Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/test-phpunit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
if: (! contains(github.event.head_commit.message, '[ci skip]'))
strategy:
matrix:
php-versions: ['8.1', '8.2', '8.3', '8.4', '8.5']
php-versions: ['8.2', '8.3', '8.4', '8.5']

steps:
- name: Checkout
Expand Down
8 changes: 4 additions & 4 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -21,21 +21,21 @@
],
"homepage": "https://github.com/PHPDevsr/PHPSpreadsheet-Secure",
"require": {
"php": "^8.1 || ^8.2 || ^8.3 || ^8.4 || ^8.5",
"php": "^8.2 || ^8.3 || ^8.4 || ^8.5",
"ext-openssl": "*",
"ext-hash": "*",
"ext-simplexml": "*",
"pear/ole": "^v1.0.0",
"pear/pear-core-minimal": "^v1.10.15"
},
"require-dev": {
"codeigniter/coding-standard": "^1.8.1 || ^1.9.1",
"codeigniter/coding-standard": "^1.9.1",
"nexusphp/tachycardia": "^2.4",
"phpstan/extension-installer": "^1.4",
"phpstan/phpstan": "^2.1.40",
"phpstan/phpstan-strict-rules": "^2.0.10",
"phpunit/phpcov": "^9.0.2 || ^10.0 || ^11.0",
"phpunit/phpunit": "^10.5.16 || ^11.5",
"phpunit/phpcov": "^10.0 || ^11.0",
"phpunit/phpunit": "^11.5",
"rector/rector": "2.3.8"
},
"minimum-stability": "dev",
Expand Down
36 changes: 0 additions & 36 deletions phpstan-baseline.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,36 +13,12 @@
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_convertPasswordToKey\\(\\) has parameter \\$hashAlgorithm with no type specified\\.$#',
'identifier' => 'missingType.parameter',
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_convertPasswordToKey\\(\\) has parameter \\$keyBits with no type specified\\.$#',
'identifier' => 'missingType.parameter',
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_convertPasswordToKey\\(\\) has parameter \\$password with no type specified\\.$#',
'identifier' => 'missingType.parameter',
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_convertPasswordToKey\\(\\) has parameter \\$saltValue with no type specified\\.$#',
'identifier' => 'missingType.parameter',
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_convertPasswordToKey\\(\\) has parameter \\$spinCount with no type specified\\.$#',
'identifier' => 'missingType.parameter',
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:_createIV\\(\\) has no return type specified\\.$#',
'identifier' => 'missingType.return',
Expand Down Expand Up @@ -79,12 +55,6 @@
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Method PHPDevsr\\\\Spreadsheet\\\\Secure\\:\\:output\\(\\) should return string but returns string\\|false\\.$#',
'identifier' => 'return.type',
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Offset \'name\' might not exist on array\\<string, string\\>\\|string\\.$#',
'identifier' => 'offsetAccess.notFound',
Expand Down Expand Up @@ -127,12 +97,6 @@
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Parameter \\#1 \\$string of function bin2hex expects string, array\\|string given\\.$#',
'identifier' => 'argument.type',
'count' => 1,
'path' => __DIR__ . '/src/Secure.php',
];
$ignoreErrors[] = [
'message' => '#^Parameter \\#1 \\$value of function count expects array\\|Countable, mixed given\\.$#',
'identifier' => 'argument.type',
Expand Down
6 changes: 3 additions & 3 deletions rector.php
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,8 @@
$rectorConfig->sets([
SetList::DEAD_CODE,
SetList::CODE_QUALITY,
SetList::STRICT_BOOLEANS,
LevelSetList::UP_TO_PHP_80,
SetList::CODING_STYLE,
LevelSetList::UP_TO_PHP_82,
]);

// The paths to refactor (can also be supplied with CLI arguments)
Expand All @@ -99,7 +99,7 @@
}

// Set the target version for refactoring
$rectorConfig->phpVersion(PhpVersion::PHP_82);
$rectorConfig->phpVersion(PhpVersion::PHP_83);

// Auto-import fully qualified class names
$rectorConfig->importNames();
Expand Down
61 changes: 27 additions & 34 deletions src/Secure.php
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,7 @@ public function setFile($data = '')
while (! feof($fp)) {
yield (array) unpack('C*', (string) fread($fp, 4096));
}

fclose($fp);
unset($fp);
});
Expand Down Expand Up @@ -305,6 +306,7 @@ public function output(?string $filePath = null)

$OLE2 = new OLE_PPS_File(OLE::Asc2Ucs('EncryptedPackage'));
$OLE2->init();

$filesize = (int) filesize($encryptedPackage['tmpFile']);

for ($i = 0; $i < ($filesize / 4096); $i++) {
Expand All @@ -324,7 +326,7 @@ public function output(?string $filePath = null)

$root->save($filePath);

return file_get_contents($filePath);
return (string) file_get_contents($filePath);
}

/**
Expand Down Expand Up @@ -427,21 +429,18 @@ private function arrayToXml(array $array = [])
/**
* Crypt method
*
* @param string $cipherAlgorithm
* @param string $cipherChaining
* @param array $key
* @param bool $encrypt
* @param array<int|string, int|string> $iv
* @param array<int|string, int|string> $input
*/
private function _crypt($encrypt, $cipherAlgorithm, $cipherChaining, $key, $iv, $input)
private function _crypt(bool $encrypt, string $cipherAlgorithm, string $cipherChaining, $key, $iv, $input)
{
$algorithm = $cipherAlgorithm . '-' . (count($key) * 8);

if ($cipherChaining === 'ChainingModeCBC') {
$algorithm .= '-cbc';
} else {
throw new Exception("Unknown cipher chaining: {$cipherChaining}");
throw new Exception('Unknown cipher chaining: ' . $cipherChaining);
}

$cipher = [];
Expand All @@ -463,11 +462,9 @@ private function _crypt($encrypt, $cipherAlgorithm, $cipherChaining, $key, $iv,
/**
* Hashing
*
* @param string $algorithm
*
* @return array<int|string, int|string>
*/
private function _hash($algorithm, ...$buffers)
private function _hash(string $algorithm, ...$buffers)
{
try {
$ctx = hash_init($algorithm);
Expand All @@ -489,7 +486,7 @@ private function _hash($algorithm, ...$buffers)
*
* @return array<int|string, int|string>
*/
private function _hmac($algorithm, $key, $fileName)
private function _hmac(string $algorithm, $key, string $fileName)
{
return (array) unpack('C*', hash_hmac_file(
$algorithm,
Expand All @@ -501,19 +498,16 @@ private function _hmac($algorithm, $key, $fileName)

/**
* Create Unsigned Integer 32-bit Buffer
*
* @param int $value
* @param int $bufferSize
*/
private function _createUInt32LEBuffer($value, $bufferSize = 4)
private function _createUInt32LEBuffer(int $value, int $bufferSize = 4)
{
return array_pad(array_values((array) unpack('C*', pack('V', $value))), $bufferSize, 0);
}

private function _convertPasswordToKey($password, $hashAlgorithm, $saltValue, $spinCount, $keyBits, $blockKey)
private function _convertPasswordToKey(string $password, string $hashAlgorithm, $saltValue, int $spinCount, int $keyBits, $blockKey)
{
// Password must be in unicode buffer
$passwordBuffer = array_map('hexdec', str_split(bin2hex(mb_convert_encoding($password, 'UTF-16LE', 'utf-8')), 2));
$passwordBuffer = array_map(hexdec(...), str_split(bin2hex(mb_convert_encoding($password, 'UTF-16LE', 'utf-8')), 2));

// Generate the initial hash
$key = $this->_hash($hashAlgorithm, $saltValue, $passwordBuffer);
Expand Down Expand Up @@ -547,12 +541,10 @@ private function _convertPasswordToKey($password, $hashAlgorithm, $saltValue, $s
/**
* Create initialization vector
*
* @param string $hashAlgorithm
* @param array<int|string, int|string> $saltValue
* @param int $blockSize
* @param mixed $blockKey
*/
private function _createIV($hashAlgorithm, $saltValue, $blockSize, $blockKey)
private function _createIV(string $hashAlgorithm, $saltValue, int $blockSize, $blockKey)
{
// Create the block key from the current index
if (is_int($blockKey)) {
Expand All @@ -574,40 +566,38 @@ private function _createIV($hashAlgorithm, $saltValue, $blockSize, $blockKey)
/**
* Package Crypt
*
* @param bool $encrypt
* @param string $cipherAlgorithm
* @param string $cipherChaining
* @param string $hashAlgorithm
* @param int $blockSize
* @param array<int|string, int|string> $saltValue
* @param mixed $input
* @param Closure|null $input
* @param array<int|string, int|string> $key
*/
private function _cryptPackage(
$encrypt,
$cipherAlgorithm,
$cipherChaining,
$hashAlgorithm,
$blockSize,
bool $encrypt,
string $cipherAlgorithm,
string $cipherChaining,
string $hashAlgorithm,
int $blockSize,
$saltValue,
$input,
$key = [],
) {
$tmpOutputChunk = (string) tempnam(sys_get_temp_dir(), 'outputChunk');
$tmpFileHeaderLength = (string) tempnam(sys_get_temp_dir(), 'fileHeaderLength');
$tmpFile = (string) tempnam(sys_get_temp_dir(), 'file');
$sysTempDir = sys_get_temp_dir();
$tmpOutputChunk = (string) tempnam($sysTempDir, 'outputChunk');
$tmpFileHeaderLength = (string) tempnam($sysTempDir, 'fileHeaderLength');
$tmpFile = (string) tempnam($sysTempDir, 'file');

if (is_callable($input) && is_a($in = $input(), 'Generator')) {
if ($input !== null && is_a($in = $input(), 'Generator')) {
$inputCount = 0;

foreach ($in as $i => $inputChunk) {
$lengthInputChunk = count($inputChunk);
// Grab the next chunk
$inputCount += $lengthInputChunk;
$remainder = $lengthInputChunk % $blockSize;

if ($remainder !== 0) {
$inputChunk = array_pad($inputChunk, $lengthInputChunk + (16 - $remainder), 0);
}

// Create the initialization vector
$iv = $this->_createIV($hashAlgorithm, $saltValue, $blockSize, $i);

Expand All @@ -632,6 +622,8 @@ private function _cryptPackage(
'tmpFile' => $tmpFile,
];
}

return null;
}

/**
Expand All @@ -657,6 +649,7 @@ private function build(SimpleXMLElement $rootNode, array $data = [])
$rootNode->addAttribute($kk, $vv);
}
}

if ($k === 'children') {
$isNamespace = count(explode(':', $vv['name'])) === 2;
$r = $isNamespace ? $rootNode->addChild('xmlns:' . $vv['name'], '') : $rootNode->addChild($vv['name'], '');
Expand Down
Loading