From fd60b073f5b18bea6a9ff0b3643ca8e27bff4506 Mon Sep 17 00:00:00 2001 From: Meow May <3164256+MayMeow@users.noreply.github.com> Date: Fri, 8 Oct 2021 08:41:21 +0200 Subject: [PATCH 1/5] :wrench: add phpstan --- .github/workflows/php.yml | 11 ++++++- composer.json | 6 ++-- composer.lock | 66 ++++++++++++++++++++++++++++++++++++++- phpstan.neon | 6 ++++ 4 files changed, 85 insertions(+), 4 deletions(-) create mode 100644 phpstan.neon diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index b23e164..01b48ef 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -17,7 +17,7 @@ jobs: composer_script: 'test' - qa: + codesniffer: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -25,5 +25,14 @@ jobs: uses: MayMeowHQ/composer-run-action@v1 with: composer_script: 'codesniffer' + + stan: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Composer run action PHPStan + uses: MayMeowHQ/composer-run-action@v1 + with: + composer_script: 'stan' diff --git a/composer.json b/composer.json index 0cf9928..a6cf694 100644 --- a/composer.json +++ b/composer.json @@ -22,10 +22,12 @@ }, "require-dev": { "phpunit/phpunit": "^9.5", - "squizlabs/php_codesniffer": "^3.6" + "squizlabs/php_codesniffer": "^3.6", + "phpstan/phpstan": "^0.12.99" }, "scripts": { "test": "phpunit tests", - "codesniffer": "phpcs --standard=PSR2 src" + "codesniffer": "phpcs --standard=PSR2 src", + "stan": "phpstan analyse" } } diff --git a/composer.lock b/composer.lock index 9870fda..6592ba2 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "0aabbf8aff99cb016d4b4ef16ebf55e8", + "content-hash": "38f1e62e03a8651c9952bd4b77ea8c21", "packages": [], "packages-dev": [ { @@ -527,6 +527,70 @@ }, "time": "2021-09-10T09:02:12+00:00" }, + { + "name": "phpstan/phpstan", + "version": "0.12.99", + "source": { + "type": "git", + "url": "https://github.com/phpstan/phpstan.git", + "reference": "b4d40f1d759942f523be267a1bab6884f46ca3f7" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/b4d40f1d759942f523be267a1bab6884f46ca3f7", + "reference": "b4d40f1d759942f523be267a1bab6884f46ca3f7", + "shasum": "" + }, + "require": { + "php": "^7.1|^8.0" + }, + "conflict": { + "phpstan/phpstan-shim": "*" + }, + "bin": [ + "phpstan", + "phpstan.phar" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "0.12-dev" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "PHPStan - PHP Static Analysis Tool", + "support": { + "issues": "https://github.com/phpstan/phpstan/issues", + "source": "https://github.com/phpstan/phpstan/tree/0.12.99" + }, + "funding": [ + { + "url": "https://github.com/ondrejmirtes", + "type": "github" + }, + { + "url": "https://github.com/phpstan", + "type": "github" + }, + { + "url": "https://www.patreon.com/phpstan", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpstan/phpstan", + "type": "tidelift" + } + ], + "time": "2021-09-12T20:09:55+00:00" + }, { "name": "phpunit/php-code-coverage", "version": "9.2.7", diff --git a/phpstan.neon b/phpstan.neon new file mode 100644 index 0000000..faf161a --- /dev/null +++ b/phpstan.neon @@ -0,0 +1,6 @@ +parameters: + level: 7 + checkMissingIterableValueType: false + treatPhpDocTypesAsCertain: false + paths: + - src From f4b12e751cb24ff3d2adfb81c5f163eaf7f18ab9 Mon Sep 17 00:00:00 2001 From: May Meow Date: Sun, 10 Oct 2021 14:31:25 +0200 Subject: [PATCH 2/5] refrectoring --- src/AESCryptoServiceProvider.php | 48 ++++++++++++++++++-------- src/Exceptions/DecryptException.php | 13 +++++++ src/Exceptions/IvGenerateException.php | 13 +++++++ src/RSAParameters.php | 25 ++++++++------ 4 files changed, 74 insertions(+), 25 deletions(-) create mode 100644 src/Exceptions/DecryptException.php create mode 100644 src/Exceptions/IvGenerateException.php diff --git a/src/AESCryptoServiceProvider.php b/src/AESCryptoServiceProvider.php index 2f2a4cf..6d3fce8 100644 --- a/src/AESCryptoServiceProvider.php +++ b/src/AESCryptoServiceProvider.php @@ -2,22 +2,26 @@ namespace MayMeow\Cryptography; +use _PHPStan_76800bfb5\Nette\Neon\Exception; +use MayMeow\Cryptography\Exceptions\DecryptException; +use MayMeow\Cryptography\Exceptions\IvGenerateException; + class AESCryptoServiceProvider { const CIPHER_TYPE_GCM = 'aes-256-gcm'; const DEFAULT_GCM_TAG_LENGTH = 16; - protected $cipher; + protected string $cipher; - protected $iv; + protected string $iv; - protected $key; + protected string $key; - protected $aad = "127.0.0.1"; + protected string $aad = "127.0.0.1"; - protected $tag; + protected string $tag; - public function __construct($cipher = null) + public function __construct(string $cipher = null) { if ($cipher == null) { $this->cipher = static::CIPHER_TYPE_GCM; @@ -27,10 +31,10 @@ public function __construct($cipher = null) } /** - * @param $iv + * @param string $iv * @return AESCryptoServiceProvider */ - public function setIV($iv): AESCryptoServiceProvider + public function setIV(string $iv): AESCryptoServiceProvider { $this->iv = $iv; @@ -38,10 +42,10 @@ public function setIV($iv): AESCryptoServiceProvider } /** - * @param $key + * @param string $key * @return AESCryptoServiceProvider */ - public function setKey($key): AESCryptoServiceProvider + public function setKey(string $key): AESCryptoServiceProvider { $this->key = $key; @@ -54,7 +58,8 @@ public function setKey($key): AESCryptoServiceProvider public function generateKey() { if (in_array($this->cipher, openssl_get_cipher_methods())) { - $this->key = openssl_random_pseudo_bytes(32); + + if ($key = openssl_random_pseudo_bytes(32)) $this->key = $key; return $this->key; } @@ -68,7 +73,10 @@ public function generateKey() public function generateIV() { if (in_array($this->cipher, openssl_get_cipher_methods())) { - $this->iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($this->cipher)); + + if ($ivLength = openssl_cipher_iv_length($this->cipher)) { + if ($iv = openssl_random_pseudo_bytes($ivLength)) $this->iv = $iv; + } return $this->iv; } @@ -98,20 +106,26 @@ public function encrypt(string $plainText): string } /** - * Returns decrypted text * @param string $encryptedData * @return string + * @throws DecryptException + * @throws IvGenerateException */ public function decrypt(string $encryptedData): string { $c = base64_decode($encryptedData); - $iv_len = openssl_cipher_iv_length($this->cipher); + if ($ivLength = openssl_cipher_iv_length($this->cipher)) { + $iv_len = $ivLength; + } else { + throw new IvGenerateException(); + } + $this->iv = substr($c, 0, $iv_len); $this->tag = substr($c, $iv_len, static::DEFAULT_GCM_TAG_LENGTH); $encryptedBytes = substr($c, $iv_len + static::DEFAULT_GCM_TAG_LENGTH); - return openssl_decrypt( + $decryptedText = openssl_decrypt( $encryptedBytes, $this->cipher, $this->key, @@ -120,5 +134,9 @@ public function decrypt(string $encryptedData): string $this->tag, $this->aad ); + + if ($decryptedText == false) throw new DecryptException(); + + return $decryptedText; } } diff --git a/src/Exceptions/DecryptException.php b/src/Exceptions/DecryptException.php new file mode 100644 index 0000000..1016651 --- /dev/null +++ b/src/Exceptions/DecryptException.php @@ -0,0 +1,13 @@ +passphrase = $passphrase; } - openssl_pkey_export($keys, $private, $passphrase, $configArgs); - $this->privateKey = $private; + if ($keys) { + openssl_pkey_export($keys, $private, $passphrase, $configArgs); + $this->privateKey = $private; - $pub = openssl_pkey_get_details($keys); - $this->publicKey = $pub['key']; + $pub = openssl_pkey_get_details($keys); + + if (is_array($pub)) { + $this->publicKey = $pub['key']; + } + } return $this; } @@ -43,7 +48,7 @@ public function generateKeys(?string $passphrase = null, ?array $configArgs = nu /** * @return string */ - public function getPrivateKey() + public function getPrivateKey() : string { if ($this->passphrase != null && $this->privateKey != null) { return openssl_pkey_get_private($this->privateKey, $this->passphrase); @@ -55,7 +60,7 @@ public function getPrivateKey() /** * @param string $privateKey */ - public function setPrivateKey($privateKey): void + public function setPrivateKey(string $privateKey): void { $this->privateKey = $privateKey; } @@ -63,7 +68,7 @@ public function setPrivateKey($privateKey): void /** * @return string */ - public function getPublicKey() + public function getPublicKey() : string { return $this->publicKey; } @@ -71,7 +76,7 @@ public function getPublicKey() /** * @param string $publicKey */ - public function setPublicKey($publicKey): void + public function setPublicKey(string $publicKey): void { $this->publicKey = $publicKey; } From ab413e1d1402445cbbbc19c5c701c218e614be96 Mon Sep 17 00:00:00 2001 From: May Meow Date: Sun, 10 Oct 2021 14:43:10 +0200 Subject: [PATCH 3/5] refractoring --- src/AESCryptoServiceProvider.php | 16 ++++++++++------ src/Exceptions/DecryptException.php | 2 +- src/Exceptions/IvGenerateException.php | 2 +- src/RSAParameters.php | 15 +++++++++++---- 4 files changed, 23 insertions(+), 12 deletions(-) diff --git a/src/AESCryptoServiceProvider.php b/src/AESCryptoServiceProvider.php index 6d3fce8..2d04c41 100644 --- a/src/AESCryptoServiceProvider.php +++ b/src/AESCryptoServiceProvider.php @@ -19,7 +19,7 @@ class AESCryptoServiceProvider protected string $aad = "127.0.0.1"; - protected string $tag; + protected string $tag = ''; public function __construct(string $cipher = null) { @@ -58,8 +58,9 @@ public function setKey(string $key): AESCryptoServiceProvider public function generateKey() { if (in_array($this->cipher, openssl_get_cipher_methods())) { - - if ($key = openssl_random_pseudo_bytes(32)) $this->key = $key; + if ($key = openssl_random_pseudo_bytes(32)) { + $this->key = $key; + } return $this->key; } @@ -73,9 +74,10 @@ public function generateKey() public function generateIV() { if (in_array($this->cipher, openssl_get_cipher_methods())) { - if ($ivLength = openssl_cipher_iv_length($this->cipher)) { - if ($iv = openssl_random_pseudo_bytes($ivLength)) $this->iv = $iv; + if ($iv = openssl_random_pseudo_bytes($ivLength)) { + $this->iv = $iv; + } } return $this->iv; @@ -135,7 +137,9 @@ public function decrypt(string $encryptedData): string $this->aad ); - if ($decryptedText == false) throw new DecryptException(); + if ($decryptedText == false) { + throw new DecryptException(); + } return $decryptedText; } diff --git a/src/Exceptions/DecryptException.php b/src/Exceptions/DecryptException.php index 1016651..f6b7ee6 100644 --- a/src/Exceptions/DecryptException.php +++ b/src/Exceptions/DecryptException.php @@ -10,4 +10,4 @@ public function __construct(string $message = "Cannot decrypt text", int $code = { parent::__construct($message, $code, $previous); } -} \ No newline at end of file +} diff --git a/src/Exceptions/IvGenerateException.php b/src/Exceptions/IvGenerateException.php index 1eab9b1..fc18d98 100644 --- a/src/Exceptions/IvGenerateException.php +++ b/src/Exceptions/IvGenerateException.php @@ -10,4 +10,4 @@ public function __construct(string $message = "Cannot generate IV", int $code = { parent::__construct($message, $code, $previous); } -} \ No newline at end of file +} diff --git a/src/RSAParameters.php b/src/RSAParameters.php index e2f26bc..5bb92ff 100644 --- a/src/RSAParameters.php +++ b/src/RSAParameters.php @@ -46,15 +46,22 @@ public function generateKeys(?string $passphrase = null, ?array $configArgs = nu } /** - * @return string + * @return resource|string + * @throws \Exception */ - public function getPrivateKey() : string + public function getPrivateKey() { if ($this->passphrase != null && $this->privateKey != null) { - return openssl_pkey_get_private($this->privateKey, $this->passphrase); + $privateKeyResource = openssl_pkey_get_private($this->privateKey, $this->passphrase); + + if ($privateKeyResource == false) { + throw new \Exception("Cannot decrypt private key with given password"); + } + + return $privateKeyResource; } - return $this->publicKey; + return $this->privateKey; } /** From b0b38b20908699d64e179b7b3a87b731e472b9b2 Mon Sep 17 00:00:00 2001 From: May Meow Date: Sun, 10 Oct 2021 15:39:12 +0200 Subject: [PATCH 4/5] refractoring --- src/AESCryptoServiceProvider.php | 1 - src/Exceptions/DecryptPrivateKeyException.php | 16 +++++++++ src/Exceptions/NotImplementedException.php | 13 +++++++ src/RSACryptoServiceProvider.php | 34 +++++++++++-------- src/RSAParameters.php | 6 ++-- 5 files changed, 52 insertions(+), 18 deletions(-) create mode 100644 src/Exceptions/DecryptPrivateKeyException.php create mode 100644 src/Exceptions/NotImplementedException.php diff --git a/src/AESCryptoServiceProvider.php b/src/AESCryptoServiceProvider.php index 2d04c41..9c4701e 100644 --- a/src/AESCryptoServiceProvider.php +++ b/src/AESCryptoServiceProvider.php @@ -2,7 +2,6 @@ namespace MayMeow\Cryptography; -use _PHPStan_76800bfb5\Nette\Neon\Exception; use MayMeow\Cryptography\Exceptions\DecryptException; use MayMeow\Cryptography\Exceptions\IvGenerateException; diff --git a/src/Exceptions/DecryptPrivateKeyException.php b/src/Exceptions/DecryptPrivateKeyException.php new file mode 100644 index 0000000..ff568b9 --- /dev/null +++ b/src/Exceptions/DecryptPrivateKeyException.php @@ -0,0 +1,16 @@ +parameters->getPrivateKey(); @@ -40,10 +42,10 @@ public function decrypt($encryptedText) : string } /** - * @param $plainText + * @param string $plainText * @return string */ - public function privateEncrypt($plainText) : string + public function privateEncrypt(string $plainText) : string { $encrypted = ''; $privKey = $this->parameters->getPrivateKey(); @@ -54,10 +56,10 @@ public function privateEncrypt($plainText) : string } /** - * @param $encryptedText + * @param string $encryptedText * @return string */ - public function publicDecrypt($encryptedText) : string + public function publicDecrypt(string $encryptedText) : string { $plainText = ''; openssl_public_decrypt(base64_decode($encryptedText), $plainText, $this->parameters->getPublicKey()); @@ -72,18 +74,20 @@ public function publicDecrypt($encryptedText) : string protected function seal(string $plain_text) : string { //openssl_open($plain_text, $sealed_data, $ekeys, [$this->parameters->getPrivateKey()]) + + throw new NotImplementedException(); } - protected function open() + protected function open() : string { - // todo + throw new NotImplementedException(); } /** - * @param $data + * @param string $data * @return string */ - public function sign($data) : string + public function sign(string $data) : string { $privKey = $this->getPrivateKey(); @@ -93,11 +97,11 @@ public function sign($data) : string } /** - * @param $data - * @param $signature + * @param string $data + * @param string $signature * @return bool */ - public function verify($data, $signature) : bool + public function verify(string $data, string $signature) : bool { $verification = openssl_verify( $data, @@ -120,8 +124,8 @@ public function getFingerPrint() : string } /** - * @return string - * @deprecated + * @return resource|string + * @throws Exceptions\DecryptPrivateKeyException */ private function getPrivateKey() { diff --git a/src/RSAParameters.php b/src/RSAParameters.php index 5bb92ff..5db8938 100644 --- a/src/RSAParameters.php +++ b/src/RSAParameters.php @@ -2,6 +2,8 @@ namespace MayMeow\Cryptography; +use MayMeow\Cryptography\Exceptions\DecryptPrivateKeyException; + class RSAParameters { private string $privateKey; @@ -47,7 +49,7 @@ public function generateKeys(?string $passphrase = null, ?array $configArgs = nu /** * @return resource|string - * @throws \Exception + * @throws DecryptPrivateKeyException */ public function getPrivateKey() { @@ -55,7 +57,7 @@ public function getPrivateKey() $privateKeyResource = openssl_pkey_get_private($this->privateKey, $this->passphrase); if ($privateKeyResource == false) { - throw new \Exception("Cannot decrypt private key with given password"); + throw new DecryptPrivateKeyException(); } return $privateKeyResource; From e32a80383c9c67cf61903bc70e85ace0e2649c51 Mon Sep 17 00:00:00 2001 From: May Meow Date: Sun, 10 Oct 2021 15:48:03 +0200 Subject: [PATCH 5/5] refractoring --- src/AESCryptoServiceProvider.php | 10 ++++++++++ src/CryptoKey.php | 2 ++ src/RSACryptoServiceProvider.php | 12 +++++++++--- 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/src/AESCryptoServiceProvider.php b/src/AESCryptoServiceProvider.php index 9c4701e..0b650a0 100644 --- a/src/AESCryptoServiceProvider.php +++ b/src/AESCryptoServiceProvider.php @@ -30,6 +30,8 @@ public function __construct(string $cipher = null) } /** + * Set IV + * * @param string $iv * @return AESCryptoServiceProvider */ @@ -41,6 +43,8 @@ public function setIV(string $iv): AESCryptoServiceProvider } /** + * Set key needed for encryption + * * @param string $key * @return AESCryptoServiceProvider */ @@ -52,6 +56,8 @@ public function setKey(string $key): AESCryptoServiceProvider } /** + * Generate key + * * @return bool|string */ public function generateKey() @@ -68,6 +74,8 @@ public function generateKey() } /** + * Generate IV + * * @return bool|string */ public function generateIV() @@ -107,6 +115,8 @@ public function encrypt(string $plainText): string } /** + * Decrypt given text + * * @param string $encryptedData * @return string * @throws DecryptException diff --git a/src/CryptoKey.php b/src/CryptoKey.php index bb66bac..d2395d9 100644 --- a/src/CryptoKey.php +++ b/src/CryptoKey.php @@ -11,6 +11,8 @@ public function helloWorld() : string } /** + * Derivate cryptographic key from given password + * * @param string $password * @param string|null $salt * @param int $iterations diff --git a/src/RSACryptoServiceProvider.php b/src/RSACryptoServiceProvider.php index 9f5c4d8..3d5129d 100644 --- a/src/RSACryptoServiceProvider.php +++ b/src/RSACryptoServiceProvider.php @@ -114,16 +114,22 @@ public function verify(string $data, string $signature) : bool } /** + * Returns fingerprint from given public key + * * @return string */ - public function getFingerPrint() : string + public function getFingerPrint(string $publicKey = null) : string { - $fingerprint = join(':', str_split(md5(base64_decode($this->parameters->getPublicKey())), 2)); + if ($publicKey == null) { + $publicKey = $this->parameters->getPublicKey(); + } - return $fingerprint; + return join(':', str_split(md5(base64_decode($publicKey)), 2)); } /** + * Returns RSA Parameters private key + * * @return resource|string * @throws Exceptions\DecryptPrivateKeyException */