diff --git a/phpseclib/Common/Functions/Strings.php b/phpseclib/Common/Functions/Strings.php index 30d77418..07828ae1 100644 --- a/phpseclib/Common/Functions/Strings.php +++ b/phpseclib/Common/Functions/Strings.php @@ -119,7 +119,7 @@ abstract class Strings // 64-bit floats can be used to get larger numbers then 32-bit signed ints would allow // for. sure, you're not gonna get the full precision of 64-bit numbers but just because // you need > 32-bit precision doesn't mean you need the full 64-bit precision - extract(unpack('Nupper/Nlower', self::shift($data, 8))); + ['upper' => $upper, 'lower' => $lower] = unpack('Nupper/Nlower', self::shift($data, 8)); $temp = $upper ? 4294967296 * $upper : 0; $temp += $lower < 0 ? ($lower & 0x7FFFFFFFF) + 0x80000000 : $lower; // $temp = hexdec(bin2hex(self::shift($data, 8))); diff --git a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php index 4b976ae8..b7481b51 100644 --- a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php +++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php @@ -343,7 +343,10 @@ abstract class PKCS8 extends PKCS if (!$temp) { throw new RuntimeException('Unable to decode BER'); } - extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP)); + [ + 'salt' => $salt, + 'iterationCount' => $iterationCount + ] = ASN1::asn1map($temp[0], Maps\PBEParameter::MAP); $iterationCount = (int) $iterationCount->toString(); $cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount); $key = $cipher->decrypt($decrypted['encryptedData']); @@ -361,7 +364,10 @@ abstract class PKCS8 extends PKCS throw new RuntimeException('Unable to decode BER'); } $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); - extract($temp); + [ + 'keyDerivationFunc' => $keyDerivationFunc, + 'encryptionScheme' => $encryptionScheme + ] = $temp; $cipher = self::getPBES2EncryptionObject($encryptionScheme['algorithm']); $meta['meta']['cipher'] = $encryptionScheme['algorithm']; @@ -371,7 +377,10 @@ abstract class PKCS8 extends PKCS throw new RuntimeException('Unable to decode BER'); } $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); - extract($temp); + [ + 'keyDerivationFunc' => $keyDerivationFunc, + 'encryptionScheme' => $encryptionScheme + ] = $temp; if (!$cipher instanceof RC2) { $cipher->setIV($encryptionScheme['parameters']['octetString']); @@ -380,7 +389,10 @@ abstract class PKCS8 extends PKCS if (!$temp) { throw new RuntimeException('Unable to decode BER'); } - extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP)); + [ + 'rc2ParametersVersion' => $rc2ParametersVersion, + 'iv' => $iv + ] = ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP); $effectiveKeyLength = (int) $rc2ParametersVersion->toString(); switch ($effectiveKeyLength) { case 160: @@ -405,9 +417,15 @@ abstract class PKCS8 extends PKCS if (!$temp) { throw new RuntimeException('Unable to decode BER'); } - $prf = ['algorithm' => 'id-hmacWithSHA1']; $params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP); - extract($params); + if (empty($params['prf'])) { + $params['prf'] = ['algorithm' => 'id-hmacWithSHA1']; + } + [ + 'salt' => $salt, + 'iterationCount' => $iterationCount, + 'prf' => $prf + ] = $params; $meta['meta']['prf'] = $prf['algorithm']; $hash = str_replace('-', '/', substr($prf['algorithm'], 11)); $params = [ diff --git a/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php b/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php index 83697ed5..b8d62ada 100644 --- a/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php +++ b/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php @@ -186,7 +186,7 @@ abstract class PuTTY $source = Strings::packSSH2('ssss', $type, $encryption, $components['comment'], $public); - extract(unpack('Nlength', Strings::shift($public, 4))); + ['length' => $length] = unpack('Nlength', Strings::shift($public, 4)); $newtype = Strings::shift($public, $length); if ($newtype != $type) { throw new RuntimeException('The binary type does not match the human readable type field'); @@ -214,7 +214,11 @@ abstract class PuTTY $parallelism = trim(preg_replace('#Argon2-Parallelism: (\d+)#', '$1', $key[$offset++])); $salt = Strings::hex2bin(trim(preg_replace('#Argon2-Salt: ([0-9a-f]+)#', '$1', $key[$offset++]))); - extract(self::generateV3Key($password, $flavour, (int)$memory, (int)$passes, $salt)); + [ + 'symkey' => $symkey, + 'symiv' => $symiv, + 'hashkey' => $hashkey + ] = self::generateV3Key($password, $flavour, (int)$memory, (int)$passes, $salt); break; case 2: @@ -306,7 +310,11 @@ abstract class PuTTY $key .= "Argon2-Passes: 13\r\n"; $key .= "Argon2-Parallelism: 1\r\n"; $key .= "Argon2-Salt: " . Strings::bin2hex($salt) . "\r\n"; - extract(self::generateV3Key($password, 'Argon2id', 8192, 13, $salt)); + [ + 'symkey' => $symkey, + 'symiv' => $symiv, + 'hashkey' => $hashkey + ] = self::generateV3Key($password, 'Argon2id', 8192, 13, $salt); $hash = new Hash('sha256'); $hash->setKey($hashkey); diff --git a/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php b/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php index 50f3856d..f23f478e 100644 --- a/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php +++ b/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php @@ -59,7 +59,12 @@ abstract class PuTTY extends Progenitor if (!isset($components['private'])) { return $components; } - extract($components); + [ + 'type' => $type, + 'comment' => $comment, + 'public' => $public, + 'private' => $private + ] = $components; unset($components['public'], $components['private']); [$p, $q, $g, $y] = Strings::unpackSSH2('iiii', $public); diff --git a/phpseclib/Crypt/DSA/PrivateKey.php b/phpseclib/Crypt/DSA/PrivateKey.php index e781963a..4bb9a49f 100644 --- a/phpseclib/Crypt/DSA/PrivateKey.php +++ b/phpseclib/Crypt/DSA/PrivateKey.php @@ -88,7 +88,7 @@ final class PrivateKey extends DSA implements Common\PrivateKey return $signature; } - extract(ASN1Signature::load($signature)); + ['r' => $r, 's' => $s] = ASN1Signature::load($signature); return $format::save($r, $s); } diff --git a/phpseclib/Crypt/DSA/PublicKey.php b/phpseclib/Crypt/DSA/PublicKey.php index 77dc8f4a..38a3b5b0 100644 --- a/phpseclib/Crypt/DSA/PublicKey.php +++ b/phpseclib/Crypt/DSA/PublicKey.php @@ -41,7 +41,7 @@ final class PublicKey extends DSA implements Common\PublicKey if ($params === false || count($params) != 2) { return false; } - extract($params); + ['r' => $r, 's' => $s] = $params; if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; diff --git a/phpseclib/Crypt/EC/PrivateKey.php b/phpseclib/Crypt/EC/PrivateKey.php index 5ba6e4fc..42769329 100644 --- a/phpseclib/Crypt/EC/PrivateKey.php +++ b/phpseclib/Crypt/EC/PrivateKey.php @@ -156,7 +156,7 @@ final class PrivateKey extends EC implements Common\PrivateKey return $signature; } - extract(ASN1Signature::load($signature)); + ['r' => $r, 's' => $s] = ASN1Signature::load($signature); return $this->formatSignature($r, $s); } diff --git a/phpseclib/Crypt/EC/PublicKey.php b/phpseclib/Crypt/EC/PublicKey.php index b6e619e4..3e194883 100644 --- a/phpseclib/Crypt/EC/PublicKey.php +++ b/phpseclib/Crypt/EC/PublicKey.php @@ -116,7 +116,7 @@ final class PublicKey extends EC implements Common\PublicKey if ($params === false || count($params) != 2) { return false; } - extract($params); + ['r' => $r, 's' => $s] = $params; if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; diff --git a/phpseclib/Crypt/RSA.php b/phpseclib/Crypt/RSA.php index c202425d..7841e78e 100644 --- a/phpseclib/Crypt/RSA.php +++ b/phpseclib/Crypt/RSA.php @@ -352,10 +352,7 @@ abstract class RSA extends AsymmetricKey if ($i != $num_primes) { $primes[$i] = BigInteger::randomPrime($regSize); } else { - extract(BigInteger::minMaxBits($bits)); - /** @var BigInteger $min - * @var BigInteger $max - */ + ['min' => $min, 'max' => $max] = BigInteger::minMaxBits($bits); [$min] = $min->divide($n); $min = $min->add(self::$one); [$max] = $max->divide($n); diff --git a/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php b/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php index 593a2533..b448044d 100644 --- a/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php +++ b/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php @@ -83,13 +83,12 @@ abstract class MSBLOB // PUBLICKEYSTRUC publickeystruc // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387453(v=vs.85).aspx - extract(unpack('atype/aversion/vreserved/Valgo', Strings::shift($key, 8))); - /** - * @var string $type - * @var string $version - * @var integer $reserved - * @var integer $algo - */ + [ + 'type' => $type, + 'version' => $version, + 'reserved' => $reserved, + 'algo' => $algo + ] = unpack('atype/aversion/vreserved/Valgo', Strings::shift($key, 8)); switch (ord($type)) { case self::PUBLICKEYBLOB: case self::PUBLICKEYBLOBEX: @@ -116,12 +115,11 @@ abstract class MSBLOB // RSAPUBKEY rsapubkey // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387685(v=vs.85).aspx // could do V for pubexp but that's unsigned 32-bit whereas some PHP installs only do signed 32-bit - extract(unpack('Vmagic/Vbitlen/a4pubexp', Strings::shift($key, 12))); - /** - * @var integer $magic - * @var integer $bitlen - * @var string $pubexp - */ + [ + 'magic' => $magic, + 'bitlen' => $bitlen, + 'pubexp' => $pubexp + ] = unpack('Vmagic/Vbitlen/a4pubexp', Strings::shift($key, 12)); switch ($magic) { case self::RSA2: $components['isPublicKey'] = false; diff --git a/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php b/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php index fbad5eef..a810c870 100644 --- a/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php +++ b/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php @@ -60,7 +60,12 @@ abstract class PuTTY extends Progenitor if (!isset($components['private'])) { return $components; } - extract($components); + [ + 'type' => $type, + 'comment' => $comment, + 'public' => $public, + 'private' => $private + ] = $components; unset($components['public'], $components['private']); $isPublicKey = false; diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index cd290b01..3cc31868 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -272,8 +272,7 @@ abstract class ASN1 // tags of indefinte length don't really have a header length; this length includes the tag $current += ['headerlength' => $length + 2]; $start += $length; - extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4))); - /** @var integer $length */ + ['length' => $length] = unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); } else { $current += ['headerlength' => 2]; } diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 1bce5ba2..805b470e 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -613,7 +613,11 @@ class X509 $extensions = &$this->subArray($root, $path, !empty($this->extensionValues)); foreach ($this->extensionValues as $id => $data) { - extract($data); + [ + 'critical' => $critical, + 'replace' => $replace, + 'value' => $value + ] = $data; $newext = [ 'extnId' => $id, 'extnValue' => $value, @@ -1787,7 +1791,7 @@ class X509 $dn = $this->getDN(self::DN_CANON, $dn); $hash = new Hash('sha1'); $hash = $hash->hash($dn); - extract(unpack('Vhash', $hash)); + ['hash' => $hash] = unpack('Vhash', $hash); return strtolower(Strings::bin2hex(pack('N', $hash))); } diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php index 831ddd7c..a12b2c1b 100644 --- a/phpseclib/Math/BigInteger.php +++ b/phpseclib/Math/BigInteger.php @@ -309,12 +309,7 @@ class BigInteger implements \JsonSerializable */ public function extendedGCD(BigInteger $n): array { - extract($this->value->extendedGCD($n->value)); - /** - * @var BigInteger $gcd - * @var BigInteger $x - * @var BigInteger $y - */ + ['gcd' => $gcd, 'x' => $x, 'y' => $y] = $this->value->extendedGCD($n->value); return [ 'gcd' => new static($gcd), 'x' => new static($x), @@ -550,10 +545,7 @@ class BigInteger implements \JsonSerializable self::initialize_static_variables(); $class = self::$mainEngine; - extract($class::minMaxBits($bits)); - /** @var BigInteger $min - * @var BigInteger $max - */ + ['min' => $min, 'max' => $max] = $class::minMaxBits($bits); return [ 'min' => new static($min), 'max' => new static($max), diff --git a/phpseclib/Math/BigInteger/Engines/BCMath.php b/phpseclib/Math/BigInteger/Engines/BCMath.php index 76ccc5e7..f5bff15a 100644 --- a/phpseclib/Math/BigInteger/Engines/BCMath.php +++ b/phpseclib/Math/BigInteger/Engines/BCMath.php @@ -274,8 +274,7 @@ class BCMath extends Engine */ public function gcd(BCMath $n): BCMath { - extract($this->extendedGCD($n)); - /** @var BCMath $gcd */ + ['gcd' => $gcd] = $this->extendedGCD($n); return $gcd; } diff --git a/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php b/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php index c46c2a64..23b56a7c 100644 --- a/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php +++ b/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php @@ -92,7 +92,10 @@ abstract class Barrett extends Base 'm1' => $m1, // m.length ]; } else { - extract($cache[self::DATA][$key]); + [ + 'u' => $u, + 'm1' => $m1 + ] = $cache[self::DATA][$key]; } $cutoff = $m_length + ($m_length >> 1); diff --git a/phpseclib/Math/BigInteger/Engines/Engine.php b/phpseclib/Math/BigInteger/Engines/Engine.php index bc6636be..5b141548 100644 --- a/phpseclib/Math/BigInteger/Engines/Engine.php +++ b/phpseclib/Math/BigInteger/Engines/Engine.php @@ -311,11 +311,7 @@ abstract class Engine implements \JsonSerializable return $this->normalize($n->subtract($temp)); } - extract($this->extendedGCD($n)); - /** - * @var Engine $gcd - * @var Engine $x - */ + ['gcd' => $gcd, 'x' => $x] = $this->extendedGCD($n); if (!$gcd->equals(static::$one[static::class])) { return false; @@ -706,11 +702,7 @@ abstract class Engine implements \JsonSerializable */ public static function random(int $size): Engine { - extract(static::minMaxBits($size)); - /** - * @var BigInteger $min - * @var BigInteger $max - */ + ['min' => $min, 'max' => $max] = static::minMaxBits($size); return static::randomRange($min, $max); } @@ -721,11 +713,7 @@ abstract class Engine implements \JsonSerializable */ public static function randomPrime(int $size): Engine { - extract(static::minMaxBits($size)); - /** - * @var static $min - * @var static $max - */ + ['min' => $min, 'max' => $max] = static::minMaxBits($size); return static::randomRangePrime($min, $max); } diff --git a/phpseclib/Math/BigInteger/Engines/GMP.php b/phpseclib/Math/BigInteger/Engines/GMP.php index 544d20fd..59c8c486 100644 --- a/phpseclib/Math/BigInteger/Engines/GMP.php +++ b/phpseclib/Math/BigInteger/Engines/GMP.php @@ -271,7 +271,11 @@ class GMP extends Engine */ public function extendedGCD(GMP $n): array { - extract(gmp_gcdext($this->value, $n->value)); + [ + 'g' => $g, + 's' => $s, + 't' => $t + ] = gmp_gcdext($this->value, $n->value); return [ 'gcd' => $this->normalize(new self($g)), diff --git a/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php b/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php index e82f1947..50d19307 100644 --- a/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php +++ b/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php @@ -97,7 +97,10 @@ abstract class Barrett extends Base 'm1' => $m1, // m.length ]; } else { - extract($cache[self::DATA][$key]); + [ + 'u' => $u, + 'm1' => $m1 + ] = $cache[self::DATA][$key]; } $cutoff = $m_length + ($m_length >> 1); diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index fa92d1c5..67a54219 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -3027,8 +3027,7 @@ class SFTP extends SSH2 if (strlen($this->packet_buffer) < 4) { throw new RuntimeException('Packet is too small'); } - extract(unpack('Nlength', Strings::shift($this->packet_buffer, 4))); - /** @var integer $length */ + ['length' => $length] = unpack('Nlength', Strings::shift($this->packet_buffer, 4)); $tempLength = $length; $tempLength -= strlen($this->packet_buffer); @@ -3058,7 +3057,7 @@ class SFTP extends SSH2 $this->packet_type = ord(Strings::shift($this->packet_buffer)); if ($this->use_request_id) { - extract(unpack('Npacket_id', Strings::shift($this->packet_buffer, 4))); // remove the request id + ['packet_id' => $packet_id] = unpack('Npacket_id', Strings::shift($this->packet_buffer, 4)); // remove the request id $length -= 5; // account for the request id and the packet type } else { $length -= 1; // account for the packet type diff --git a/phpseclib/Net/SFTP/Stream.php b/phpseclib/Net/SFTP/Stream.php index 8bd71ac8..8dbcfe3d 100644 --- a/phpseclib/Net/SFTP/Stream.php +++ b/phpseclib/Net/SFTP/Stream.php @@ -124,7 +124,15 @@ class Stream protected function parse_path(string $path) { $orig = $path; - extract(parse_url($path) + ['port' => 22]); + $url = parse_url($path) + ['port' => 22]; + + $keys = ['scheme', 'host', 'port', 'user', 'pass', 'path', 'query', 'fragment']; + foreach ($keys as $key) { + if (isset($url[$key])) { + $$key = $url[$key]; + } + } + if (isset($query)) { $path .= '?' . $query; } elseif (preg_match('/(\?|\?#)$/', $orig)) { diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 8570a1f1..58494a3b 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -3408,7 +3408,7 @@ class SSH2 } $padding_length = 0; $payload = $packet->plain; - extract(unpack('Cpadding_length', Strings::shift($payload, 1))); + ['padding_length' => $padding_length] = unpack('Cpadding_length', Strings::shift($payload, 1)); if ($padding_length > 0) { Strings::pop($payload, $padding_length); } @@ -3500,13 +3500,13 @@ class SSH2 switch ($this->decryptName) { case 'aes128-gcm@openssh.com': case 'aes256-gcm@openssh.com': - extract(unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size))); + ['packet_length' => $packet_length] = unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size)); $packet->size = $packet_length_header_size + $packet_length + $this->decrypt_block_size; // expect tag break; case 'chacha20-poly1305@openssh.com': $this->lengthDecrypt->setNonce(pack('N2', 0, $this->get_seq_no)); $packet_length_header = $this->lengthDecrypt->decrypt(substr($packet->raw, 0, $packet_length_header_size)); - extract(unpack('Npacket_length', $packet_length_header)); + ['packet_length' => $packet_length] = unpack('Npacket_length', $packet_length_header); $packet->size = $packet_length_header_size + $packet_length + 16; // expect tag break; default: @@ -3515,17 +3515,17 @@ class SSH2 return; } $packet->plain = $this->decrypt->decrypt(substr($packet->raw, 0, $this->decrypt_block_size)); - extract(unpack('Npacket_length', Strings::shift($packet->plain, $packet_length_header_size))); + ['packet_length' => $packet_length] = unpack('Npacket_length', Strings::shift($packet->plain, $packet_length_header_size)); $packet->size = $packet_length_header_size + $packet_length; $added_validation_length = $packet_length_header_size; } else { - extract(unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size))); + ['packet_length' => $packet_length] = unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size)); $packet->size = $packet_length_header_size + $packet_length; } break; } } else { - extract(unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size))); + ['packet_length' => $packet_length] = unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size)); $packet->size = $packet_length_header_size + $packet_length; $added_validation_length = $packet_length_header_size; } @@ -3621,7 +3621,11 @@ class SSH2 switch (ord($payload[0])) { case MessageType::CHANNEL_REQUEST: if (strlen($payload) == 31) { - extract(unpack('cpacket_type/Nchannel/Nlength', $payload)); + [ + 'packet_type' => $packet_type, + 'channel' => $channel, + 'length' => $length + ] = unpack('cpacket_type/Nchannel/Nlength', $payload); if (substr($payload, 9, $length) == 'keepalive@openssh.com' && isset($this->server_channels[$channel])) { if (ord(substr($payload, 9 + $length))) { // want reply $this->send_binary_packet(pack('CN', MessageType::CHANNEL_SUCCESS, $this->server_channels[$channel]));