diff --git a/composer.json b/composer.json index 63f5ab6..205d255 100644 --- a/composer.json +++ b/composer.json @@ -78,6 +78,7 @@ "cs": "vendor/bin/php-cs-fixer fix --ansi --verbose --dry-run --diff", "rector": "vendor/bin/rector process --dry-run", "phpstan": "bash -c \"XDEBUG_MODE=off phpstan analyse\"", + "phpstan-baseline": "bash -c \"XDEBUG_MODE=off phpstan analyse --generate-baseline phpstan-baseline.php\"", "test": "vendor/bin/phpunit --coverage-text --coverage-clover build/logs/clover.xml --coverage-php build/cov/coverage.cov --testsuite main" } } diff --git a/phpstan-baseline.php b/phpstan-baseline.php index 2e2e7d8..cec40db 100644 --- a/phpstan-baseline.php +++ b/phpstan-baseline.php @@ -7,84 +7,12 @@ 'count' => 1, 'path' => __DIR__ . '/src/Secure.php', ]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'blockSize\' on mixed\\.$#', - 'count' => 2, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'cipherAlgorithm\' on mixed\\.$#', - 'count' => 2, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'cipherChaining\' on mixed\\.$#', - 'count' => 2, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'encryptedHmacKey\' on mixed\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'encryptedHmacValue\' on mixed\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'encryptedKeyValue\' on mixed\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'encryptedVerifierHa…\' on mixed\\.$#', - 'count' => 2, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'hashAlgorithm\' on mixed\\.$#', - 'count' => 2, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'hashSize\' on mixed\\.$#', - 'count' => 2, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'keyBits\' on mixed\\.$#', - 'count' => 2, - 'path' => __DIR__ . '/src/Secure.php', -]; $ignoreErrors[] = [ // identifier: offsetAccess.nonOffsetAccessible 'message' => '#^Cannot access offset \'name\' on mixed\\.$#', 'count' => 3, 'path' => __DIR__ . '/src/Secure.php', ]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'saltValue\' on mixed\\.$#', - 'count' => 4, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: offsetAccess.nonOffsetAccessible - 'message' => '#^Cannot access offset \'spinCount\' on mixed\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; $ignoreErrors[] = [ // identifier: missingType.return 'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_convertPasswordToKey\\(\\) has no return type specified\\.$#', @@ -289,36 +217,6 @@ 'count' => 1, 'path' => __DIR__ . '/src/Secure.php', ]; -$ignoreErrors[] = [ - // identifier: missingType.return - 'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_hmac\\(\\) has no return type specified\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: missingType.parameter - 'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_hmac\\(\\) has parameter \\$algorithm with no type specified\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: missingType.parameter - 'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_hmac\\(\\) has parameter \\$fileName with no type specified\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: missingType.parameter - 'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_hmac\\(\\) has parameter \\$key with no type specified\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; -$ignoreErrors[] = [ - // identifier: missingType.return - 'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:build\\(\\) has no return type specified\\.$#', - 'count' => 1, - 'path' => __DIR__ . '/src/Secure.php', -]; $ignoreErrors[] = [ // identifier: return.type 'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:output\\(\\) should return string but returns string\\|false\\.$#', @@ -331,12 +229,6 @@ 'count' => 1, 'path' => __DIR__ . '/src/Secure.php', ]; -$ignoreErrors[] = [ - // identifier: argument.unpackNonIterable - 'message' => '#^Only iterables can be unpacked, mixed given in argument \\#2\\.$#', - 'count' => 7, - 'path' => __DIR__ . '/src/Secure.php', -]; $ignoreErrors[] = [ // identifier: argument.type 'message' => '#^Parameter \\#1 \\$array of function array_pad expects array, mixed given\\.$#', @@ -412,7 +304,7 @@ $ignoreErrors[] = [ // identifier: argument.type 'message' => '#^Parameter \\#1 \\$value of function count expects array\\|Countable, mixed given\\.$#', - 'count' => 5, + 'count' => 1, 'path' => __DIR__ . '/src/Secure.php', ]; $ignoreErrors[] = [ diff --git a/src/Secure.php b/src/Secure.php index 7889f5c..7d2c970 100644 --- a/src/Secure.php +++ b/src/Secure.php @@ -172,7 +172,7 @@ public function output(?string $filePath = null) // Create the data integrity fields used by clients for integrity checks. // First generate a random array of bytes to use in HMAC. The docs say to use the same length as the key salt, but Excel seems to use 64. - $hmacKey = unpack('C*', random_bytes(64)); + $hmacKey = (array) unpack('C*', random_bytes(64)); // Then create an initialization vector using the package encryption info and the appropriate block key. $hmacKeyIV = $this->_createIV( $encryptionInfo['package']['hashAlgorithm'], @@ -321,7 +321,7 @@ public function output(?string $filePath = null) /** * Encryption Info * - * @param array $encryptionInfo Data + * @param array>> $encryptionInfo Data * * @return array */ @@ -445,7 +445,7 @@ private function _hash($algorithm, ...$buffers) $buffers = [...$buffers]; if (! in_array($algorithm, hash_algos(), true)) { - throw new Exception("Hash algorithm '{$algorithm}' not supported!"); + throw new Exception("Hash algorithm '{$algorithm}' not supported!"); // @codeCoverageIgnore } $ctx = hash_init($algorithm); @@ -455,9 +455,18 @@ private function _hash($algorithm, ...$buffers) return unpack('C*', hash_final($ctx, true)); } + /** + * Hmac + * + * @param string $algorithm Algorithm + * @param list $key Key + * @param string $fileName Filename + * + * @return list + */ private function _hmac($algorithm, $key, $fileName) { - return unpack('C*', hash_hmac_file( + return (array) unpack('C*', hash_hmac_file( strtolower($algorithm), $fileName, pack('C*', ...$key), @@ -582,6 +591,8 @@ private function _cryptPackage( * * @param array $data Data * @param SimpleXMLElement $rootNode Node + * + * @return void */ private function build($data, $rootNode) {