(256|384|512)/) { } |
|
|
12 |
1 |
elsif ($alg =~ /^ES(256|256K|384|512)$/) { } |
|
|
1 |
0 |
elsif ($alg eq 'EdDSA') { } |
|
644
|
77 |
0 |
if $sig eq hmac("SHA$1", $key, $data) |
|
649
|
19 |
0 |
if $pk->verify_message($sig, $data, $hash, "v1.5") |
|
655
|
6 |
0 |
if $pk->verify_message($sig, $data, $hash, "pss", $hashlen) |
|
660
|
9 |
2 |
if $pk->verify_message_rfc7518($sig, $data, $hash) |
|
664
|
1 |
0 |
if $pk->verify_message($sig, $data) |
|
673
|
3 |
34 |
$args{'extra_headers'} ? : |
|
674
|
0 |
37 |
unless defined $payload |
|
675
|
1 |
36 |
if $alg eq "none" and not $args{'allow_none'} |
|
677
|
15 |
21 |
if ref $payload eq "HASH" |
|
681
|
2 |
34 |
if $args{'zip'} |
|
690
|
0 |
36 |
if not $args{'key'} and $alg ne "none" |
|
691
|
0 |
36 |
defined $args{'keypass'} ? : |
|
700
|
0 |
123 |
if $b64u_header and not $header |
|
701
|
1 |
122 |
if ref $unprotected_header ne "HASH" |
|
703
|
122 |
1 |
unless ($args{'ignore_signature'}) |
|
705
|
0 |
122 |
unless $alg |
|
706
|
1 |
121 |
if $alg eq "none" and not $args{'allow_none'} |
|
707
|
0 |
2 |
if $alg eq "none" and defined $b64u_sig and length $b64u_sig > 0 |
|
710
|
1 |
120 |
if (ref $aa eq 'Regexp') { } |
|
|
2 |
118 |
elsif (ref $aa eq 'ARRAY') { } |
|
|
3 |
115 |
elsif (defined $aa) { } |
|
711
|
1 |
0 |
unless $alg =~ /$aa/ |
|
715
|
1 |
1 |
unless $acca{$alg} |
|
718
|
1 |
2 |
if $aa ne $alg |
|
721
|
116 |
2 |
if ($alg ne "none") |
|
723
|
113 |
3 |
if (exists $args{'key'}) { } |
|
|
2 |
1 |
elsif (exists $args{'kid_keys'}) { } |
|
|
1 |
0 |
elsif ($args{'key_from_jwk_header'}) { } |
|
724
|
0 |
113 |
defined $args{'keypass'} ? : |
|
729
|
2 |
0 |
exists $header->{'kid'} ? : |
|
731
|
0 |
2 |
unless defined $k |
|
739
|
0 |
1 |
if not defined $k or ref $k ne "HASH" or not defined $k->{'kty'} |
|
740
|
0 |
1 |
unless $alg =~ /^(RS|PS|ES)/ and $k->{'kty'} =~ /^(RSA|EC)$/ |
|
741
|
0 |
1 |
if $k->{'d'} or $k->{'p'} or $k->{'q'} or $k->{'dp'} or $k->{'dq'} or $k->{'qi'} |
|
744
|
0 |
116 |
unless defined $key |
|
747
|
2 |
112 |
unless $valid |
|
751
|
0 |
115 |
if $b64u_payload and not $payload |
|
752
|
5 |
110 |
if $header->{'zip'} |
|
763
|
0 |
154 |
unless $args{'alg'} |
|
765
|
37 |
117 |
if ($args{'alg'} =~ /^(none|EdDSA|(HS|RS|PS)(256|384|512)|ES(256|256K|384|512))$/) { } |
|
|
117 |
0 |
elsif ($args{'alg'} =~ /^(dir|A(128|192|256)KW|A(128|192|256)GCMKW|PBES2-(HS256\+A128KW|HS384\+A192KW|HS512\+A256KW)|RSA-OAEP|RSA-OAEP-256|RSA1_5|ECDH-ES\+A(128|192|256)KW|ECDH-ES)$/) { } |
|
768
|
36 |
0 |
if ($ser eq 'compact') { } |
|
|
0 |
0 |
elsif ($ser eq 'flattened') { } |
|
769
|
0 |
36 |
if defined $args{'unprotected_headers'} |
|
774
|
0 |
0 |
if ref $args{'unprotected_headers'} eq "HASH" |
|
784
|
117 |
0 |
if ($ser eq 'compact') { } |
|
|
0 |
0 |
elsif ($ser eq 'flattened') { } |
|
785
|
0 |
117 |
if defined $args{'aad'} |
|
786
|
0 |
117 |
if defined $args{'unprotected_headers'} |
|
787
|
0 |
117 |
if defined $args{'shared_unprotected_headers'} |
|
799
|
0 |
0 |
if ref $args{'unprotected_headers'} eq "HASH" |
|
801
|
0 |
0 |
if ref $args{'shared_unprotected_headers'} eq "HASH" |
|
803
|
0 |
0 |
if defined $b64u_aad |
|
819
|
0 |
306 |
unless ($args{'token'}) |
|
823
|
1 |
305 |
$args{'tolerate_padding'} ? : |
|
825
|
303 |
3 |
if ($args{'token'} =~ /$token_re/) { } |
|
|
3 |
0 |
elsif ($args{'token'} =~ /^\s*\{.*?\}\s*$/s) { } |
|
826
|
182 |
121 |
if (defined $5 and length $5 > 0) { } |
|
837
|
2 |
1 |
if (defined $hash->{'payload'} and $hash->{'protected'}) { } |
|
|
1 |
0 |
elsif ($hash->{'ciphertext'} and $hash->{'protected'}) { } |
|
852
|
8 |
238 |
if $args{'decode_header'} |