Feature/php83

.github/workflows/php.yml

@@ -19,9 +19,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: ['8.2', '8.3', '8.4', '8.5']
+        php-version: ['8.3', '8.4', '8.5']
 
-    uses: simplesamlphp/simplesamlphp-test-framework/.github/workflows/reusable_phplinter.yml@v1.10.6
+    uses: simplesamlphp/simplesamlphp-test-framework/.github/workflows/reusable_phplinter.yml@v1.11.0
     with:
       php-version: ${{ matrix.php-version }}
 
@@ -30,7 +30,7 @@ jobs:
     strategy:
       fail-fast: false
 
-    uses: simplesamlphp/simplesamlphp-test-framework/.github/workflows/reusable_linter.yml@v1.10.6
+    uses: simplesamlphp/simplesamlphp-test-framework/.github/workflows/reusable_linter.yml@v1.11.0
     with:
       enable_eslinter: false
       enable_jsonlinter: true
@@ -45,7 +45,7 @@ jobs:
       fail-fast: false
       matrix:
         operating-system: [ubuntu-latest]
-        php-versions: ['8.2', '8.3', '8.4', '8.5']
+        php-versions: ['8.3', '8.4', '8.5']
 
     steps:
       - name: Print OpenSSL version
@@ -56,7 +56,7 @@ jobs:
         uses: shivammathur/setup-php@v2
         with:
           php-version: ${{ matrix.php-versions }}
-          extensions: ctype, date, dom, filter, hash, mbstring, openssl, pcre, spl, xml
+          extensions: ctype, date, dom, filter, hash, intl, mbstring, openssl, pcre, sodium, spl, xml
           tools: composer
           ini-values: error_reporting=E_ALL
           coverage: pcov
@@ -110,7 +110,7 @@ jobs:
       fail-fast: true
       matrix:
         operating-system: [windows-latest]
-        php-versions: ['8.2', '8.3', '8.4', '8.5']
+        php-versions: ['8.3', '8.4', '8.5']
 
     steps:
       - name: Print OpenSSL version
@@ -121,7 +121,7 @@ jobs:
         uses: shivammathur/setup-php@v2
         with:
           php-version: ${{ matrix.php-versions }}
-          extensions: ctype, date, dom, filter, hash, mbstring, openssl, pcre, spl, xml
+          extensions: ctype, date, dom, filter, hash, intl, mbstring, openssl, pcre, sodium, spl, xml
           tools: composer
           ini-values: error_reporting=E_ALL
           coverage: none
@@ -169,7 +169,7 @@ jobs:
           # Should be the higest supported version, so we can use the newest tools
           php-version: '8.5'
           tools: composer, composer-require-checker, composer-unused
-          extensions: ctype, date, dom, filter, hash, mbstring, openssl, pcre, spl, xml
+          extensions: ctype, date, dom, filter, hash, intl, mbstring, openssl, pcre, sodium, spl, xml
           coverage: none
 
       - name: Setup problem matchers for PHP
@@ -221,7 +221,7 @@ jobs:
         uses: shivammathur/setup-php@v2
         with:
           # Should be the lowest supported version
-          php-version: '8.2'
+          php-version: '8.3'
           extensions: ctype, date, dom, filter, hash, mbstring, openssl, pcre, spl, xml
           tools: composer
           coverage: none

composer.json

@@ -35,7 +35,7 @@
         }
     },
     "require": {
-        "php": "^8.2",
+        "php": "^8.3",
         "ext-dom": "*",
         "ext-hash": "*",
         "ext-mbstring": "*",
@@ -47,7 +47,7 @@
         "simplesamlphp/xml-common": "~2.4"
     },
     "require-dev": {
-        "simplesamlphp/simplesamlphp-test-framework": "~1.10"
+        "simplesamlphp/simplesamlphp-test-framework": "~1.11"
     },
     "config": {
         "allow-plugins": {

src/Alg/Encryption/AbstractEncryptor.php

@@ -17,8 +17,7 @@
  */
 abstract class AbstractEncryptor implements EncryptionAlgorithmInterface
 {
-    /** @var string */
-    protected const DEFAULT_BACKEND = Backend\OpenSSL::class;
+    protected const string DEFAULT_BACKEND = Backend\OpenSSL::class;
 
 
     /** @var \SimpleSAML\XMLSecurity\Backend\EncryptionBackend */
@@ -54,7 +53,6 @@ public function __construct(
 
 
     /**
-     * @return string
      */
     public function getAlgorithmId(): string
     {

src/Alg/Encryption/EncryptionAlgorithmFactory.php

@@ -27,7 +27,7 @@ final class EncryptionAlgorithmFactory
      *
      * @var string[]
      */
-    public const DEFAULT_BLACKLIST = [
+    public const array DEFAULT_BLACKLIST = [
         C::BLOCK_ENC_3DES,
     ];
 
@@ -36,7 +36,7 @@ final class EncryptionAlgorithmFactory
      *
      * @var class-string[]
      */
-    private const SUPPORTED_DEFAULTS = [
+    private const array SUPPORTED_DEFAULTS = [
         TripleDES::class,
         AES::class,
     ];
@@ -51,8 +51,6 @@ final class EncryptionAlgorithmFactory
 
     /**
      * Whether the factory has been initialized or not.
-     *
-     * @var bool
      */
     protected static bool $initialized = false;
 

src/Alg/KeyTransport/AbstractKeyTransporter.php

@@ -17,8 +17,7 @@
  */
 abstract class AbstractKeyTransporter implements KeyTransportAlgorithmInterface
 {
-    /** @var string */
-    protected const DEFAULT_BACKEND = Backend\OpenSSL::class;
+    protected const string DEFAULT_BACKEND = Backend\OpenSSL::class;
 
 
     /** @var \SimpleSAML\XMLSecurity\Backend\EncryptionBackend */
@@ -54,7 +53,6 @@ public function __construct(
 
 
     /**
-     * @return string
      */
     public function getAlgorithmId(): string
     {

src/Alg/KeyTransport/KeyTransportAlgorithmFactory.php

@@ -25,7 +25,7 @@ class KeyTransportAlgorithmFactory
      *
      * @var string[]
      */
-    public const DEFAULT_BLACKLIST = [
+    public const array DEFAULT_BLACKLIST = [
         C::KEY_TRANSPORT_RSA_1_5,
     ];
 
@@ -34,7 +34,7 @@ class KeyTransportAlgorithmFactory
      *
      * @var class-string[]
      */
-    private const SUPPORTED_DEFAULTS = [
+    private const array SUPPORTED_DEFAULTS = [
         RSA::class,
     ];
 
@@ -48,8 +48,6 @@ class KeyTransportAlgorithmFactory
 
     /**
      * Whether the factory has been initialized or not.
-     *
-     * @var bool
      */
     protected static bool $initialized = false;
 

src/Alg/Signature/AbstractSigner.php

@@ -17,8 +17,7 @@
  */
 abstract class AbstractSigner implements SignatureAlgorithmInterface
 {
-    /** @var string */
-    protected const DEFAULT_BACKEND = Backend\OpenSSL::class;
+    protected const string DEFAULT_BACKEND = Backend\OpenSSL::class;
 
 
     /** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend */
@@ -57,7 +56,6 @@ public function __construct(
 
 
     /**
-     * @return string
      */
     public function getAlgorithmId(): string
     {
@@ -66,7 +64,6 @@ public function getAlgorithmId(): string
 
 
     /**
-     * @return string
      */
     public function getDigest(): string
     {

src/Alg/Signature/HMAC.php

@@ -15,8 +15,7 @@
  */
 final class HMAC extends AbstractSigner implements SignatureAlgorithmInterface
 {
-    /** @var string */
-    protected const DEFAULT_BACKEND = Backend\HMAC::class;
+    protected const string DEFAULT_BACKEND = Backend\HMAC::class;
 
 
     /**

src/Alg/Signature/SignatureAlgorithmFactory.php

@@ -27,7 +27,7 @@ final class SignatureAlgorithmFactory
      *
      * @var string[]
      */
-    public const DEFAULT_BLACKLIST = [
+    public const array DEFAULT_BLACKLIST = [
         C::SIG_RSA_SHA1,
         C::SIG_HMAC_SHA1,
     ];
@@ -37,7 +37,7 @@ final class SignatureAlgorithmFactory
      *
      * @var class-string[]
      */
-    private const SUPPORTED_DEFAULTS = [
+    private const array SUPPORTED_DEFAULTS = [
         RSA::class,
         HMAC::class,
     ];
@@ -52,8 +52,6 @@ final class SignatureAlgorithmFactory
 
     /**
      * Whether the factory has been initialized or not.
-     *
-     * @var bool
      */
     protected static bool $initialized = false;
 

src/Assert/HMACOutputLengthTrait.php

@@ -19,8 +19,6 @@ trait HMACOutputLengthTrait
      * The HMAC algorithm (RFC2104 [HMAC]) takes the output (truncation) length in bits as a parameter;
      * this specification REQUIRES that the truncation length be a multiple of 8 (i.e. fall on a byte boundary)
      * because Base64 encoding operates on full bytes
-     *
-     * @var string
      */
     private static string $HMACOutputLength_regex = '/^([1-9]\d*)$/D';
 

src/Assert/KeySizeTrait.php

@@ -14,8 +14,6 @@ trait KeySizeTrait
     /**
      * The size in bits of the key to be derived from the shared secret as the UTF-8 string for the corresponding
      * decimal integer with only digits in the string and no leading zeros.
-     *
-     * @var string
      */
     private static string $keySize_regex = '/^([1-9]\d*)$/D';
 

src/Backend/HMAC.php

@@ -19,7 +19,6 @@
  */
 final class HMAC implements SignatureBackend
 {
-    /** @var string */
     protected string $digest;
 
 

src/Backend/OpenSSL.php

@@ -31,29 +31,22 @@
  */
 final class OpenSSL implements EncryptionBackend, SignatureBackend
 {
-    /** @var int */
-    public const AUTH_TAG_LEN = 16;
+    public const int AUTH_TAG_LEN = 16;
 
 
     // digital signature options
-    /** @var string */
     protected string $digest;
 
     // asymmetric encryption options
-    /** @var int */
     protected int $padding = OPENSSL_PKCS1_OAEP_PADDING;
 
     // symmetric encryption options
-    /** @var string */
     protected string $cipher;
 
-    /** @var int */
     protected int $blocksize;
 
-    /** @var int */
     protected int $keysize;
 
-    /** @var bool */
     protected bool $useAuthTag = false;