Psalm coverage to everywhere except phpseclib/Crypt/, phpseclib/Math/ and tests/

Revert "Removed remaining tabs" This reverts commit 31c077d6b1. Revert "Whitespace php-cs-fixer.php rules added" This reverts commit 25e336614d. Addressing comments
2024-11-17 18:55:13 +00:00 · 2022-02-04 18:55:29 -06:00 · 2022-02-04 18:55:29 -06:00 · b96fc26dbc
commit b96fc26dbc
parent f96f3505a8
9 changed files with 54 additions and 35 deletions
--- a/build/psalm.xml
+++ b/build/psalm.xml
@ -9,7 +9,15 @@
    sealAllMethods="true"
 >
    <projectFiles>
+        <directory name="../phpseclib/Common"/>
+<!--        <directory name="../phpseclib/Crypt"/>-->
+        <directory name="../phpseclib/Exception"/>
+        <directory name="../phpseclib/File"/>
+<!--        <directory name="../phpseclib/Math"/>-->
        <directory name="../phpseclib/Net"/>
+        <directory name="../phpseclib/System"/>
+        <file name="../phpseclib/bootstrap.php"/>
+<!--        <directory name="../tests"/>-->
    </projectFiles>
    <issueHandlers>
        <Trace>
--- a/phpseclib/Common/Functions/Strings.php
+++ b/phpseclib/Common/Functions/Strings.php
@ -158,14 +158,14 @@ abstract class Strings
    /**
     * Create SSH2-style string
     *
+     * @param string $format
     * @param string|int|float|array|bool ...$elements
     * @access public
     * @return string
     */
-    public static function packSSH2(...$elements)
+    public static function packSSH2($format, ...$elements)
    {
-        $format = self::formatPack($elements[0]);
-        array_shift($elements);
+        $format = self::formatPack($format);
        if (strlen($format) != count($elements)) {
            throw new \InvalidArgumentException('There must be as many arguments as there are characters in the $format string');
        }
@ -410,9 +410,9 @@ abstract class Strings
    /**
     * Find whether the type of a variable is string (or could be converted to one)
     *
-     * @param string|object $var
-     * @return boolean
-     * @access public
+     * @param mixed $var
+     * @return bool
+     * @psalm-assert-if-true string|\Stringable $var
     */
    public static function is_stringable($var)
    {
--- a/phpseclib/Crypt/Common/PrivateKey.php
+++ b/phpseclib/Crypt/Common/PrivateKey.php
@ -26,5 +26,10 @@ interface PrivateKey
    //public function decrypt($ciphertext);
    public function getPublicKey();
    public function toString($type, array $options = []);
-    public function withPassword($string = false);
+
+    /**
+     * @param string|false $password
+     * @return mixed
+     */
+    public function withPassword($password = false);
 }
--- a/phpseclib/Crypt/Common/Traits/PasswordProtected.php
+++ b/phpseclib/Crypt/Common/Traits/PasswordProtected.php
@ -40,7 +40,7 @@ trait PasswordProtected
     * @see self::createKey()
     * @see self::load()
     * @access public
-     * @param string|boolean $password
+     * @param string|bool $password
     */
    public function withPassword($password = false)
    {
@ -48,4 +48,4 @@ trait PasswordProtected
        $new->password = $password;
        return $new;
    }
-}
+}
--- a/phpseclib/File/ANSI.php
+++ b/phpseclib/File/ANSI.php
@ -128,7 +128,7 @@ class ANSI
    /**
     * The current screen text
     *
-     * @var array
+     * @var list<string>
     * @access private
     */
    private $screen;
@ -289,13 +289,13 @@ class ANSI
                        switch (true) {
                            case preg_match('#\x1B\[(\d+)B#', $this->ansi, $match): // Move cursor down n lines
                                $this->old_y = $this->y;
-                                $this->y+= $match[1];
+                                $this->y += (int) $match[1];
                                break;
                            case preg_match('#\x1B\[(\d+);(\d+)H#', $this->ansi, $match): // Move cursor to screen location v,h
                                $this->old_x = $this->x;
                                $this->old_y = $this->y;
                                $this->x = $match[2] - 1;
-                                $this->y = $match[1] - 1;
+                                $this->y = (int) $match[1] - 1;
                                break;
                            case preg_match('#\x1B\[(\d+)C#', $this->ansi, $match): // Move cursor right n lines
                                $this->old_x = $this->x;
--- a/phpseclib/File/ASN1.php
+++ b/phpseclib/File/ASN1.php
@ -202,7 +202,7 @@ abstract class ASN1
     *
     * Serves a similar purpose to openssl's asn1parse
     *
-     * @param string $encoded
+     * @param Element|string $encoded
     * @return array
     * @access public
     */
@ -528,7 +528,7 @@ abstract class ASN1
     * @param array $decoded
     * @param array $mapping
     * @param array $special
-     * @return array|bool|Element
+     * @return array|bool|Element|string|null
     * @access public
     */
    public static function asn1map($decoded, $mapping, $special = [])
@ -792,7 +792,6 @@ abstract class ASN1
            case self::TYPE_NULL:
                return '';
            case self::TYPE_BOOLEAN:
-                return $decoded['content'];
            case self::TYPE_NUMERIC_STRING:
            case self::TYPE_PRINTABLE_STRING:
            case self::TYPE_TELETEX_STRING:
@ -865,7 +864,7 @@ abstract class ASN1
    /**
     * ASN.1 Encode (Helper function)
     *
-     * @param Element|string|array $source
+     * @param Element|string|array|null $source
     * @param array $mapping
     * @param int $idx
     * @param array $special
@ -1270,7 +1269,7 @@ abstract class ASN1
     * @access private
     * @param string $content
     * @param int $tag
-     * @return string
+     * @return \DateTime|false
     */
    private static function decodeTime($content, $tag)
    {
--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@ -165,7 +165,7 @@ class X509
    /**
     * Public key
     *
-     * @var string
+     * @var string|PublicKey
     * @access private
     */
    private $publicKey;
@ -173,7 +173,7 @@ class X509
    /**
     * Private key
     *
-     * @var string
+     * @var string|PrivateKey
     * @access private
     */
    private $privateKey;
@ -225,7 +225,7 @@ class X509
    /**
     * Certificate End Date
     *
-     * @var string
+     * @var string|Element
     * @access private
     */
    private $endDate;
@ -1110,7 +1110,7 @@ class X509

        if ($value = $this->getDNProp('id-at-commonName')) {
            $value = str_replace(['.', '*'], ['\.', '[^.]*'], $value[0]);
-            return preg_match('#^' . $value . '$#', $components['host']);
+            return preg_match('#^' . $value . '$#', $components['host']) === 1;
        }

        return false;
@ -1123,7 +1123,7 @@ class X509
     *
     * @param \DateTimeInterface|string $date optional
     * @access public
-     * @return boolean
+     * @return bool
     */
    public function validateDate($date = null)
    {
@ -1132,7 +1132,7 @@ class X509
        }

        if (!isset($date)) {
-            $date = new \DateTimeImmutable(null, new \DateTimeZone(@date_default_timezone_get()));
+            $date = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get()));
        }

        $notBefore = $this->currentCert['tbsCertificate']['validity']['notBefore'];
@ -1844,7 +1844,7 @@ class X509
     * @param mixed $format optional
     * @param array $dn optional
     * @access public
-     * @return array|bool
+     * @return array|bool|string
     */
    public function getDN($format = self::DN_ARRAY, $dn = null)
    {
@ -2133,7 +2133,7 @@ class X509
     *
     * @param PublicKey $key
     * @access public
-     * @return bool
+     * @return void
     */
    public function setPublicKey(PublicKey $key)
    {
@ -2382,6 +2382,10 @@ class X509
            $this->currentCert = false;
            return false;
        }
+        if (!is_array($spkac)) {
+            $this->currentCert = false;
+            return false;
+        }

        $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']);

@ -3765,7 +3769,7 @@ class X509
     * Format a public key as appropriate
     *
     * @access private
-     * @return array|bool
+     * @return array|false
     */
    private function formatSubjectPublicKey()
    {
@ -3777,6 +3781,9 @@ class X509

        $decoded = ASN1::decodeBER($publicKey);
        $mapped = ASN1::asn1map($decoded[0], Maps\SubjectPublicKeyInfo::MAP);
+        if (!is_array($mapped)) {
+            return false;
+        }

        $mapped['subjectPublicKey'] = $this->publicKey->toString($format);

@ -3786,9 +3793,9 @@ class X509
    /**
     * Set the domain name's which the cert is to be valid for
     *
-     * @param mixed[] ...$domains
+     * @param mixed ...$domains
     * @access public
-     * @return array
+     * @return void
     */
    public function setDomain(...$domains)
    {
--- a/phpseclib/System/SSH/Agent.php
+++ b/phpseclib/System/SSH/Agent.php
@ -211,11 +211,10 @@ class Agent
     * Signal that agent forwarding should
     * be requested when a channel is opened
     *
-     * @param \phpseclib3\Net\SSH2 $ssh
-     * @return bool
+     * @return void
     * @access public
     */
-    public function startSSHForwarding($ssh)
+    public function startSSHForwarding()
    {
        if ($this->forward_status == self::FORWARD_NONE) {
            $this->forward_status = self::FORWARD_REQUEST;
--- a/phpseclib/System/SSH/Agent/Identity.php
+++ b/phpseclib/System/SSH/Agent/Identity.php
@ -19,6 +19,7 @@ namespace phpseclib3\System\SSH\Agent;

 use phpseclib3\Common\Functions\Strings;
 use phpseclib3\Crypt\Common\PrivateKey;
+use phpseclib3\Crypt\Common\PublicKey;
 use phpseclib3\Crypt\DSA;
 use phpseclib3\Crypt\EC;
 use phpseclib3\Crypt\RSA;
@ -50,7 +51,7 @@ class Identity implements PrivateKey
    /**
     * Key Object
     *
-     * @var \phpseclib3\Crypt\RSA
+     * @var PublicKey
     * @access private
     * @see self::getPublicKey()
     */
@ -101,7 +102,6 @@ class Identity implements PrivateKey
     * Default Constructor.
     *
     * @param resource $fsock
-     * @return \phpseclib3\System\SSH\Agent\Identity
     * @access private
     */
    public function __construct($fsock)
@ -201,7 +201,7 @@ class Identity implements PrivateKey
                    $expectedHash = 'sha512';
            }
            if ($hash != $expectedHash) {
-                throw new UnsupportedAlgorithmException('The only supported hash for ' . self::$curveAliases[$key->getCurve()] . ' is ' . $expectedHash);
+                throw new UnsupportedAlgorithmException('The only supported hash for ' . self::$curveAliases[$this->key->getCurve()] . ' is ' . $expectedHash);
            }
        }
        if ($this->key instanceof DSA) {
@ -327,7 +327,8 @@ class Identity implements PrivateKey
     * Sets the password
     *
     * @access public
-     * @param string|boolean $password
+     * @param string|bool $password
+     * @return never
     */
    public function withPassword($password = false)
    {