diff --git a/CHANGELOG.md b/CHANGELOG.md index 07b1f0e2..d8813591 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ ## Changelog +# 5.1.7 - 2026-05-11 +- Upgraded phpseclib package to 3.0.51 + # 5.1.6 - 2026-03-30 - Upgraded phpseclib package to 3.0.50 - Upgraded google/protobuf package to 4.33.6 diff --git a/composer.json b/composer.json index a0d83e58..f8dc3ce0 100644 --- a/composer.json +++ b/composer.json @@ -7,7 +7,7 @@ "guzzlehttp/psr7": "^2.5.1", "guzzlehttp/promises": "^2.0.0", "paragonie/constant_time_encoding": "2.5.0", - "phpseclib/phpseclib": "3.0.50", + "phpseclib/phpseclib": "3.0.51", "phpseclib/bcmath_compat": "^2.0", "google/analytics-admin": "^0.22.2", "google/analytics-data": "^0.17.1", diff --git a/composer.lock b/composer.lock index d541c358..0a7fe2fd 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "e33ae79cf45bd338644ecea367ec2336", + "content-hash": "9ad0f2fd112b7bcff5338955e4876388", "packages": [ { "name": "brick/math", @@ -1194,16 +1194,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.50", + "version": "3.0.51", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b" + "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", - "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d59c94077f9c9915abb51ddb52ce85188ece1748", + "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748", "shasum": "" }, "require": { @@ -1284,7 +1284,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.50" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.51" }, "funding": [ { @@ -1300,7 +1300,7 @@ "type": "tidelift" } ], - "time": "2026-03-19T02:57:58+00:00" + "time": "2026-04-10T01:33:53+00:00" }, { "name": "psr/cache", @@ -1814,5 +1814,5 @@ "php": ">=7.2.5" }, "platform-dev": [], - "plugin-api-version": "2.2.0" + "plugin-api-version": "2.6.0" } diff --git a/plugin.json b/plugin.json index a3303ff8..72b79529 100644 --- a/plugin.json +++ b/plugin.json @@ -1,7 +1,7 @@ { "name": "GoogleAnalyticsImporter", "description": "Import reports from a Google Analytics account into Matomo.", - "version": "5.1.6", + "version": "5.1.7", "theme": false, "require": { "matomo": ">=5.0.0-rc5,<6.0.0-b1" diff --git a/vendor/autoload_original.php b/vendor/autoload_original.php index 6a72a3e0..24649d8c 100644 --- a/vendor/autoload_original.php +++ b/vendor/autoload_original.php @@ -2,6 +2,21 @@ // autoload.php @generated by Composer +if (PHP_VERSION_ID < 50600) { + if (!headers_sent()) { + header('HTTP/1.1 500 Internal Server Error'); + } + $err = 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL; + if (!ini_get('display_errors')) { + if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') { + fwrite(STDERR, $err); + } elseif (!headers_sent()) { + echo $err; + } + } + throw new RuntimeException($err); +} + require_once __DIR__ . '/composer/autoload_real.php'; -return ComposerAutoloaderInit8a3018fcce906572d4472a4dcff45985::getLoader(); +return ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388::getLoader(); diff --git a/vendor/composer/ClassLoader.php b/vendor/composer/ClassLoader.php index afef3fa2..7824d8f7 100644 --- a/vendor/composer/ClassLoader.php +++ b/vendor/composer/ClassLoader.php @@ -42,35 +42,37 @@ */ class ClassLoader { - /** @var ?string */ + /** @var \Closure(string):void */ + private static $includeFile; + + /** @var string|null */ private $vendorDir; // PSR-4 /** - * @var array[] - * @psalm-var array> + * @var array> */ private $prefixLengthsPsr4 = array(); /** - * @var array[] - * @psalm-var array> + * @var array> */ private $prefixDirsPsr4 = array(); /** - * @var array[] - * @psalm-var array + * @var list */ private $fallbackDirsPsr4 = array(); // PSR-0 /** - * @var array[] - * @psalm-var array> + * List of PSR-0 prefixes + * + * Structured as array('F (first letter)' => array('Foo\Bar (full prefix)' => array('path', 'path2'))) + * + * @var array>> */ private $prefixesPsr0 = array(); /** - * @var array[] - * @psalm-var array + * @var list */ private $fallbackDirsPsr0 = array(); @@ -78,8 +80,7 @@ class ClassLoader private $useIncludePath = false; /** - * @var string[] - * @psalm-var array + * @var array */ private $classMap = array(); @@ -87,29 +88,29 @@ class ClassLoader private $classMapAuthoritative = false; /** - * @var bool[] - * @psalm-var array + * @var array */ private $missingClasses = array(); - /** @var ?string */ + /** @var string|null */ private $apcuPrefix; /** - * @var self[] + * @var array */ private static $registeredLoaders = array(); /** - * @param ?string $vendorDir + * @param string|null $vendorDir */ public function __construct($vendorDir = null) { $this->vendorDir = $vendorDir; + self::initializeIncludeClosure(); } /** - * @return string[] + * @return array> */ public function getPrefixes() { @@ -121,8 +122,7 @@ public function getPrefixes() } /** - * @return array[] - * @psalm-return array> + * @return array> */ public function getPrefixesPsr4() { @@ -130,8 +130,7 @@ public function getPrefixesPsr4() } /** - * @return array[] - * @psalm-return array + * @return list */ public function getFallbackDirs() { @@ -139,8 +138,7 @@ public function getFallbackDirs() } /** - * @return array[] - * @psalm-return array + * @return list */ public function getFallbackDirsPsr4() { @@ -148,8 +146,7 @@ public function getFallbackDirsPsr4() } /** - * @return string[] Array of classname => path - * @psalm-return array + * @return array Array of classname => path */ public function getClassMap() { @@ -157,8 +154,7 @@ public function getClassMap() } /** - * @param string[] $classMap Class to filename map - * @psalm-param array $classMap + * @param array $classMap Class to filename map * * @return void */ @@ -175,24 +171,25 @@ public function addClassMap(array $classMap) * Registers a set of PSR-0 directories for a given prefix, either * appending or prepending to the ones previously set for this prefix. * - * @param string $prefix The prefix - * @param string[]|string $paths The PSR-0 root directories - * @param bool $prepend Whether to prepend the directories + * @param string $prefix The prefix + * @param list|string $paths The PSR-0 root directories + * @param bool $prepend Whether to prepend the directories * * @return void */ public function add($prefix, $paths, $prepend = false) { + $paths = (array) $paths; if (!$prefix) { if ($prepend) { $this->fallbackDirsPsr0 = array_merge( - (array) $paths, + $paths, $this->fallbackDirsPsr0 ); } else { $this->fallbackDirsPsr0 = array_merge( $this->fallbackDirsPsr0, - (array) $paths + $paths ); } @@ -201,19 +198,19 @@ public function add($prefix, $paths, $prepend = false) $first = $prefix[0]; if (!isset($this->prefixesPsr0[$first][$prefix])) { - $this->prefixesPsr0[$first][$prefix] = (array) $paths; + $this->prefixesPsr0[$first][$prefix] = $paths; return; } if ($prepend) { $this->prefixesPsr0[$first][$prefix] = array_merge( - (array) $paths, + $paths, $this->prefixesPsr0[$first][$prefix] ); } else { $this->prefixesPsr0[$first][$prefix] = array_merge( $this->prefixesPsr0[$first][$prefix], - (array) $paths + $paths ); } } @@ -222,9 +219,9 @@ public function add($prefix, $paths, $prepend = false) * Registers a set of PSR-4 directories for a given namespace, either * appending or prepending to the ones previously set for this namespace. * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param string[]|string $paths The PSR-4 base directories - * @param bool $prepend Whether to prepend the directories + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param list|string $paths The PSR-4 base directories + * @param bool $prepend Whether to prepend the directories * * @throws \InvalidArgumentException * @@ -232,17 +229,18 @@ public function add($prefix, $paths, $prepend = false) */ public function addPsr4($prefix, $paths, $prepend = false) { + $paths = (array) $paths; if (!$prefix) { // Register directories for the root namespace. if ($prepend) { $this->fallbackDirsPsr4 = array_merge( - (array) $paths, + $paths, $this->fallbackDirsPsr4 ); } else { $this->fallbackDirsPsr4 = array_merge( $this->fallbackDirsPsr4, - (array) $paths + $paths ); } } elseif (!isset($this->prefixDirsPsr4[$prefix])) { @@ -252,18 +250,18 @@ public function addPsr4($prefix, $paths, $prepend = false) throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); } $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = (array) $paths; + $this->prefixDirsPsr4[$prefix] = $paths; } elseif ($prepend) { // Prepend directories for an already registered namespace. $this->prefixDirsPsr4[$prefix] = array_merge( - (array) $paths, + $paths, $this->prefixDirsPsr4[$prefix] ); } else { // Append directories for an already registered namespace. $this->prefixDirsPsr4[$prefix] = array_merge( $this->prefixDirsPsr4[$prefix], - (array) $paths + $paths ); } } @@ -272,8 +270,8 @@ public function addPsr4($prefix, $paths, $prepend = false) * Registers a set of PSR-0 directories for a given prefix, * replacing any others previously set for this prefix. * - * @param string $prefix The prefix - * @param string[]|string $paths The PSR-0 base directories + * @param string $prefix The prefix + * @param list|string $paths The PSR-0 base directories * * @return void */ @@ -290,8 +288,8 @@ public function set($prefix, $paths) * Registers a set of PSR-4 directories for a given namespace, * replacing any others previously set for this namespace. * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param string[]|string $paths The PSR-4 base directories + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param list|string $paths The PSR-4 base directories * * @throws \InvalidArgumentException * @@ -425,7 +423,8 @@ public function unregister() public function loadClass($class) { if ($file = $this->findFile($class)) { - includeFile($file); + $includeFile = self::$includeFile; + $includeFile($file); return true; } @@ -476,9 +475,9 @@ public function findFile($class) } /** - * Returns the currently registered loaders indexed by their corresponding vendor directories. + * Returns the currently registered loaders keyed by their corresponding vendor directories. * - * @return self[] + * @return array */ public static function getRegisteredLoaders() { @@ -555,18 +554,26 @@ private function findFileWithExtension($class, $ext) return false; } -} -/** - * Scope isolated include. - * - * Prevents access to $this/self from included files. - * - * @param string $file - * @return void - * @private - */ -function includeFile($file) -{ - include $file; + /** + * @return void + */ + private static function initializeIncludeClosure() + { + if (self::$includeFile !== null) { + return; + } + + /** + * Scope isolated include. + * + * Prevents access to $this/self from included files. + * + * @param string $file + * @return void + */ + self::$includeFile = \Closure::bind(static function($file) { + include $file; + }, null, null); + } } diff --git a/vendor/composer/InstalledVersions.php b/vendor/composer/InstalledVersions.php index d50e0c9f..51e734a7 100644 --- a/vendor/composer/InstalledVersions.php +++ b/vendor/composer/InstalledVersions.php @@ -21,12 +21,14 @@ * See also https://getcomposer.org/doc/07-runtime.md#installed-versions * * To require its presence, you can require `composer-runtime-api ^2.0` + * + * @final */ class InstalledVersions { /** * @var mixed[]|null - * @psalm-var array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array}|array{}|null + * @psalm-var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array}|array{}|null */ private static $installed; @@ -37,7 +39,7 @@ class InstalledVersions /** * @var array[] - * @psalm-var array}> + * @psalm-var array}> */ private static $installedByVendor = array(); @@ -96,7 +98,7 @@ public static function isInstalled($packageName, $includeDevRequirements = true) { foreach (self::getInstalled() as $installed) { if (isset($installed['versions'][$packageName])) { - return $includeDevRequirements || empty($installed['versions'][$packageName]['dev_requirement']); + return $includeDevRequirements || !isset($installed['versions'][$packageName]['dev_requirement']) || $installed['versions'][$packageName]['dev_requirement'] === false; } } @@ -117,7 +119,7 @@ public static function isInstalled($packageName, $includeDevRequirements = true) */ public static function satisfies(VersionParser $parser, $packageName, $constraint) { - $constraint = $parser->parseConstraints($constraint); + $constraint = $parser->parseConstraints((string) $constraint); $provided = $parser->parseConstraints(self::getVersionRanges($packageName)); return $provided->matches($constraint); @@ -241,7 +243,7 @@ public static function getInstallPath($packageName) /** * @return array - * @psalm-return array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string} + * @psalm-return array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool} */ public static function getRootPackage() { @@ -255,7 +257,7 @@ public static function getRootPackage() * * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect. * @return array[] - * @psalm-return array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array} + * @psalm-return array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} */ public static function getRawData() { @@ -278,7 +280,7 @@ public static function getRawData() * Returns the raw data of all installed.php which are currently loaded for custom implementations * * @return array[] - * @psalm-return list}> + * @psalm-return list}> */ public static function getAllRawData() { @@ -301,7 +303,7 @@ public static function getAllRawData() * @param array[] $data A vendor/composer/installed.php data set * @return void * - * @psalm-param array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array} $data + * @psalm-param array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $data */ public static function reload($data) { @@ -311,7 +313,7 @@ public static function reload($data) /** * @return array[] - * @psalm-return list}> + * @psalm-return list}> */ private static function getInstalled() { @@ -326,7 +328,9 @@ private static function getInstalled() if (isset(self::$installedByVendor[$vendorDir])) { $installed[] = self::$installedByVendor[$vendorDir]; } elseif (is_file($vendorDir.'/composer/installed.php')) { - $installed[] = self::$installedByVendor[$vendorDir] = require $vendorDir.'/composer/installed.php'; + /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ + $required = require $vendorDir.'/composer/installed.php'; + $installed[] = self::$installedByVendor[$vendorDir] = $required; if (null === self::$installed && strtr($vendorDir.'/composer', '\\', '/') === strtr(__DIR__, '\\', '/')) { self::$installed = $installed[count($installed) - 1]; } @@ -338,12 +342,17 @@ private static function getInstalled() // only require the installed.php file if this file is loaded from its dumped location, // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937 if (substr(__DIR__, -8, 1) !== 'C') { - self::$installed = require __DIR__ . '/installed.php'; + /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ + $required = require __DIR__ . '/installed.php'; + self::$installed = $required; } else { self::$installed = array(); } } - $installed[] = self::$installed; + + if (self::$installed !== array()) { + $installed[] = self::$installed; + } return $installed; } diff --git a/vendor/composer/LICENSE b/vendor/composer/LICENSE index 62ecfd8d..f27399a0 100644 --- a/vendor/composer/LICENSE +++ b/vendor/composer/LICENSE @@ -1,3 +1,4 @@ + Copyright (c) Nils Adermann, Jordi Boggiano Permission is hereby granted, free of charge, to any person obtaining a copy @@ -17,3 +18,4 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/vendor/composer/autoload_classmap.php b/vendor/composer/autoload_classmap.php index b26f1b13..0fb0a2c1 100644 --- a/vendor/composer/autoload_classmap.php +++ b/vendor/composer/autoload_classmap.php @@ -2,7 +2,7 @@ // autoload_classmap.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( diff --git a/vendor/composer/autoload_files.php b/vendor/composer/autoload_files.php index be9ffe33..cb87822a 100644 --- a/vendor/composer/autoload_files.php +++ b/vendor/composer/autoload_files.php @@ -2,15 +2,15 @@ // autoload_files.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( '7b11c4dc42b3b3023073cb14e519683c' => $vendorDir . '/ralouphie/getallheaders/src/getallheaders.php', '6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php', '37a3dc5111fe8f707ab4c132ef1dbc62' => $vendorDir . '/guzzlehttp/guzzle/src/functions_include.php', - 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', 'e39a8b23c42d4e1452234d762b03835a' => $vendorDir . '/ramsey/uuid/src/functions.php', + 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', '1f87db08236948d07391152dccb70f04' => $vendorDir . '/google/apiclient-services/autoload.php', 'a8d3953fd9959404dd22d3dfcd0a79f0' => $vendorDir . '/google/apiclient/src/aliases.php', '56823cacd97af379eceaf82ad00b928f' => $vendorDir . '/phpseclib/bcmath_compat/lib/bcmath.php', diff --git a/vendor/composer/autoload_namespaces.php b/vendor/composer/autoload_namespaces.php index b7fc0125..15a2ff3a 100644 --- a/vendor/composer/autoload_namespaces.php +++ b/vendor/composer/autoload_namespaces.php @@ -2,7 +2,7 @@ // autoload_namespaces.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( diff --git a/vendor/composer/autoload_psr4.php b/vendor/composer/autoload_psr4.php index 578af2f9..2a53092f 100644 --- a/vendor/composer/autoload_psr4.php +++ b/vendor/composer/autoload_psr4.php @@ -2,7 +2,7 @@ // autoload_psr4.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( diff --git a/vendor/composer/autoload_real.php b/vendor/composer/autoload_real.php index f6d222a8..2b8bde42 100644 --- a/vendor/composer/autoload_real.php +++ b/vendor/composer/autoload_real.php @@ -2,7 +2,7 @@ // autoload_real.php @generated by Composer -class ComposerAutoloaderInit8a3018fcce906572d4472a4dcff45985 +class ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388 { private static $loader; @@ -22,57 +22,27 @@ public static function getLoader() return self::$loader; } - spl_autoload_register(array('ComposerAutoloaderInit8a3018fcce906572d4472a4dcff45985', 'loadClassLoader'), true, true); - self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__))); - spl_autoload_unregister(array('ComposerAutoloaderInit8a3018fcce906572d4472a4dcff45985', 'loadClassLoader')); + spl_autoload_register(array('ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388', 'loadClassLoader'), true, true); + self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__)); + spl_autoload_unregister(array('ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388', 'loadClassLoader')); - $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded()); - if ($useStaticLoader) { - require __DIR__ . '/autoload_static.php'; + require __DIR__ . '/autoload_static.php'; + call_user_func(\Composer\Autoload\ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::getInitializer($loader)); - call_user_func(\Composer\Autoload\ComposerStaticInit8a3018fcce906572d4472a4dcff45985::getInitializer($loader)); - } else { - $map = require __DIR__ . '/autoload_namespaces.php'; - foreach ($map as $namespace => $path) { - $loader->set($namespace, $path); - } + $loader->register(true); - $map = require __DIR__ . '/autoload_psr4.php'; - foreach ($map as $namespace => $path) { - $loader->setPsr4($namespace, $path); - } + $filesToLoad = \Composer\Autoload\ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$files; + $requireFile = \Closure::bind(static function ($fileIdentifier, $file) { + if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { + $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; - $classMap = require __DIR__ . '/autoload_classmap.php'; - if ($classMap) { - $loader->addClassMap($classMap); + require $file; } - } - - $loader->register(true); - - if ($useStaticLoader) { - $includeFiles = Composer\Autoload\ComposerStaticInit8a3018fcce906572d4472a4dcff45985::$files; - } else { - $includeFiles = require __DIR__ . '/autoload_files.php'; - } - foreach ($includeFiles as $fileIdentifier => $file) { - composerRequire8a3018fcce906572d4472a4dcff45985($fileIdentifier, $file); + }, null, null); + foreach ($filesToLoad as $fileIdentifier => $file) { + $requireFile($fileIdentifier, $file); } return $loader; } } - -/** - * @param string $fileIdentifier - * @param string $file - * @return void - */ -function composerRequire8a3018fcce906572d4472a4dcff45985($fileIdentifier, $file) -{ - if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { - $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; - - require $file; - } -} diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index 38aba4de..c11cd27c 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -4,34 +4,34 @@ namespace Composer\Autoload; -class ComposerStaticInit8a3018fcce906572d4472a4dcff45985 +class ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388 { public static $files = array( ); public static $prefixLengthsPsr4 = array ( - 'p' => + 'p' => array ( 'phpseclib3\\' => 11, ), - 'b' => + 'b' => array ( 'bcmath_compat\\' => 14, ), - 'R' => + 'R' => array ( 'Ramsey\\Uuid\\' => 12, 'Ramsey\\Collection\\' => 18, ), - 'P' => + 'P' => array ( 'Psr\\Http\\Message\\' => 17, 'Psr\\Http\\Client\\' => 16, 'Psr\\Cache\\' => 10, 'ParagonIE\\ConstantTime\\' => 23, ), - 'G' => + 'G' => array ( 'GuzzleHttp\\Psr7\\' => 16, 'GuzzleHttp\\Promise\\' => 19, @@ -64,175 +64,175 @@ class ComposerStaticInit8a3018fcce906572d4472a4dcff45985 'GPBMetadata\\Google\\Analytics\\Admin\\' => 35, 'GPBMetadata\\ApiCore\\' => 20, ), - 'F' => + 'F' => array ( 'Firebase\\JWT\\' => 13, ), - 'B' => + 'B' => array ( 'Brick\\Math\\' => 11, ), ); public static $prefixDirsPsr4 = array ( - 'phpseclib3\\' => + 'phpseclib3\\' => array ( 0 => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib', ), - 'bcmath_compat\\' => + 'bcmath_compat\\' => array ( 0 => __DIR__ . '/..' . '/phpseclib/bcmath_compat/src', ), - 'Ramsey\\Uuid\\' => + 'Ramsey\\Uuid\\' => array ( 0 => __DIR__ . '/..' . '/ramsey/uuid/src', ), - 'Ramsey\\Collection\\' => + 'Ramsey\\Collection\\' => array ( 0 => __DIR__ . '/..' . '/ramsey/collection/src', ), - 'Psr\\Http\\Message\\' => + 'Psr\\Http\\Message\\' => array ( 0 => __DIR__ . '/..' . '/psr/http-factory/src', 1 => __DIR__ . '/..' . '/psr/http-message/src', ), - 'Psr\\Http\\Client\\' => + 'Psr\\Http\\Client\\' => array ( 0 => __DIR__ . '/..' . '/psr/http-client/src', ), - 'Psr\\Cache\\' => + 'Psr\\Cache\\' => array ( 0 => __DIR__ . '/..' . '/psr/cache/src', ), - 'ParagonIE\\ConstantTime\\' => + 'ParagonIE\\ConstantTime\\' => array ( 0 => __DIR__ . '/..' . '/paragonie/constant_time_encoding/src', ), - 'GuzzleHttp\\Psr7\\' => + 'GuzzleHttp\\Psr7\\' => array ( 0 => __DIR__ . '/..' . '/guzzlehttp/psr7/src', ), - 'GuzzleHttp\\Promise\\' => + 'GuzzleHttp\\Promise\\' => array ( 0 => __DIR__ . '/..' . '/guzzlehttp/promises/src', ), - 'GuzzleHttp\\' => + 'GuzzleHttp\\' => array ( 0 => __DIR__ . '/..' . '/guzzlehttp/guzzle/src', ), - 'Grpc\\Gcp\\' => + 'Grpc\\Gcp\\' => array ( 0 => __DIR__ . '/..' . '/google/grpc-gcp/src', ), - 'Grpc\\' => + 'Grpc\\' => array ( 0 => __DIR__ . '/..' . '/grpc/grpc/src/lib', ), - 'Google\\Type\\' => + 'Google\\Type\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/src/Type', ), - 'Google\\Service\\' => + 'Google\\Service\\' => array ( 0 => __DIR__ . '/..' . '/google/apiclient-services/src', ), - 'Google\\Rpc\\' => + 'Google\\Rpc\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/src/Rpc', ), - 'Google\\Protobuf\\' => + 'Google\\Protobuf\\' => array ( 0 => __DIR__ . '/..' . '/google/protobuf/src/Google/Protobuf', ), - 'Google\\LongRunning\\' => + 'Google\\LongRunning\\' => array ( 0 => __DIR__ . '/..' . '/google/longrunning/src/LongRunning', ), - 'Google\\Iam\\' => + 'Google\\Iam\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/src/Iam', ), - 'Google\\Cloud\\' => + 'Google\\Cloud\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/src/Cloud', ), - 'Google\\Auth\\' => + 'Google\\Auth\\' => array ( 0 => __DIR__ . '/..' . '/google/auth/src', ), - 'Google\\Api\\' => + 'Google\\Api\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/src/Api', ), - 'Google\\ApiCore\\LongRunning\\' => + 'Google\\ApiCore\\LongRunning\\' => array ( 0 => __DIR__ . '/..' . '/google/longrunning/src/ApiCore/LongRunning', ), - 'Google\\ApiCore\\' => + 'Google\\ApiCore\\' => array ( 0 => __DIR__ . '/..' . '/google/gax/src', ), - 'Google\\Analytics\\Data\\' => + 'Google\\Analytics\\Data\\' => array ( 0 => __DIR__ . '/..' . '/google/analytics-data/src', ), - 'Google\\Analytics\\Admin\\' => + 'Google\\Analytics\\Admin\\' => array ( 0 => __DIR__ . '/..' . '/google/analytics-admin/src', ), - 'Google\\' => + 'Google\\' => array ( 0 => __DIR__ . '/..' . '/google/apiclient/src', ), - 'GPBMetadata\\Google\\Type\\' => + 'GPBMetadata\\Google\\Type\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/metadata/Type', ), - 'GPBMetadata\\Google\\Rpc\\' => + 'GPBMetadata\\Google\\Rpc\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/metadata/Rpc', ), - 'GPBMetadata\\Google\\Protobuf\\' => + 'GPBMetadata\\Google\\Protobuf\\' => array ( 0 => __DIR__ . '/..' . '/google/protobuf/src/GPBMetadata/Google/Protobuf', ), - 'GPBMetadata\\Google\\Longrunning\\' => + 'GPBMetadata\\Google\\Longrunning\\' => array ( 0 => __DIR__ . '/..' . '/google/longrunning/metadata/Longrunning', ), - 'GPBMetadata\\Google\\Logging\\' => + 'GPBMetadata\\Google\\Logging\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/metadata/Logging', ), - 'GPBMetadata\\Google\\Iam\\' => + 'GPBMetadata\\Google\\Iam\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/metadata/Iam', ), - 'GPBMetadata\\Google\\Cloud\\' => + 'GPBMetadata\\Google\\Cloud\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/metadata/Cloud', ), - 'GPBMetadata\\Google\\Api\\' => + 'GPBMetadata\\Google\\Api\\' => array ( 0 => __DIR__ . '/..' . '/google/common-protos/metadata/Api', ), - 'GPBMetadata\\Google\\Analytics\\Data\\' => + 'GPBMetadata\\Google\\Analytics\\Data\\' => array ( 0 => __DIR__ . '/..' . '/google/analytics-data/metadata', ), - 'GPBMetadata\\Google\\Analytics\\Admin\\' => + 'GPBMetadata\\Google\\Analytics\\Admin\\' => array ( 0 => __DIR__ . '/..' . '/google/analytics-admin/metadata', ), - 'GPBMetadata\\ApiCore\\' => + 'GPBMetadata\\ApiCore\\' => array ( 0 => __DIR__ . '/..' . '/google/gax/metadata/ApiCore', ), - 'Firebase\\JWT\\' => + 'Firebase\\JWT\\' => array ( 0 => __DIR__ . '/..' . '/firebase/php-jwt/src', ), - 'Brick\\Math\\' => + 'Brick\\Math\\' => array ( 0 => __DIR__ . '/..' . '/brick/math/src', ), @@ -245,9 +245,9 @@ class ComposerStaticInit8a3018fcce906572d4472a4dcff45985 public static function getInitializer(ClassLoader $loader) { return \Closure::bind(function () use ($loader) { - $loader->prefixLengthsPsr4 = ComposerStaticInit8a3018fcce906572d4472a4dcff45985::$prefixLengthsPsr4; - $loader->prefixDirsPsr4 = ComposerStaticInit8a3018fcce906572d4472a4dcff45985::$prefixDirsPsr4; - $loader->classMap = ComposerStaticInit8a3018fcce906572d4472a4dcff45985::$classMap; + $loader->prefixLengthsPsr4 = ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$prefixLengthsPsr4; + $loader->prefixDirsPsr4 = ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$prefixDirsPsr4; + $loader->classMap = ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$classMap; }, null, ClassLoader::class); } diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json index 9026199b..d9d3e689 100644 --- a/vendor/composer/installed.json +++ b/vendor/composer/installed.json @@ -1245,17 +1245,17 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.50", - "version_normalized": "3.0.50.0", + "version": "3.0.51", + "version_normalized": "3.0.51.0", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b" + "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", - "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d59c94077f9c9915abb51ddb52ce85188ece1748", + "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748", "shasum": "" }, "require": { @@ -1273,7 +1273,7 @@ "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." }, - "time": "2026-03-19T02:57:58+00:00", + "time": "2026-04-10T01:33:53+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -1338,7 +1338,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.50" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.51" }, "funding": [ { diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php index 53d84d58..7a0b5fc9 100644 --- a/vendor/composer/installed.php +++ b/vendor/composer/installed.php @@ -1,166 +1,166 @@ array( - 'pretty_version' => 'dev-update-protobuf-dependecy', - 'version' => 'dev-update-protobuf-dependecy', + 'name' => '__root__', + 'pretty_version' => 'dev-5.x-dev', + 'version' => 'dev-5.x-dev', + 'reference' => 'e3fa2e34a7be3de84e703bc46db14c7fad9b9b05', 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), - 'reference' => 'd2ae6d542ea0243481f2935abd4c5157f7c9f094', - 'name' => '__root__', 'dev' => true, ), 'versions' => array( '__root__' => array( - 'pretty_version' => 'dev-update-protobuf-dependecy', - 'version' => 'dev-update-protobuf-dependecy', + 'pretty_version' => 'dev-5.x-dev', + 'version' => 'dev-5.x-dev', + 'reference' => 'e3fa2e34a7be3de84e703bc46db14c7fad9b9b05', 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), - 'reference' => 'd2ae6d542ea0243481f2935abd4c5157f7c9f094', 'dev_requirement' => false, ), 'brick/math' => array( 'pretty_version' => '0.12.1', 'version' => '0.12.1.0', + 'reference' => 'f510c0a40911935b77b86859eb5223d58d660df1', 'type' => 'library', 'install_path' => __DIR__ . '/../brick/math', 'aliases' => array(), - 'reference' => 'f510c0a40911935b77b86859eb5223d58d660df1', 'dev_requirement' => false, ), 'firebase/php-jwt' => array( 'pretty_version' => 'v6.10.1', 'version' => '6.10.1.0', + 'reference' => '500501c2ce893c824c801da135d02661199f60c5', 'type' => 'library', 'install_path' => __DIR__ . '/../firebase/php-jwt', 'aliases' => array(), - 'reference' => '500501c2ce893c824c801da135d02661199f60c5', 'dev_requirement' => false, ), 'google/analytics-admin' => array( 'pretty_version' => 'v0.22.5', 'version' => '0.22.5.0', + 'reference' => 'c28dce5b3158381a755d4a4443aa4e2b8d1a2809', 'type' => 'library', 'install_path' => __DIR__ . '/../google/analytics-admin', 'aliases' => array(), - 'reference' => 'c28dce5b3158381a755d4a4443aa4e2b8d1a2809', 'dev_requirement' => false, ), 'google/analytics-data' => array( 'pretty_version' => 'v0.17.1', 'version' => '0.17.1.0', + 'reference' => '0a7b129fd483179d16780d548be4fe16cd8bdc1a', 'type' => 'library', 'install_path' => __DIR__ . '/../google/analytics-data', 'aliases' => array(), - 'reference' => '0a7b129fd483179d16780d548be4fe16cd8bdc1a', 'dev_requirement' => false, ), 'google/apiclient' => array( 'pretty_version' => 'v2.15.4', 'version' => '2.15.4.0', + 'reference' => '73fa9cf8d8886db7269bcda0457d0a251a02cfd9', 'type' => 'library', 'install_path' => __DIR__ . '/../google/apiclient', 'aliases' => array(), - 'reference' => '73fa9cf8d8886db7269bcda0457d0a251a02cfd9', 'dev_requirement' => false, ), 'google/apiclient-services' => array( 'pretty_version' => 'v0.224.1', 'version' => '0.224.1.0', + 'reference' => '06e515176ebf32c3dcf7c01b3f377af6bfca6ae3', 'type' => 'library', 'install_path' => __DIR__ . '/../google/apiclient-services', 'aliases' => array(), - 'reference' => '06e515176ebf32c3dcf7c01b3f377af6bfca6ae3', 'dev_requirement' => false, ), 'google/auth' => array( 'pretty_version' => 'v1.41.0', 'version' => '1.41.0.0', + 'reference' => '1043ea18fe7f5dfbf5b208ce3ee6d6b6ab8cb038', 'type' => 'library', 'install_path' => __DIR__ . '/../google/auth', 'aliases' => array(), - 'reference' => '1043ea18fe7f5dfbf5b208ce3ee6d6b6ab8cb038', 'dev_requirement' => false, ), 'google/common-protos' => array( 'pretty_version' => 'v4.7.0', 'version' => '4.7.0.0', + 'reference' => 'e58068776f57605c336e32c7db373f0a81da17b8', 'type' => 'library', 'install_path' => __DIR__ . '/../google/common-protos', 'aliases' => array(), - 'reference' => 'e58068776f57605c336e32c7db373f0a81da17b8', 'dev_requirement' => false, ), 'google/gax' => array( 'pretty_version' => 'v1.34.0', 'version' => '1.34.0.0', + 'reference' => '28aa3e95969a75b278606a88448992a6396a119e', 'type' => 'library', 'install_path' => __DIR__ . '/../google/gax', 'aliases' => array(), - 'reference' => '28aa3e95969a75b278606a88448992a6396a119e', 'dev_requirement' => false, ), 'google/grpc-gcp' => array( 'pretty_version' => 'v0.4.0', 'version' => '0.4.0.0', + 'reference' => '2a80dbf690922aa52bb6bb79b9a32a9637a5c2d9', 'type' => 'library', 'install_path' => __DIR__ . '/../google/grpc-gcp', 'aliases' => array(), - 'reference' => '2a80dbf690922aa52bb6bb79b9a32a9637a5c2d9', 'dev_requirement' => false, ), 'google/longrunning' => array( 'pretty_version' => '0.4.3', 'version' => '0.4.3.0', + 'reference' => 'ed718a735e407826c3332b7197a44602eb03e608', 'type' => 'library', 'install_path' => __DIR__ . '/../google/longrunning', 'aliases' => array(), - 'reference' => 'ed718a735e407826c3332b7197a44602eb03e608', 'dev_requirement' => false, ), 'google/protobuf' => array( 'pretty_version' => 'v4.33.6', 'version' => '4.33.6.0', + 'reference' => '84b008c23915ed94536737eae46f41ba3bccfe67', 'type' => 'library', 'install_path' => __DIR__ . '/../google/protobuf', 'aliases' => array(), - 'reference' => '84b008c23915ed94536737eae46f41ba3bccfe67', 'dev_requirement' => false, ), 'grpc/grpc' => array( 'pretty_version' => '1.74.0', 'version' => '1.74.0.0', + 'reference' => '32bf4dba256d60d395582fb6e4e8d3936bcdb713', 'type' => 'library', 'install_path' => __DIR__ . '/../grpc/grpc', 'aliases' => array(), - 'reference' => '32bf4dba256d60d395582fb6e4e8d3936bcdb713', 'dev_requirement' => false, ), 'guzzlehttp/guzzle' => array( 'pretty_version' => '7.9.2', 'version' => '7.9.2.0', + 'reference' => 'd281ed313b989f213357e3be1a179f02196ac99b', 'type' => 'library', 'install_path' => __DIR__ . '/../guzzlehttp/guzzle', 'aliases' => array(), - 'reference' => 'd281ed313b989f213357e3be1a179f02196ac99b', 'dev_requirement' => false, ), 'guzzlehttp/promises' => array( 'pretty_version' => '2.0.3', 'version' => '2.0.3.0', + 'reference' => '6ea8dd08867a2a42619d65c3deb2c0fcbf81c8f8', 'type' => 'library', 'install_path' => __DIR__ . '/../guzzlehttp/promises', 'aliases' => array(), - 'reference' => '6ea8dd08867a2a42619d65c3deb2c0fcbf81c8f8', 'dev_requirement' => false, ), 'guzzlehttp/psr7' => array( 'pretty_version' => '2.7.0', 'version' => '2.7.0.0', + 'reference' => 'a70f5c95fb43bc83f07c9c948baa0dc1829bf201', 'type' => 'library', 'install_path' => __DIR__ . '/../guzzlehttp/psr7', 'aliases' => array(), - 'reference' => 'a70f5c95fb43bc83f07c9c948baa0dc1829bf201', 'dev_requirement' => false, ), 'monolog/monolog' => array( @@ -172,55 +172,55 @@ 'paragonie/constant_time_encoding' => array( 'pretty_version' => 'v2.5.0', 'version' => '2.5.0.0', + 'reference' => '9229e15f2e6ba772f0c55dd6986c563b937170a8', 'type' => 'library', 'install_path' => __DIR__ . '/../paragonie/constant_time_encoding', 'aliases' => array(), - 'reference' => '9229e15f2e6ba772f0c55dd6986c563b937170a8', 'dev_requirement' => false, ), 'paragonie/random_compat' => array( 'pretty_version' => 'v9.99.100', 'version' => '9.99.100.0', + 'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a', 'type' => 'library', 'install_path' => __DIR__ . '/../paragonie/random_compat', 'aliases' => array(), - 'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a', 'dev_requirement' => false, ), 'phpseclib/bcmath_compat' => array( 'pretty_version' => '2.0.3', 'version' => '2.0.3.0', + 'reference' => 'ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a', 'type' => 'library', 'install_path' => __DIR__ . '/../phpseclib/bcmath_compat', 'aliases' => array(), - 'reference' => 'ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a', 'dev_requirement' => false, ), 'phpseclib/phpseclib' => array( - 'pretty_version' => '3.0.50', - 'version' => '3.0.50.0', + 'pretty_version' => '3.0.51', + 'version' => '3.0.51.0', + 'reference' => 'd59c94077f9c9915abb51ddb52ce85188ece1748', 'type' => 'library', 'install_path' => __DIR__ . '/../phpseclib/phpseclib', 'aliases' => array(), - 'reference' => 'aa6ad8321ed103dc3624fb600a25b66ebf78ec7b', 'dev_requirement' => false, ), 'psr/cache' => array( 'pretty_version' => '3.0.0', 'version' => '3.0.0.0', + 'reference' => 'aa5030cfa5405eccfdcb1083ce040c2cb8d253bf', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/cache', 'aliases' => array(), - 'reference' => 'aa5030cfa5405eccfdcb1083ce040c2cb8d253bf', 'dev_requirement' => false, ), 'psr/http-client' => array( 'pretty_version' => '1.0.1', 'version' => '1.0.1.0', + 'reference' => '2dfb5f6c5eff0e91e20e913f8c5452ed95b86621', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/http-client', 'aliases' => array(), - 'reference' => '2dfb5f6c5eff0e91e20e913f8c5452ed95b86621', 'dev_requirement' => false, ), 'psr/http-client-implementation' => array( @@ -232,10 +232,10 @@ 'psr/http-factory' => array( 'pretty_version' => '1.0.1', 'version' => '1.0.1.0', + 'reference' => '12ac7fcd07e5b077433f5f2bee95b3a771bf61be', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/http-factory', 'aliases' => array(), - 'reference' => '12ac7fcd07e5b077433f5f2bee95b3a771bf61be', 'dev_requirement' => false, ), 'psr/http-factory-implementation' => array( @@ -247,10 +247,10 @@ 'psr/http-message' => array( 'pretty_version' => '1.1', 'version' => '1.1.0.0', + 'reference' => 'cb6ce4845ce34a8ad9e68117c10ee90a29919eba', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/http-message', 'aliases' => array(), - 'reference' => 'cb6ce4845ce34a8ad9e68117c10ee90a29919eba', 'dev_requirement' => false, ), 'psr/http-message-implementation' => array( @@ -262,28 +262,28 @@ 'ralouphie/getallheaders' => array( 'pretty_version' => '3.0.3', 'version' => '3.0.3.0', + 'reference' => '120b605dfeb996808c31b6477290a714d356e822', 'type' => 'library', 'install_path' => __DIR__ . '/../ralouphie/getallheaders', 'aliases' => array(), - 'reference' => '120b605dfeb996808c31b6477290a714d356e822', 'dev_requirement' => false, ), 'ramsey/collection' => array( 'pretty_version' => '2.0.0', 'version' => '2.0.0.0', + 'reference' => 'a4b48764bfbb8f3a6a4d1aeb1a35bb5e9ecac4a5', 'type' => 'library', 'install_path' => __DIR__ . '/../ramsey/collection', 'aliases' => array(), - 'reference' => 'a4b48764bfbb8f3a6a4d1aeb1a35bb5e9ecac4a5', 'dev_requirement' => false, ), 'ramsey/uuid' => array( 'pretty_version' => '4.7.6', 'version' => '4.7.6.0', + 'reference' => '91039bc1faa45ba123c4328958e620d382ec7088', 'type' => 'library', 'install_path' => __DIR__ . '/../ramsey/uuid', 'aliases' => array(), - 'reference' => '91039bc1faa45ba123c4328958e620d382ec7088', 'dev_requirement' => false, ), 'rhumsaa/uuid' => array( @@ -295,10 +295,10 @@ 'symfony/deprecation-contracts' => array( 'pretty_version' => 'v2.5.2', 'version' => '2.5.2.0', + 'reference' => 'e8b495ea28c1d97b5e0c121748d6f9b53d075c66', 'type' => 'library', 'install_path' => __DIR__ . '/../symfony/deprecation-contracts', 'aliases' => array(), - 'reference' => 'e8b495ea28c1d97b5e0c121748d6f9b53d075c66', 'dev_requirement' => false, ), ), diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php index a1f64675..e8862bf8 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php @@ -69,18 +69,19 @@ abstract class AsymmetricKey * @var array */ private static $invisiblePlugins = []; - /** - * Available Engines - * - * @var boolean[] - */ - protected static $engines = []; /** * Key Comment * * @var null|string */ private $comment; + /** + * OpenSSL configuration file name. + * + * @see self::createKey() + * @var ?string + */ + protected static $configFile; /** * @param string $type * @return array|string @@ -104,6 +105,9 @@ protected static function initialize_static_variables() self::$zero = new BigInteger(0); self::$one = new BigInteger(1); } + if (!isset(self::$configFile)) { + self::$configFile = dirname(__FILE__) . '/../../openssl.cnf'; + } self::loadPlugins('Keys'); if (static::ALGORITHM != 'RSA' && static::ALGORITHM != 'DH') { self::loadPlugins('Signature'); @@ -322,6 +326,17 @@ public static function getSupportedKeyFormats() self::initialize_static_variables(); return self::$plugins[static::ALGORITHM]['Keys']; } + /** + * Sets the OpenSSL config file path + * + * Set to the empty string to use the default config file + * + * @param string $val + */ + public static function setOpenSSLConfigPath($val) + { + self::$configFile = $val; + } /** * Add a fileformat plugin * @@ -373,28 +388,27 @@ public function getComment() return $this->comment; } /** - * Tests engine validity - * + * Force engine (useful for unit testing) */ - public static function useBestEngine() + public static function forceEngine($engine = null) { - static::$engines = [ - 'PHP' => \true, - 'OpenSSL' => extension_loaded('openssl'), - // this test can be satisfied by either of the following: - // http://php.net/manual/en/book.sodium.php - // https://github.com/paragonie/sodium_compat - 'libsodium' => function_exists('sodium_crypto_sign_keypair'), - ]; - return static::$engines; + if (!isset($engine)) { + static::$forcedEngine = null; + return; + } + switch ($engine) { + case 'PHP': + case 'OpenSSL': + case 'libsodium': + static::$forcedEngine = $engine; + break; + default: + throw new \InvalidArgumentException('Valid engines are null, PHP, OpenSSL or libsodium'); + } } - /** - * Flag to use internal engine only (useful for unit testing) - * - */ - public static function useInternalEngine() + public static function getForcedEngine() { - static::$engines = ['PHP' => \true, 'OpenSSL' => \false, 'libsodium' => \false]; + return static::$forcedEngine; } /** * __toString() magic method diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php index dc07e431..c24a9dea 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php @@ -499,7 +499,7 @@ protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = { self::initialize_static_variables(); $key = ['version' => 'v1', 'privateKeyAlgorithm' => ['algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid], 'privateKey' => $key]; - if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') { + if ($oid != 'id-Ed25519' && $oid != 'id-Ed448' && $oid != 'id-X25519' && $oid != 'id-X448') { $key['privateKeyAlgorithm']['parameters'] = $params; } if (!empty($attr)) { @@ -566,7 +566,7 @@ protected static function wrapPublicKey($key, $params, $oid = null, array $optio { self::initialize_static_variables(); $key = ['publicKeyAlgorithm' => ['algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid], 'publicKey' => "\x00" . $key]; - if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') { + if ($oid != 'id-Ed25519' && $oid != 'id-Ed448' && $oid != 'id-X25519' && $oid != 'id-X448') { $key['publicKeyAlgorithm']['parameters'] = $params; } $key = ASN1::encodeDER($key, Maps\PublicKeyInfo::MAP); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php index e655f406..ce7c84c7 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php @@ -27,8 +27,14 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DH\Parameters; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DH\PrivateKey; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DH\PublicKey; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Curve25519; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Curve448; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Keys\PKCS1; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\NoKeyLoadedException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedOperationException; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\File\ASN1; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\File\ASN1\Maps; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; /** * Pure-PHP (EC)DH implementation @@ -197,21 +203,51 @@ public static function computeSecret($private, $public) } } if ($private instanceof EC\PrivateKey) { + $privateCurve = $private->getCurve(); switch (\true) { case $public instanceof EC\PublicKey: + if ($privateCurve !== $public->getCurve()) { + throw new \InvalidArgumentException("The public key curve (" . $public->getCurve() . ") and private key curve ({$privateCurve}) need to match"); + } + $orig = $public; $public = $public->getEncodedCoordinates(); // fall-through case is_string($public): - $point = $private->multiply($public); - switch ($private->getCurve()) { - case 'Curve25519': - case 'Curve448': - $secret = $point; - break; - default: - // according to https://www.secg.org/sec1-v2.pdf#page=33 only X is returned - $secret = substr($point, 1, strlen($point) - 1 >> 1); + $forcedEngine = EC::getForcedEngine(); + if ($forcedEngine === 'libsodium' && $privateCurve !== 'Curve25519') { + throw new BadConfigurationException('Engine libsodium is forced but can only used with Curve25519 for ECDH'); + } + if (!isset($forcedEngine) || $forcedEngine === 'OpenSSL') { + // PHP 7.3.0 introduced the openssl_pkey_derive() function + // openssl_dh_computee_key() has been around since PHP 5.3.0+ BUT it did not support ECDH + // until PHP 8.1.0 / OpenSSL 3.0.0 + if ($forcedEngine === 'OpenSSL' && !function_exists('openssl_pkey_derive')) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for ECDH'); + } + if (function_exists('openssl_pkey_derive')) { + $privateStr = (string) $private->withPassword(); + $publicStr = (string) (isset($orig) ? $orig : EC::convertPointToPublicKey($private->getCurve(), $public)); + $result = openssl_pkey_derive($publicStr, $privateStr); + if ($result) { + return $result; + } + if ($forcedEngine === 'OpenSSL') { + // i suppose we _could_ try openssl_dh_compute_key() at this point + // quoting https://www.php.net/openssl-dh-compute-key "ECDH is only supported as of PHP 8.1.0 and OpenSSL 3.0.0". ie. + // PHP_VERSION_ID >= 80100 && OPENSSL_VERSION_NUMBER >= 0x3000000f + // but i think that's overkill. if openssl_pkey_derive() doesn't work it seems doubtful to me that openssl_dh_compute_key() would + throw new BadConfigurationException('Engine OpenSSL is forced but was unable to perform ECDH because of ' . openssl_error_string()); + } + } } + $curveName = $private->getCurve(); + $isMontgomeryCurve = $curveName == 'Curve25519' || $curveName == 'Curve448'; + if (!$isMontgomeryCurve) { + $public = EC::convertPointToPublicKey($curveName, $public, \false); + } + $point = $private->multiply($public); + // according to https://www.secg.org/sec1-v2.pdf#page=33 only X is returned + $secret = $isMontgomeryCurve ? $point : substr($point, 1, strlen($point) - 1 >> 1); /* if (($secret[0] & "\x80") === "\x80") { $secret = "\0$secret"; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php index 8f9647a0..35a65331 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php @@ -32,6 +32,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DSA\Parameters; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DSA\PrivateKey; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DSA\PublicKey; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\InsufficientSetupException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; /** @@ -79,6 +80,13 @@ abstract class DSA extends AsymmetricKey * @var string */ protected $sigFormat; + /** + * Forced Engine + * + * @var ?string + * @see parent::forceEngine() + */ + protected static $forcedEngine = null; /** * Signature Format (Short) * @@ -99,9 +107,6 @@ public static function createParameters($L = 2048, $N = 224) if ($class->isFinal()) { throw new \RuntimeException('createParameters() should not be called from final classes (' . static::class . ')'); } - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } switch (\true) { case $N == 160: /* @@ -164,13 +169,16 @@ public static function createParameters($L = 2048, $N = 224) public static function createKey(...$args) { self::initialize_static_variables(); + if (self::$forcedEngine == 'libsodium') { + throw new BadConfigurationException('Engine ' . self::$forcedEngine . ' is forced but unsupported for DSA'); + } + if (self::$forcedEngine == 'OpenSSL' && !defined('OPENSSL_KEYTYPE_DSA')) { + throw new BadConfigurationException("Engine OpenSSL is forced but unsupported for DSA"); + } $class = new \ReflectionClass(static::class); if ($class->isFinal()) { throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); } - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } if (count($args) == 2 && is_int($args[0]) && is_int($args[1])) { $params = self::createParameters($args[0], $args[1]); } elseif (count($args) == 1 && $args[0] instanceof Parameters) { @@ -180,6 +188,24 @@ public static function createKey(...$args) } else { throw new InsufficientSetupException('Valid parameters are either two integers (L and N), a single DSA object or no parameters at all.'); } + // at this point the only two supported values for self::$forcedEngine are OpenSSL, PHP and null + // if it's either OpenSSL or null we'll use OpenSSL (if it's available) + if (self::$forcedEngine !== 'PHP' && defined('OPENSSL_KEYTYPE_DSA')) { + $config = []; + if (self::$configFile) { + $config['config'] = self::$configFile; + } + $dsa = openssl_pkey_new($config + ['private_key_type' => \OPENSSL_KEYTYPE_DSA, 'p' => $params->p, 'q' => $params->q, 'g' => $params->g]); + if ($dsa && openssl_pkey_export($dsa, $privatekeystr, null, $config)) { + // clear the buffer of error strings stemming from a minimalistic openssl.cnf + // https://github.com/php/php-src/issues/11054 talks about other errors this'll pick up + while (openssl_error_string() !== \false) { + } + return DSA::load($privatekeystr)->withHash($params->hash->getHash())->withSignatureFormat($params->shortFormat); + } elseif (isset(self::$forcedEngine)) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for DSA'); + } + } $private = new PrivateKey(); $private->p = $params->p; $private->q = $params->q; @@ -197,9 +223,6 @@ public static function createKey(...$args) */ protected static function onLoad(array $components) { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } if (!isset($components['x']) && !isset($components['y'])) { $new = new Parameters(); } elseif (isset($components['x'])) { @@ -238,20 +261,6 @@ public function getLength() { return ['L' => $this->p->getLength(), 'N' => $this->q->getLength()]; } - /** - * Returns the current engine being used - * - * @see self::useInternalEngine() - * @see self::useBestEngine() - * @return string - */ - public function getEngine() - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - return self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods()) ? 'OpenSSL' : 'PHP'; - } /** * Returns the parameters * diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php index 3f5e591f..f36c6ca5 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php @@ -14,6 +14,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DSA; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DSA\Formats\Signature\ASN1 as ASN1Signature; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; /** * DSA Private Key * @@ -68,17 +69,29 @@ public function getPublicKey() public function sign($message) { $format = $this->sigFormat; - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $signature = ''; - $result = openssl_sign($message, $signature, $this->toString('PKCS8'), $this->hash->getHash()); - if ($result) { - if ($this->shortFormat == 'ASN1') { - return $signature; + if (self::$forcedEngine === 'libsodium') { + throw new BadConfigurationException('Engine libsodium is forced but unsupported for DSA'); + } + if (self::$forcedEngine === 'OpenSSL' && !function_exists('openssl_get_md_methods')) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for DSA'); + } + if (function_exists('openssl_get_md_methods') && self::$forcedEngine !== 'PHP') { + if (in_array($this->hash->getHash(), openssl_get_md_methods())) { + $signature = ''; + $result = openssl_sign($message, $signature, $this->toString('PKCS8'), $this->hash->getHash()); + if ($result) { + if ($this->shortFormat == 'ASN1') { + return $signature; + } + $loaded = ASN1Signature::load($signature); + $r = $loaded['r']; + $s = $loaded['s']; + return $format::save($r, $s); + } elseif (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but was unable to create signature because of ' . openssl_error_string()); } - $loaded = ASN1Signature::load($signature); - $r = $loaded['r']; - $s = $loaded['s']; - return $format::save($r, $s); + } elseif (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for DSA / ' . $this->hash->getHash()); } } $h = $this->hash->hash($message); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php index e1a2622b..108db6ee 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php @@ -13,6 +13,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Common; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DSA; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\DSA\Formats\Signature\ASN1 as ASN1Signature; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; /** * DSA Public Key * @@ -31,6 +32,12 @@ final class PublicKey extends DSA implements Common\PublicKey */ public function verify($message, $signature) { + if (self::$forcedEngine === 'libsodium') { + throw new BadConfigurationException('Engine libsodium is forced but unsupported for DSA'); + } + if (self::$forcedEngine === 'OpenSSL' && !function_exists('openssl_get_md_methods')) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for DSA'); + } $format = $this->sigFormat; $params = $format::load($signature); if ($params === \false || count($params) != 2) { @@ -38,11 +45,15 @@ public function verify($message, $signature) } $r = $params['r']; $s = $params['s']; - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; - $result = openssl_verify($message, $sig, $this->toString('PKCS8'), $this->hash->getHash()); - if ($result != -1) { - return (bool) $result; + if (function_exists('openssl_get_md_methods') && self::$forcedEngine !== 'PHP') { + if (in_array($this->hash->getHash(), openssl_get_md_methods())) { + $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; + $result = openssl_verify($message, $sig, $this->toString('PKCS8'), $this->hash->getHash()); + if ($result != -1) { + return (bool) $result; + } + } elseif (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for DSA / ' . $this->hash->getHash()); } } $q_1 = $this->q->subtract(self::$one); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php index daa8eba8..96b53830 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php @@ -32,12 +32,15 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Curve25519; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Curve448; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Ed25519; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Ed448; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Keys\PKCS1; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Keys\PKCS8; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Parameters; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\PrivateKey; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\PublicKey; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedAlgorithmException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedCurveException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedOperationException; @@ -69,12 +72,6 @@ abstract class EC extends AsymmetricKey * @var EC\BaseCurves\Base */ protected $curve; - /** - * Signature Format - * - * @var string - */ - protected $format; /** * Signature Format (Short) * @@ -118,6 +115,13 @@ abstract class EC extends AsymmetricKey * @var string */ protected $sigFormat; + /** + * Forced Engine + * + * @var ?string + * @see parent::forceEngine() + */ + protected static $forcedEngine = null; /** * Create public / private key pair. * @@ -131,31 +135,57 @@ public static function createKey($curve) if ($class->isFinal()) { throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); } - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - $curve = strtolower($curve); - if (self::$engines['libsodium'] && $curve == 'ed25519' && function_exists('sodium_crypto_sign_keypair')) { - $kp = sodium_crypto_sign_keypair(); - $privatekey = EC::loadFormat('libsodium', sodium_crypto_sign_secretkey($kp)); - //$publickey = EC::loadFormat('libsodium', sodium_crypto_sign_publickey($kp)); - $privatekey->curveName = 'Ed25519'; - //$publickey->curveName = $curve; - return $privatekey; - } - $privatekey = new PrivateKey(); - $curveName = $curve; - if (preg_match('#(?:^curve|^ed)\\d+$#', $curveName)) { - $curveName = ucfirst($curveName); - } elseif (substr($curveName, 0, 10) == 'brainpoolp') { - $curveName = 'brainpoolP' . substr($curveName, 10); - } + $curveName = self::getCurveCase($curve); $curve = '\\phpseclib3\\Crypt\\EC\\Curves\\' . $curveName; if (!class_exists($curve)) { throw new UnsupportedCurveException('Named Curve of ' . $curveName . ' is not supported'); } $reflect = new \ReflectionClass($curve); $curveName = $reflect->isFinal() ? $reflect->getParentClass()->getShortName() : $reflect->getShortName(); + $curveEngineName = self::getOpenSSLCurveName(strtolower($curveName)); + switch ($curveName) { + case 'Ed25519': + $providers = [ + 'libsodium' => function_exists('sodium_crypto_sign_keypair'), + // OPENSSL_KEYTYPE_ED25519 introduced in PHP 8.4.0 + 'OpenSSL' => defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\OPENSSL_KEYTYPE_ED25519'), + ]; + break; + case 'Ed448': + // OPENSSL_KEYTYPE_ED448 introduced in PHP 8.4.0 + $providers = ['OpenSSL' => defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\OPENSSL_KEYTYPE_ED448')]; + break; + case 'Curve25519': + $providers = [ + 'libsodium' => function_exists('sodium_crypto_box_publickey_from_secretkey'), + // OPENSSL_KEYTYPE_X25519 introduced in PHP 8.4.0 + 'OpenSSL' => defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\OPENSSL_KEYTYPE_X25519'), + ]; + // OPENSSL_KEYTYPE_X448 introduced in PHP 8.4.0 + case 'Curve448': + $providers = ['OpenSSL' => defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\OPENSSL_KEYTYPE_X448')]; + break; + default: + // openssl_get_curve_names() was introduced in PHP 7.1.0 + // exclude curve25519 and curve448 from testing + $providers = ['OpenSSL' => function_exists('openssl_get_curve_names') && substr($curveEngineName, 0, 5) != 'curve' && in_array($curveEngineName, openssl_get_curve_names())]; + } + foreach ($providers as $engine => $isSupported) { + // if an engine is being forced and the forced engine doesn't match $engine, skip it + if (isset(self::$forcedEngine) && self::$forcedEngine !== $engine) { + continue; + } + if ($isSupported) { + $result = self::generateWithEngine($engine, $curveEngineName); + if (isset($result)) { + return $result; + } + } + if (self::$forcedEngine === $engine) { + throw new BadConfigurationException("EC::createKey: Engine {$engine} is forced but unsupported for {$curve}"); + } + } + $privatekey = new PrivateKey(); $curve = new $curve(); if ($curve instanceof TwistedEdwardsCurve) { $arr = $curve->extractSecret(Random::string($curve instanceof Ed448 ? 57 : 32)); @@ -164,25 +194,133 @@ public static function createKey($curve) } else { $privatekey->dA = $dA = $curve->createRandomMultiplier(); } - if ($curve instanceof Curve25519 && self::$engines['libsodium']) { - //$r = pack('H*', '0900000000000000000000000000000000000000000000000000000000000000'); - //$QA = sodium_crypto_scalarmult($dA->toBytes(), $r); - $QA = sodium_crypto_box_publickey_from_secretkey($dA->toBytes()); - $privatekey->QA = [$curve->convertInteger(new BigInteger(strrev($QA), 256))]; - } else { - $privatekey->QA = $curve->multiplyPoint($curve->getBasePoint(), $dA); - } $privatekey->curve = $curve; + $privatekey->curveName = $curveName; + $privatekey->QA = $curve->multiplyPoint($curve->getBasePoint(), $dA); //$publickey = clone $privatekey; //unset($publickey->dA); //unset($publickey->x); - $privatekey->curveName = $curveName; //$publickey->curveName = $curveName; if ($privatekey->curve instanceof TwistedEdwardsCurve) { return $privatekey->withHash($curve::HASH); } return $privatekey; } + /** + * Returns the actual case of the curve + * + * Useful for initializing the curve class + * + * @param string $curveName + * @return string + */ + private static function getCurveCase($curveName) + { + $curveName = strtolower($curveName); + if (preg_match('#(?:^curve|^ed)\\d+$#', $curveName)) { + return ucfirst($curveName); + } + if (substr($curveName, 0, 10) == 'brainpoolp') { + return 'brainpoolP' . substr($curveName, 10); + } + return $curveName; + } + /** + * Return the OpenSSL name for a curve + * + * @param string $curve + * @return string + */ + private static function getOpenSSLCurveName($curve) + { + switch ($curve) { + case 'secp256r1': + return 'prime256v1'; + case 'secp192r1': + return 'prime192v1'; + } + return $curve; + } + /** + * Generate the key for a given curve / engine combo + * + * @param string $engine + * @param string $curve + * @return ?PrivateKey + */ + private static function generateWithEngine($engine, $curve) + { + if ($engine == 'libsodium') { + if ($curve == 'ed25519') { + $kp = sodium_crypto_sign_keypair(); + $privatekey = EC::loadFormat('libsodium', sodium_crypto_sign_secretkey($kp)); + //$publickey = EC::loadFormat('libsodium', sodium_crypto_sign_publickey($kp)); + $privatekey->curveName = 'Ed25519'; + //$publickey->curveName = $curve; + return $privatekey; + } else { + // $curve == 'curve25519 + $privatekey = new PrivateKey(); + $privatekey->curve = new Curve25519(); + $privatekey->curveName = 'Curve25519'; + $privatekey->dA = $privatekey->curve->createRandomMultiplier(); + $dA = str_pad($privatekey->dA->toBytes(), 32, "\x00", \STR_PAD_LEFT); + //$r = pack('H*', '0900000000000000000000000000000000000000000000000000000000000000'); + //$QA = sodium_crypto_scalarmult($dA, $r); + $QA = sodium_crypto_box_publickey_from_secretkey($dA); + $privatekey->QA = [$privatekey->curve->convertInteger(new BigInteger(strrev($QA), 256))]; + return $privatekey; + } + } + // at this point $engine == 'OpenSSL' + $curveName = self::getCurveCase($curve); + $config = []; + if (self::$configFile) { + $config['config'] = self::$configFile; + } + $params = $config; + switch ($curve) { + case 'ed25519': + $params['private_key_type'] = OPENSSL_KEYTYPE_ED25519; + break; + case 'ed448': + $params['private_key_type'] = OPENSSL_KEYTYPE_ED448; + break; + case 'curve25519': + $params['private_key_type'] = OPENSSL_KEYTYPE_X25519; + break; + case 'curve448': + $params['private_key_type'] = OPENSSL_KEYTYPE_X448; + break; + default: + $params['private_key_type'] = \OPENSSL_KEYTYPE_EC; + $params['curve_name'] = $curveName; + } + $key = openssl_pkey_new($params); + if (!$key) { + return null; + } + $privateKeyStr = ''; + if (!openssl_pkey_export($key, $privateKeyStr, null, $config)) { + return null; + } + // clear the buffer of error strings + while (openssl_error_string() !== \false) { + } + // some versions of OpenSSL / PHP return PKCS1 keys, others return PKCS8 keys + $privatekey = EC::load($privateKeyStr); + switch ($curveName) { + case 'prime256v1': + $privatekey->curveName = 'secp256r1'; + break; + case 'prime192v1': + $privatekey->curveName = 'secp192r1'; + break; + default: + $privatekey->curveName = $curveName; + } + return $privatekey; + } /** * OnLoad Handler * @@ -190,9 +328,6 @@ public static function createKey($curve) */ protected static function onLoad(array $components) { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } if (!isset($components['dA']) && !isset($components['QA'])) { $new = new Parameters(); $new->curve = $components['curve']; @@ -273,23 +408,6 @@ public function getLength() { return $this->curve->getLength(); } - /** - * Returns the current engine being used - * - * @see self::useInternalEngine() - * @see self::useBestEngine() - * @return string - */ - public function getEngine() - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - if ($this->curve instanceof TwistedEdwardsCurve) { - return $this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context) ? 'libsodium' : 'PHP'; - } - return self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods()) ? 'OpenSSL' : 'PHP'; - } /** * Returns the public key coordinates as a string * @@ -307,6 +425,45 @@ public function getEncodedCoordinates() } return "\x04" . $this->QA[0]->toBytes(\true) . $this->QA[1]->toBytes(\true); } + /** + * Convert point to public key + * + * For Weierstrass curves, if only the x coordinate is present (as is the case after doing a round of ECDH) + * then we'll guess at the y coordinate. There are only two possible y values and, atleast in-so-far as + * multiplication is concerned, neither value affects the resultant x value + * + * If $toPublicKey is set to false then a string will be returned - a kind of public key precursor + * + * @param string $curveName + * @param string $secret + * @param bool $toPublicKey optional + * @return PublicKey|string + */ + public static function convertPointToPublicKey($curveName, $secret, $toPublicKey = \true) + { + $curveName = self::getCurveCase($curveName); + $curve = '\\phpseclib3\\Crypt\\EC\\Curves\\' . $curveName; + if (!class_exists($curve)) { + throw new UnsupportedCurveException('Named Curve of ' . $curveName . ' is not supported'); + } + $curve = new $curve(); + if (!$curve instanceof TwistedEdwardsCurve) { + if ($curve instanceof MontgomeryCurve) { + $secret = strrev($secret); + } elseif ($curve->getLengthInBytes() == strlen($secret)) { + $secret = "\x03{$secret}"; + } + if (!$toPublicKey) { + return $secret; + } + $secret = "\x00{$secret}"; + } elseif (!$toPublicKey) { + return $secret; + } + $QA = PKCS8::extractPoint($secret, $curve); + $key = PKCS8::savePublicKey($curve, $QA); + return EC::loadFormat('PKCS8', $key); + } /** * Returns the parameters * @@ -399,16 +556,4 @@ public function withHash($hash) } return parent::withHash($hash); } - /** - * __toString() magic method - * - * @return string - */ - public function __toString() - { - if ($this->curve instanceof MontgomeryCurve) { - return ''; - } - return parent::__toString(); - } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php index e8ece55b..f007ec7c 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php @@ -16,6 +16,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; class Curve25519 extends Montgomery { + const SIZE = 32; public function __construct() { // 2^255 - 19 @@ -43,9 +44,10 @@ public function __construct() */ public function multiplyPoint(array $p, BigInteger $d) { - //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes()))); - //return [$this->factory->newInteger(new BigInteger($r, 256))]; $d = $d->toBytes(); + $d = str_pad($d, 32, "\x00", \STR_PAD_LEFT); + //$r = strrev(sodium_crypto_scalarmult($d, strrev($p[0]->toBytes()))); + //return [$this->factory->newInteger(new BigInteger($r, 256))]; $d &= "\xf8" . str_repeat("\xff", 30) . ""; $d = strrev($d); $d |= "@"; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php index b508aa3c..1eeab854 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php @@ -16,6 +16,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; class Curve448 extends Montgomery { + const SIZE = 56; public function __construct() { // 2^448 - 2^224 - 1 @@ -46,9 +47,10 @@ public function __construct() */ public function multiplyPoint(array $p, BigInteger $d) { - //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes()))); - //return [$this->factory->newInteger(new BigInteger($r, 256))]; $d = $d->toBytes(); + $d = str_pad($d, 56, "\x00", \STR_PAD_LEFT); + //$r = strrev(sodium_crypto_scalarmult($d, strrev($p[0]->toBytes()))); + //return [$this->factory->newInteger(new BigInteger($r, 256))]; $d[0] = $d[0] & "\xfc"; $d = strrev($d); $d |= "\x80"; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php index 1073b7d8..5745db06 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php @@ -15,6 +15,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Common\Functions\Strings; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\Binary as BinaryCurve; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\Montgomery; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\Prime as PrimeCurve; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedCurveException; @@ -277,6 +278,9 @@ protected static function loadCurveByParam(array $params) */ public static function extractPoint($str, BaseCurve $curve) { + if ($curve instanceof Montgomery) { + return [new BigInteger($str, 256)]; + } if ($curve instanceof TwistedEdwardsCurve) { // first step of point deciding as discussed at the following URL's: // https://tools.ietf.org/html/rfc8032#section-5.1.3 diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php index c9752951..19a0236c 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php @@ -88,6 +88,6 @@ public static function savePrivateKey(BigInteger $privateKey, MontgomeryCurve $c if (!empty($password) && is_string($password)) { throw new UnsupportedFormatException('MontgomeryPrivate private keys do not support encryption'); } - return $privateKey->toBytes(); + return str_pad($privateKey->toBytes(), $curve::SIZE, "\x00", \STR_PAD_RIGHT); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php index cf6d7a2a..645277cb 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php @@ -85,6 +85,9 @@ private static function getAlias(BaseCurve $curve) self::initialize_static_variables(); $reflect = new \ReflectionClass($curve); $name = $reflect->getShortName(); + if (!isset(self::$curveOIDs[$name])) { + throw new UnsupportedCurveException($name . ' is not a curve that the OpenSSH plugin supports'); + } $oid = self::$curveOIDs[$name]; $aliases = array_filter(self::$curveOIDs, function ($v) use($oid) { return $v == $oid; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php index 9260bbf0..c990351b 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php @@ -22,10 +22,13 @@ */ namespace Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Keys; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\Common\FiniteField\Integer; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Curve25519; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Curve448; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Ed25519; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Curves\Ed448; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedCurveException; @@ -45,13 +48,13 @@ abstract class PKCS8 extends Progenitor * * @var array */ - const OID_NAME = ['id-ecPublicKey', 'id-Ed25519', 'id-Ed448']; + const OID_NAME = ['id-ecPublicKey', 'id-Ed25519', 'id-Ed448', 'id-X25519', 'id-X448']; /** * OID Value * * @var string */ - const OID_VALUE = ['1.2.840.10045.2.1', '1.3.101.112', '1.3.101.113']; + const OID_VALUE = ['1.2.840.10045.2.1', '1.3.101.112', '1.3.101.113', '1.3.101.110', '1.3.101.111']; /** * Break a public or private key down into its constituent components * @@ -73,6 +76,9 @@ public static function load($key, $password = '') case 'id-Ed25519': case 'id-Ed448': return self::loadEdDSA($key); + case 'id-X25519': + case 'id-X448': + return self::loadECDH($key); } $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); if (!$decoded) { @@ -130,11 +136,41 @@ private static function loadEdDSA(array $key) } return $components; } + private static function loadECDH(array $key) + { + $components = []; + if (isset($key['privateKey'])) { + $components['curve'] = $key['privateKeyAlgorithm']['algorithm'] == 'id-X25519' ? new Curve25519() : new Curve448(); + $expected = chr(ASN1::TYPE_OCTET_STRING) . ASN1::encodeLength($components['curve']::SIZE); + $privateKey = (string) $key['privateKey']; + if (substr($privateKey, 0, 2) != $expected) { + throw new \RuntimeException('The first two bytes of the ' . $key['privateKeyAlgorithm']['algorithm'] . ' private key field should be 0x' . bin2hex($expected)); + } + $components['dA'] = new BigInteger(substr($privateKey, 2), 256); + } + if (isset($key['publicKey'])) { + if (!isset($components['curve'])) { + $components['curve'] = $key['publicKeyAlgorithm']['algorithm'] == 'id-X25519' ? new Curve25519() : new Curve448(); + } + $components['QA'] = [$components['curve']->convertInteger(new BigInteger(strrev($key['publicKey']), 256))]; + } + if (isset($key['privateKey']) && !isset($components['QA'])) { + if ($components['curve'] instanceof Curve25519 && function_exists('sodium_crypto_box_publickey_from_secretkey')) { + //$r = pack('H*', '0900000000000000000000000000000000000000000000000000000000000000'); + //$QA = sodium_crypto_scalarmult($components['dA']->toBytes(), $r); + $QA = sodium_crypto_box_publickey_from_secretkey(str_pad($components['dA']->toBytes(), 32, chr(0), \STR_PAD_LEFT)); + $components['QA'] = [$components['curve']->convertInteger(new BigInteger(strrev($QA), 256))]; + } else { + $components['QA'] = [$components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA'])[0]]; + } + } + return $components; + } /** * Convert an EC public key to the appropriate format * * @param BaseCurve $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param Integer[] $publicKey * @param array $options optional * @return string */ @@ -142,7 +178,7 @@ public static function savePublicKey(BaseCurve $curve, array $publicKey, array $ { self::initialize_static_variables(); if ($curve instanceof MontgomeryCurve) { - throw new UnsupportedCurveException('Montgomery Curves are not supported'); + return self::wrapPublicKey(str_pad(strrev($publicKey[0]->toBytes()), $curve::SIZE, "\x00", \STR_PAD_RIGHT), null, $curve instanceof Curve25519 ? 'id-X25519' : 'id-X448', $options); } if ($curve instanceof TwistedEdwardsCurve) { return self::wrapPublicKey($curve->encodePoint($publicKey), null, $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448', $options); @@ -166,7 +202,7 @@ public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, { self::initialize_static_variables(); if ($curve instanceof MontgomeryCurve) { - throw new UnsupportedCurveException('Montgomery Curves are not supported'); + return self::wrapPrivateKey(chr(ASN1::TYPE_OCTET_STRING) . ASN1::encodeLength($curve::SIZE) . str_pad($privateKey->toBytes(), $curve::SIZE, "\x00", \STR_PAD_LEFT), [], null, $password, $curve instanceof Curve25519 ? 'id-X25519' : 'id-X448'); } if ($curve instanceof TwistedEdwardsCurve) { return self::wrapPrivateKey(chr(ASN1::TYPE_OCTET_STRING) . ASN1::encodeLength($curve::SIZE) . $secret, [], null, $password, $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448'); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php index d5892f97..7518e93f 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php @@ -20,6 +20,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Keys\PKCS1; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Signature\ASN1 as ASN1Signature; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Hash; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedOperationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; /** @@ -54,10 +55,22 @@ final class PrivateKey extends EC implements Common\PrivateKey */ public function multiply($coordinates) { - if ($this->curve instanceof MontgomeryCurve) { - if ($this->curve instanceof Curve25519 && self::$engines['libsodium']) { - return sodium_crypto_scalarmult($this->dA->toBytes(), $coordinates); + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is not supported for the multiplication operation'); + } + if (self::$forcedEngine === 'libsodium' && !$this->curve instanceof Curve25519) { + throw new BadConfigurationException('Engine libsodium is only supported for Curve25519'); + } + if ($this->curve instanceof Curve25519 && self::$forcedEngine !== 'PHP') { + if (self::$forcedEngine === 'libsodium' && !function_exists('sodium_crypto_scalarmult')) { + throw new BadConfigurationException('Engine libsodium is forced but unsupported for Curve25519'); } + if (function_exists('sodium_crypto_scalarmult')) { + $dA = str_pad($this->dA->toBytes(), 32, "\x00", \STR_PAD_LEFT); + return sodium_crypto_scalarmult($dA, $coordinates); + } + } + if ($this->curve instanceof MontgomeryCurve) { $point = [$this->curve->convertInteger(new BigInteger(strrev($coordinates), 256))]; $point = $this->curve->multiplyPoint($point, $this->dA); return strrev($point[0]->toBytes(\true)); @@ -94,11 +107,50 @@ public function sign($message) if ($format === \false) { return \false; } - if ($this->curve instanceof TwistedEdwardsCurve) { - if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) { + if (self::$forcedEngine === 'libsodium' && !$this->curve instanceof Ed25519) { + throw new BadConfigurationException('Engine libsodium is only supported for Ed25519'); + } + // at this point either self::$forcedEngine is NOT libsodium or the curve is Ed25519 + if ($this->curve instanceof Ed25519 && self::$forcedEngine !== 'PHP' && self::$forcedEngine !== 'OpenSSL') { + if (self::$forcedEngine === 'libsodium') { + if (!function_exists('sodium_crypto_sign_detached')) { + throw new BadConfigurationException('Engine libsodium is forced but unsupported for Ed25519 / Ed448'); + } + if (isset($this->context)) { + throw new BadConfigurationException('Engine libsodium is forced but unsupported for Ed25519ctx (context)'); + } + } + if (function_exists('sodium_crypto_sign_detached') && !isset($this->context)) { $result = sodium_crypto_sign_detached($message, $this->withPassword()->toString('libsodium')); return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $result) : $result; } + } + // at this point self::$forcedEngine CAN'T be libsodium so we won't check for it henceforth + if ($this->curve instanceof TwistedEdwardsCurve) { + if (self::$forcedEngine !== 'PHP') { + $keyTypeConstant = $this->curve instanceof Ed25519 ? 'OPENSSL_KEYTYPE_ED25519' : 'OPENSSL_KEYTYPE_ED448'; + if (self::$forcedEngine === 'OpenSSL') { + if (!defined($keyTypeConstant)) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for Ed25519 / Ed448'); + } + // OpenSSL supports Ed25519/Ed448 but not Ed25519ctx (context), so skip if context is set + if (isset($this->context)) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for Ed25519 / Ed448 curves with context\'s'); + } + } + if (defined($keyTypeConstant) && !isset($this->context)) { + $result = ''; + // algorithm 0 is used because EdDSA has a built-in hash + openssl_sign($message, $result, $this->withPassword()->toString('PKCS8'), 0); + if ($result) { + $signature = $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $result) : $result; + return $signature; + } + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but was unable to create signature because of ' . openssl_error_string()); + } + } + } // contexts (Ed25519ctx) are supported but prehashing (Ed25519ph) is not. // quoting https://tools.ietf.org/html/rfc8032#section-8.5 , // "The Ed25519ph and Ed448ph variants ... SHOULD NOT be used" @@ -128,22 +180,32 @@ public function sign($message) $S = str_pad(strrev($S->toBytes()), $curve::SIZE, "\x00"); return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $R . $S) : $R . $S; } - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $signature = ''; - // altho PHP's OpenSSL bindings only supported EC key creation in PHP 7.1 they've long - // supported signing / verification - // we use specified curves to avoid issues with OpenSSL possibly not supporting a given named curve; - // doing this may mean some curve-specific optimizations can't be used but idk if OpenSSL even - // has curve-specific optimizations - $result = openssl_sign($message, $signature, $this->withPassword()->toString('PKCS8', ['namedCurve' => \false]), $this->hash->getHash()); - if ($result) { - if ($shortFormat == 'ASN1') { - return $signature; + if (self::$forcedEngine === 'OpenSSL' && !function_exists('openssl_get_md_methods')) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for ECDSA'); + } + // at this point $forcedEngine is either PHP or null. either that OR openssl_get_md_methods() exists + if (self::$forcedEngine !== 'PHP') { + if (in_array($this->hash->getHash(), openssl_get_md_methods())) { + $signature = ''; + // altho PHP's OpenSSL bindings only supported EC key creation in PHP 7.1 they've long + // supported signing / verification + // we use specified curves to avoid issues with OpenSSL possibly not supporting a given named curve; + // doing this may mean some curve-specific optimizations can't be used but idk if OpenSSL even + // has curve-specific optimizations + $result = openssl_sign($message, $signature, $this->withPassword()->toString('PKCS8', ['namedCurve' => \false]), $this->hash->getHash()); + if ($result) { + if ($shortFormat == 'ASN1') { + return $signature; + } + $loaded = ASN1Signature::load($signature); + $r = $loaded['r']; + $s = $loaded['s']; + return $this->formatSignature($r, $s); + } elseif (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but was unable to create signature because of ' . openssl_error_string()); } - $loaded = ASN1Signature::load($signature); - $r = $loaded['r']; - $s = $loaded['s']; - return $this->formatSignature($r, $s); + } elseif (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for ECDSA / ' . $this->hash->getHash()); } } $e = $this->hash->hash($message); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php index 5ac11365..7c4a80ab 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php @@ -19,6 +19,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Keys\PKCS1; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\EC\Formats\Signature\ASN1 as ASN1Signature; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Hash; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedOperationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; /** @@ -47,14 +48,54 @@ public function verify($message, $signature) if ($format === \false) { return \false; } - $order = $this->curve->getOrder(); + if (self::$forcedEngine === 'libsodium' && !$this->curve instanceof Ed25519) { + throw new BadConfigurationException('Engine libsodium is only supported for Ed25519'); + } + // at this point either self::$forcedEngine is NOT libsodium or the curve is Ed25519 + if ($this->curve instanceof Ed25519 && self::$forcedEngine !== 'PHP' && self::$forcedEngine !== 'OpenSSL') { + if (self::$forcedEngine === 'libsodium') { + if (!function_exists('sodium_crypto_sign_verify_detached')) { + throw new BadConfigurationException('Engine libsodium is forced but unsupported for Ed25519 / Ed448'); + } + if (isset($this->context)) { + throw new BadConfigurationException('Engine libsodium is forced but unsupported for Ed25519ctx (context)'); + } + } + if (function_exists('sodium_crypto_sign_verify_detached') && !isset($this->context)) { + if ($shortFormat == 'SSH2') { + list(, $signature) = Strings::unpackSSH2('ss', $signature); + } + return sodium_crypto_sign_verify_detached($signature, $message, $this->toString('libsodium')); + } + } + // at this point self::$forcedEngine CAN'T be libsodium so we won't check for it henceforth if ($this->curve instanceof TwistedEdwardsCurve) { if ($shortFormat == 'SSH2') { list(, $signature) = Strings::unpackSSH2('ss', $signature); } - if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) { - return sodium_crypto_sign_verify_detached($signature, $message, $this->toString('libsodium')); + if (self::$forcedEngine !== 'PHP') { + $keyTypeConstant = $this->curve instanceof Ed25519 ? 'OPENSSL_KEYTYPE_ED25519' : 'OPENSSL_KEYTYPE_ED448'; + if (self::$forcedEngine === 'OpenSSL') { + if (!defined($keyTypeConstant)) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for Ed25519 / Ed448'); + } + // OpenSSL supports Ed25519/Ed448 but not Ed25519ctx (context), so skip if context is set + if (isset($this->context)) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for Ed25519 / Ed448 curves with context\'s'); + } + } + if (defined($keyTypeConstant) && !isset($this->context)) { + // algorithm 0 is used because EdDSA has a built-in hash + $result = openssl_verify($message, $signature, $this->toString('PKCS8'), 0) === 1; + if ($result !== -1 && $result !== \false) { + return (bool) $result; + } + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but was unable to create signature because of ' . openssl_error_string()); + } + } } + $order = $this->curve->getOrder(); $curve = $this->curve; if (strlen($signature) != 2 * $curve::SIZE) { return \false; @@ -97,13 +138,25 @@ public function verify($message, $signature) } $r = $params['r']; $s = $params['s']; - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; - $result = openssl_verify($message, $sig, $this->toString('PKCS8', ['namedCurve' => \false]), $this->hash->getHash()); - if ($result != -1) { - return (bool) $result; + if (self::$forcedEngine === 'OpenSSL' && !function_exists('openssl_get_md_methods')) { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for ECDSA'); + } + // at this point $forcedEngine is either PHP or null. either that OR openssl_get_md_methods() exists + if (self::$forcedEngine !== 'PHP') { + if (in_array($this->hash->getHash(), openssl_get_md_methods())) { + $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; + $result = openssl_verify($message, $sig, $this->toString('PKCS8', ['namedCurve' => \false]), $this->hash->getHash()); + if ($result !== -1 && $result !== \false) { + return (bool) $result; + } + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but was unable to verify signature because of ' . openssl_error_string()); + } + } elseif (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but unsupported for ECDSA / ' . $this->hash->getHash()); } } + $order = $this->curve->getOrder(); $n_1 = $order->subtract(self::$one); if (!$r->between(self::$one, $n_1) || !$s->between(self::$one, $n_1)) { return \false; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php index 37fcc4c7..a7afa280 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php @@ -264,7 +264,7 @@ public function getHash() public function setHash($hash) { $oldHash = $this->hashParam; - $this->hashParam = $hash = strtolower($hash); + $this->hashParam = $hash = strtolower(str_replace('/', '-', $hash)); switch ($hash) { case 'umac-32': case 'umac-64': @@ -292,8 +292,8 @@ public function setHash($hash) case 'sha256-96': case 'sha384-96': case 'sha512-96': - case 'sha512/224-96': - case 'sha512/256-96': + case 'sha512-224-96': + case 'sha512-256-96': $hash = substr($hash, 0, -3); $this->length = 12; // 96 / 8 = 12 @@ -306,7 +306,7 @@ public function setHash($hash) $this->length = 20; break; case 'sha224': - case 'sha512/224': + case 'sha512-224': case 'sha3-224': $this->length = 28; break; @@ -314,7 +314,7 @@ public function setHash($hash) $this->paddingType = self::PADDING_KECCAK; // fall-through case 'sha256': - case 'sha512/256': + case 'sha512-256': case 'sha3-256': $this->length = 32; break; @@ -389,12 +389,12 @@ public function setHash($hash) $hash = ['Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Crypt\\Hash', \PHP_INT_SIZE == 8 ? 'sha3_64' : 'sha3_32']; } } - if ($hash == 'sha512/224' || $hash == 'sha512/256') { + if ($hash == 'sha512-224' || $hash == 'sha512-256') { // PHP 7.1.0 introduced sha512/224 and sha512/256 support: // http://php.net/ChangeLog-7.php#7.1.0 if (version_compare(\PHP_VERSION, '7.1.0') < 0) { // from http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#page=24 - $initial = $hash == 'sha512/256' ? ['22312194FC2BF72C', '9F555FA3C84C64C2', '2393B86B6F53B151', '963877195940EABD', '96283EE2A88EFFE3', 'BE5E1E2553863992', '2B0199FC2C85B8AA', '0EB72DDC81C52CA2'] : ['8C3D37C819544DA2', '73E1996689DCD4D6', '1DFAB7AE32FF9C82', '679DD514582F9FCF', '0F6D2B697BD44DA8', '77E36F7304C48942', '3F9D85A86A1D36C8', '1112E6AD91D692A1']; + $initial = $hash == 'sha512-256' ? ['22312194FC2BF72C', '9F555FA3C84C64C2', '2393B86B6F53B151', '963877195940EABD', '96283EE2A88EFFE3', 'BE5E1E2553863992', '2B0199FC2C85B8AA', '0EB72DDC81C52CA2'] : ['8C3D37C819544DA2', '73E1996689DCD4D6', '1DFAB7AE32FF9C82', '679DD514582F9FCF', '0F6D2B697BD44DA8', '77E36F7304C48942', '3F9D85A86A1D36C8', '1112E6AD91D692A1']; for ($i = 0; $i < 8; $i++) { if (\PHP_INT_SIZE == 8) { list(, $initial[$i]) = unpack('J', pack('H*', $initial[$i])); @@ -412,6 +412,14 @@ public function setHash($hash) $this->ipad = str_repeat(chr(0x36), $b); $this->opad = str_repeat(chr(0x5c), $b); } + // PHP's built in hash function does sha3-256 but sha512/256 so we'll update those accordingly + switch ($hash) { + case 'sha512-224': + $hash = 'sha512/224'; + break; + case 'sha512-256': + $hash = 'sha512/256'; + } $this->algo = $hash; $this->computeKey(); } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php index 1e818be2..c04c5e35 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php @@ -56,6 +56,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\RSA\Formats\Keys\PSS; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\RSA\PrivateKey; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\RSA\PublicKey; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\InconsistentSetupException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedAlgorithmException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Math\BigInteger; @@ -206,13 +207,6 @@ abstract class RSA extends AsymmetricKey * @var bool */ protected static $enableBlinding = \true; - /** - * OpenSSL configuration file name. - * - * @see self::createKey() - * @var ?string - */ - protected static $configFile; /** * Smallest Prime * @@ -232,6 +226,13 @@ abstract class RSA extends AsymmetricKey * @var Math\BigInteger */ protected $publicExponent; + /** + * Forced Engine + * + * @var ?string + * @see parent::forceEngine() + */ + protected static $forcedEngine = null; /** * Sets the public exponent for key generation * @@ -254,17 +255,6 @@ public static function setSmallestPrime($val) { self::$smallestPrime = $val; } - /** - * Sets the OpenSSL config file path - * - * Set to the empty string to use the default config file - * - * @param string $val - */ - public static function setOpenSSLConfigPath($val) - { - self::$configFile = $val; - } /** * Create a private key * @@ -280,6 +270,9 @@ public static function createKey($bits = 2048) if ($class->isFinal()) { throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); } + if (self::$forcedEngine == 'libsodium' || self::$forcedEngine == 'OpenSSL' && !function_exists('openssl_pkey_new')) { + throw new BadConfigurationException('Engine ' . self::$forcedEngine . ' is forced but unsupported for RSA'); + } $regSize = $bits >> 1; // divide by two to see how many bits P and Q would be if ($regSize > self::$smallestPrime) { @@ -289,22 +282,26 @@ public static function createKey($bits = 2048) $num_primes = 2; } if ($num_primes == 2 && $bits >= 384 && self::$defaultExponent == 65537) { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - // OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum - if (self::$engines['OpenSSL']) { + // at this point the only two supported values for self::$forcedEngine are OpenSSL, PHP and null + // if it's either OpenSSL or null we'll use OpenSSL (if it's available) + if (self::$forcedEngine !== 'PHP' && function_exists('openssl_pkey_new')) { $config = []; if (self::$configFile) { $config['config'] = self::$configFile; } + // OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum $rsa = openssl_pkey_new(['private_key_bits' => $bits] + $config); - openssl_pkey_export($rsa, $privatekeystr, null, $config); - // clear the buffer of error strings stemming from a minimalistic openssl.cnf - // https://github.com/php/php-src/issues/11054 talks about other errors this'll pick up - while (openssl_error_string() !== \false) { + if (!$rsa || !openssl_pkey_export($rsa, $privatekeystr, null, $config)) { + if (isset(self::$forcedEngine)) { + throw new BadConfigurationException('Engine OpenSSL is forced but produced an error - ' . openssl_error_string()); + } + } else { + // clear the buffer of error strings stemming from a minimalistic openssl.cnf + // https://github.com/php/php-src/issues/11054 talks about other errors this'll pick up + while (openssl_error_string() !== \false) { + } + return RSA::load($privatekeystr); } - return RSA::load($privatekeystr); } } static $e; @@ -421,16 +418,6 @@ protected static function onLoad(array $components) } return $key; } - /** - * Initialize static variables - */ - protected static function initialize_static_variables() - { - if (!isset(self::$configFile)) { - self::$configFile = dirname(__FILE__) . '/../openssl.cnf'; - } - parent::initialize_static_variables(); - } /** * Constructor * @@ -517,6 +504,22 @@ protected function emsa_pkcs1_v1_5_encode($m, $emLen) break; case 'sha512/256': $t = "010\r\x06\t`\x86H\x01e\x03\x04\x02\x06\x05\x00\x04 "; + break; + // the following 3x algorithms are not specified in PKCS1 v2.2, however, some standards none-the-less do use them: + // https://sk-eid.github.io/smart-id-documentation/rp-api/changes.html#_security_enhancements + // the OIDs are from this URL: + // https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#Hash + case 'sha3/224': + $t = "0-0\r\x06\t`\x86H\x01e\x03\x04\x02\x07\x05\x00\x04\x1c"; + break; + case 'sha3/256': + $t = "0-0\r\x06\t`\x86H\x01e\x03\x04\x02\x08\x05\x00\x04 "; + break; + case 'sha3/384': + $t = "0-0\r\x06\t`\x86H\x01e\x03\x04\x02\t\x05\x00\x040"; + break; + case 'sha3/512': + $t = "0-0\r\x06\t`\x86H\x01e\x03\x04\x02\n\x05\x00\x04@"; } $t .= $h; $tLen = strlen($t); @@ -568,6 +571,22 @@ protected function emsa_pkcs1_v1_5_encode_without_null($m, $emLen) case 'sha512/256': $t = "0/0\v\x06\t`\x86H\x01e\x03\x04\x02\x06\x04 "; break; + // the following 3x algorithms are not specified in PKCS1 v2.2, however, some standards none-the-less do use them: + // https://sk-eid.github.io/smart-id-documentation/rp-api/changes.html#_security_enhancements + // the OIDs are from this URL: + // https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#Hash + case 'sha3/224': + $t = "0+0\v\x06\t`\x86H\x01e\x03\x04\x02\x07\x04\x1c"; + break; + case 'sha3/256': + $t = "0+0\v\x06\t`\x86H\x01e\x03\x04\x02\x08\x04 "; + break; + case 'sha3/384': + $t = "0+0\v\x06\t`\x86H\x01e\x03\x04\x02\t\x040"; + break; + case 'sha3/512': + $t = "0+0\v\x06\t`\x86H\x01e\x03\x04\x02\n\x04@"; + break; default: throw new UnsupportedAlgorithmException('md2 and md5 require NULLs'); } @@ -633,10 +652,14 @@ public function withHash($hash) case 'sha224': case 'sha512/224': case 'sha512/256': + case 'sha3/224': + case 'sha3/256': + case 'sha3/384': + case 'sha3/512': $new->hash = new Hash($hash); break; default: - throw new UnsupportedAlgorithmException('The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256'); + throw new UnsupportedAlgorithmException("The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256 - {$hash} provided"); } $new->hLen = $new->hash->getLengthInBytes(); return $new; @@ -663,10 +686,14 @@ public function withMGFHash($hash) case 'sha224': case 'sha512/224': case 'sha512/256': + case 'sha3/224': + case 'sha3/256': + case 'sha3/384': + case 'sha3/512': $new->mgfHash = new Hash($hash); break; default: - throw new UnsupportedAlgorithmException('The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256'); + throw new UnsupportedAlgorithmException("The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256 - {$hash} provided"); } $new->mgfHLen = $new->mgfHash->getLengthInBytes(); return $new; @@ -785,25 +812,6 @@ public function getPadding() { return $this->signaturePadding | $this->encryptionPadding; } - /** - * Returns the current engine being used - * - * OpenSSL is only used in this class (and it's subclasses) for key generation - * Even then it depends on the parameters you're using. It's not used for - * multi-prime RSA nor is it used if the key length is outside of the range - * supported by OpenSSL - * - * @see self::useInternalEngine() - * @see self::useBestEngine() - * @return string - */ - public function getEngine() - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - return self::$engines['OpenSSL'] && self::$defaultExponent == 65537 ? 'OpenSSL' : 'PHP'; - } /** * Enable RSA Blinding * @@ -820,4 +828,130 @@ public static function disableBlinding() { static::$enableBlinding = \false; } + /** + * Handles OpenSSL encryption / decryption / signature creation / verification + * + * @param string $func + * @param string $message + * @param ?string $signature + * @return bool|string|null + */ + protected function handleOpenSSL($func, $message, $signature = null) + { + switch ($func) { + case 'openssl_verify': + case 'openssl_sign': + $paddingType = 'signaturePadding'; + break; + case 'openssl_public_encrypt': + case 'openssl_private_decrypt': + $paddingType = 'encryptionPadding'; + } + if (self::$forcedEngine === 'libsodium') { + throw new BadConfigurationException('Engine libsodium is not supported for RSA'); + } + if (isset(self::$forcedEngine) && self::$forcedEngine !== 'PHP' && $this->{$paddingType} === self::SIGNATURE_RELAXED_PKCS1) { + throw new BadConfigurationException('Only the PHP engine can be used with relaxed PKCS1 padding'); + } + if (self::$forcedEngine !== 'PHP') { + if (self::$forcedEngine === 'OpenSSL' && !function_exists($func)) { + throw new BadConfigurationException('Engine OpenSSL is forced but unavailable for RSA'); + } + if ($this->{$paddingType} === self::SIGNATURE_PSS) { + switch (\true) { + case !defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\OPENSSL_PKCS1_PSS_PADDING'): + $error = 'Engine OpenSSL is forced but PSS encryption requires PHP >= 8.5.0'; + break; + case $this->hash->getHash() !== $this->mgfHash->getHash(): + $error = 'Engine OpenSSL is forced but can\'t be used because the Hash and MGF Hash do not match'; + break; + case $this->getSaltLength() !== $this->hLen: + $error = 'Engine OpenSSL is forced but can\'t be used because the salt length doesn\'t match the hash length'; + } + } + if ($this->{$paddingType} === self::ENCRYPTION_OAEP) { + switch (\true) { + case $this->hash->getHash() !== $this->mgfHash->getHash(): + $error = 'Engine OpenSSL is forced but can\'t be used because the Hash and MGF Hash do not match'; + break; + case $this->hash->getHash() !== 'sha1' && \PHP_VERSION_ID < 80500: + $error = 'Engine OpenSSL is forced but non-sha1 hashes are only supported on PHP 8.5.0+'; + break; + case strlen($this->label): + $error = 'Engine OpenSSL is forced but can\'t be used because the label is not the empty string'; + } + } + if (isset($error)) { + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException($error); + } + } elseif ($paddingType === 'signaturePadding') { + switch (\true) { + case $this->signaturePadding === self::SIGNATURE_PSS && defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\OPENSSL_PKCS1_PSS_PADDING'): + case $this->signaturePadding !== self::SIGNATURE_PSS && function_exists($func): + $key = $this instanceof PrivateKey ? $this->withPassword()->toString('PKCS8') : $this->toString('PKCS8'); + if ($func === 'openssl_sign' && strpos($key, 'PUBLIC') !== \false) { + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but cannot be used because the private key does not have the prime components within it'); + } + break; + } + $hash = $this->hash->getHash(); + // on github actions, php 7.0 and 7.1 on windows emit the following warning: + // openssl_sign(): supplied key param cannot be coerced into a private key + set_error_handler(function ($errno, $errstr) { + throw new BadConfigurationException("Engine OpenSSL is forced but got error: {$errstr}"); + }); + try { + $result = $this->signaturePadding === self::SIGNATURE_PSS ? $func($message, $signature, $key, $hash, OPENSSL_PKCS1_PSS_PADDING) : $func($message, $signature, $key, $hash); + } catch (BadConfigurationException $e) { + if (self::$forcedEngine === 'OpenSSL') { + throw $e; + } + $result = \false; + } finally { + restore_error_handler(); + } + if ($func === 'openssl_verify' && $result !== -1 && $result !== \false) { + return (bool) $result; + } + if ($result) { + return $signature; + } + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but was unable to create signature because of ' . openssl_error_string()); + } + } + } else { + if ($this->encryptionPadding !== self::ENCRYPTION_OAEP || \PHP_VERSION_ID >= 80500) { + $key = $this->toString('PKCS8'); + if ($func === 'openssl_private_decrypt' && strpos($key, 'PUBLIC') !== \false) { + if ($this->encryptionPadding === self::ENCRYPTION_OAEP) { + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but cannot be used because openssl_public_decrypt() doesn\'t have a hash parameter like openssl_private_decrypt() does'); + } + return null; + } + $func = 'openssl_public_decrypt'; + } + $hash = $this->hash->getHash(); + $output = ''; + switch ($this->encryptionPadding) { + case self::ENCRYPTION_NONE: + case self::ENCRYPTION_PKCS1: + $padding = $this->encryptionPadding === self::ENCRYPTION_NONE ? \OPENSSL_NO_PADDING : \OPENSSL_PKCS1_PADDING; + $result = $func($message, $output, $key, $padding); + break; + //case self::ENCRYPTION_OAEP: + default: + $result = $func($message, $output, $key, \OPENSSL_PKCS1_OAEP_PADDING, $hash); + } + if ($result) { + return $output; + } + } + } + return null; + } + } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php index 7e096902..978630ae 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php @@ -241,6 +241,10 @@ private function rsassa_pkcs1_v1_5_sign($m) */ public function sign($message) { + $result = $this->handleOpenSSL('openssl_sign', $message); + if ($result !== null) { + return $result; + } switch ($this->signaturePadding) { case self::SIGNATURE_PKCS1: case self::SIGNATURE_RELAXED_PKCS1: @@ -365,6 +369,10 @@ private function raw_encrypt($m) */ public function decrypt($ciphertext) { + $result = $this->handleOpenSSL('openssl_private_decrypt', $ciphertext); + if ($result !== null) { + return $result; + } switch ($this->encryptionPadding) { case self::ENCRYPTION_NONE: return $this->raw_encrypt($ciphertext); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php index b3ac2218..a835c9ab 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php @@ -16,6 +16,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Random; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\RSA; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\RSA\Formats\Keys\PSS; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedAlgorithmException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedFormatException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\File\ASN1; @@ -102,7 +103,7 @@ private function rsassa_pkcs1_v1_5_verify($m, $s) throw new \LengthException('RSA modulus too short'); } // Compare - return $r1 || $r2; + return boolval($r1 | $r2); } /** * RSASSA-PKCS1-V1_5-VERIFY (relaxed matching) @@ -262,6 +263,47 @@ private function rsassa_pss_verify($m, $s) */ public function verify($message, $signature) { + /* + https://datatracker.ietf.org/doc/html/rfc4055#page-6 says the following: + + There are two possible encodings for the AlgorithmIdentifier + parameters field associated with these object identifiers. The two + alternatives arise from the loss of the OPTIONAL associated with the + algorithm identifier parameters when the 1988 syntax for + AlgorithmIdentifier was translated into the 1997 syntax. Later the + OPTIONAL was recovered via a defect report, but by then many people + thought that algorithm parameters were mandatory. Because of this + history some implementations encode parameters as a NULL element + while others omit them entirely. The correct encoding is to omit the + parameters field; however, when RSASSA-PSS and RSAES-OAEP were + defined, it was done using the NULL parameters rather than absent + parameters. + + All implementations MUST accept both NULL and absent parameters as + legal and equivalent encodings. + + OpenSSL does NOT accept both - it REQUIRES NULL be present. phpseclib, however, + DOES accept both. at first, it didn't. at first, not knowing why some small number + of PKCS1 signatures ommitted NULL, i added the SIGNATURE_RELAXED_PKCS1 mode on + 2015-08-26. https://phpseclib.com/docs/rsa#rsasignature_relaxed_pkcs1 talks more + about that mode. later, on 2021-04-05, there was CVE-2021-30130. consequently, + the SIGNATURE_PKCS1 mode was updated to accept either NULL or non-NULL. + + because phpseclib accepts PKCS1 signatures that OpenSSL doesn't, OpenSSL isn't + used for PKCS1. if the OpenSSL extension is installed then it'll be used to perform + unpadded RSA (ie. modular exponentation), however, the actual PKCS1 construction + takes place in PHP code vs OpenSSL. + + see https://security.stackexchange.com/questions/110330/encoding-of-optional-null-in-der + for an additional reference + */ + if ($this->signaturePadding === self::SIGNATURE_PKCS1 && isset(self::$forcedEngine) && self::$forcedEngine !== 'PHP') { + throw new BadConfigurationException('Engine OpenSSL is forced but unavailable for RSA PKCS1 signature verification'); + } + $result = $this->handleOpenSSL('openssl_verify', $message, $signature); + if ($result !== null) { + return $result; + } switch ($this->signaturePadding) { case self::SIGNATURE_RELAXED_PKCS1: return $this->rsassa_pkcs1_v1_5_relaxed_verify($message, $signature); @@ -389,6 +431,10 @@ private function raw_encrypt($m) */ public function encrypt($plaintext) { + $result = $this->handleOpenSSL('openssl_public_encrypt', $plaintext); + if ($result !== null) { + return $result; + } switch ($this->encryptionPadding) { case self::ENCRYPTION_NONE: return $this->raw_encrypt($plaintext); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php index 2fb13ceb..06e3b18b 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php @@ -3172,12 +3172,12 @@ private function get_binary_packet() $reconstructed = !$this->hmac_check_etm ? pack('Na*', $packet->packet_length, $packet->plain) : substr($packet->raw, 0, -$this->hmac_size); if (($this->hmac_check->getHash() & "\xff\xff\xff\xff") == 'umac') { $this->hmac_check->setNonce("\x00\x00\x00\x00" . pack('N', $this->get_seq_no)); - if ($hmac != $this->hmac_check->hash($reconstructed)) { + if (!hash_equals($hmac, $this->hmac_check->hash($reconstructed))) { $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); throw new ConnectionClosedException('Invalid UMAC'); } } else { - if ($hmac != $this->hmac_check->hash(pack('Na*', $this->get_seq_no, $reconstructed))) { + if (!hash_equals($hmac, $this->hmac_check->hash(pack('Na*', $this->get_seq_no, $reconstructed)))) { $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); throw new ConnectionClosedException('Invalid HMAC'); } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/openssl.cnf b/vendor/prefixed/phpseclib/phpseclib/phpseclib/openssl.cnf index 2b8b52f9..6a5c0f53 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/openssl.cnf +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/openssl.cnf @@ -2,5 +2,8 @@ HOME = . RANDFILE = $ENV::HOME/.rnd +# without this line you'll get this error with openssl_pkey_new(): +# Warning: openssl_pkey_new(): Private key length must be at least 384 bits, configured to 0 +default_bits = 384 [ v3_ca ] diff --git a/vendor/prefixed/vendor/autoload.php b/vendor/prefixed/vendor/autoload.php index 88a060c8..542ea3c1 100644 --- a/vendor/prefixed/vendor/autoload.php +++ b/vendor/prefixed/vendor/autoload.php @@ -2,6 +2,21 @@ // autoload.php @generated by Composer +if (PHP_VERSION_ID < 50600) { + if (!headers_sent()) { + header('HTTP/1.1 500 Internal Server Error'); + } + $err = 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL; + if (!ini_get('display_errors')) { + if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') { + fwrite(STDERR, $err); + } elseif (!headers_sent()) { + echo $err; + } + } + throw new RuntimeException($err); +} + require_once __DIR__ . '/composer/autoload_real.php'; -return ComposerAutoloaderInit822a0d5ab1eaa1136de4dfece4da1859::getLoader(); +return ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8::getLoader(); diff --git a/vendor/prefixed/vendor/composer/ClassLoader.php b/vendor/prefixed/vendor/composer/ClassLoader.php index afef3fa2..7824d8f7 100644 --- a/vendor/prefixed/vendor/composer/ClassLoader.php +++ b/vendor/prefixed/vendor/composer/ClassLoader.php @@ -42,35 +42,37 @@ */ class ClassLoader { - /** @var ?string */ + /** @var \Closure(string):void */ + private static $includeFile; + + /** @var string|null */ private $vendorDir; // PSR-4 /** - * @var array[] - * @psalm-var array> + * @var array> */ private $prefixLengthsPsr4 = array(); /** - * @var array[] - * @psalm-var array> + * @var array> */ private $prefixDirsPsr4 = array(); /** - * @var array[] - * @psalm-var array + * @var list */ private $fallbackDirsPsr4 = array(); // PSR-0 /** - * @var array[] - * @psalm-var array> + * List of PSR-0 prefixes + * + * Structured as array('F (first letter)' => array('Foo\Bar (full prefix)' => array('path', 'path2'))) + * + * @var array>> */ private $prefixesPsr0 = array(); /** - * @var array[] - * @psalm-var array + * @var list */ private $fallbackDirsPsr0 = array(); @@ -78,8 +80,7 @@ class ClassLoader private $useIncludePath = false; /** - * @var string[] - * @psalm-var array + * @var array */ private $classMap = array(); @@ -87,29 +88,29 @@ class ClassLoader private $classMapAuthoritative = false; /** - * @var bool[] - * @psalm-var array + * @var array */ private $missingClasses = array(); - /** @var ?string */ + /** @var string|null */ private $apcuPrefix; /** - * @var self[] + * @var array */ private static $registeredLoaders = array(); /** - * @param ?string $vendorDir + * @param string|null $vendorDir */ public function __construct($vendorDir = null) { $this->vendorDir = $vendorDir; + self::initializeIncludeClosure(); } /** - * @return string[] + * @return array> */ public function getPrefixes() { @@ -121,8 +122,7 @@ public function getPrefixes() } /** - * @return array[] - * @psalm-return array> + * @return array> */ public function getPrefixesPsr4() { @@ -130,8 +130,7 @@ public function getPrefixesPsr4() } /** - * @return array[] - * @psalm-return array + * @return list */ public function getFallbackDirs() { @@ -139,8 +138,7 @@ public function getFallbackDirs() } /** - * @return array[] - * @psalm-return array + * @return list */ public function getFallbackDirsPsr4() { @@ -148,8 +146,7 @@ public function getFallbackDirsPsr4() } /** - * @return string[] Array of classname => path - * @psalm-return array + * @return array Array of classname => path */ public function getClassMap() { @@ -157,8 +154,7 @@ public function getClassMap() } /** - * @param string[] $classMap Class to filename map - * @psalm-param array $classMap + * @param array $classMap Class to filename map * * @return void */ @@ -175,24 +171,25 @@ public function addClassMap(array $classMap) * Registers a set of PSR-0 directories for a given prefix, either * appending or prepending to the ones previously set for this prefix. * - * @param string $prefix The prefix - * @param string[]|string $paths The PSR-0 root directories - * @param bool $prepend Whether to prepend the directories + * @param string $prefix The prefix + * @param list|string $paths The PSR-0 root directories + * @param bool $prepend Whether to prepend the directories * * @return void */ public function add($prefix, $paths, $prepend = false) { + $paths = (array) $paths; if (!$prefix) { if ($prepend) { $this->fallbackDirsPsr0 = array_merge( - (array) $paths, + $paths, $this->fallbackDirsPsr0 ); } else { $this->fallbackDirsPsr0 = array_merge( $this->fallbackDirsPsr0, - (array) $paths + $paths ); } @@ -201,19 +198,19 @@ public function add($prefix, $paths, $prepend = false) $first = $prefix[0]; if (!isset($this->prefixesPsr0[$first][$prefix])) { - $this->prefixesPsr0[$first][$prefix] = (array) $paths; + $this->prefixesPsr0[$first][$prefix] = $paths; return; } if ($prepend) { $this->prefixesPsr0[$first][$prefix] = array_merge( - (array) $paths, + $paths, $this->prefixesPsr0[$first][$prefix] ); } else { $this->prefixesPsr0[$first][$prefix] = array_merge( $this->prefixesPsr0[$first][$prefix], - (array) $paths + $paths ); } } @@ -222,9 +219,9 @@ public function add($prefix, $paths, $prepend = false) * Registers a set of PSR-4 directories for a given namespace, either * appending or prepending to the ones previously set for this namespace. * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param string[]|string $paths The PSR-4 base directories - * @param bool $prepend Whether to prepend the directories + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param list|string $paths The PSR-4 base directories + * @param bool $prepend Whether to prepend the directories * * @throws \InvalidArgumentException * @@ -232,17 +229,18 @@ public function add($prefix, $paths, $prepend = false) */ public function addPsr4($prefix, $paths, $prepend = false) { + $paths = (array) $paths; if (!$prefix) { // Register directories for the root namespace. if ($prepend) { $this->fallbackDirsPsr4 = array_merge( - (array) $paths, + $paths, $this->fallbackDirsPsr4 ); } else { $this->fallbackDirsPsr4 = array_merge( $this->fallbackDirsPsr4, - (array) $paths + $paths ); } } elseif (!isset($this->prefixDirsPsr4[$prefix])) { @@ -252,18 +250,18 @@ public function addPsr4($prefix, $paths, $prepend = false) throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); } $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = (array) $paths; + $this->prefixDirsPsr4[$prefix] = $paths; } elseif ($prepend) { // Prepend directories for an already registered namespace. $this->prefixDirsPsr4[$prefix] = array_merge( - (array) $paths, + $paths, $this->prefixDirsPsr4[$prefix] ); } else { // Append directories for an already registered namespace. $this->prefixDirsPsr4[$prefix] = array_merge( $this->prefixDirsPsr4[$prefix], - (array) $paths + $paths ); } } @@ -272,8 +270,8 @@ public function addPsr4($prefix, $paths, $prepend = false) * Registers a set of PSR-0 directories for a given prefix, * replacing any others previously set for this prefix. * - * @param string $prefix The prefix - * @param string[]|string $paths The PSR-0 base directories + * @param string $prefix The prefix + * @param list|string $paths The PSR-0 base directories * * @return void */ @@ -290,8 +288,8 @@ public function set($prefix, $paths) * Registers a set of PSR-4 directories for a given namespace, * replacing any others previously set for this namespace. * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param string[]|string $paths The PSR-4 base directories + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param list|string $paths The PSR-4 base directories * * @throws \InvalidArgumentException * @@ -425,7 +423,8 @@ public function unregister() public function loadClass($class) { if ($file = $this->findFile($class)) { - includeFile($file); + $includeFile = self::$includeFile; + $includeFile($file); return true; } @@ -476,9 +475,9 @@ public function findFile($class) } /** - * Returns the currently registered loaders indexed by their corresponding vendor directories. + * Returns the currently registered loaders keyed by their corresponding vendor directories. * - * @return self[] + * @return array */ public static function getRegisteredLoaders() { @@ -555,18 +554,26 @@ private function findFileWithExtension($class, $ext) return false; } -} -/** - * Scope isolated include. - * - * Prevents access to $this/self from included files. - * - * @param string $file - * @return void - * @private - */ -function includeFile($file) -{ - include $file; + /** + * @return void + */ + private static function initializeIncludeClosure() + { + if (self::$includeFile !== null) { + return; + } + + /** + * Scope isolated include. + * + * Prevents access to $this/self from included files. + * + * @param string $file + * @return void + */ + self::$includeFile = \Closure::bind(static function($file) { + include $file; + }, null, null); + } } diff --git a/vendor/prefixed/vendor/composer/LICENSE b/vendor/prefixed/vendor/composer/LICENSE index 62ecfd8d..f27399a0 100644 --- a/vendor/prefixed/vendor/composer/LICENSE +++ b/vendor/prefixed/vendor/composer/LICENSE @@ -1,3 +1,4 @@ + Copyright (c) Nils Adermann, Jordi Boggiano Permission is hereby granted, free of charge, to any person obtaining a copy @@ -17,3 +18,4 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/vendor/prefixed/vendor/composer/autoload_classmap.php b/vendor/prefixed/vendor/composer/autoload_classmap.php index 1fda3454..b5e72db6 100644 --- a/vendor/prefixed/vendor/composer/autoload_classmap.php +++ b/vendor/prefixed/vendor/composer/autoload_classmap.php @@ -2,7 +2,7 @@ // autoload_classmap.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( diff --git a/vendor/prefixed/vendor/composer/autoload_files.php b/vendor/prefixed/vendor/composer/autoload_files.php index 8f3071d9..5f644ebe 100644 --- a/vendor/prefixed/vendor/composer/autoload_files.php +++ b/vendor/prefixed/vendor/composer/autoload_files.php @@ -2,7 +2,7 @@ // autoload_files.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( diff --git a/vendor/prefixed/vendor/composer/autoload_namespaces.php b/vendor/prefixed/vendor/composer/autoload_namespaces.php index b7fc0125..15a2ff3a 100644 --- a/vendor/prefixed/vendor/composer/autoload_namespaces.php +++ b/vendor/prefixed/vendor/composer/autoload_namespaces.php @@ -2,7 +2,7 @@ // autoload_namespaces.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( diff --git a/vendor/prefixed/vendor/composer/autoload_psr4.php b/vendor/prefixed/vendor/composer/autoload_psr4.php index b265c64a..3890ddc2 100644 --- a/vendor/prefixed/vendor/composer/autoload_psr4.php +++ b/vendor/prefixed/vendor/composer/autoload_psr4.php @@ -2,7 +2,7 @@ // autoload_psr4.php @generated by Composer -$vendorDir = dirname(dirname(__FILE__)); +$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array( diff --git a/vendor/prefixed/vendor/composer/autoload_real.php b/vendor/prefixed/vendor/composer/autoload_real.php index 6dcedcaa..92bdd97b 100644 --- a/vendor/prefixed/vendor/composer/autoload_real.php +++ b/vendor/prefixed/vendor/composer/autoload_real.php @@ -2,7 +2,7 @@ // autoload_real.php @generated by Composer -class ComposerAutoloaderInit822a0d5ab1eaa1136de4dfece4da1859 +class ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8 { private static $loader; @@ -22,57 +22,27 @@ public static function getLoader() return self::$loader; } - spl_autoload_register(array('ComposerAutoloaderInit822a0d5ab1eaa1136de4dfece4da1859', 'loadClassLoader'), true, true); - self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__))); - spl_autoload_unregister(array('ComposerAutoloaderInit822a0d5ab1eaa1136de4dfece4da1859', 'loadClassLoader')); + spl_autoload_register(array('ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8', 'loadClassLoader'), true, true); + self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__)); + spl_autoload_unregister(array('ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8', 'loadClassLoader')); - $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded()); - if ($useStaticLoader) { - require __DIR__ . '/autoload_static.php'; + require __DIR__ . '/autoload_static.php'; + call_user_func(\Composer\Autoload\ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8::getInitializer($loader)); - call_user_func(\Composer\Autoload\ComposerStaticInit822a0d5ab1eaa1136de4dfece4da1859::getInitializer($loader)); - } else { - $map = require __DIR__ . '/autoload_namespaces.php'; - foreach ($map as $namespace => $path) { - $loader->set($namespace, $path); - } + $loader->register(true); - $map = require __DIR__ . '/autoload_psr4.php'; - foreach ($map as $namespace => $path) { - $loader->setPsr4($namespace, $path); - } + $filesToLoad = \Composer\Autoload\ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8::$files; + $requireFile = \Closure::bind(static function ($fileIdentifier, $file) { + if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { + $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; - $classMap = require __DIR__ . '/autoload_classmap.php'; - if ($classMap) { - $loader->addClassMap($classMap); + require $file; } - } - - $loader->register(true); - - if ($useStaticLoader) { - $includeFiles = Composer\Autoload\ComposerStaticInit822a0d5ab1eaa1136de4dfece4da1859::$files; - } else { - $includeFiles = require __DIR__ . '/autoload_files.php'; - } - foreach ($includeFiles as $fileIdentifier => $file) { - composerRequire822a0d5ab1eaa1136de4dfece4da1859($fileIdentifier, $file); + }, null, null); + foreach ($filesToLoad as $fileIdentifier => $file) { + $requireFile($fileIdentifier, $file); } return $loader; } } - -/** - * @param string $fileIdentifier - * @param string $file - * @return void - */ -function composerRequire822a0d5ab1eaa1136de4dfece4da1859($fileIdentifier, $file) -{ - if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { - $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; - - require $file; - } -} diff --git a/vendor/prefixed/vendor/composer/autoload_static.php b/vendor/prefixed/vendor/composer/autoload_static.php index d79d6513..a9584a52 100644 --- a/vendor/prefixed/vendor/composer/autoload_static.php +++ b/vendor/prefixed/vendor/composer/autoload_static.php @@ -4,7 +4,7 @@ namespace Composer\Autoload; -class ComposerStaticInit822a0d5ab1eaa1136de4dfece4da1859 +class ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8 { public static $files = array ( '3b866681a14a27c0c8adec54ba7f6a5c' => __DIR__ . '/../..' . '/google/apiclient/src/aliases.php', @@ -2176,7 +2176,7 @@ class ComposerStaticInit822a0d5ab1eaa1136de4dfece4da1859 public static function getInitializer(ClassLoader $loader) { return \Closure::bind(function () use ($loader) { - $loader->classMap = ComposerStaticInit822a0d5ab1eaa1136de4dfece4da1859::$classMap; + $loader->classMap = ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8::$classMap; }, null, ClassLoader::class); }