diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index 918e1fc0..fe963ac6 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -49,9 +49,8 @@ jobs: with: # Should be the higest supported version, so we can use the newest tools php-version: '8.3' - tools: composer, composer-require-checker, composer-unused, phpcs, psalm - # optional performance gain for psalm: opcache - extensions: ctype, date, dom, filter, hash, mbstring, opcache, openssl, pcre, spl, xml + tools: composer, composer-require-checker, composer-unused, phpcs, phpstan + extensions: ctype, date, dom, filter, hash, mbstring, openssl, pcre, spl, xml coverage: none - name: Setup problem matchers for PHP @@ -84,27 +83,13 @@ jobs: - name: PHP Code Sniffer run: phpcs - - name: Psalm - continue-on-error: true - run: | - psalm -c psalm.xml \ - --show-info=true \ - --shepherd \ - --php-version=${{ steps.setup-php.outputs.php-version }} - - - name: Psalm (testsuite) + - name: PHPStan run: | - psalm -c psalm-dev.xml \ - --show-info=true \ - --shepherd \ - --php-version=${{ steps.setup-php.outputs.php-version }} + phpstan analyze -c phpstan.neon - - name: Psalter + - name: PHPStan (testsuite) run: | - psalm --alter \ - --issues=UnnecessaryVarAnnotation \ - --dry-run \ - --php-version=${{ steps.setup-php.outputs.php-version }} + phpstan analyze -c phpstan-dev.neon security: name: Security checks diff --git a/README.md b/README.md index 61b27fe8..25153ae9 100644 --- a/README.md +++ b/README.md @@ -3,8 +3,7 @@ [![Build Status](https://github.com/simplesamlphp/xml-security/workflows/CI/badge.svg?branch=master)](https://github.com/simplesamlphp/xml-security/actions) [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/simplesamlphp/xml-security/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/simplesamlphp/xml-security/?branch=master) [![Coverage Status](https://codecov.io/gh/simplesamlphp/xml-security/branch/master/graph/badge.svg)](https://codecov.io/gh/simplesamlphp/xml-security) -[![Type coverage](https://shepherd.dev/github/simplesamlphp/xml-security/coverage.svg)](https://shepherd.dev/github/simplesamlphp/xml-security) -[![Psalm Level](https://shepherd.dev/github/simplesamlphp/xml-security/level.svg)](https://shepherd.dev/github/simplesamlphp/xml-security) +[![PHPStan Enabled](https://img.shields.io/badge/PHPStan-enabled-brightgreen.svg?style=flat)](https://github.com/simplesamlphp/xml-security) This library implements XML signatures and encryption. It provides an extensible interface that allows you to use your own signature and encryption diff --git a/composer.json b/composer.json index 753079a8..c6a86b10 100644 --- a/composer.json +++ b/composer.json @@ -42,8 +42,8 @@ "ext-pcre": "*", "ext-spl": "*", - "simplesamlphp/assert": "^1.0", - "simplesamlphp/xml-common": "^1.14" + "simplesamlphp/assert": "^1.1", + "simplesamlphp/xml-common": "^1.15" }, "require-dev": { "simplesamlphp/simplesamlphp-test-framework": "^1.5" diff --git a/phpstan-dev.neon b/phpstan-dev.neon new file mode 100644 index 00000000..57972f5d --- /dev/null +++ b/phpstan-dev.neon @@ -0,0 +1,4 @@ +parameters: + level: 6 + paths: + - tests diff --git a/phpstan.neon b/phpstan.neon new file mode 100644 index 00000000..db37782f --- /dev/null +++ b/phpstan.neon @@ -0,0 +1,4 @@ +parameters: + level: 6 + paths: + - src diff --git a/src/Alg/AbstractAlgorithmFactory.php b/src/Alg/AbstractAlgorithmFactory.php index a41e6221..b66496bc 100644 --- a/src/Alg/AbstractAlgorithmFactory.php +++ b/src/Alg/AbstractAlgorithmFactory.php @@ -22,13 +22,6 @@ */ abstract class AbstractAlgorithmFactory { - /** - * A cache of algorithm implementations indexed by algorithm ID. - * - * @var string[] - */ - protected static array $cache = []; - /** * Whether the factory has been initialized or not. * @@ -36,6 +29,12 @@ abstract class AbstractAlgorithmFactory */ protected static bool $initialized = false; + /** + * A cache of algorithm implementations indexed by algorithm ID. + * + * @var array + */ + protected static array $cache = []; /** * Build a factory that creates algorithms. @@ -67,15 +66,16 @@ public function __construct( /** - * Get a new object implementing the given algorithm. + * Get a new object implementing the given digital signature algorithm. * * @param string $algId The identifier of the algorithm desired. * @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The key to use with the given algorithm. * - * @return \SimpleSAML\XMLSecurity\Alg\AlgorithmInterface An object implementing the given algorithm. + * @return \SimpleSAML\XMLSecurity\Alg\AlgorithmInterface An object implementing the given + * algorithm. * - * @throws \SimpleSAML\XMLSecurity\Exception\InvalidArgumentException If an error occurs, e.g. the given algorithm - * is blacklisted, unknown or the given key is not suitable for it. + * @throws \SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException If an error occurs, e.g. the given + * algorithm is blacklisted, unknown or the given key is not suitable for it. */ public function getAlgorithm(string $algId, KeyInterface $key): AlgorithmInterface { @@ -91,7 +91,6 @@ public function getAlgorithm(string $algId, KeyInterface $key): AlgorithmInterfa UnsupportedAlgorithmException::class, ); - /** @psalm-var AlgorithmInterface */ return new static::$cache[$algId]($key, $algId); } @@ -99,7 +98,7 @@ public function getAlgorithm(string $algId, KeyInterface $key): AlgorithmInterfa /** * Get the name of the abstract class our algorithm implementations must extend. * - * @return string + * @return class-string */ abstract protected static function getExpectedParent(): string; diff --git a/src/Alg/Encryption/AbstractEncryptor.php b/src/Alg/Encryption/AbstractEncryptor.php index 0fdebe4f..ea7c048a 100644 --- a/src/Alg/Encryption/AbstractEncryptor.php +++ b/src/Alg/Encryption/AbstractEncryptor.php @@ -99,7 +99,7 @@ public function encrypt(string $plaintext): string /** * Decrypt a given ciphertext with the current algorithm and key. * - * @param string The (binary) ciphertext to decrypt. + * @param string $ciphertext The (binary) ciphertext to decrypt. * * @return string The decrypted plaintext. */ diff --git a/src/Alg/Encryption/EncryptionAlgorithmFactory.php b/src/Alg/Encryption/EncryptionAlgorithmFactory.php index 40387cbb..1e469147 100644 --- a/src/Alg/Encryption/EncryptionAlgorithmFactory.php +++ b/src/Alg/Encryption/EncryptionAlgorithmFactory.php @@ -4,8 +4,11 @@ namespace SimpleSAML\XMLSecurity\Alg\Encryption; +use SimpleSAML\Assert\Assert; use SimpleSAML\XMLSecurity\Alg\AbstractAlgorithmFactory; use SimpleSAML\XMLSecurity\Constants as C; +use SimpleSAML\XMLSecurity\Exception\BlacklistedAlgorithmException; +use SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException; use SimpleSAML\XMLSecurity\Key\KeyInterface; /** @@ -29,7 +32,7 @@ final class EncryptionAlgorithmFactory extends AbstractAlgorithmFactory /** * A cache of algorithm implementations indexed by algorithm ID. * - * @var string[] + * @var array */ protected static array $cache = []; @@ -44,7 +47,7 @@ final class EncryptionAlgorithmFactory extends AbstractAlgorithmFactory /** * Build a factory that creates encryption algorithms. * - * @param array|null $blacklist A list of algorithms forbidden for their use. + * @param string[]|null $blacklist A list of algorithms forbidden for their use. */ public function __construct(array $blacklist = null) { @@ -67,22 +70,4 @@ protected static function getExpectedParent(): string { return EncryptionAlgorithmInterface::class; } - - - /** - * Get a new object implementing the given encryption algorithm. - * - * @param string $algId The identifier of the algorithm desired. - * @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The key to use with the given algorithm. - * - * @return \SimpleSAML\XMLSecurity\Alg\Encryption\EncryptionAlgorithmInterface An object implementing the given - * algorithm. - * - * @throws \SimpleSAML\XMLSecurity\Exception\InvalidArgumentException If an error occurs, e.g. the given algorithm - * is blacklisted, unknown or the given key is not suitable for it. - */ - public function getAlgorithm(string $algId, KeyInterface $key): EncryptionAlgorithmInterface - { - return parent::getAlgorithm($algId, $key); - } } diff --git a/src/Alg/KeyTransport/KeyTransportAlgorithmFactory.php b/src/Alg/KeyTransport/KeyTransportAlgorithmFactory.php index a326b2f3..44669cc6 100644 --- a/src/Alg/KeyTransport/KeyTransportAlgorithmFactory.php +++ b/src/Alg/KeyTransport/KeyTransportAlgorithmFactory.php @@ -5,6 +5,7 @@ namespace SimpleSAML\XMLSecurity\Alg\KeyTransport; use SimpleSAML\XMLSecurity\Alg\AbstractAlgorithmFactory; +use SimpleSAML\XMLSecurity\Alg\AlgorithmInterface; use SimpleSAML\XMLSecurity\Alg\Encryption\EncryptionAlgorithmInterface; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\Key\KeyInterface; @@ -28,7 +29,7 @@ class KeyTransportAlgorithmFactory extends AbstractAlgorithmFactory /** * A cache of algorithm implementations indexed by algorithm ID. * - * @var string[] + * @var array */ protected static array $cache = []; @@ -43,7 +44,7 @@ class KeyTransportAlgorithmFactory extends AbstractAlgorithmFactory /** * Build a factory that creates key transport algorithms. * - * @param array|null $blacklist A list of algorithms forbidden for their use. + * @param string[]|null $blacklist A list of algorithms forbidden for their use. */ public function __construct(array $blacklist = null) { @@ -65,13 +66,13 @@ protected static function getExpectedParent(): string * @param string $algId The identifier of the algorithm desired. * @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The key to use with the given algorithm. * - * @return \SimpleSAML\XMLSecurity\Alg\Encryption\EncryptionAlgorithmInterface An object implementing the given + * @return \SimpleSAML\XMLSecurity\Alg\AlgorithmInterface An object implementing the given * algorithm. * * @throws \SimpleSAML\XMLSecurity\Exception\InvalidArgumentException If an error occurs, e.g. the given algorithm * is blacklisted, unknown or the given key is not suitable for it. */ - public function getAlgorithm(string $algId, KeyInterface $key): EncryptionAlgorithmInterface + public function getAlgorithm(string $algId, KeyInterface $key): AlgorithmInterface { return parent::getAlgorithm($algId, $key); } diff --git a/src/Alg/Signature/SignatureAlgorithmFactory.php b/src/Alg/Signature/SignatureAlgorithmFactory.php index 59a256c8..cd6b2128 100644 --- a/src/Alg/Signature/SignatureAlgorithmFactory.php +++ b/src/Alg/Signature/SignatureAlgorithmFactory.php @@ -4,8 +4,11 @@ namespace SimpleSAML\XMLSecurity\Alg\Signature; +use SimpleSAML\Assert\Assert; use SimpleSAML\XMLSecurity\Alg\AbstractAlgorithmFactory; use SimpleSAML\XMLSecurity\Constants as C; +use SimpleSAML\XMLSecurity\Exception\BlacklistedAlgorithmException; +use SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException; use SimpleSAML\XMLSecurity\Key\KeyInterface; /** @@ -30,7 +33,7 @@ final class SignatureAlgorithmFactory extends AbstractAlgorithmFactory /** * A cache of algorithm implementations indexed by algorithm ID. * - * @var string[] + * @var array */ protected static array $cache = []; @@ -45,7 +48,7 @@ final class SignatureAlgorithmFactory extends AbstractAlgorithmFactory /** * Build a factory that creates signature algorithms. * - * @param array|null $blacklist A list of algorithms forbidden for their use. + * @param string[]|null $blacklist A list of algorithms forbidden for their use. */ public function __construct(array $blacklist = null) { @@ -68,22 +71,4 @@ protected static function getExpectedParent(): string { return SignatureAlgorithmInterface::class; } - - - /** - * Get a new object implementing the given digital signature algorithm. - * - * @param string $algId The identifier of the algorithm desired. - * @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The key to use with the given algorithm. - * - * @return \SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmInterface An object implementing the given - * algorithm. - * - * @throws \SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException If an error occurs, e.g. the given - * algorithm is blacklisted, unknown or the given key is not suitable for it. - */ - public function getAlgorithm(string $algId, KeyInterface $key): SignatureAlgorithmInterface - { - return parent::getAlgorithm($algId, $key); - } } diff --git a/src/Backend/EncryptionBackend.php b/src/Backend/EncryptionBackend.php index 640ee7df..7453e112 100644 --- a/src/Backend/EncryptionBackend.php +++ b/src/Backend/EncryptionBackend.php @@ -18,7 +18,7 @@ interface EncryptionBackend * * @param string $cipher The identifier of the cipher. * - * @throws InvalidArgumentException If the cipher is unknown or not supported. + * @throws \SimpleSAML\XMLSecurity\Exception\InvalidArgumentException If the cipher is unknown or not supported. * * @see \SimpleSAML\XMLSecurity\Constants */ diff --git a/src/Constants.php b/src/Constants.php index 55d5711d..f9e64f35 100644 --- a/src/Constants.php +++ b/src/Constants.php @@ -21,6 +21,7 @@ class Constants extends \SimpleSAML\XML\Constants public const DIGEST_SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512'; public const DIGEST_RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160'; + /** @var array */ public static array $DIGEST_ALGORITHMS = [ self::DIGEST_SHA1 => 'sha1', self::DIGEST_SHA224 => 'sha224', @@ -47,6 +48,7 @@ class Constants extends \SimpleSAML\XML\Constants public const BLOCK_ENC_AES192_GCM = 'http://www.w3.org/2009/xmlenc11#aes192-gcm'; public const BLOCK_ENC_AES256_GCM = 'http://www.w3.org/2009xmlenc11#aes256-gcm'; + /** @var array */ public static array $BLOCK_CIPHER_ALGORITHMS = [ self::BLOCK_ENC_3DES => 'des-ede3-cbc', self::BLOCK_ENC_AES128 => 'aes-128-cbc', @@ -57,6 +59,7 @@ class Constants extends \SimpleSAML\XML\Constants self::BLOCK_ENC_AES256_GCM => 'aes-256-gcm', ]; + /** @var array */ public static array $BLOCK_SIZES = [ self::BLOCK_ENC_3DES => 8, self::BLOCK_ENC_AES128 => 16, @@ -67,6 +70,7 @@ class Constants extends \SimpleSAML\XML\Constants self::BLOCK_ENC_AES256_GCM => 16, ]; + /** @var array */ public static array $BLOCK_CIPHER_KEY_SIZES = [ self::BLOCK_ENC_3DES => 24, self::BLOCK_ENC_AES128 => 16, @@ -84,6 +88,7 @@ class Constants extends \SimpleSAML\XML\Constants public const KEY_TRANSPORT_OAEP = 'http://www.w3.org/2009/xmlenc11#rsa-oaep'; public const KEY_TRANSPORT_OAEP_MGF1P = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; + /** @var string[] */ public static array $KEY_TRANSPORT_ALGORITHMS = [ self::KEY_TRANSPORT_RSA_1_5, self::KEY_TRANSPORT_OAEP, @@ -114,6 +119,7 @@ class Constants extends \SimpleSAML\XML\Constants public const SIG_HMAC_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha512'; public const SIG_HMAC_RIPEMD160 = 'http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160'; + /** @var array */ public static array $RSA_DIGESTS = [ self::SIG_RSA_SHA1 => self::DIGEST_SHA1, self::SIG_RSA_SHA224 => self::DIGEST_SHA224, @@ -123,6 +129,7 @@ class Constants extends \SimpleSAML\XML\Constants self::SIG_RSA_RIPEMD160 => self::DIGEST_RIPEMD160, ]; + /** @var array */ public static array $HMAC_DIGESTS = [ self::SIG_HMAC_SHA1 => self::DIGEST_SHA1, self::SIG_HMAC_SHA224 => self::DIGEST_SHA224, diff --git a/src/CryptoEncoding/PEMBundle.php b/src/CryptoEncoding/PEMBundle.php index ab5ccaa2..a0f1330e 100644 --- a/src/CryptoEncoding/PEMBundle.php +++ b/src/CryptoEncoding/PEMBundle.php @@ -25,13 +25,15 @@ * Container for multiple PEM objects. * * The order of PEMs shall be retained, eg. when read from a file. + * + * @phpstan-implements IteratorAggregate */ class PEMBundle implements Countable, IteratorAggregate { /** * Array of PEM objects. * - * @var array \SimpleSAML\XMLSecurity\CryptoEncoding\PEM[] + * @var \SimpleSAML\XMLSecurity\CryptoEncoding\PEM[] */ protected array $pems; @@ -190,7 +192,7 @@ public function count(): int * * @see \IteratorAggregate::getIterator() * - * @return \ArrayIterator + * @return ArrayIterator */ public function getIterator(): ArrayIterator { diff --git a/src/Key/PublicKey.php b/src/Key/PublicKey.php index 4cb49e4b..8d40d878 100644 --- a/src/Key/PublicKey.php +++ b/src/Key/PublicKey.php @@ -17,7 +17,6 @@ /** * A class modeling public keys for their use in asymmetric algorithms. * - * @psalm-consistent-constructor * @package simplesamlphp/xml-security */ class PublicKey extends AsymmetricKey @@ -46,7 +45,7 @@ class PublicKey extends AsymmetricKey * * @param \SimpleSAML\XMLSecurity\CryptoEncoding\PEM $key The PEM-encoded key material. */ - public function __construct(PEM $key) + final public function __construct(PEM $key) { Assert::oneOf( $key->type(), diff --git a/src/Key/X509Certificate.php b/src/Key/X509Certificate.php index 2d33df6e..ef7f27e0 100644 --- a/src/Key/X509Certificate.php +++ b/src/Key/X509Certificate.php @@ -26,17 +26,17 @@ class X509Certificate /** @var \SimpleSAML\XMLSecurity\Key\PublicKey */ protected PublicKey $publicKey; - /** @var array */ + /** @var array */ protected array $thumbprint = []; - /** @var array */ + /** @var array */ protected array $parsed = []; /** * Create a new X509 certificate from its PEM-encoded representation. * - * @param \SimpleSAML\XMLSecurity\CryptoEncoding\PEM $cert + * @param \SimpleSAML\XMLSecurity\CryptoEncoding\PEM $material * The PEM-encoded certificate or the path to a file containing it. * * @throws \SimpleSAML\XMLSecurity\Exception\RuntimeException If the certificate cannot be exported to PEM format. @@ -58,7 +58,7 @@ final public function __construct( } // Some OpenSSL functions will add errors to the list even if they succeed - while (openssl_error_string() !== false); + while (openssl_error_string() !== false); // @phpstan-ignore-line $this->publicKey = new PublicKey(PEM::fromString($details['key'])); @@ -130,7 +130,7 @@ public function getRawThumbprint(string $alg = C::DIGEST_SHA1): string /** * Get the details of this certificate. * - * @return array An array with all the details of the certificate. + * @return array An array with all the details of the certificate. * * @see openssl_x509_parse() */ diff --git a/src/Utils/Certificate.php b/src/Utils/Certificate.php index e2c0079f..952b8dad 100644 --- a/src/Utils/Certificate.php +++ b/src/Utils/Certificate.php @@ -51,7 +51,7 @@ public static function convertToCertificate(string $X509CertificateContents): st /** - * @param array|string $issuer + * @param array|string $issuer * * @return string */ @@ -82,7 +82,6 @@ public static function stripHeaders(string $key, string $pattern = self::PUBLIC_ throw new InvalidArgumentException('Could not find content matching the provided pattern.'); } - /** @psalm-suppress EmptyArrayAccess */ return preg_replace('/\s+/', '', $matches[1]); } } diff --git a/src/Utils/Random.php b/src/Utils/Random.php index 8897b851..6200d22e 100644 --- a/src/Utils/Random.php +++ b/src/Utils/Random.php @@ -4,11 +4,11 @@ namespace SimpleSAML\XMLSecurity\Utils; -use Error; -use Exception; +use Random\RandomException; use SimpleSAML\Assert\Assert; use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException; use SimpleSAML\XMLSecurity\Exception\RuntimeException; +use ValueError; use function random_bytes; @@ -41,9 +41,9 @@ public static function generateRandomBytes(int $length): string try { return random_bytes($length); - } catch (Error) { + } catch (ValueError) { // @phpstan-ignore-line throw new InvalidArgumentException('Invalid length received to generate random bytes.'); - } catch (Exception) { + } catch (RandomException) { throw new RuntimeException( 'Cannot generate random bytes, no cryptographically secure random generator available.', ); diff --git a/src/Utils/XML.php b/src/Utils/XML.php index 08f9b236..6bcd8cae 100644 --- a/src/Utils/XML.php +++ b/src/Utils/XML.php @@ -24,8 +24,8 @@ class XML * @param \DOMElement $element The DOM element that needs canonicalization. * @param string $c14nMethod The identifier of the canonicalization algorithm to use. * See \SimpleSAML\XMLSecurity\Constants. - * @param array|null $xpaths An array of xpaths to filter the nodes by. Defaults to null (no filters). - * @param array|null $prefixes An array of namespace prefixes to filter the nodes by. Defaults to null (no filters). + * @param string[]|null $xpaths An array of xpaths to filter the nodes by. Defaults to null (no filters). + * @param string[]|null $prefixes An array of namespace prefixes to filter the nodes by. Defaults to null (no filters). * * @return string The canonical representation of the given DOM node, according to the algorithm requested. */ @@ -75,7 +75,6 @@ public static function canonicalizeData( * * @param \SimpleSAML\XMLSecurity\XML\ds\Transforms $transforms The transforms to apply. * @param \DOMElement $data The data referenced. - * @param bool $includeCommentNodes Whether to allow canonicalization with comments or not. * * @return string The canonicalized data after applying all transforms specified by $ref. * diff --git a/src/XML/CanonicalizableElementTrait.php b/src/XML/CanonicalizableElementTrait.php index 69c3f725..a2a9033b 100644 --- a/src/XML/CanonicalizableElementTrait.php +++ b/src/XML/CanonicalizableElementTrait.php @@ -48,7 +48,7 @@ public function canonicalize(string $method, ?array $xpaths = null, ?array $pref /** * Serialize this canonicalisable element. * - * @return array The serialized chunk. + * @return array{0: string} The serialized chunk. */ public function __serialize(): array { diff --git a/src/XML/EncryptedElementTrait.php b/src/XML/EncryptedElementTrait.php index e37d9783..b03337d0 100644 --- a/src/XML/EncryptedElementTrait.php +++ b/src/XML/EncryptedElementTrait.php @@ -179,7 +179,6 @@ public static function fromXML(DOMElement $xml): static */ public function toXML(DOMElement $parent = null): DOMElement { - /** @psalm-var \DOMDocument $e->ownerDocument */ $e = $this->instantiateParentElement($parent); $this->encryptedData->toXML($e); return $e; diff --git a/src/XML/SignedElementTrait.php b/src/XML/SignedElementTrait.php index 28435d7c..11d93f66 100644 --- a/src/XML/SignedElementTrait.php +++ b/src/XML/SignedElementTrait.php @@ -195,7 +195,6 @@ private function verifyInternal(SignatureAlgorithmInterface $verifier): SignedEl * property is available, and we can set it on the newly created object because we are in the same class, * even thought the property itself is private. */ - /** @psalm-suppress NoInterfaceProperties */ $ref->validatingKey = $verifier->getKey(); return $ref; } diff --git a/src/XML/ds/DigestMethod.php b/src/XML/ds/DigestMethod.php index 19e24130..c4130df6 100644 --- a/src/XML/ds/DigestMethod.php +++ b/src/XML/ds/DigestMethod.php @@ -98,7 +98,6 @@ public function toXML(DOMElement $parent = null): DOMElement $e = $this->instantiateParentElement($parent); $e->setAttribute('Algorithm', $this->getAlgorithm()); - /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */ foreach ($this->elements as $elt) { if (!$elt->isEmptyElement()) { $elt->toXML($e); diff --git a/src/XML/ds/DigestValue.php b/src/XML/ds/DigestValue.php index f74ffce3..413c563f 100644 --- a/src/XML/ds/DigestValue.php +++ b/src/XML/ds/DigestValue.php @@ -10,7 +10,6 @@ * Class representing a ds:DigestValue element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class DigestValue extends AbstractDsElement { diff --git a/src/XML/ds/DsObject.php b/src/XML/ds/DsObject.php index 931c686d..44b73164 100644 --- a/src/XML/ds/DsObject.php +++ b/src/XML/ds/DsObject.php @@ -23,7 +23,7 @@ final class DsObject extends AbstractDsElement /** @var string */ public const LOCALNAME = 'Object'; - /** @var string */ + /** @var \SimpleSAML\XML\XsNamespace */ public const XS_ANY_ELT_NAMESPACE = NS::ANY; @@ -33,7 +33,7 @@ final class DsObject extends AbstractDsElement * @param string|null $Id * @param string|null $MimeType * @param string|null $Encoding - * @param \SimpleSAML\XML\ElementInterface[] $elements + * @param \SimpleSAML\XML\SerializableElementInterface[] $elements */ public function __construct( protected ?string $Id = null, @@ -155,7 +155,6 @@ public function toXML(DOMElement $parent = null): DOMElement $e->setAttribute('Encoding', $this->getEncoding()); } - /** @psalm-var \SimpleSAML\XML\SerializableElementInterface[] $this->elements */ foreach ($this->getElements() as $elt) { if (!$elt->isEmptyElement()) { $elt->toXML($e); diff --git a/src/XML/ds/Exponent.php b/src/XML/ds/Exponent.php index 7d17c32b..325f82fa 100644 --- a/src/XML/ds/Exponent.php +++ b/src/XML/ds/Exponent.php @@ -10,7 +10,6 @@ * Class representing a ds:Exponent element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class Exponent extends AbstractDsElement { diff --git a/src/XML/ds/KeyInfo.php b/src/XML/ds/KeyInfo.php index 8ea1bd97..9b05d32f 100644 --- a/src/XML/ds/KeyInfo.php +++ b/src/XML/ds/KeyInfo.php @@ -24,14 +24,16 @@ final class KeyInfo extends AbstractDsElement /** * Initialize a KeyInfo element. * - * @param list<\SimpleSAML\XML\Chunk| - * \SimpleSAML\XMLSecurity\XML\ds\KeyName| - * \SimpleSAML\XMLSecurity\XML\ds\KeyValue| - * \SimpleSAML\XMLSecurity\XML\ds\RetrievalMethod| - * \SimpleSAML\XMLSecurity\XML\ds\X509Data| - * \SimpleSAML\XMLSecurity\XML\dsig11\KeyInfoReference| - * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedData| - * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedKey> $info + * @param ( + * \SimpleSAML\XML\SerializableElementInterface| + * \SimpleSAML\XMLSecurity\XML\ds\KeyName| + * \SimpleSAML\XMLSecurity\XML\ds\KeyValue| + * \SimpleSAML\XMLSecurity\XML\ds\RetrievalMethod| + * \SimpleSAML\XMLSecurity\XML\ds\X509Data| + * \SimpleSAML\XMLSecurity\XML\dsig11\KeyInfoReference| + * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedData| + * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedKey + * )[] $info * @param string|null $Id */ public function __construct( @@ -72,14 +74,16 @@ public function getId(): ?string /** * Collect the value of the info-property * - * @return (\SimpleSAML\XML\Chunk| - * \SimpleSAML\XMLSecurity\XML\ds\KeyName| - * \SimpleSAML\XMLSecurity\XML\ds\KeyValue| - * \SimpleSAML\XMLSecurity\XML\ds\RetrievalMethod| - * \SimpleSAML\XMLSecurity\XML\ds\X509Data| - * \SimpleSAML\XMLSecurity\XML\dsig11\KeyInfoReference| - * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedData| - * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedKey)[] + * @return ( + * \SimpleSAML\XML\SerializableElementInterface| + * \SimpleSAML\XMLSecurity\XML\ds\KeyName| + * \SimpleSAML\XMLSecurity\XML\ds\KeyValue| + * \SimpleSAML\XMLSecurity\XML\ds\RetrievalMethod| + * \SimpleSAML\XMLSecurity\XML\ds\X509Data| + * \SimpleSAML\XMLSecurity\XML\dsig11\KeyInfoReference| + * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedData| + * \SimpleSAML\XMLSecurity\XML\xenc\EncryptedKey + * )[] */ public function getInfo(): array { diff --git a/src/XML/ds/KeyValue.php b/src/XML/ds/KeyValue.php index 46faf870..7a0063e8 100644 --- a/src/XML/ds/KeyValue.php +++ b/src/XML/ds/KeyValue.php @@ -32,7 +32,7 @@ final class KeyValue extends AbstractDsElement * Initialize an KeyValue. * * @param \SimpleSAML\XMLSecurity\XML\ds\RSAKeyValue|null $RSAKeyValue - * @param \SimpleSAML\XML\ElementInterface|null $element + * @param \SimpleSAML\XML\SerializableElementInterface|null $element */ final public function __construct( protected ?RSAKeyValue $RSAKeyValue, @@ -114,7 +114,6 @@ public function toXML(DOMElement $parent = null): DOMElement $this->getRSAKeyValue()?->toXML($e); - /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */ foreach ($this->elements as $elt) { if (!$elt->isEmptyElement()) { $elt->toXML($e); diff --git a/src/XML/ds/Modulus.php b/src/XML/ds/Modulus.php index 3b6da2ba..ba48cac2 100644 --- a/src/XML/ds/Modulus.php +++ b/src/XML/ds/Modulus.php @@ -10,7 +10,6 @@ * Class representing a ds:Modulus element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class Modulus extends AbstractDsElement { diff --git a/src/XML/ds/SignatureProperties.php b/src/XML/ds/SignatureProperties.php index 3735a12d..cd5ff196 100644 --- a/src/XML/ds/SignatureProperties.php +++ b/src/XML/ds/SignatureProperties.php @@ -22,7 +22,6 @@ final class SignatureProperties extends AbstractDsElement * Initialize a ds:SignatureProperties * * @param \SimpleSAML\XMLSecurity\XML\ds\SignatureProperty[] $signatureProperty - * @param string $Target * @param string|null $Id */ public function __construct( diff --git a/src/XML/ds/SignatureProperty.php b/src/XML/ds/SignatureProperty.php index 2b90cec7..b39e8297 100644 --- a/src/XML/ds/SignatureProperty.php +++ b/src/XML/ds/SignatureProperty.php @@ -30,7 +30,7 @@ final class SignatureProperty extends AbstractDsElement /** * Initialize a ds:SignatureProperty * - * @param \SimpleSAML\XML\ElementInterface[] $elements + * @param \SimpleSAML\XML\SerializableElementInterface[] $elements * @param string $Target * @param string|null $Id */ @@ -90,7 +90,6 @@ public static function fromXML(DOMElement $xml): static $children[] = new Chunk($child); } - /** @psalm-var \SimpleSAML\XML\ElementInterface[] $children */ Assert::minCount( $children, 1, @@ -121,7 +120,6 @@ public function toXML(DOMElement $parent = null): DOMElement $e->setAttribute('Id', $this->getId()); } - /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $element */ foreach ($this->getElements() as $element) { $element->toXML($e); } diff --git a/src/XML/ds/SignatureValue.php b/src/XML/ds/SignatureValue.php index 37866e93..d023cf4e 100644 --- a/src/XML/ds/SignatureValue.php +++ b/src/XML/ds/SignatureValue.php @@ -13,7 +13,6 @@ * Class representing a ds:SignatureValue element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class SignatureValue extends AbstractDsElement { diff --git a/src/XML/ds/Transform.php b/src/XML/ds/Transform.php index 746a7f82..25c0dea0 100644 --- a/src/XML/ds/Transform.php +++ b/src/XML/ds/Transform.php @@ -26,7 +26,7 @@ class Transform extends AbstractDsElement * * @param string $algorithm * @param \SimpleSAML\XMLSecurity\XML\ds\XPath|null $xpath - * @param \SimpleSAML\XMLSecurity\XML\ec\InclusiveNamespaces|null $prefixes + * @param \SimpleSAML\XMLSecurity\XML\ec\InclusiveNamespaces|null $inclusiveNamespaces */ final public function __construct( protected string $algorithm, diff --git a/src/XML/ds/X509Certificate.php b/src/XML/ds/X509Certificate.php index 2ae9e641..9454dfb4 100644 --- a/src/XML/ds/X509Certificate.php +++ b/src/XML/ds/X509Certificate.php @@ -10,7 +10,6 @@ * Class representing a ds:X509Certificate element. * * @package simplesamlphp/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class X509Certificate extends AbstractDsElement { diff --git a/src/XML/ds/XPath.php b/src/XML/ds/XPath.php index 82c7d866..cf84778d 100644 --- a/src/XML/ds/XPath.php +++ b/src/XML/ds/XPath.php @@ -74,7 +74,7 @@ public static function fromXML(DOMElement $xml): static $namespaces = []; $xpath = XPathUtils::getXPath($xml->ownerDocument); foreach (XPathUtils::xpQuery($xml, './namespace::*', $xpath) as $ns) { - if ($xml->getAttributeNode($ns->nodeName)) { + if ($xml->getAttributeNode($ns->nodeName) !== false) { // only add namespaces when they are defined explicitly in an attribute $namespaces[$ns->localName] = $xml->getAttribute($ns->nodeName); } diff --git a/src/XML/dsig11/X509Digest.php b/src/XML/dsig11/X509Digest.php index 3072bf54..277dee82 100644 --- a/src/XML/dsig11/X509Digest.php +++ b/src/XML/dsig11/X509Digest.php @@ -16,7 +16,6 @@ * Class representing a dsig11:X509Digest element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class X509Digest extends AbstractDsig11Element { diff --git a/src/XML/xenc/AbstractEncryptionMethod.php b/src/XML/xenc/AbstractEncryptionMethod.php index d77fa5ae..8cb44c1f 100644 --- a/src/XML/xenc/AbstractEncryptionMethod.php +++ b/src/XML/xenc/AbstractEncryptionMethod.php @@ -135,7 +135,6 @@ public static function fromXML(DOMElement $xml): static */ public function toXML(DOMElement $parent = null): DOMElement { - /** @psalm-var \DOMDocument $e->ownerDocument */ $e = $this->instantiateParentElement($parent); $e->setAttribute('Algorithm', $this->getAlgorithm()); @@ -143,7 +142,6 @@ public function toXML(DOMElement $parent = null): DOMElement $this->getOAEPparams()?->toXML($e); foreach ($this->getElements() as $child) { - /** @var \SimpleSAML\XML\SerializableElementInterface $child */ $child->toXML($e); } diff --git a/src/XML/xenc/AbstractEncryptionPropertiesType.php b/src/XML/xenc/AbstractEncryptionPropertiesType.php index 79c31fde..63c79f3c 100644 --- a/src/XML/xenc/AbstractEncryptionPropertiesType.php +++ b/src/XML/xenc/AbstractEncryptionPropertiesType.php @@ -20,7 +20,7 @@ abstract class AbstractEncryptionPropertiesType extends AbstractXencElement /** * EncryptionProperty constructor. * - * @param \SimpleSAML\XML\EncryptionProperty[] $encryptionProperty + * @param \SimpleSAML\XMLSecurity\XML\xenc\EncryptionProperty[] $encryptionProperty * @param string|null $Id */ final public function __construct( @@ -35,7 +35,7 @@ final public function __construct( /** * Get the value of the $encryptionProperty property. * - * @return \SimpleSAML\XML\EncryptionProperty[] + * @return \SimpleSAML\XMLSecurity\XML\xenc\EncryptionProperty[] */ public function getEncryptionProperty(): array { diff --git a/src/XML/xenc/AbstractEncryptionPropertyType.php b/src/XML/xenc/AbstractEncryptionPropertyType.php index e2fd2284..c299ab8f 100644 --- a/src/XML/xenc/AbstractEncryptionPropertyType.php +++ b/src/XML/xenc/AbstractEncryptionPropertyType.php @@ -35,7 +35,7 @@ abstract class AbstractEncryptionPropertyType extends AbstractXencElement /** * EncryptionProperty constructor. * - * @param \SimpleSAML\XML\SerializableElement[] $children + * @param \SimpleSAML\XML\SerializableElementInterface[] $children * @param string|null $Target * @param string|null $Id * @param \SimpleSAML\XML\Attribute[] $namespacedAttributes diff --git a/src/XML/xenc/AbstractReference.php b/src/XML/xenc/AbstractReference.php index 8d214058..a4d1d6d2 100644 --- a/src/XML/xenc/AbstractReference.php +++ b/src/XML/xenc/AbstractReference.php @@ -29,7 +29,7 @@ abstract class AbstractReference extends AbstractXencElement * AbstractReference constructor. * * @param string $uri - * @param \SimpleSAML\XML\ElementInterface[] $elements + * @param \SimpleSAML\XML\SerializableElementInterface[] $elements */ final public function __construct( protected string $uri, @@ -86,7 +86,6 @@ public function toXML(DOMElement $parent = null): DOMElement $e = $this->instantiateParentElement($parent); $e->setAttribute('URI', $this->getUri()); - /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */ foreach ($this->getElements() as $elt) { $elt->toXML($e); } diff --git a/src/XML/xenc/CipherData.php b/src/XML/xenc/CipherData.php index d0ce6337..093b1351 100644 --- a/src/XML/xenc/CipherData.php +++ b/src/XML/xenc/CipherData.php @@ -102,7 +102,6 @@ public static function fromXML(DOMElement $xml): static */ public function toXML(DOMElement $parent = null): DOMElement { - /** @psalm-var \DOMDocument $e->ownerDocument */ $e = $this->instantiateParentElement($parent); $this->getCipherValue()?->toXML($e); diff --git a/src/XML/xenc/CipherValue.php b/src/XML/xenc/CipherValue.php index 0d95a1c6..491a6cec 100644 --- a/src/XML/xenc/CipherValue.php +++ b/src/XML/xenc/CipherValue.php @@ -10,7 +10,6 @@ * Class representing a xenc:CipherValue element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class CipherValue extends AbstractXencElement { diff --git a/src/XML/xenc/EncryptedKey.php b/src/XML/xenc/EncryptedKey.php index 77c43e98..dbdbd75a 100644 --- a/src/XML/xenc/EncryptedKey.php +++ b/src/XML/xenc/EncryptedKey.php @@ -108,7 +108,6 @@ public function decrypt(EncryptionAlgorithmInterface $decryptor): string InvalidArgumentException::class, ); - /** @psalm-var \SimpleSAML\XMLSecurity\XML\xenc\CipherValue $cipherValue */ return $decryptor->decrypt(base64_decode($cipherValue->getContent())); } @@ -245,7 +244,6 @@ public static function fromXML(DOMElement $xml): static */ public function toXML(DOMElement $parent = null): DOMElement { - /** @psalm-var \DOMDocument $e->ownerDocument */ $e = parent::toXML($parent); if ($this->getRecipient() !== null) { diff --git a/src/XML/xenc/KeySize.php b/src/XML/xenc/KeySize.php index ed21c6f7..c2faef38 100644 --- a/src/XML/xenc/KeySize.php +++ b/src/XML/xenc/KeySize.php @@ -13,7 +13,6 @@ * Class representing a xenc:KeySize element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class KeySize extends AbstractXencElement { diff --git a/src/XML/xenc/OAEPparams.php b/src/XML/xenc/OAEPparams.php index 77f48bbe..d3808656 100644 --- a/src/XML/xenc/OAEPparams.php +++ b/src/XML/xenc/OAEPparams.php @@ -10,7 +10,6 @@ * Class representing a xenc:OAEPparams element. * * @package simplesaml/xml-security - * @psalm-suppress PropertyNotSetInConstructor $content */ final class OAEPparams extends AbstractXencElement { diff --git a/tests/Key/PrivateKeyTest.php b/tests/Key/PrivateKeyTest.php index d895e974..4fd274ed 100644 --- a/tests/Key/PrivateKeyTest.php +++ b/tests/Key/PrivateKeyTest.php @@ -19,8 +19,8 @@ */ final class PrivateKeyTest extends TestCase { - /** @var array */ - protected static $privKey = []; + /** @var array */ + protected static array $privKey = []; /** @var string */ protected static string $f; diff --git a/tests/Key/PublicKeyTest.php b/tests/Key/PublicKeyTest.php index b1724c35..90a69656 100644 --- a/tests/Key/PublicKeyTest.php +++ b/tests/Key/PublicKeyTest.php @@ -20,8 +20,8 @@ */ final class PublicKeyTest extends TestCase { - /** @var array */ - protected static $pubKey = []; + /** @var array> */ + protected static array $pubKey = []; /** @var string */ protected static string $f; diff --git a/tests/Key/X509CertificateTest.php b/tests/Key/X509CertificateTest.php index da17b064..3d605d97 100644 --- a/tests/Key/X509CertificateTest.php +++ b/tests/Key/X509CertificateTest.php @@ -23,8 +23,8 @@ */ final class X509CertificateTest extends TestCase { - /** @var array */ - protected static $cert = []; + /** @var array */ + protected static array $cert = []; /** @var string */ protected static string $f; diff --git a/tests/XML/CustomSignable.php b/tests/XML/CustomSignable.php index f1354082..bca43dbd 100644 --- a/tests/XML/CustomSignable.php +++ b/tests/XML/CustomSignable.php @@ -55,7 +55,7 @@ class CustomSignable extends AbstractElement implements * * @param \DOMElement $xml */ - public function __construct( + final public function __construct( protected DOMElement $xml, protected ?string $id ) { diff --git a/tests/XML/SignableElementTest.php b/tests/XML/SignableElementTest.php index 69839612..18bce49c 100644 --- a/tests/XML/SignableElementTest.php +++ b/tests/XML/SignableElementTest.php @@ -215,6 +215,7 @@ public function testSigningElementWithIdAndComments(): void public function testSigningDocumentWithoutRoot(): void { $doc = new DOMDocument('1.0', 'UTF-8'); + /** @var \DOMElement $node */ $node = $doc->importNode(self::$xmlRepresentation->documentElement, true); $customSignable = CustomSignable::fromXML($node); $factory = new SignatureAlgorithmFactory(); @@ -238,6 +239,7 @@ public function testSigningDocumentWithoutRoot(): void public function testSigningWithDifferentRoot(): void { $doc = DOMDocumentFactory::fromString('bar'); + /** @var \DOMElement $node */ $node = $doc->importNode(self::$xmlRepresentation->documentElement, true); $doc->appendChild($node); $customSignable = CustomSignable::fromXML($node); diff --git a/tests/XML/ds/RSAKeyValueTest.php b/tests/XML/ds/RSAKeyValueTest.php index 7e1b8f0d..91ca8f63 100644 --- a/tests/XML/ds/RSAKeyValueTest.php +++ b/tests/XML/ds/RSAKeyValueTest.php @@ -74,7 +74,7 @@ public function testMarshallingElementOrder(): void $modulus = XPath::xpQuery($RSAKeyValueElement, './ds:Modulus', $xpCache); $this->assertCount(1, $modulus); - /** @psalm-var \DOMElement[] $RSAKeyValueElements */ + /** @var \DOMElement[] $RSAKeyValueElements */ $RSAKeyValueElements = XPath::xpQuery($RSAKeyValueElement, './ds:Modulus/following-sibling::*', $xpCache); // Test ordering of RSAKeyValue contents diff --git a/tests/XML/ds/SignatureTest.php b/tests/XML/ds/SignatureTest.php index fb3e0336..ee50d235 100644 --- a/tests/XML/ds/SignatureTest.php +++ b/tests/XML/ds/SignatureTest.php @@ -135,7 +135,7 @@ public function testMarshallingElementOrdering(): void $signedInfo = XPath::xpQuery($signatureElement, './ds:SignedInfo', $xpCache); $this->assertCount(1, $signedInfo); - /** @psalm-var \DOMElement[] $signatureElements */ + /** @var \DOMElement[] $signatureElements */ $signatureElements = XPath::xpQuery($signatureElement, './ds:SignedInfo/following-sibling::*', $xpCache); // Test ordering of Signature contents diff --git a/tests/XML/ds/X509DataTest.php b/tests/XML/ds/X509DataTest.php index a2a57b54..1941ab79 100644 --- a/tests/XML/ds/X509DataTest.php +++ b/tests/XML/ds/X509DataTest.php @@ -38,7 +38,7 @@ final class X509DataTest extends TestCase /** @var string */ private static string $certificate; - /** @var string[] */ + /** @var array */ private static array $certData; diff --git a/tests/XML/ds/X509IssuerSerialTest.php b/tests/XML/ds/X509IssuerSerialTest.php index 66e5a443..80a75780 100644 --- a/tests/XML/ds/X509IssuerSerialTest.php +++ b/tests/XML/ds/X509IssuerSerialTest.php @@ -53,6 +53,7 @@ public function setUp(): void self::$key = new Key\X509Certificate(PEM::fromString(PEMCertificatesMock::getPlainCertificate())); + /** @var string[] $details */ $details = self::$key->getCertificateDetails(); self::$issuer = new X509IssuerName(CertificateUtils::parseIssuer($details['issuer'])); self::$serial = new X509SerialNumber($details['serialNumber']); @@ -84,7 +85,7 @@ public function testMarshallingElementOrdering(): void $issuerName = XPath::xpQuery($X509IssuerSerialElement, './ds:X509IssuerName', $xpCache); $this->assertCount(1, $issuerName); - /** @psalm-var \DOMElement[] $X509IssuerSerialElements */ + /** @var \DOMElement[] $X509IssuerSerialElements */ $X509IssuerSerialElements = XPath::xpQuery( $X509IssuerSerialElement, './ds:X509IssuerName/following-sibling::*', diff --git a/tests/XML/ds/X509SerialNumberTest.php b/tests/XML/ds/X509SerialNumberTest.php index eea277f2..98f5a701 100644 --- a/tests/XML/ds/X509SerialNumberTest.php +++ b/tests/XML/ds/X509SerialNumberTest.php @@ -56,9 +56,11 @@ public function testMarshalling(): void public function testUnmarshallingIncorrectTypeThrowsException(): void { $document = clone self::$xmlRepresentation; - $document->documentElement->textContent = 'Not an integer'; + /** @var \DOMElement $docElement */ + $docElement = $document->documentElement; + $docElement->textContent = 'Not an integer'; $this->expectException(SchemaViolationException::class); - X509SerialNumber::fromXML($document->documentElement); + X509SerialNumber::fromXML($docElement); } } diff --git a/tests/XML/dsig11/X509DigestTest.php b/tests/XML/dsig11/X509DigestTest.php index 5687dcbd..9307d962 100644 --- a/tests/XML/dsig11/X509DigestTest.php +++ b/tests/XML/dsig11/X509DigestTest.php @@ -50,7 +50,9 @@ public static function setUpBeforeClass(): void ); $key = new Key\X509Certificate(PEM::fromString(PEMCertificatesMock::getPlainCertificate())); - self::$digest = base64_encode(hex2bin($key->getRawThumbprint(C::DIGEST_SHA256))); + /** @var string $binary */ + $binary = hex2bin($key->getRawThumbprint(C::DIGEST_SHA256)); + self::$digest = base64_encode($binary); } diff --git a/tests/XML/xenc/EncryptedDataTest.php b/tests/XML/xenc/EncryptedDataTest.php index 7938a374..125e8021 100644 --- a/tests/XML/xenc/EncryptedDataTest.php +++ b/tests/XML/xenc/EncryptedDataTest.php @@ -119,7 +119,7 @@ public function testMarshallingElementOrdering(): void $this->assertCount(1, $encryptedDataElements); // Test ordering of EncryptedData contents - /** @psalm-var \DOMElement[] $encryptedDataElements */ + /** @var \DOMElement[] $encryptedDataElements */ $encryptedDataElements = XPath::xpQuery( $encryptedDataElement, './xenc:EncryptionMethod/following-sibling::*', diff --git a/tests/XML/xenc/EncryptedKeyTest.php b/tests/XML/xenc/EncryptedKeyTest.php index 2e041f82..f2178676 100644 --- a/tests/XML/xenc/EncryptedKeyTest.php +++ b/tests/XML/xenc/EncryptedKeyTest.php @@ -171,6 +171,7 @@ public function testMarshallingElementOrdering(): void public function testPKCS1Encryption(): void { $factory = new KeyTransportAlgorithmFactory([]); + /** @var \SimpleSAML\XMLSecurity\Alg\Encryption\EncryptionAlgorithmInterface $encryptor */ $encryptor = $factory->getAlgorithm(C::KEY_TRANSPORT_RSA_1_5, self::$pubKey); $symmetricKey = SymmetricKey::generate(8); $encryptedKey = EncryptedKey::fromKey( diff --git a/tests/XML/xenc/EncryptionMethodTest.php b/tests/XML/xenc/EncryptionMethodTest.php index 12e2a63d..a7dcf112 100644 --- a/tests/XML/xenc/EncryptionMethodTest.php +++ b/tests/XML/xenc/EncryptionMethodTest.php @@ -52,7 +52,9 @@ public function testMarshalling(): void { $alg = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; $chunkXml = DOMDocumentFactory::fromString('Value'); - $chunk = Chunk::fromXML($chunkXml->documentElement); + /** @var \DOMElement $chunkElt */ + $chunkElt = $chunkXml->documentElement; + $chunk = Chunk::fromXML($chunkElt); $em = new EncryptionMethod($alg, new KeySize(10), new OAEPparams('9lWu3Q=='), [$chunk]); @@ -88,7 +90,9 @@ public function testMarshallingElementOrdering(): void { $alg = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; $chunkXml = DOMDocumentFactory::fromString('Value'); - $chunk = Chunk::fromXML($chunkXml->documentElement); + /** @var \DOMElement $chunkElt */ + $chunkElt = $chunkXml->documentElement; + $chunk = Chunk::fromXML($chunkElt); $em = new EncryptionMethod($alg, new KeySize(10), new OAEPparams('9lWu3Q=='), [$chunk]); @@ -121,7 +125,9 @@ public function testMarshallingElementOrdering(): void */ public function testUnmarshallingWithoutAlgorithm(): void { - $xmlRepresentation = clone self::$xmlRepresentation->documentElement; + $xmlRepresentation = clone self::$xmlRepresentation; + /** @var \DOMElement $xmlRepresentation */ + $xmlRepresentation = $xmlRepresentation->documentElement; $xmlRepresentation->removeAttribute('Algorithm'); $this->expectException(MissingAttributeException::class); @@ -141,7 +147,9 @@ public function testUnmarshallingWithoutOptionalParameters(): void XML ); - $em = EncryptionMethod::fromXML($document->documentElement); + /** @var \DOMElement @element */ + $element = $document->documentElement; + $em = EncryptionMethod::fromXML($element); $this->assertNull($em->getKeySize()); $this->assertNull($em->getOAEPParams()); $this->assertEmpty($em->getElements());