diff --git a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php index e0b35820..11d99567 100644 --- a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php +++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php @@ -344,12 +344,15 @@ abstract class PKCS8 extends PKCS $meta['meta']['algorithm'] = $algorithm; $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP)); $iterationCount = (int) $iterationCount->toString(); $cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount); $key = $cipher->decrypt($decrypted['encryptedData']); $decoded = ASN1::decodeBER($key); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER 2'); } @@ -358,6 +361,9 @@ abstract class PKCS8 extends PKCS $meta['meta']['algorithm'] = $algorithm; $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); extract($temp); @@ -365,6 +371,9 @@ abstract class PKCS8 extends PKCS $meta['meta']['cipher'] = $encryptionScheme['algorithm']; $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); extract($temp); @@ -372,6 +381,9 @@ abstract class PKCS8 extends PKCS $cipher->setIV($encryptionScheme['parameters']['octetString']); } else { $temp = ASN1::decodeBER($encryptionScheme['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP)); $effectiveKeyLength = (int) $rc2ParametersVersion->toString(); switch ($effectiveKeyLength) { @@ -394,6 +406,9 @@ abstract class PKCS8 extends PKCS switch ($keyDerivationFunc['algorithm']) { case 'id-PBKDF2': $temp = ASN1::decodeBER($keyDerivationFunc['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } $prf = ['algorithm' => 'id-hmacWithSHA1']; $params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP); extract($params); @@ -412,7 +427,7 @@ abstract class PKCS8 extends PKCS $cipher->setPassword(...$params); $key = $cipher->decrypt($decrypted['encryptedData']); $decoded = ASN1::decodeBER($key); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER 3'); } break; @@ -647,7 +662,7 @@ abstract class PKCS8 extends PKCS } $decoded = ASN1::decodeBER($key); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } @@ -671,12 +686,18 @@ abstract class PKCS8 extends PKCS if ($r['encryptionAlgorithm']['algorithm'] == 'id-PBES2') { $decoded = ASN1::decodeBER($r['encryptionAlgorithm']['parameters']->element); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } $r['encryptionAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], ASN1\Maps\PBES2params::MAP); $kdf = &$r['encryptionAlgorithm']['parameters']['keyDerivationFunc']; switch ($kdf['algorithm']) { case 'id-PBKDF2': $decoded = ASN1::decodeBER($kdf['parameters']->element); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } $kdf['parameters'] = ASN1::asn1map($decoded[0], Maps\PBKDF2params::MAP); } } diff --git a/phpseclib/Crypt/DH.php b/phpseclib/Crypt/DH.php index 5186f032..2547614a 100644 --- a/phpseclib/Crypt/DH.php +++ b/phpseclib/Crypt/DH.php @@ -326,9 +326,8 @@ abstract class DH extends AsymmetricKey * OnLoad Handler * * @return bool - * @param array $components */ - protected static function onLoad($components) + protected static function onLoad(array $components) { if (!isset($components['privateKey']) && !isset($components['publicKey'])) { $new = new Parameters(); diff --git a/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php b/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php index ccf5b3c0..65a0a5db 100644 --- a/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php +++ b/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php @@ -45,7 +45,7 @@ abstract class PKCS1 extends Progenitor $key = parent::load($key, $password); $decoded = ASN1::decodeBER($key); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } diff --git a/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php b/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php index 2e4c26a2..dc5375f2 100644 --- a/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php +++ b/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php @@ -90,8 +90,7 @@ abstract class PKCS8 extends Progenitor $decoded = ASN1::decodeBER($key[$type]); switch (true) { - case empty($decoded): - case !is_array($decoded): + case !isset($decoded): case !isset($decoded[0]['content']): case !$decoded[0]['content'] instanceof BigInteger: throw new \RuntimeException('Unable to decode BER of parameters'); diff --git a/phpseclib/Crypt/DSA.php b/phpseclib/Crypt/DSA.php index 964a34cd..1d265860 100644 --- a/phpseclib/Crypt/DSA.php +++ b/phpseclib/Crypt/DSA.php @@ -214,9 +214,8 @@ abstract class DSA extends AsymmetricKey * OnLoad Handler * * @return bool - * @param array $components */ - protected static function onLoad($components) + protected static function onLoad(array $components) { if (!isset(self::$engines['PHP'])) { self::useBestEngine(); diff --git a/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php b/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php index a7208a04..43ef3561 100644 --- a/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php +++ b/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php @@ -52,7 +52,7 @@ abstract class PKCS1 extends Progenitor $key = parent::load($key, $password); $decoded = ASN1::decodeBER($key); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } diff --git a/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php b/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php index aa0efa68..a5858b7e 100644 --- a/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php +++ b/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php @@ -84,7 +84,7 @@ abstract class PKCS8 extends Progenitor } $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER of parameters'); } $components = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP); diff --git a/phpseclib/Crypt/EC.php b/phpseclib/Crypt/EC.php index 703a7bc0..a6dc40c7 100644 --- a/phpseclib/Crypt/EC.php +++ b/phpseclib/Crypt/EC.php @@ -199,9 +199,8 @@ abstract class EC extends AsymmetricKey * OnLoad Handler * * @return bool - * @param array $components */ - protected static function onLoad($components) + protected static function onLoad(array $components) { if (!isset(self::$engines['PHP'])) { self::useBestEngine(); diff --git a/phpseclib/Crypt/EC/BaseCurves/Prime.php b/phpseclib/Crypt/EC/BaseCurves/Prime.php index d6fb2bb5..6250dfb0 100644 --- a/phpseclib/Crypt/EC/BaseCurves/Prime.php +++ b/phpseclib/Crypt/EC/BaseCurves/Prime.php @@ -645,7 +645,7 @@ class Prime extends Base * * @return int[] */ - private function getNAFPoints($point, $wnd) + private function getNAFPoints(array $point, $wnd) { if (isset($point['naf'])) { return $point['naf']; diff --git a/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php b/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php index 51a6d4ea..d809f4f2 100644 --- a/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php +++ b/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php @@ -66,7 +66,7 @@ abstract class PKCS1 extends Progenitor preg_match('#-*BEGIN EC PRIVATE KEY-*[^-]*-*END EC PRIVATE KEY-*#s', $key, $matches); $decoded = parent::load($matches[0], $password); $decoded = ASN1::decodeBER($decoded); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } @@ -82,7 +82,7 @@ abstract class PKCS1 extends Progenitor preg_match('#-*BEGIN EC PARAMETERS-*[^-]*-*END EC PARAMETERS-*#s', $key, $matches); $decoded = parent::load($matches[0], ''); $decoded = ASN1::decodeBER($decoded); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } $ecParams = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); @@ -113,7 +113,7 @@ abstract class PKCS1 extends Progenitor $key = parent::load($key, $password); $decoded = ASN1::decodeBER($key); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } diff --git a/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php b/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php index 54a3e96f..5f65421b 100644 --- a/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php +++ b/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php @@ -98,6 +98,9 @@ abstract class PKCS8 extends Progenitor } $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } $params = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); if (!$params) { throw new \RuntimeException('Unable to decode the parameters using Maps\ECParameters'); @@ -113,6 +116,9 @@ abstract class PKCS8 extends Progenitor } $decoded = ASN1::decodeBER($key['privateKey']); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } $key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); if (isset($key['parameters']) && $params != $key['parameters']) { throw new \RuntimeException('The PKCS8 parameter field does not match the private key parameter field'); diff --git a/phpseclib/Crypt/EC/Formats/Keys/XML.php b/phpseclib/Crypt/EC/Formats/Keys/XML.php index d548bc27..f82c013f 100644 --- a/phpseclib/Crypt/EC/Formats/Keys/XML.php +++ b/phpseclib/Crypt/EC/Formats/Keys/XML.php @@ -115,7 +115,7 @@ abstract class XML * @param bool $decode optional * @return \DOMNodeList */ - private static function query($xpath, $name, $error = null, $decode = true) + private static function query(\DOMXPath $xpath, $name, $error = null, $decode = true) { $query = '/'; $names = explode('/', $name); diff --git a/phpseclib/Crypt/RSA.php b/phpseclib/Crypt/RSA.php index e96ba359..6d2d47a4 100644 --- a/phpseclib/Crypt/RSA.php +++ b/phpseclib/Crypt/RSA.php @@ -422,9 +422,8 @@ abstract class RSA extends AsymmetricKey * OnLoad Handler * * @return bool - * @param array $components */ - protected static function onLoad($components) + protected static function onLoad(array $components) { $key = $components['isPublicKey'] ? new PublicKey() : diff --git a/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php b/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php index b35c7adb..276c6024 100644 --- a/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php +++ b/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php @@ -59,7 +59,7 @@ abstract class PKCS1 extends Progenitor $key = parent::load($key, $password); $decoded = ASN1::decodeBER($key); - if (empty($decoded)) { + if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } diff --git a/phpseclib/Crypt/RSA/PrivateKey.php b/phpseclib/Crypt/RSA/PrivateKey.php index b5e197af..0d9c51ee 100644 --- a/phpseclib/Crypt/RSA/PrivateKey.php +++ b/phpseclib/Crypt/RSA/PrivateKey.php @@ -60,10 +60,9 @@ class PrivateKey extends RSA implements Common\PrivateKey * * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}. * - * @param \phpseclib3\Math\BigInteger $c * @return bool|\phpseclib3\Math\BigInteger */ - private function rsadp($c) + private function rsadp(BigInteger $c) { if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) { throw new \OutOfRangeException('Ciphertext representative out of range'); @@ -76,10 +75,9 @@ class PrivateKey extends RSA implements Common\PrivateKey * * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}. * - * @param \phpseclib3\Math\BigInteger $m * @return bool|\phpseclib3\Math\BigInteger */ - private function rsasp1($m) + private function rsasp1(BigInteger $m) { if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { throw new \OutOfRangeException('Signature representative out of range'); @@ -176,7 +174,7 @@ class PrivateKey extends RSA implements Common\PrivateKey * @param int $i * @return \phpseclib3\Math\BigInteger */ - private function blind($x, $r, $i) + private function blind(BigInteger $x, BigInteger $r, $i) { $x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i])); $x = $x->modPow($this->exponents[$i], $this->primes[$i]); diff --git a/phpseclib/File/ANSI.php b/phpseclib/File/ANSI.php index 4f940b76..5803a372 100644 --- a/phpseclib/File/ANSI.php +++ b/phpseclib/File/ANSI.php @@ -440,7 +440,7 @@ class ANSI * @param string $char * @return string */ - private function processCoordinate($last_attr, $cur_attr, $char) + private function processCoordinate(\stdClass $last_attr, \stdClass $cur_attr, $char) { $output = ''; diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 8915ad0b..7ae61180 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -191,7 +191,7 @@ abstract class ASN1 * Serves a similar purpose to openssl's asn1parse * * @param Element|string $encoded - * @return array + * @return ?array */ public static function decodeBER($encoded) { @@ -201,10 +201,12 @@ abstract class ASN1 self::$encoded = $encoded; - $decoded = [self::decode_ber($encoded)]; + $decoded = self::decode_ber($encoded); + if ($decoded === false) { + return null; + } - // encapsulate in an array for BC with the old decodeBER - return $decoded; + return [self::decode_ber($encoded)]; } /** @@ -516,12 +518,8 @@ abstract class ASN1 * @param array $special * @return array|bool|Element|string|null */ - public static function asn1map($decoded, $mapping, $special = []) + public static function asn1map(array $decoded, $mapping, $special = []) { - if (!is_array($decoded)) { - return false; - } - if (isset($mapping['explicit']) && is_array($decoded['content'])) { $decoded = $decoded['content'][0]; } @@ -854,7 +852,7 @@ abstract class ASN1 * @param array $special * @return string */ - private static function encode_der($source, $mapping, $idx = null, $special = []) + private static function encode_der($source, array $mapping, $idx = null, array $special = []) { if ($source instanceof Element) { return $source->element; @@ -1310,7 +1308,7 @@ abstract class ASN1 * * @param array $oids */ - public static function loadOIDs($oids) + public static function loadOIDs(array $oids) { self::$reverseOIDs += $oids; self::$oids = array_flip(self::$reverseOIDs); @@ -1324,7 +1322,7 @@ abstract class ASN1 * * @param array $filters */ - public static function setFilters($filters) + public static function setFilters(array $filters) { self::$filters = $filters; } diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 8879c0ab..07c22e43 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -430,7 +430,7 @@ class X509 * * Returns an associative array describing the X.509 cert or a false if the cert failed to load * - * @param string $cert + * @param array|string $cert * @param int $mode * @return mixed */ @@ -468,7 +468,7 @@ class X509 $decoded = ASN1::decodeBER($cert); - if (!empty($decoded)) { + if ($decoded) { $x509 = ASN1::asn1map($decoded[0], Maps\Certificate::MAP); } if (!isset($x509) || $x509 === false) { @@ -507,7 +507,7 @@ class X509 * @param int $format optional * @return string */ - public function saveX509($cert, $format = self::FORMAT_PEM) + public function saveX509(array $cert, $format = self::FORMAT_PEM) { if (!is_array($cert) || !isset($cert['tbsCertificate'])) { return false; @@ -577,7 +577,7 @@ class X509 * @param array $root (by reference) * @param string $path */ - private function mapInExtensions(&$root, $path) + private function mapInExtensions(array &$root, $path) { $extensions = &$this->subArrayUnchecked($root, $path); @@ -593,6 +593,9 @@ class X509 [static::class, 'decodeNameConstraintIP'] : [static::class, 'decodeIP']; $decoded = ASN1::decodeBER($value); + if (!$decoded) { + continue; + } $mapped = ASN1::asn1map($decoded[0], $map, ['iPAddress' => $decoder]); $value = $mapped === false ? $decoded[0] : $mapped; @@ -607,6 +610,9 @@ class X509 $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; if ($map !== false) { $decoded = ASN1::decodeBER($subvalue); + if (!$decoded) { + continue; + } $mapped = ASN1::asn1map($decoded[0], $map); $subvalue = $mapped === false ? $decoded[0] : $mapped; } @@ -625,7 +631,7 @@ class X509 * @param array $root (by reference) * @param string $path */ - private function mapOutExtensions(&$root, $path) + private function mapOutExtensions(array &$root, $path) { $extensions = &$this->subArray($root, $path, !empty($this->extensionValues)); @@ -722,6 +728,9 @@ class X509 $value = ASN1::encodeDER($values[$j], Maps\AttributeValue::MAP); $decoded = ASN1::decodeBER($value); if (!is_bool($map)) { + if (!$decoded) { + continue; + } $mapped = ASN1::asn1map($decoded[0], $map); if ($mapped !== false) { $values[$j] = $mapped; @@ -771,6 +780,9 @@ class X509 if (!is_bool($map)) { $temp = ASN1::encodeDER($values[$j], $map); $decoded = ASN1::decodeBER($temp); + if (!$decoded) { + continue; + } $values[$j] = ASN1::asn1map($decoded[0], Maps\AttributeValue::MAP); } } @@ -786,7 +798,7 @@ class X509 * @param array $root (by reference) * @param string $path */ - private function mapInDNs(&$root, $path) + private function mapInDNs(array &$root, $path) { $dns = &$this->subArray($root, $path); @@ -799,6 +811,9 @@ class X509 $map = $this->getMapping($type); if (!is_bool($map)) { $decoded = ASN1::decodeBER($value); + if (!$decoded) { + continue; + } $value = ASN1::asn1map($decoded[0], $map); } } @@ -814,7 +829,7 @@ class X509 * @param array $root (by reference) * @param string $path */ - private function mapOutDNs(&$root, $path) + private function mapOutDNs(array &$root, $path) { $dns = &$this->subArray($root, $path); @@ -1679,7 +1694,7 @@ class X509 * @param bool $withType optional * @return mixed */ - public function getDNProp($propName, $dn = null, $withType = false) + public function getDNProp($propName, array $dn = null, $withType = false) { if (!isset($dn)) { $dn = $this->dn; @@ -1721,6 +1736,9 @@ class X509 $map = $this->getMapping($propName); if (!is_bool($map)) { $decoded = ASN1::decodeBER($v); + if (!$decoded) { + return false; + } $v = ASN1::asn1map($decoded[0], $map); } } @@ -1781,7 +1799,7 @@ class X509 * @param array $dn optional * @return array|bool|string */ - public function getDN($format = self::DN_ARRAY, $dn = null) + public function getDN($format = self::DN_ARRAY, array $dn = null) { if (!isset($dn)) { $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; @@ -2182,7 +2200,7 @@ class X509 $decoded = ASN1::decodeBER($csr); - if (empty($decoded)) { + if (!$decoded) { $this->currentCert = false; return false; } @@ -2223,7 +2241,7 @@ class X509 * @param int $format optional * @return string */ - public function saveCSR($csr, $format = self::FORMAT_PEM) + public function saveCSR(array $csr, $format = self::FORMAT_PEM) { if (!is_array($csr) || !isset($csr['certificationRequestInfo'])) { return false; @@ -2295,7 +2313,7 @@ class X509 $decoded = ASN1::decodeBER($spkac); - if (empty($decoded)) { + if (!$decoded) { $this->currentCert = false; return false; } @@ -2332,7 +2350,7 @@ class X509 * @param int $format optional * @return string */ - public function saveSPKAC($spkac, $format = self::FORMAT_PEM) + public function saveSPKAC(array $spkac, $format = self::FORMAT_PEM) { if (!is_array($spkac) || !isset($spkac['publicKeyAndChallenge'])) { return false; @@ -2393,7 +2411,7 @@ class X509 $decoded = ASN1::decodeBER($crl); - if (empty($decoded)) { + if (!$decoded) { $this->currentCert = false; return false; } @@ -2435,7 +2453,7 @@ class X509 * @param int $format optional * @return string */ - public function saveCRL($crl, $format = self::FORMAT_PEM) + public function saveCRL(array $crl, $format = self::FORMAT_PEM) { if (!is_array($crl) || !isset($crl['tbsCertList'])) { return false; @@ -2513,11 +2531,9 @@ class X509 * $subject can be either an existing X.509 cert (if you want to resign it), * a CSR or something with the DN and public key explicitly set. * - * @param \phpseclib3\File\X509 $issuer - * @param \phpseclib3\File\X509 $subject * @return mixed */ - public function sign($issuer, $subject) + public function sign(X509 $issuer, X509 $subject) { if (!is_object($issuer->privateKey) || empty($issuer->dn)) { return false; @@ -2823,11 +2839,9 @@ class X509 * * $issuer's private key needs to be loaded. * - * @param \phpseclib3\File\X509 $issuer - * @param \phpseclib3\File\X509 $crl * @return mixed */ - public function signCRL($issuer, $crl) + public function signCRL(X509 $issuer, X509 $crl) { if (!is_object($issuer->privateKey) || empty($issuer->dn)) { return false; @@ -3079,7 +3093,7 @@ class X509 * @param string $path * @return boolean */ - private function isSubArrayValid($root, $path) + private function isSubArrayValid(array $root, $path) { if (!is_array($root)) { return false; @@ -3115,7 +3129,7 @@ class X509 * @param bool $create optional * @return array|false */ - private function &subArrayUnchecked(&$root, $path, $create = false) + private function &subArrayUnchecked(array &$root, $path, $create = false) { $false = false; @@ -3142,7 +3156,7 @@ class X509 * @param bool $create optional * @return array|false */ - private function &subArray(&$root, $path, $create = false) + private function &subArray(array &$root = null, $path, $create = false) { $false = false; @@ -3177,7 +3191,7 @@ class X509 * @param bool $create optional * @return array|false */ - private function &extensions(&$root, $path = null, $create = false) + private function &extensions(array &$root = null, $path = null, $create = false) { if (!isset($root)) { $root = $this->currentCert; @@ -3264,7 +3278,7 @@ class X509 * @param string $path optional * @return mixed */ - private function getExtensionHelper($id, $cert = null, $path = null) + private function getExtensionHelper($id, array $cert = null, $path = null) { $extensions = $this->extensions($cert, $path); @@ -3288,7 +3302,7 @@ class X509 * @param string $path optional * @return array */ - private function getExtensionsHelper($cert = null, $path = null) + private function getExtensionsHelper(array $cert = null, $path = null) { $exts = $this->extensions($cert, $path); $extensions = []; @@ -3358,7 +3372,7 @@ class X509 * @param string $path * @return mixed */ - public function getExtension($id, $cert = null, $path = null) + public function getExtension($id, array $cert = null, $path = null) { return $this->getExtensionHelper($id, $cert, $path); } @@ -3370,7 +3384,7 @@ class X509 * @param string $path optional * @return array */ - public function getExtensions($cert = null, $path = null) + public function getExtensions(array $cert = null, $path = null) { return $this->getExtensionsHelper($cert, $path); } @@ -3446,7 +3460,7 @@ class X509 * @param array $csr optional * @return mixed */ - public function getAttribute($id, $disposition = self::ATTR_ALL, $csr = null) + public function getAttribute($id, $disposition = self::ATTR_ALL, array $csr = null) { if (empty($csr)) { $csr = $this->currentCert; @@ -3485,7 +3499,7 @@ class X509 * @param array $csr optional * @return array */ - public function getAttributes($csr = null) + public function getAttributes(array $csr = null) { if (empty($csr)) { $csr = $this->currentCert; @@ -3610,7 +3624,7 @@ class X509 case $key instanceof Element: // Assume the element is a bitstring-packed key. $decoded = ASN1::decodeBER($key->element); - if (empty($decoded)) { + if (!$decoded) { return false; } $raw = ASN1::asn1map($decoded[0], ['type' => ASN1::TYPE_BIT_STRING]); @@ -3669,6 +3683,9 @@ class X509 $publicKey = base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->toString($format))); $decoded = ASN1::decodeBER($publicKey); + if (!$decoded) { + return false; + } $mapped = ASN1::asn1map($decoded[0], Maps\SubjectPublicKeyInfo::MAP); if (!is_array($mapped)) { return false; @@ -3740,7 +3757,7 @@ class X509 * @param bool $create optional * @return int|false */ - private function revokedCertificate(&$rclist, $serial, $create = false) + private function revokedCertificate(array &$rclist, $serial, $create = false) { $serial = new BigInteger($serial); @@ -3829,7 +3846,7 @@ class X509 * @param array $crl optional * @return array|bool */ - public function listRevoked($crl = null) + public function listRevoked(array $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; @@ -3878,7 +3895,7 @@ class X509 * @param array $crl optional * @return mixed */ - public function getRevokedCertificateExtension($serial, $id, $crl = null) + public function getRevokedCertificateExtension($serial, $id, array $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; @@ -3900,7 +3917,7 @@ class X509 * @param array $crl optional * @return array|bool */ - public function getRevokedCertificateExtensions($serial, $crl = null) + public function getRevokedCertificateExtensions($serial, array $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index 60f49160..ec84cba3 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -1150,7 +1150,7 @@ class SFTP extends SSH2 * @param array $b * @return int */ - private function comparator($a, $b) + private function comparator(array $a, array $b) { switch (true) { case $a['filename'] === '.' || $b['filename'] === '.': diff --git a/phpseclib/Net/SFTP/Stream.php b/phpseclib/Net/SFTP/Stream.php index da3f0550..24047b4b 100644 --- a/phpseclib/Net/SFTP/Stream.php +++ b/phpseclib/Net/SFTP/Stream.php @@ -734,7 +734,7 @@ class Stream * @param array $arguments * @return mixed */ - public function __call($name, $arguments) + public function __call($name, array $arguments) { if (defined('NET_SFTP_STREAM_LOGGING')) { echo $name . '('; diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 9540adb3..04bcb12e 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -2402,7 +2402,7 @@ class SSH2 * @return bool * @throws \RuntimeException on connection error */ - private function keyboard_interactive_process(...$responses) + private function keyboard_interactive_process(array ...$responses) { if (strlen($this->last_interactive_response)) { $response = $this->last_interactive_response; @@ -4376,7 +4376,7 @@ class SSH2 * @param array $message_number_log * @return string */ - protected function format_log($message_log, $message_number_log) + protected function format_log(array $message_log, array $message_number_log) { $output = ''; for ($i = 0; $i < count($message_log); $i++) { @@ -4427,7 +4427,7 @@ class SSH2 * @param array $array2 * @return mixed False if intersection is empty, else intersected value. */ - private static function array_intersect_first($array1, $array2) + private static function array_intersect_first(array $array1, array $array2) { foreach ($array1 as $value) { if (in_array($value, $array2)) { diff --git a/phpseclib/System/SSH/Agent.php b/phpseclib/System/SSH/Agent.php index d7d1a00c..6e61424f 100644 --- a/phpseclib/System/SSH/Agent.php +++ b/phpseclib/System/SSH/Agent.php @@ -36,6 +36,7 @@ use phpseclib3\Common\Functions\Strings; use phpseclib3\Crypt\PublicKeyLoader; use phpseclib3\Crypt\RSA; use phpseclib3\Exception\BadConfigurationException; +use phpseclib3\Net\SSH2; use phpseclib3\System\SSH\Agent\Identity; /** @@ -215,7 +216,7 @@ class Agent * @param \phpseclib3\Net\SSH2 $ssh * @return bool */ - private function request_forwarding($ssh) + private function request_forwarding(SSH2 $ssh) { if (!$ssh->requestAgentForwarding()) { return false; @@ -235,7 +236,7 @@ class Agent * * @param \phpseclib3\Net\SSH2 $ssh */ - public function registerChannelOpen($ssh) + public function registerChannelOpen(SSH2 $ssh) { if ($this->forward_status == self::FORWARD_REQUEST) { $this->request_forwarding($ssh); diff --git a/phpseclib/System/SSH/Agent/Identity.php b/phpseclib/System/SSH/Agent/Identity.php index a7979f06..653e8ea5 100644 --- a/phpseclib/System/SSH/Agent/Identity.php +++ b/phpseclib/System/SSH/Agent/Identity.php @@ -108,7 +108,7 @@ class Identity implements PrivateKey * * @param \phpseclib3\Crypt\Common\PublicKey $key */ - public function withPublicKey($key) + public function withPublicKey(PublicKey $key) { if ($key instanceof EC) { if (is_array($key->getCurve()) || !isset(self::$curveAliases[$key->getCurve()])) { diff --git a/tests/Unit/File/ASN1Test.php b/tests/Unit/File/ASN1Test.php index a6419584..732e74a1 100644 --- a/tests/Unit/File/ASN1Test.php +++ b/tests/Unit/File/ASN1Test.php @@ -407,47 +407,47 @@ class ASN1Test extends PhpseclibTestCase { $em = pack('H*', '3080305c0609608648016503040201054f8888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); $em = pack('H*', '3080307f0609608648016503040201057288888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca90000'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); } public function testOIDGarbage() { $em = pack('H*', '3080305c065860864801650304020188888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); $em = pack('H*', '3080307f067d608648016503040201888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); } public function testConstructedMismatch() { $em = pack('H*', '1031300d0609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); $em = pack('H*', '3031100d0609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); $em = pack('H*', '3031300d2609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); $em = pack('H*', '3031300d06096086480165030402012d0004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); } public function testBadTagSecondOctet() { $em = pack('H*', '3033300f1f808080060960864801650304020104207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $decoded = ASN1::decodeBER($em); - $this->assertFalse($decoded[0]); + $this->assertNull($decoded); } } diff --git a/tests/Unit/Math/BigInteger/TestCase.php b/tests/Unit/Math/BigInteger/TestCase.php index 48d71fbf..dcd35075 100644 --- a/tests/Unit/Math/BigInteger/TestCase.php +++ b/tests/Unit/Math/BigInteger/TestCase.php @@ -382,9 +382,6 @@ abstract class TestCase extends PhpseclibTestCase ); } - /** - * @requires PHP 5.6 - */ public function testDebugInfo() { $num = $this->getInstance(50);