Merge pull request #7803 from LibreSign/backport/7801/stable32

[stable32] refactor(deps): move phpseclib to 3rdparty scoped vendor

Author: vitormattos

.github/workflows/playwright.yml

@@ -84,7 +84,10 @@ jobs:
       - name: Install system dependencies
         run: |
           apt-get update
-          DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends poppler-utils
+          DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+            poppler-utils \
+            libgd3 \
+            libc-client2007e
 
       - name: Checkout server
         uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
@@ -111,7 +114,7 @@ jobs:
         uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
         with:
           php-version: ${{ steps.php_versions.outputs.php-min }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, sqlite, pdo_sqlite, xmlreader, xmlwriter, zip, zlib
+          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, imap, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, sqlite, pdo_sqlite, xmlreader, xmlwriter, zip, zlib
           coverage: none
           ini-file: development
           ini-values: disable_functions=

3rdparty

@@ -60,7 +60,6 @@
 		}
 	},
 	"require": {
-		"cweagans/composer-patches": "^2.0",
-		"phpseclib/phpseclib": "^3.0"
+		"cweagans/composer-patches": "^2.0"
 	}
 }

composer.json

@@ -12,10 +12,10 @@
 use OC\Core\Command\Base;
 use OCA\Libresign\Service\Install\InstallService;
 use OCA\Libresign\Service\Install\SignSetupService;
+use OCA\Libresign\Vendor\phpseclib3\Crypt\RSA;
+use OCA\Libresign\Vendor\phpseclib3\Exception\NoKeyLoadedException;
+use OCA\Libresign\Vendor\phpseclib3\File\X509;
 use OCP\IConfig;
-use phpseclib3\Crypt\RSA;
-use phpseclib3\Exception\NoKeyLoadedException;
-use phpseclib3\File\X509;
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Input\InputOption;
 use Symfony\Component\Console\Output\OutputInterface;

composer.lock

@@ -812,7 +812,7 @@ public function generateCrlDer(array $revokedCertificates, string $instanceId, i
 		return $crlDerData;
 	}
 
-	private function loadCaIssuer(string $configPath): \phpseclib3\File\X509 {
+	private function loadCaIssuer(string $configPath): \OCA\Libresign\Vendor\phpseclib3\File\X509 {
 		$caCertPath = $configPath . DIRECTORY_SEPARATOR . 'ca.pem';
 		$caKeyPath = $configPath . DIRECTORY_SEPARATOR . 'ca-key.pem';
 
@@ -829,11 +829,11 @@ private function loadCaIssuer(string $configPath): \phpseclib3\File\X509 {
 			throw new \RuntimeException('Failed to read CA certificate or private key');
 		}
 
-		$issuer = new \phpseclib3\File\X509();
+		$issuer = new \OCA\Libresign\Vendor\phpseclib3\File\X509();
 		$issuer->loadX509($caCert);
-		$caPrivateKey = \phpseclib3\Crypt\PublicKeyLoader::load($caKey);
+		$caPrivateKey = \OCA\Libresign\Vendor\phpseclib3\Crypt\PublicKeyLoader::load($caKey);
 
-		if (!$caPrivateKey instanceof \phpseclib3\Crypt\Common\PrivateKey) {
+		if (!$caPrivateKey instanceof \OCA\Libresign\Vendor\phpseclib3\Crypt\Common\PrivateKey) {
 			$this->logger->error('Loaded key is not a private key', ['keyType' => get_class($caPrivateKey)]);
 			throw new \RuntimeException('Loaded key is not a private key');
 		}
@@ -842,9 +842,9 @@ private function loadCaIssuer(string $configPath): \phpseclib3\File\X509 {
 		return $issuer;
 	}
 
-	private function createAndSignCrl(\phpseclib3\File\X509 $issuer, array $revokedCertificates, int $crlNumber): array {
+	private function createAndSignCrl(\OCA\Libresign\Vendor\phpseclib3\File\X509 $issuer, array $revokedCertificates, int $crlNumber): array {
 		$utcZone = new \DateTimeZone('UTC');
-		$crlToSign = new \phpseclib3\File\X509();
+		$crlToSign = new \OCA\Libresign\Vendor\phpseclib3\File\X509();
 		$crlToSign->setSerialNumber((string)$crlNumber, 10);
 		$crlToSign->setStartDate(new \DateTime('now', $utcZone));
 		$crlToSign->setEndDate(new \DateTime('+7 days', $utcZone));
@@ -869,7 +869,7 @@ private function createAndSignCrl(\phpseclib3\File\X509 $issuer, array $revokedC
 				$serialNumber = $cert->getSerialNumber();
 				$normalizedSerial = ltrim($serialNumber, '0') ?: '0';
 				$crlToSign->revoke(
-					new \phpseclib3\Math\BigInteger($normalizedSerial, 16),
+					new \OCA\Libresign\Vendor\phpseclib3\Math\BigInteger($normalizedSerial, 16),
 					$cert->getRevokedAt()->format($dateFormat)
 				);
 			}
@@ -893,9 +893,9 @@ private function createAndSignCrl(\phpseclib3\File\X509 $issuer, array $revokedC
 
 	private function saveCrlToDer(array $signedCrl, string $configPath): string {
 		$crlDerPath = $configPath . DIRECTORY_SEPARATOR . 'crl.der';
-		$crlToSign = new \phpseclib3\File\X509();
+		$crlToSign = new \OCA\Libresign\Vendor\phpseclib3\File\X509();
 
-		$crlDerData = $crlToSign->saveCRL($signedCrl, \phpseclib3\File\X509::FORMAT_DER);
+		$crlDerData = $crlToSign->saveCRL($signedCrl, \OCA\Libresign\Vendor\phpseclib3\File\X509::FORMAT_DER);
 
 		if ($crlDerData === false) {
 			$this->logger->error('Failed to save CRL in DER format');

lib/Command/Developer/SignSetup.php

@@ -19,11 +19,11 @@
 use OCA\Libresign\Service\CaIdentifierService;
 use OCA\Libresign\Service\Crl\CrlService;
 use OCA\Libresign\Service\FolderService;
+use OCA\Libresign\Vendor\phpseclib3\File\ASN1;
 use OCP\Files\File;
 use OCP\IAppConfig;
 use OCP\IL10N;
 use OCP\ITempManager;
-use phpseclib3\File\ASN1;
 use Psr\Log\LoggerInterface;
 
 class Pkcs12Handler extends SignEngineHandler {

lib/Handler/CertificateEngine/AEngineHandler.php

@@ -8,9 +8,9 @@
 
 namespace OCA\Libresign\Handler\SignEngine;
 
-use phpseclib3\File\ASN1;
-use phpseclib3\File\ASN1\Element;
-use phpseclib3\Math\BigInteger;
+use OCA\Libresign\Vendor\phpseclib3\File\ASN1;
+use OCA\Libresign\Vendor\phpseclib3\File\ASN1\Element;
+use OCA\Libresign\Vendor\phpseclib3\Math\BigInteger;
 
 class TSA {
 	private static bool $areOidsInitialized = false;

lib/Handler/SignEngine/Pkcs12Handler.php

@@ -17,6 +17,10 @@
 use OCA\Libresign\Exception\SignatureDataNotFoundException;
 use OCA\Libresign\Handler\CertificateEngine\CertificateHelper;
 use OCA\Libresign\Vendor\LibreSign\WhatOSAmI\OperatingSystem;
+use OCA\Libresign\Vendor\phpseclib3\Crypt\PublicKeyLoader;
+use OCA\Libresign\Vendor\phpseclib3\Crypt\RSA;
+use OCA\Libresign\Vendor\phpseclib3\Crypt\RSA\PrivateKey;
+use OCA\Libresign\Vendor\phpseclib3\File\X509;
 use OCP\App\IAppManager;
 use OCP\Files\AppData\IAppDataFactory;
 use OCP\Files\IAppData;
@@ -25,10 +29,6 @@
 use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\ITempManager;
-use phpseclib3\Crypt\PublicKeyLoader;
-use phpseclib3\Crypt\RSA;
-use phpseclib3\Crypt\RSA\PrivateKey;
-use phpseclib3\File\X509;
 
 class SignSetupService {
 	private array $exclude = [