PHP 8.1 fixes

Author: lbuchs

_test/server.php

@@ -40,7 +40,7 @@
 
     // read get argument and post body
     $fn = filter_input(INPUT_GET, 'fn');
-    $requireResidentKey = !!$_GET['requireResidentKey'];
+    $requireResidentKey = !!filter_input(INPUT_GET, 'requireResidentKey');
     $userVerification = filter_input(INPUT_GET, 'userVerification', FILTER_SANITIZE_SPECIAL_CHARS);
 
     $userId = filter_input(INPUT_GET, 'userId', FILTER_SANITIZE_SPECIAL_CHARS);
@@ -60,41 +60,41 @@
 
         // Formats
         $formats = array();
-        if ($_GET['fmt_android-key']) {
+        if (filter_input(INPUT_GET, 'fmt_android-key')) {
             $formats[] = 'android-key';
         }
-        if ($_GET['fmt_android-safetynet']) {
+        if (filter_input(INPUT_GET, 'fmt_android-safetynet')) {
             $formats[] = 'android-safetynet';
         }
-        if ($_GET['fmt_apple']) {
+        if (filter_input(INPUT_GET, 'fmt_apple')) {
             $formats[] = 'apple';
         }
-        if ($_GET['fmt_fido-u2f']) {
+        if (filter_input(INPUT_GET, 'fmt_fido-u2f')) {
             $formats[] = 'fido-u2f';
         }
-        if ($_GET['fmt_none']) {
+        if (filter_input(INPUT_GET, 'fmt_none')) {
             $formats[] = 'none';
         }
-        if ($_GET['fmt_packed']) {
+        if (filter_input(INPUT_GET, 'fmt_packed')) {
             $formats[] = 'packed';
         }
-        if ($_GET['fmt_tpm']) {
+        if (filter_input(INPUT_GET, 'fmt_tpm')) {
             $formats[] = 'tpm';
         }
 
         $rpId = 'localhost';
-        if ($_GET['rpId']) {
+        if (filter_input(INPUT_GET, 'rpId')) {
             $rpId = filter_input(INPUT_GET, 'rpId', FILTER_VALIDATE_DOMAIN);
             if ($rpId === false) {
                 throw new Exception('invalid relying party ID');
             }
         }
 
         // types selected on front end
-        $typeUsb = !!$_GET['type_usb'];
-        $typeNfc = !!$_GET['type_nfc'];
-        $typeBle = !!$_GET['type_ble'];
-        $typeInt = !!$_GET['type_int'];
+        $typeUsb = !!filter_input(INPUT_GET, 'type_usb');
+        $typeNfc = !!filter_input(INPUT_GET, 'type_nfc');
+        $typeBle = !!filter_input(INPUT_GET, 'type_ble');
+        $typeInt = !!filter_input(INPUT_GET, 'type_int');
 
         // cross-platform: true, if type internal is not allowed
         //                 false, if only internal is allowed
@@ -113,26 +113,26 @@
         $WebAuthn = new lbuchs\WebAuthn\WebAuthn('WebAuthn Library', $rpId, $formats);
 
         // add root certificates to validate new registrations
-        if ($_GET['solo']) {
+        if (filter_input(INPUT_GET, 'solo')) {
             $WebAuthn->addRootCertificates('rootCertificates/solo.pem');
         }
-        if ($_GET['apple']) {
+        if (filter_input(INPUT_GET, 'apple')) {
             $WebAuthn->addRootCertificates('rootCertificates/apple.pem');
         }
-        if ($_GET['yubico']) {
+        if (filter_input(INPUT_GET, 'yubico')) {
             $WebAuthn->addRootCertificates('rootCertificates/yubico.pem');
         }
-        if ($_GET['hypersecu']) {
+        if (filter_input(INPUT_GET, 'hypersecu')) {
             $WebAuthn->addRootCertificates('rootCertificates/hypersecu.pem');
         }
-        if ($_GET['google']) {
+        if (filter_input(INPUT_GET, 'google')) {
             $WebAuthn->addRootCertificates('rootCertificates/globalSign.pem');
             $WebAuthn->addRootCertificates('rootCertificates/googleHardware.pem');
         }
-        if ($_GET['microsoft']) {
+        if (filter_input(INPUT_GET, 'microsoft')) {
             $WebAuthn->addRootCertificates('rootCertificates/microsoftTpmCollection.pem');
         }
-        if ($_GET['mds']) {
+        if (filter_input(INPUT_GET, 'mds')) {
             $WebAuthn->addRootCertificates('rootCertificates/mds');
         }
 

src/Binary/ByteBuffer.php

@@ -27,7 +27,7 @@ class ByteBuffer implements \JsonSerializable, \Serializable {
     private $_length;
 
     public function __construct($binaryData) {
-        $this->_data = $binaryData;
+        $this->_data = (string)$binaryData;
         $this->_length = \strlen($binaryData);
     }
 
@@ -41,7 +41,7 @@ public function __construct($binaryData) {
      * @param string $base64url
      * @return ByteBuffer
      */
-    public static function fromBase64Url($base64url) {
+    public static function fromBase64Url($base64url): ByteBuffer {
         $bin = self::_base64url_decode($base64url);
         if ($bin === false) {
             throw new WebAuthnException('ByteBuffer: Invalid base64 url string', WebAuthnException::BYTEBUFFER);
@@ -54,7 +54,7 @@ public static function fromBase64Url($base64url) {
      * @param string $hex
      * @return ByteBuffer
      */
-    public static function fromHex($hex) {
+    public static function fromHex($hex): ByteBuffer {
         $bin = \hex2bin($hex);
         if ($bin === false) {
             throw new WebAuthnException('ByteBuffer: Invalid hex string', WebAuthnException::BYTEBUFFER);
@@ -67,7 +67,7 @@ public static function fromHex($hex) {
      * @param string $length
      * @return ByteBuffer
      */
-    public static function randomBuffer($length) {
+    public static function randomBuffer($length): ByteBuffer {
         if (\function_exists('random_bytes')) { // >PHP 7.0
             return new ByteBuffer(\random_bytes($length));
 
@@ -83,14 +83,14 @@ public static function randomBuffer($length) {
     // PUBLIC
     // -----------------------
 
-    public function getBytes($offset, $length) {
+    public function getBytes($offset, $length): string {
         if ($offset < 0 || $length < 0 || ($offset + $length > $this->_length)) {
             throw new WebAuthnException('ByteBuffer: Invalid offset or length', WebAuthnException::BYTEBUFFER);
         }
         return \substr($this->_data, $offset, $length);
     }
 
-    public function getByteVal($offset) {
+    public function getByteVal($offset): int {
         if ($offset < 0 || $offset >= $this->_length) {
             throw new WebAuthnException('ByteBuffer: Invalid offset', WebAuthnException::BYTEBUFFER);
         }
@@ -105,7 +105,7 @@ public function getJson($jsonFlags=0) {
         return $data;
     }
 
-    public function getLength() {
+    public function getLength(): int {
         return $this->_length;
     }
 
@@ -181,29 +181,29 @@ public function getDoubleVal($offset) {
     /**
      * @return string
      */
-    public function getBinaryString() {
+    public function getBinaryString(): string {
         return $this->_data;
     }
 
     /**
      * @param string $buffer
      * @return bool
      */
-    public function equals($buffer) {
+    public function equals($buffer): bool {
         return is_string($this->_data) && $this->_data === $buffer->data;
     }
 
     /**
      * @return string
      */
-    public function getHex() {
+    public function getHex(): string {
         return \bin2hex($this->_data);
     }
 
     /**
      * @return bool
      */
-    public function isEmpty() {
+    public function isEmpty(): bool {
         return $this->_length === 0;
     }
 
@@ -213,7 +213,7 @@ public function isEmpty() {
      * return binary data in RFC 1342-Like serialized string
      * @return string
      */
-    public function jsonSerialize() {
+    public function jsonSerialize(): string {
         if (ByteBuffer::$useBase64UrlEncoding) {
             return self::_base64url_encode($this->_data);
 
@@ -226,7 +226,7 @@ public function jsonSerialize() {
      * Serializable-Interface
      * @return string
      */
-    public function serialize() {
+    public function serialize(): string {
         return \serialize($this->_data);
     }
 
@@ -243,7 +243,7 @@ public function unserialize($serialized) {
      * (PHP 8 deprecates Serializable-Interface)
      * @return array
      */
-    public function __serialize() {
+    public function __serialize(): array {
         return [
             'data' => \serialize($this->_data)
         ];
@@ -253,7 +253,7 @@ public function __serialize() {
      * object to string
      * @return string
      */
-    public function __toString() {
+    public function __toString(): string {
         return $this->getHex();
     }
 
@@ -278,7 +278,7 @@ public function __unserialize($data) {
      * @param string $data
      * @return string
      */
-    protected static function _base64url_decode($data) {
+    protected static function _base64url_decode($data): string {
         return \base64_decode(\strtr($data, '-_', '+/') . \str_repeat('=', 3 - (3 + \strlen($data)) % 4));
     }
 
@@ -287,7 +287,7 @@ protected static function _base64url_decode($data) {
      * @param string $data
      * @return string
      */
-    protected static function _base64url_encode($data) {
+    protected static function _base64url_encode($data): string {
         return \rtrim(\strtr(\base64_encode($data), '+/', '-_'), '=');
     }
 }