xle/tt-rss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bump 'spomky-labs/otphp' to 11.3.x.

Browse Source 
This is mainly for PHP 8.4 compatibility.
This commit is contained in:
wn_
2024-12-09 17:58:28 +00:00
parent cd2c10f9f7
commit f6a8facfd4
232 changed files with 1263 additions and 54377 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
vendor/paragonie/constant_time_encoding/README.md vendored
View File

@@ -1,6 +1,7 @@
# Constant-Time Encoding
[![Build Status](https://github.com/paragonie/constant_time_encoding/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/constant_time_encoding/actions)
[![Static Analysis](https://github.com/paragonie/constant_time_encoding/actions/workflows/psalm.yml/badge.svg)](https://github.com/paragonie/constant_time_encoding/actions)
[![Latest Stable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/stable)](https://packagist.org/packages/paragonie/constant_time_encoding)
[![Latest Unstable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/unstable)](https://packagist.org/packages/paragonie/constant_time_encoding)
[![License](https://poser.pugx.org/paragonie/constant_time_encoding/license)](https://packagist.org/packages/paragonie/constant_time_encoding)
@@ -11,7 +12,7 @@ this library aims to offer character encoding functions that do not leak
information about what you are encoding/decoding via processor cache
misses. Further reading on [cache-timing attacks](http://blog.ircmaxell.com/2014/11/its-all-about-time.html).
Our fork offers the following enchancements:
Our fork offers the following enhancements:
* `mbstring.func_overload` resistance
* Unit tests
@@ -22,10 +23,13 @@ Our fork offers the following enchancements:
## PHP Version Requirements
Version 2 of this library should work on **PHP 7** or newer. For PHP 5
support, see [the v1.x branch](https://github.com/paragonie/constant_time_encoding/tree/v1.x).
Version 3 of this library should work on **PHP 8** or newer.
If you are adding this as a dependency to a project intended to work on both PHP 5 and PHP 7, please set the required version to `^1|^2` instead of just `^1` or `^2`.
Version 2 of this library should work on **PHP 7** or newer. See [the v2.x branch](https://github.com/paragonie/constant_time_encoding/tree/v2.x).
For PHP 5 support, see [the v1.x branch](https://github.com/paragonie/constant_time_encoding/tree/v1.x).
If you are adding this as a dependency to a project intended to work on PHP 5 through 8.4, please set the required version to `^1|^2|^3`.
## How to Install

6
vendor/paragonie/constant_time_encoding/composer.json vendored
View File

@@ -37,11 +37,11 @@
"source": "https://github.com/paragonie/constant_time_encoding"
},
"require": {
"php": "^7|^8"
"php": "^8"
},
"require-dev": {
"phpunit/phpunit": "^6|^7|^8|^9",
"vimeo/psalm": "^1|^2|^3|^4"
"phpunit/phpunit": "^9",
"vimeo/psalm": "^4|^5"
},
"autoload": {
"psr-4": {

56
vendor/paragonie/constant_time_encoding/src/Base32.php vendored
View File

@@ -44,8 +44,11 @@ abstract class Base32 implements EncoderInterface
* @param bool $strictPadding
* @return string
*/
public static function decode(string $encodedString, bool $strictPadding = false): string
{
public static function decode(
#[\SensitiveParameter]
string $encodedString,
bool $strictPadding = false
): string {
return static::doDecode($encodedString, false, $strictPadding);
}
@@ -56,8 +59,11 @@ abstract class Base32 implements EncoderInterface
* @param bool $strictPadding
* @return string
*/
public static function decodeUpper(string $src, bool $strictPadding = false): string
{
public static function decodeUpper(
#[\SensitiveParameter]
string $src,
bool $strictPadding = false
): string {
return static::doDecode($src, true, $strictPadding);
}
@@ -68,10 +74,13 @@ abstract class Base32 implements EncoderInterface
* @return string
* @throws TypeError
*/
public static function encode(string $binString): string
{
public static function encode(
#[\SensitiveParameter]
string $binString
): string {
return static::doEncode($binString, false, true);
}
/**
* Encode into Base32 (RFC 4648)
*
@@ -79,8 +88,10 @@ abstract class Base32 implements EncoderInterface
* @return string
* @throws TypeError
*/
public static function encodeUnpadded(string $src): string
{
public static function encodeUnpadded(
#[\SensitiveParameter]
string $src
): string {
return static::doEncode($src, false, false);
}
@@ -91,8 +102,10 @@ abstract class Base32 implements EncoderInterface
* @return string
* @throws TypeError
*/
public static function encodeUpper(string $src): string
{
public static function encodeUpper(
#[\SensitiveParameter]
string $src
): string {
return static::doEncode($src, true, true);
}
@@ -103,8 +116,10 @@ abstract class Base32 implements EncoderInterface
* @return string
* @throws TypeError
*/
public static function encodeUpperUnpadded(string $src): string
{
public static function encodeUpperUnpadded(
#[\SensitiveParameter]
string $src
): string {
return static::doEncode($src, true, false);
}
@@ -191,8 +206,11 @@ abstract class Base32 implements EncoderInterface
* @param bool $upper
* @return string
*/
public static function decodeNoPadding(string $encodedString, bool $upper = false): string
{
public static function decodeNoPadding(
#[\SensitiveParameter]
string $encodedString,
bool $upper = false
): string {
$srcLen = Binary::safeStrlen($encodedString);
if ($srcLen === 0) {
return '';
@@ -222,9 +240,9 @@ abstract class Base32 implements EncoderInterface
* @return string
*
* @throws TypeError
* @psalm-suppress RedundantCondition
*/
protected static function doDecode(
#[\SensitiveParameter]
string $src,
bool $upper = false,
bool $strictPadding = false
@@ -434,8 +452,12 @@ abstract class Base32 implements EncoderInterface
* @return string
* @throws TypeError
*/
protected static function doEncode(string $src, bool $upper = false, $pad = true): string
{
protected static function doEncode(
#[\SensitiveParameter]
string $src,
bool $upper = false,
$pad = true
): string {
// We do this to reduce code duplication:
$method = $upper
? 'encode5BitsUpper'

43
vendor/paragonie/constant_time_encoding/src/Base64.php vendored
View File

@@ -47,8 +47,10 @@ abstract class Base64 implements EncoderInterface
*
* @throws TypeError
*/
public static function encode(string $binString): string
{
public static function encode(
#[\SensitiveParameter]
string $binString
): string {
return static::doEncode($binString, true);
}
@@ -62,8 +64,10 @@ abstract class Base64 implements EncoderInterface
*
* @throws TypeError
*/
public static function encodeUnpadded(string $src): string
{
public static function encodeUnpadded(
#[\SensitiveParameter]
string $src
): string {
return static::doEncode($src, false);
}
@@ -74,8 +78,11 @@ abstract class Base64 implements EncoderInterface
*
* @throws TypeError
*/
protected static function doEncode(string $src, bool $pad = true): string
{
protected static function doEncode(
#[\SensitiveParameter]
string $src,
bool $pad = true
): string {
$dest = '';
$srcLen = Binary::safeStrlen($src);
// Main loop (no padding):
@@ -129,10 +136,12 @@ abstract class Base64 implements EncoderInterface
*
* @throws RangeException
* @throws TypeError
* @psalm-suppress RedundantCondition
*/
public static function decode(string $encodedString, bool $strictPadding = false): string
{
public static function decode(
#[\SensitiveParameter]
string $encodedString,
bool $strictPadding = false
): string {
// Remove padding
$srcLen = Binary::safeStrlen($encodedString);
if ($srcLen === 0) {
@@ -227,25 +236,21 @@ abstract class Base64 implements EncoderInterface
* @param string $encodedString
* @return string
*/
public static function decodeNoPadding(string $encodedString): string
{
public static function decodeNoPadding(
#[\SensitiveParameter]
string $encodedString
): string {
$srcLen = Binary::safeStrlen($encodedString);
if ($srcLen === 0) {
return '';
}
if (($srcLen & 3) === 0) {
if ($encodedString[$srcLen - 1] === '=') {
// If $strLen is not zero, and it is divisible by 4, then it's at least 4.
if ($encodedString[$srcLen - 1] === '=' || $encodedString[$srcLen - 2] === '=') {
throw new InvalidArgumentException(
"decodeNoPadding() doesn't tolerate padding"
);
}
if (($srcLen & 3) > 1) {
if ($encodedString[$srcLen - 2] === '=') {
throw new InvalidArgumentException(
"decodeNoPadding() doesn't tolerate padding"
);
}
}
}
return static::decode(
$encodedString,

9
vendor/paragonie/constant_time_encoding/src/Binary.php vendored
View File

@@ -45,8 +45,10 @@ abstract class Binary
* @param string $str
* @return int
*/
public static function safeStrlen(string $str): int
{
public static function safeStrlen(
#[\SensitiveParameter]
string $str
): int {
if (\function_exists('mb_strlen')) {
// mb_strlen in PHP 7.x can return false.
/** @psalm-suppress RedundantCast */
@@ -70,9 +72,10 @@ abstract class Binary
* @throws TypeError
*/
public static function safeSubstr(
#[\SensitiveParameter]
string $str,
int $start = 0,
$length = null
?int $length = null
): string {
if ($length === 0) {
return '';

108
vendor/paragonie/constant_time_encoding/src/Encoding.php vendored
View File

@@ -40,8 +40,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32Encode(string $str): string
{
public static function base32Encode(
#[\SensitiveParameter]
string $str
): string {
return Base32::encode($str);
}
@@ -52,8 +54,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32EncodeUpper(string $str): string
{
public static function base32EncodeUpper(
#[\SensitiveParameter]
string $str
): string {
return Base32::encodeUpper($str);
}
@@ -64,8 +68,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32Decode(string $str): string
{
public static function base32Decode(
#[\SensitiveParameter]
string $str
): string {
return Base32::decode($str);
}
@@ -76,8 +82,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32DecodeUpper(string $str): string
{
public static function base32DecodeUpper(
#[\SensitiveParameter]
string $str
): string {
return Base32::decodeUpper($str);
}
@@ -88,8 +96,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32HexEncode(string $str): string
{
public static function base32HexEncode(
#[\SensitiveParameter]
string $str
): string {
return Base32Hex::encode($str);
}
@@ -100,8 +110,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32HexEncodeUpper(string $str): string
{
public static function base32HexEncodeUpper(
#[\SensitiveParameter]
string $str
): string {
return Base32Hex::encodeUpper($str);
}
@@ -112,8 +124,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32HexDecode(string $str): string
{
public static function base32HexDecode(
#[\SensitiveParameter]
string $str
): string {
return Base32Hex::decode($str);
}
@@ -124,8 +138,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base32HexDecodeUpper(string $str): string
{
public static function base32HexDecodeUpper(
#[\SensitiveParameter]
string $str
): string {
return Base32Hex::decodeUpper($str);
}
@@ -136,8 +152,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base64Encode(string $str): string
{
public static function base64Encode(
#[\SensitiveParameter]
string $str
): string {
return Base64::encode($str);
}
@@ -148,8 +166,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base64Decode(string $str): string
{
public static function base64Decode(
#[\SensitiveParameter]
string $str
): string {
return Base64::decode($str);
}
@@ -161,8 +181,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base64EncodeDotSlash(string $str): string
{
public static function base64EncodeDotSlash(
#[\SensitiveParameter]
string $str
): string {
return Base64DotSlash::encode($str);
}
@@ -176,8 +198,10 @@ abstract class Encoding
* @throws \RangeException
* @throws TypeError
*/
public static function base64DecodeDotSlash(string $str): string
{
public static function base64DecodeDotSlash(
#[\SensitiveParameter]
string $str
): string {
return Base64DotSlash::decode($str);
}
@@ -189,8 +213,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function base64EncodeDotSlashOrdered(string $str): string
{
public static function base64EncodeDotSlashOrdered(
#[\SensitiveParameter]
string $str
): string {
return Base64DotSlashOrdered::encode($str);
}
@@ -204,8 +230,10 @@ abstract class Encoding
* @throws \RangeException
* @throws TypeError
*/
public static function base64DecodeDotSlashOrdered(string $str): string
{
public static function base64DecodeDotSlashOrdered(
#[\SensitiveParameter]
string $str
): string {
return Base64DotSlashOrdered::decode($str);
}
@@ -217,8 +245,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function hexEncode(string $bin_string): string
{
public static function hexEncode(
#[\SensitiveParameter]
string $bin_string
): string {
return Hex::encode($bin_string);
}
@@ -230,8 +260,10 @@ abstract class Encoding
* @return string (raw binary)
* @throws \RangeException
*/
public static function hexDecode(string $hex_string): string
{
public static function hexDecode(
#[\SensitiveParameter]
string $hex_string
): string {
return Hex::decode($hex_string);
}
@@ -243,8 +275,10 @@ abstract class Encoding
* @return string
* @throws TypeError
*/
public static function hexEncodeUpper(string $bin_string): string
{
public static function hexEncodeUpper(
#[\SensitiveParameter]
string $bin_string
): string {
return Hex::encodeUpper($bin_string);
}
@@ -255,8 +289,10 @@ abstract class Encoding
* @param string $bin_string (raw binary)
* @return string
*/
public static function hexDecodeUpper(string $bin_string): string
{
public static function hexDecodeUpper(
#[\SensitiveParameter]
string $bin_string
): string {
return Hex::decode($bin_string);
}
}

13
vendor/paragonie/constant_time_encoding/src/Hex.php vendored
View File

@@ -42,8 +42,10 @@ abstract class Hex implements EncoderInterface
* @return string
* @throws TypeError
*/
public static function encode(string $binString): string
{
public static function encode(
#[\SensitiveParameter]
string $binString
): string {
$hex = '';
$len = Binary::safeStrlen($binString);
for ($i = 0; $i < $len; ++$i) {
@@ -69,8 +71,10 @@ abstract class Hex implements EncoderInterface
* @return string
* @throws TypeError
*/
public static function encodeUpper(string $binString): string
{
public static function encodeUpper(
#[\SensitiveParameter]
string $binString
): string {
$hex = '';
$len = Binary::safeStrlen($binString);
@@ -99,6 +103,7 @@ abstract class Hex implements EncoderInterface
* @throws RangeException
*/
public static function decode(
#[\SensitiveParameter]
string $encodedString,
bool $strictPadding = false
): string {

62
vendor/paragonie/constant_time_encoding/src/RFC4648.php vendored
View File

@@ -46,8 +46,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base64Encode(string $str): string
{
public static function base64Encode(
#[\SensitiveParameter]
string $str
): string {
return Base64::encode($str);
}
@@ -61,8 +63,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base64Decode(string $str): string
{
public static function base64Decode(
#[\SensitiveParameter]
string $str
): string {
return Base64::decode($str, true);
}
@@ -76,8 +80,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base64UrlSafeEncode(string $str): string
{
public static function base64UrlSafeEncode(
#[\SensitiveParameter]
string $str
): string {
return Base64UrlSafe::encode($str);
}
@@ -91,8 +97,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base64UrlSafeDecode(string $str): string
{
public static function base64UrlSafeDecode(
#[\SensitiveParameter]
string $str
): string {
return Base64UrlSafe::decode($str, true);
}
@@ -106,8 +114,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base32Encode(string $str): string
{
public static function base32Encode(
#[\SensitiveParameter]
string $str
): string {
return Base32::encodeUpper($str);
}
@@ -121,8 +131,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base32Decode(string $str): string
{
public static function base32Decode(
#[\SensitiveParameter]
string $str
): string {
return Base32::decodeUpper($str, true);
}
@@ -136,8 +148,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base32HexEncode(string $str): string
{
public static function base32HexEncode(
#[\SensitiveParameter]
string $str
): string {
return Base32::encodeUpper($str);
}
@@ -151,8 +165,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base32HexDecode(string $str): string
{
public static function base32HexDecode(
#[\SensitiveParameter]
string $str
): string {
return Base32::decodeUpper($str, true);
}
@@ -166,8 +182,10 @@ abstract class RFC4648
*
* @throws TypeError
*/
public static function base16Encode(string $str): string
{
public static function base16Encode(
#[\SensitiveParameter]
string $str
): string {
return Hex::encodeUpper($str);
}
@@ -179,8 +197,10 @@ abstract class RFC4648
* @param string $str
* @return string
*/
public static function base16Decode(string $str): string
{
public static function base16Decode(
#[\SensitiveParameter]
string $str
): string {
return Hex::decode($str, true);
}
}
}