Merge pull request #381 from thecodingmachine/OpenSSLCertificate

Kharhamel · web-flow · commit 14fe494879dc · 2022-09-05T09:24:23.000+02:00
WIP: FIX: changed openssl functions typehinting from ressource to OpenSSLCertificate
diff --git a/generated/openssl.php b/generated/openssl.php
@@ -1318,7 +1318,7 @@ function openssl_spki_verify(string $spki): void
  *
  * @param string $data The string of data used to generate the signature previously
  * @param string $signature A raw binary string, generated by openssl_sign or similar means
- * @param resource|string $public_key OpenSSLAsymmetricKey - a key, returned by openssl_get_publickey
+ * @param \ OpenSSLAsymmetricKey|\OpenSSLCertificate|string $public_key OpenSSLAsymmetricKey - a key, returned by openssl_get_publickey
  *
  * string - a PEM formatted key, example, "-----BEGIN PUBLIC KEY-----
  * MIIBCgK..."
@@ -1346,7 +1346,7 @@ function openssl_verify(string $data, string $signature, $public_key, $algorithm
  * certificate into a file named by
  * output_filename in a PEM encoded format.
  *
- * @param string|resource $certificate See Key/Certificate parameters for a list of valid values.
+ * @param string|\OpenSSLCertificate $certificate See Key/Certificate parameters for a list of valid values.
  * @param string $output_filename Path to the output file.
  * @param bool $no_text
  * The optional parameter notext affects
@@ -1371,7 +1371,7 @@ function openssl_x509_export_to_file($certificate, string $output_filename, bool
  * certificate into a string named by
  * output in a PEM encoded format.
  *
- * @param string|resource $certificate See Key/Certificate parameters for a list of valid values.
+ * @param string|\OpenSSLCertificate $certificate See Key/Certificate parameters for a list of valid values.
  * @param string|null $output On success, this will hold the PEM.
  * @param bool $no_text
  * The optional parameter notext affects
@@ -1395,7 +1395,7 @@ function openssl_x509_export($certificate, ?string &$output, bool $no_text = tru
  * openssl_x509_fingerprint returns the digest of
  * certificate as a string.
  *
- * @param string|resource $certificate See Key/Certificate parameters for a list of valid values.
+ * @param string|\OpenSSLCertificate $certificate See Key/Certificate parameters for a list of valid values.
  * @param string $digest_algo The digest method or hash algorithm to use, e.g. "sha256", one of openssl_get_md_methods.
  * @param bool $binary When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits.
  * @return string Returns a string containing the calculated certificate fingerprint as lowercase hexits unless binary is set to TRUE in which case the raw binary representation of the message digest is returned.
@@ -1420,12 +1420,12 @@ function openssl_x509_fingerprint($certificate, string $digest_algo = "sha1", bo
  * certificate and returns an OpenSSLCertificate object for
  * it.
  *
- * @param string|resource $certificate X509 certificate. See Key/Certificate parameters for a list of valid values.
- * @return resource Returns an OpenSSLCertificate on success.
+ * @param \OpenSSLCertificate|string $certificate X509 certificate. See Key/Certificate parameters for a list of valid values.
+ * @return \OpenSSLCertificate Returns an OpenSSLCertificate on success.
  * @throws OpensslException
  *
  */
-function openssl_x509_read($certificate)
+function openssl_x509_read($certificate): \OpenSSLCertificate
 {
     error_clear_last();
     $safeResult = \openssl_x509_read($certificate);
diff --git a/generator/config/CustomPhpStanFunctionMap.php b/generator/config/CustomPhpStanFunctionMap.php
@@ -26,6 +26,15 @@
     'curl_share_errno' => ['int', 'share_handle' => 'CurlShareHandle'],
     'curl_share_setopt' => ['void', 'share_handle' => 'CurlShareHandle', 'option' => 'int', 'value' => 'mixed'],
     'curl_unescape' => ['string', 'handle' => 'CurlHandle', 'string' => 'string'],
+    // theses replace ressource by OpenSSLCertificate
+    'openssl_verify' => ['-1|0|1|false', 'data'=>'string', 'signature'=>'string', 'pub_key_id'=>' OpenSSLAsymmetricKey|OpenSSLCertificate|string', 'signature_alg='=>'int|string'],
+    'openssl_x509_read' => ['OpenSSLCertificate|false', 'x509certdata'=>'OpenSSLCertificate|string'], // this replaces ressource by OpenSSLCertificate
+    'openssl_x509_check_private_key' => ['bool', 'cert'=>'string|OpenSSLCertificate', 'key'=>'string|OpenSSLAsymmetricKey|OpenSSLCertificate|array'],
+    'openssl_x509_checkpurpose' => ['bool|int', 'x509cert'=>'string|OpenSSLCertificate', 'purpose'=>'int', 'cainfo='=>'array', 'untrustedfile='=>'string'],
+    'openssl_x509_export' => ['bool', 'x509'=>'string|OpenSSLCertificate', '&w_output'=>'string', 'notext='=>'bool'],
+    'openssl_x509_export_to_file' => ['bool', 'x509'=>'string|OpenSSLCertificate', 'outfilename'=>'string', 'notext='=>'bool'],
+    'openssl_x509_fingerprint' => ['string|false', 'x509'=>'string|OpenSSLCertificate', 'hash_algorithm='=>'string', 'raw_output='=>'bool'],
+    
     'fgetcsv' => ['array|false|null', 'fp'=>'resource', 'length='=>'0|positive-int', 'delimiter='=>'string', 'enclosure='=>'string', 'escape='=>'string'], //phpstan default return type is too hard to analyse
     //todo: edit the reader to turn 0|1 into int
     'preg_match' => ['int|false', 'pattern'=>'string', 'subject'=>'string', '&w_subpatterns='=>'string[]', 'flags='=>'int', 'offset='=>'int'], //int|false instead of 0|1|false
