diff --git a/build/psalm_baseline.xml b/build/psalm_baseline.xml
index e525188b..9fc0cd61 100644
--- a/build/psalm_baseline.xml
+++ b/build/psalm_baseline.xml
@@ -1712,11 +1712,6 @@
string
-
- string
- string
- string
-
validatePlugin
@@ -1934,11 +1929,9 @@
$encryptionAlgorithm
-
- $password
-
-
+
$key
+ $password
$matches[1]
@@ -2411,10 +2404,9 @@
$message
-
+
getPublicKey
sign
- withPassword
@@ -2878,11 +2870,6 @@
$key === false
-
-
- withPassword
-
-
8
@@ -3196,9 +3183,6 @@
$args[0]
-
- string
-
$args
@@ -3277,6 +3261,9 @@
$key[$type . 'Algorithm']['parameters']->element
+
+ $password
+
$decoded[0]
$decoded[0]
@@ -3468,6 +3455,9 @@
$comment
+
+ $password
+
$parsed['comment']
$parsed['publicKey']
@@ -3517,6 +3507,9 @@
$key[$type . 'Algorithm']['parameters']->element
+
+ $password
+
$decoded[0]
$decoded[0]
@@ -3544,9 +3537,6 @@
$y
$y
-
- string
-
$components['public']
@@ -3554,6 +3544,9 @@
$private
$public
+
+ $password
+
PuTTY
@@ -6074,10 +6067,10 @@
$publicKey[0]
-
+
!empty($password) && is_string($password)
is_string($password)
-
+
toBytes
@@ -6199,6 +6192,9 @@
$decoded
$key
+
+ $password
+
$decoded[0]
$decoded[0]
@@ -6273,8 +6269,10 @@
$key['privateKey']
-
+
$key['privateKey']
+ $password
+ $password
$key['privateKey']
@@ -6326,9 +6324,6 @@
$publicKey
-
- string
-
$components['type']
$length
@@ -6354,6 +6349,9 @@
$length
$length
+
+ $password
+
$public[1]
$public[1]
@@ -6591,9 +6589,11 @@
$password
-
+
!empty($password) && is_string($password)
is_string($password)
+
+
isset($public)
@@ -6688,7 +6688,7 @@
getPublicKey
sign
-
+
$curve::HASH
$curve::SIZE
$curve::SIZE
@@ -6698,7 +6698,6 @@
$this->curve->getBasePoint()
$this->dA->secret
$this->dA->toBytes()
- $this->withPassword()->toString('libsodium')
$r
@@ -6719,7 +6718,7 @@
string
string
-
+
$format::save($r, $s)
$format::save($r, $s)
$format::save($r, $s, $this->getCurve())
@@ -6734,7 +6733,6 @@
toBytes
toBytes
toBytes
- toString
withContext
@@ -7452,10 +7450,6 @@
-
- string
- string
-
$key
@@ -7949,10 +7943,10 @@
$primes[1]
$primes[2]
-
+
!empty($password) && is_string($password)
is_string($password)
-
+
is_string($key)
@@ -7991,6 +7985,9 @@
$comment
+
+ $password
+
$coefficients[2]
$primes[1]
@@ -8010,6 +8007,10 @@
+
+ string|false
+ string|false
+
$decoded[0]
$decoded[0]
@@ -8030,9 +8031,15 @@
$components['primes'][]
$primeInfo
+
+ $password
+
$key
+
+ $password
+
$coefficients[2]
$decoded[0]
@@ -8061,6 +8068,9 @@
$result['meta']
+
+ $password
+
savePrivateKey
@@ -8125,11 +8135,12 @@
toString
-
+
$decoded[0]
$decoded[0]
$params['hashAlgorithm']['algorithm']
$params['maskGenAlgorithm']['parameters']['algorithm']
+ $password
$decoded[0]
@@ -8211,6 +8222,9 @@
$private
$public
+
+ $password
+
$coefficients[2]
$primes[1]
@@ -8263,10 +8277,10 @@
subtract
subtract
-
+
!empty($password) && is_string($password)
is_string($password)
-
+
Raw
@@ -10616,7 +10630,7 @@
signSPKAC
translateDNProp
-
+
$attribute['value']
$attribute['value']
$attribute['value']
@@ -10667,7 +10681,6 @@
$ipAddress
$ip[0]
$ip[1]
- $issuer->privateKey->withPassword()->toString('PSS')
$key
$key
$key
@@ -11072,7 +11085,7 @@
array|false
bool
-
+
__toString
add
equals
@@ -11080,7 +11093,6 @@
getPublicKey
toBytes
toString
- toString
$issuer->privateKey->sign($this->signatureSubject)
@@ -16577,8 +16589,7 @@
-
- $dsa
+
$sig
@@ -16691,13 +16702,12 @@
$sig = $privateKey->sign('')
$sig = $privateKey->sign('')
-
+
$QA
$curve
$dA
$oid
$privateKey
- $privatekey
$public
$publicKey
$publickey
@@ -16728,14 +16738,12 @@
$signature2
$signature2
-
+
createRandomMultiplier
getBasePoint
getBasePoint
- getPublicKey
multiplyPoint
sign
- sign
verify
verify
verify
@@ -16850,18 +16858,16 @@
$components['dA']
-
+
$key
- $password
load
-
+
$key
- $password
load
@@ -17159,9 +17165,6 @@
-
- false
-
$key
@@ -17169,14 +17172,10 @@
$key
$pass
-
- $encryptedKey
+
$key
$key
$pass
- $pass
- $pass
- $pass
$r['meta']['algorithm']
$r['meta']['cipher']
$r['meta']['prf']
@@ -17196,20 +17195,16 @@
$r['meta']['cipher']
$r['meta']['prf']
-
- $encryptedKey
+
$key
- $key2
$rsa
$rsa
$rsa2
$sig
-
+
sign
toString
- toString
- toString
withPadding
@@ -17249,9 +17244,6 @@
LoadKeyTest
LoadKeyTest
-
- RSA::load($key, false, 'PKCS8')
-
asPrivateKey
sign
diff --git a/phpseclib/Crypt/Common/AsymmetricKey.php b/phpseclib/Crypt/Common/AsymmetricKey.php
index 745ff4bd..51ebd5c6 100644
--- a/phpseclib/Crypt/Common/AsymmetricKey.php
+++ b/phpseclib/Crypt/Common/AsymmetricKey.php
@@ -127,9 +127,8 @@ abstract class AsymmetricKey
* Load the key
*
* @param string|array $key
- * @param string $password optional
*/
- public static function load($key, $password = false): AsymmetricKey
+ public static function load($key, ?string $password = null): AsymmetricKey
{
self::initialize_static_variables();
@@ -208,10 +207,9 @@ abstract class AsymmetricKey
/**
* Load the key, assuming a specific format
*
- * @param string $password optional
* @return static
*/
- public static function loadFormat(string $type, string $key, $password = false): AsymmetricKey
+ public static function loadFormat(string $type, string $key, ?string $password = null): AsymmetricKey
{
self::initialize_static_variables();
@@ -237,10 +235,8 @@ abstract class AsymmetricKey
/**
* Loads a private key
- *
- * @param string $password optional
*/
- public static function loadPrivateKeyFormat(string $type, string $key, $password = false): PrivateKey
+ public static function loadPrivateKeyFormat(string $type, string $key, ?string $password = null): PrivateKey
{
$key = self::loadFormat($type, $key, $password);
if (!$key instanceof PrivateKey) {
diff --git a/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php b/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php
index c238f46a..fb321957 100644
--- a/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php
@@ -57,9 +57,8 @@ abstract class OpenSSH
* $type can be either ssh-dss or ssh-rsa
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
diff --git a/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php b/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php
index c6d56f7c..98edbd4c 100644
--- a/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php
@@ -106,10 +106,9 @@ abstract class PKCS1 extends PKCS
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
* @return array|string
*/
- protected static function load($key, $password = '')
+ protected static function load($key, ?string $password = null)
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
diff --git a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
index d5a9db4e..bd75eb4b 100644
--- a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
@@ -295,16 +295,15 @@ abstract class PKCS8 extends PKCS
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- protected static function load($key, $password = ''): array
+ protected static function load($key, ?string $password = null): array
{
$decoded = self::preParse($key);
$meta = [];
$decrypted = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP);
- if ($password !== false && strlen($password) && is_array($decrypted)) {
+ if ($password !== null && strlen($password) && is_array($decrypted)) {
$algorithm = $decrypted['encryptionAlgorithm']['algorithm'];
switch ($algorithm) {
// PBES1
diff --git a/phpseclib/Crypt/Common/PrivateKey.php b/phpseclib/Crypt/Common/PrivateKey.php
index fd0b9d69..518f9b53 100644
--- a/phpseclib/Crypt/Common/PrivateKey.php
+++ b/phpseclib/Crypt/Common/PrivateKey.php
@@ -26,7 +26,7 @@ interface PrivateKey
public function toString(string $type, array $options = []): string;
/**
- * @param string|false $password
+ * @return static
*/
- public function withPassword($password = false);
+ public function withPassword(?string $password = null): PrivateKey;
}
diff --git a/phpseclib/Crypt/Common/Traits/PasswordProtected.php b/phpseclib/Crypt/Common/Traits/PasswordProtected.php
index f238d005..984e1986 100644
--- a/phpseclib/Crypt/Common/Traits/PasswordProtected.php
+++ b/phpseclib/Crypt/Common/Traits/PasswordProtected.php
@@ -23,11 +23,9 @@ namespace phpseclib3\Crypt\Common\Traits;
trait PasswordProtected
{
/**
- * Password
- *
- * @var string|bool
+ * @var string|null
*/
- private $password = false;
+ private $password = null;
/**
* Sets the password
@@ -37,9 +35,10 @@ trait PasswordProtected
*
* @see self::createKey()
* @see self::load()
- * @param string|bool $password
+ *
+ * @return static
*/
- public function withPassword($password = false)
+ public function withPassword(?string $password = null): self
{
$new = clone $this;
$new->password = $password;
diff --git a/phpseclib/Crypt/DH.php b/phpseclib/Crypt/DH.php
index 05d3e6a1..90897591 100644
--- a/phpseclib/Crypt/DH.php
+++ b/phpseclib/Crypt/DH.php
@@ -307,9 +307,8 @@ abstract class DH extends AsymmetricKey
* Load the key
*
* @param string|array $key
- * @param string $password optional
*/
- public static function load($key, $password = false): AsymmetricKey
+ public static function load($key, ?string $password = null): AsymmetricKey
{
try {
return EC::load($key, $password);
diff --git a/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php b/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php
index 96d19b0b..93d9c987 100644
--- a/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php
@@ -39,9 +39,8 @@ abstract class PKCS1 extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
$key = parent::load($key, $password);
diff --git a/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php b/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php
index 6b97630a..493eaba2 100644
--- a/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php
@@ -59,9 +59,8 @@ abstract class PKCS8 extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@@ -103,11 +102,8 @@ abstract class PKCS8 extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password optional
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $prime, BigInteger $base, BigInteger $privateKey, BigInteger $publicKey, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $prime, BigInteger $base, BigInteger $privateKey, BigInteger $publicKey, ?string $password = null, array $options = []): string
{
$params = [
'prime' => $prime,
diff --git a/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php b/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php
index 42181959..fa061236 100644
--- a/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php
@@ -39,9 +39,8 @@ abstract class OpenSSH extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
$parsed = parent::load($key, $password);
@@ -94,11 +93,8 @@ abstract class OpenSSH extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, ?string $password = null, array $options = []): string
{
$publicKey = self::savePublicKey($p, $q, $g, $y, ['binary' => true]);
$privateKey = Strings::packSSH2('si5', 'ssh-dss', $p, $q, $g, $y, $x);
diff --git a/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php b/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php
index 00832bbb..a59d8e80 100644
--- a/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php
@@ -46,9 +46,8 @@ abstract class PKCS1 extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
$key = parent::load($key, $password);
diff --git a/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php b/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php
index 28633e8e..911cef3f 100644
--- a/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php
@@ -63,9 +63,8 @@ abstract class PKCS8 extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@@ -113,11 +112,8 @@ abstract class PKCS8 extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, ?string $password = null, array $options = []): string
{
$params = [
'p' => $p,
diff --git a/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php b/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php
index 26f4d73b..8d3d9832 100644
--- a/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php
@@ -69,11 +69,8 @@ abstract class PuTTY extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string $password optional
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false, array $options = []): string
+ public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, ?string $password = null, array $options = []): string
{
if ($q->getLength() != 160) {
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
diff --git a/phpseclib/Crypt/DSA/Formats/Keys/Raw.php b/phpseclib/Crypt/DSA/Formats/Keys/Raw.php
index 4358b3bc..ceca9cb8 100644
--- a/phpseclib/Crypt/DSA/Formats/Keys/Raw.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/Raw.php
@@ -30,9 +30,8 @@ abstract class Raw
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!is_array($key)) {
throw new \UnexpectedValueException('Key should be a array - not a ' . gettype($key));
diff --git a/phpseclib/Crypt/DSA/Formats/Keys/XML.php b/phpseclib/Crypt/DSA/Formats/Keys/XML.php
index e3a27335..cc104a45 100644
--- a/phpseclib/Crypt/DSA/Formats/Keys/XML.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/XML.php
@@ -35,10 +35,8 @@ abstract class XML
{
/**
* Break a public or private key down into its constituent components
- *
- * @param string|false $password
*/
- public static function load(string $key, $password = ''): array
+ public static function load(string $key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
diff --git a/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php b/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php
index c48a560e..af58e1d6 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php
@@ -43,10 +43,8 @@ abstract class MontgomeryPrivate
/**
* Break a public or private key down into its constituent components
- *
- * @param string|false $password
*/
- public static function load(string $key, $password = ''): array
+ public static function load(string $key, ?string $password = null): array
{
switch (strlen($key)) {
case 32:
@@ -82,9 +80,8 @@ abstract class MontgomeryPrivate
* Convert a private key to the appropriate format.
*
* @param Integer[] $publicKey
- * @param string|false $password
*/
- public static function savePrivateKey(BigInteger $privateKey, MontgomeryCurve $curve, array $publicKey, $password = ''): string
+ public static function savePrivateKey(BigInteger $privateKey, MontgomeryCurve $curve, array $publicKey, ?string $password = null): string
{
if (!empty($password) && is_string($password)) {
throw new UnsupportedFormatException('MontgomeryPrivate private keys do not support encryption');
diff --git a/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php b/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php
index 76b71b2f..b3874ca9 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php
@@ -34,10 +34,8 @@ abstract class MontgomeryPublic
/**
* Break a public or private key down into its constituent components
- *
- * @param string|false $password
*/
- public static function load(string $key, $password = ''): array
+ public static function load(string $key, ?string $password = null): array
{
switch (strlen($key)) {
case 32:
diff --git a/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php b/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php
index 8212f43f..bce9c257 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php
@@ -49,9 +49,8 @@ abstract class OpenSSH extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
$parsed = parent::load($key, $password);
diff --git a/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php b/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php
index dbd89141..10477504 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php
@@ -52,9 +52,8 @@ abstract class PKCS1 extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
self::initialize_static_variables();
@@ -164,10 +163,8 @@ abstract class PKCS1 extends Progenitor
* Convert a private key to the appropriate format.
*
* @param Integer[] $publicKey
- * @param string|false $password
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, ?string $password = null, array $options = []): string
{
self::initialize_static_variables();
diff --git a/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php b/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php
index 2afcafb4..b1bb2df3 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php
@@ -65,9 +65,8 @@ abstract class PKCS8 extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
// initialize_static_variables() is defined in both the trait and the parent class
// when it's defined in two places it's the traits one that's called
@@ -201,10 +200,8 @@ abstract class PKCS8 extends Progenitor
* Convert a private key to the appropriate format.
*
* @param Integer[] $publicKey
- * @param string|false $password
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, ?string $password = null, array $options = []): string
{
self::initialize_static_variables();
diff --git a/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php b/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php
index 5f3a4195..181a95d6 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php
@@ -86,10 +86,8 @@ abstract class PuTTY extends Progenitor
* Convert a private key to the appropriate format.
*
* @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey
- * @param string $password optional
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $password = false, array $options = []): string
+ public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, ?string $password = null, array $options = []): string
{
self::initialize_static_variables();
diff --git a/phpseclib/Crypt/EC/Formats/Keys/XML.php b/phpseclib/Crypt/EC/Formats/Keys/XML.php
index d452e275..894b2fed 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/XML.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/XML.php
@@ -57,9 +57,8 @@ abstract class XML
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
self::initialize_static_variables();
diff --git a/phpseclib/Crypt/EC/Formats/Keys/libsodium.php b/phpseclib/Crypt/EC/Formats/Keys/libsodium.php
index 125b5e01..9ee1deb4 100644
--- a/phpseclib/Crypt/EC/Formats/Keys/libsodium.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/libsodium.php
@@ -39,10 +39,8 @@ abstract class libsodium
/**
* Break a public or private key down into its constituent components
- *
- * @param string|false $password optional
*/
- public static function load(string $key, $password = ''): array
+ public static function load(string $key, ?string $password = null): array
{
switch (strlen($key)) {
case 32:
@@ -89,9 +87,8 @@ abstract class libsodium
* Convert a private key to the appropriate format.
*
* @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey
- * @param string|false $password
*/
- public static function savePrivateKey(BigInteger $privateKey, Ed25519 $curve, array $publicKey, $password = ''): string
+ public static function savePrivateKey(BigInteger $privateKey, Ed25519 $curve, array $publicKey, ?string $password = null): string
{
if (!isset($privateKey->secret)) {
throw new \RuntimeException('Private Key does not have a secret set');
diff --git a/phpseclib/Crypt/PublicKeyLoader.php b/phpseclib/Crypt/PublicKeyLoader.php
index a103dd59..2d515a44 100644
--- a/phpseclib/Crypt/PublicKeyLoader.php
+++ b/phpseclib/Crypt/PublicKeyLoader.php
@@ -32,9 +32,8 @@ abstract class PublicKeyLoader
* Loads a public or private key
*
* @param string|array $key
- * @param string $password optional
*/
- public static function load($key, $password = false): AsymmetricKey
+ public static function load($key, ?string $password = null): AsymmetricKey
{
try {
return EC::load($key, $password);
@@ -68,9 +67,8 @@ abstract class PublicKeyLoader
* Loads a private key
*
* @param string|array $key
- * @param string $password optional
*/
- public static function loadPrivateKey($key, $password = false): PrivateKey
+ public static function loadPrivateKey($key, ?string $password = null): PrivateKey
{
$key = self::load($key, $password);
if (!$key instanceof PrivateKey) {
diff --git a/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php b/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php
index 517e64da..8bc43d3b 100644
--- a/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php
+++ b/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php
@@ -64,9 +64,8 @@ abstract class MSBLOB
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@@ -168,10 +167,8 @@ abstract class MSBLOB
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password
*/
- public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = ''): string
+ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null): string
{
if (count($primes) != 2) {
throw new \InvalidArgumentException('MSBLOB does not support multi-prime RSA keys');
diff --git a/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php b/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php
index f9b4dbf2..579c3fac 100644
--- a/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php
+++ b/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php
@@ -39,9 +39,8 @@ abstract class OpenSSH extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
static $one;
if (!isset($one)) {
@@ -109,11 +108,8 @@ abstract class OpenSSH extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password optional
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
{
$publicKey = self::savePublicKey($n, $e, ['binary' => true]);
$privateKey = Strings::packSSH2('si6', 'ssh-rsa', $n, $e, $d, $coefficients[2], $primes[1], $primes[2]);
diff --git a/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php b/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php
index 1bb347cf..a5723558 100644
--- a/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php
@@ -43,7 +43,7 @@ abstract class PKCS1 extends Progenitor
* @param string|array $key
* @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@@ -106,7 +106,7 @@ abstract class PKCS1 extends Progenitor
* @param string|false $password
* @param array $options optional
*/
- public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
{
$num_primes = count($primes);
$key = [
diff --git a/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php b/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php
index b37f5b25..6a6495a4 100644
--- a/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php
@@ -64,9 +64,8 @@ abstract class PKCS8 extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@@ -105,11 +104,8 @@ abstract class PKCS8 extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
{
$key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients);
$key = ASN1::extractBER($key);
diff --git a/phpseclib/Crypt/RSA/Formats/Keys/PSS.php b/phpseclib/Crypt/RSA/Formats/Keys/PSS.php
index bc1802b7..e4b64dda 100644
--- a/phpseclib/Crypt/RSA/Formats/Keys/PSS.php
+++ b/phpseclib/Crypt/RSA/Formats/Keys/PSS.php
@@ -94,9 +94,8 @@ abstract class PSS extends Progenitor
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
self::initialize_static_variables();
@@ -154,11 +153,8 @@ abstract class PSS extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
{
self::initialize_static_variables();
diff --git a/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php b/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php
index 14e76c03..d446ec6a 100644
--- a/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php
+++ b/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php
@@ -86,11 +86,8 @@ abstract class PuTTY extends Progenitor
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password optional
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
{
if (count($primes) != 2) {
throw new \InvalidArgumentException('PuTTY does not support multi-prime RSA keys');
diff --git a/phpseclib/Crypt/RSA/Formats/Keys/Raw.php b/phpseclib/Crypt/RSA/Formats/Keys/Raw.php
index 7721d768..73b27a5e 100644
--- a/phpseclib/Crypt/RSA/Formats/Keys/Raw.php
+++ b/phpseclib/Crypt/RSA/Formats/Keys/Raw.php
@@ -39,9 +39,8 @@ abstract class Raw
* Break a public or private key down into its constituent components
*
* @param string|array $key
- * @param string|false $password
*/
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!is_array($key)) {
throw new \UnexpectedValueException('Key should be a array - not a ' . gettype($key));
@@ -139,11 +138,8 @@ abstract class Raw
/**
* Convert a private key to the appropriate format.
- *
- * @param string|false $password optional
- * @param array $options optional
*/
- public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []): string
+ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
{
if (!empty($password) && is_string($password)) {
throw new UnsupportedFormatException('Raw private keys do not support encryption');
diff --git a/phpseclib/System/SSH/Agent/Identity.php b/phpseclib/System/SSH/Agent/Identity.php
index d5eb6a80..48981ee4 100644
--- a/phpseclib/System/SSH/Agent/Identity.php
+++ b/phpseclib/System/SSH/Agent/Identity.php
@@ -298,10 +298,9 @@ class Identity implements PrivateKey
/**
* Sets the password
*
- * @param string|bool $password
* @return never
*/
- public function withPassword($password = false)
+ public function withPassword(?string $password = null): PrivateKey
{
throw new \RuntimeException('ssh-agent does not provide a mechanism to get the private key');
}
diff --git a/tests/Unit/Crypt/EC/Ed448PrivateKey.php b/tests/Unit/Crypt/EC/Ed448PrivateKey.php
index cf4f4cd4..c5b8b0d6 100644
--- a/tests/Unit/Crypt/EC/Ed448PrivateKey.php
+++ b/tests/Unit/Crypt/EC/Ed448PrivateKey.php
@@ -9,7 +9,7 @@ use phpseclib3\Crypt\EC\Curves\Ed448;
class Ed448PrivateKey
{
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
diff --git a/tests/Unit/Crypt/EC/Ed448PublicKey.php b/tests/Unit/Crypt/EC/Ed448PublicKey.php
index 88b16521..f919b246 100644
--- a/tests/Unit/Crypt/EC/Ed448PublicKey.php
+++ b/tests/Unit/Crypt/EC/Ed448PublicKey.php
@@ -12,7 +12,7 @@ class Ed448PublicKey
{
use Common;
- public static function load($key, $password = ''): array
+ public static function load($key, ?string $password = null): array
{
if (!Strings::is_stringable($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
diff --git a/tests/Unit/Crypt/RSA/LoadKeyTest.php b/tests/Unit/Crypt/RSA/LoadKeyTest.php
index a9a8c849..a24b4cea 100644
--- a/tests/Unit/Crypt/RSA/LoadKeyTest.php
+++ b/tests/Unit/Crypt/RSA/LoadKeyTest.php
@@ -431,7 +431,7 @@ qMnD/pkHR/NFcYSYShUJS0cHyryVl7/eCclsQlZTRdnVTtKF9xPGTQC8fK0G7BDN
Z2sKniRCcDT1ZP4=
-----END PRIVATE KEY-----';
- $rsa = RSA::load($key, false, 'PKCS8');
+ $rsa = RSA::load($key);
$this->assertInstanceOf(PrivateKey::class, $rsa);
}