From 4bc271ada6cedd774fa20bf720f1c93edd4899f7 Mon Sep 17 00:00:00 2001 From: Vitor Mattos <1079143+vitormattos@users.noreply.github.com> Date: Thu, 13 Nov 2025 14:50:35 -0300 Subject: [PATCH] fix: add patch to phpseclib3 Signed-off-by: Vitor Mattos <1079143+vitormattos@users.noreply.github.com> --- composer.lock | 12 ++++----- composer/composer/installed.json | 12 ++++----- .../phpseclib/Crypt/RSA/Formats/Keys/PSS.php | 6 ++++- .../phpseclib/phpseclib/File/X509.php | 2 +- scoper.inc.php | 27 +++++++++++++++++++ 5 files changed, 45 insertions(+), 14 deletions(-) diff --git a/composer.lock b/composer.lock index 9803fda..473de88 100644 --- a/composer.lock +++ b/composer.lock @@ -1168,12 +1168,12 @@ "source": { "type": "git", "url": "https://github.com/Roave/SecurityAdvisories.git", - "reference": "9b7194c760d0e851aa9cc2d74b226e1979b3c112" + "reference": "ccc4996aff4ff810b514472932f677753ee5d8a4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/9b7194c760d0e851aa9cc2d74b226e1979b3c112", - "reference": "9b7194c760d0e851aa9cc2d74b226e1979b3c112", + "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/ccc4996aff4ff810b514472932f677753ee5d8a4", + "reference": "ccc4996aff4ff810b514472932f677753ee5d8a4", "shasum": "" }, "conflict": { @@ -1915,7 +1915,7 @@ "symfony/form": ">=2.3,<2.3.35|>=2.4,<2.6.12|>=2.7,<2.7.50|>=2.8,<2.8.49|>=3,<3.4.20|>=4,<4.0.15|>=4.1,<4.1.9|>=4.2,<4.2.1", "symfony/framework-bundle": ">=2,<2.3.18|>=2.4,<2.4.8|>=2.5,<2.5.2|>=2.7,<2.7.51|>=2.8,<2.8.50|>=3,<3.4.26|>=4,<4.1.12|>=4.2,<4.2.7|>=5.3.14,<5.3.15|>=5.4.3,<5.4.4|>=6.0.3,<6.0.4", "symfony/http-client": ">=4.3,<5.4.47|>=6,<6.4.15|>=7,<7.1.8", - "symfony/http-foundation": "<5.4.46|>=6,<6.4.14|>=7,<7.1.7", + "symfony/http-foundation": "<5.4.50|>=6,<6.4.29|>=7,<7.3.7", "symfony/http-kernel": ">=2,<4.4.50|>=5,<5.4.20|>=6,<6.0.20|>=6.1,<6.1.12|>=6.2,<6.2.6", "symfony/intl": ">=2.7,<2.7.38|>=2.8,<2.8.31|>=3,<3.2.14|>=3.3,<3.3.13", "symfony/maker-bundle": ">=1.27,<1.29.2|>=1.30,<1.31.1", @@ -1934,7 +1934,7 @@ "symfony/security-guard": ">=2.8,<3.4.48|>=4,<4.4.23|>=5,<5.2.8", "symfony/security-http": ">=2.3,<2.3.41|>=2.4,<2.7.51|>=2.8,<2.8.50|>=3,<3.4.26|>=4,<4.2.12|>=4.3,<4.3.8|>=4.4,<4.4.7|>=5,<5.0.7|>=5.1,<5.2.8|>=5.3,<5.4.47|>=6,<6.4.15|>=7,<7.1.8", "symfony/serializer": ">=2,<2.0.11|>=4.1,<4.4.35|>=5,<5.3.12", - "symfony/symfony": "<5.4.47|>=6,<6.4.15|>=7,<7.1.8", + "symfony/symfony": "<5.4.50|>=6,<6.4.29|>=7,<7.3.7", "symfony/translation": ">=2,<2.0.17", "symfony/twig-bridge": ">=2,<4.4.51|>=5,<5.4.31|>=6,<6.3.8", "symfony/ux-autocomplete": "<2.11.2", @@ -2151,7 +2151,7 @@ "type": "tidelift" } ], - "time": "2025-11-10T22:06:10+00:00" + "time": "2025-11-12T14:06:11+00:00" }, { "name": "setasign/fpdi", diff --git a/composer/composer/installed.json b/composer/composer/installed.json index 234cb0d..077c60e 100644 --- a/composer/composer/installed.json +++ b/composer/composer/installed.json @@ -1220,12 +1220,12 @@ "source": { "type": "git", "url": "https:\/\/github.com\/Roave\/SecurityAdvisories.git", - "reference": "9b7194c760d0e851aa9cc2d74b226e1979b3c112" + "reference": "ccc4996aff4ff810b514472932f677753ee5d8a4" }, "dist": { "type": "zip", - "url": "https:\/\/api.github.com\/repos\/Roave\/SecurityAdvisories\/zipball\/9b7194c760d0e851aa9cc2d74b226e1979b3c112", - "reference": "9b7194c760d0e851aa9cc2d74b226e1979b3c112", + "url": "https:\/\/api.github.com\/repos\/Roave\/SecurityAdvisories\/zipball\/ccc4996aff4ff810b514472932f677753ee5d8a4", + "reference": "ccc4996aff4ff810b514472932f677753ee5d8a4", "shasum": "" }, "conflict": { @@ -1967,7 +1967,7 @@ "symfony\/form": ">=2.3,<2.3.35|>=2.4,<2.6.12|>=2.7,<2.7.50|>=2.8,<2.8.49|>=3,<3.4.20|>=4,<4.0.15|>=4.1,<4.1.9|>=4.2,<4.2.1", "symfony\/framework-bundle": ">=2,<2.3.18|>=2.4,<2.4.8|>=2.5,<2.5.2|>=2.7,<2.7.51|>=2.8,<2.8.50|>=3,<3.4.26|>=4,<4.1.12|>=4.2,<4.2.7|>=5.3.14,<5.3.15|>=5.4.3,<5.4.4|>=6.0.3,<6.0.4", "symfony\/http-client": ">=4.3,<5.4.47|>=6,<6.4.15|>=7,<7.1.8", - "symfony\/http-foundation": "<5.4.46|>=6,<6.4.14|>=7,<7.1.7", + "symfony\/http-foundation": "<5.4.50|>=6,<6.4.29|>=7,<7.3.7", "symfony\/http-kernel": ">=2,<4.4.50|>=5,<5.4.20|>=6,<6.0.20|>=6.1,<6.1.12|>=6.2,<6.2.6", "symfony\/intl": ">=2.7,<2.7.38|>=2.8,<2.8.31|>=3,<3.2.14|>=3.3,<3.3.13", "symfony\/maker-bundle": ">=1.27,<1.29.2|>=1.30,<1.31.1", @@ -1986,7 +1986,7 @@ "symfony\/security-guard": ">=2.8,<3.4.48|>=4,<4.4.23|>=5,<5.2.8", "symfony\/security-http": ">=2.3,<2.3.41|>=2.4,<2.7.51|>=2.8,<2.8.50|>=3,<3.4.26|>=4,<4.2.12|>=4.3,<4.3.8|>=4.4,<4.4.7|>=5,<5.0.7|>=5.1,<5.2.8|>=5.3,<5.4.47|>=6,<6.4.15|>=7,<7.1.8", "symfony\/serializer": ">=2,<2.0.11|>=4.1,<4.4.35|>=5,<5.3.12", - "symfony\/symfony": "<5.4.47|>=6,<6.4.15|>=7,<7.1.8", + "symfony\/symfony": "<5.4.50|>=6,<6.4.29|>=7,<7.3.7", "symfony\/translation": ">=2,<2.0.17", "symfony\/twig-bridge": ">=2,<4.4.51|>=5,<5.4.31|>=6,<6.3.8", "symfony\/ux-autocomplete": "<2.11.2", @@ -2167,7 +2167,7 @@ "zfr\/zfr-oauth2-server-module": "<0.1.2", "zoujingli\/thinkadmin": "<=6.1.53" }, - "time": "2025-11-10T22:06:10+00:00", + "time": "2025-11-12T14:06:11+00:00", "default-branch": true, "type": "metapackage", "notification-url": "https:\/\/packagist.org\/downloads\/", diff --git a/composer/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php b/composer/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php index 57f9db1..5257658 100644 --- a/composer/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php +++ b/composer/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php @@ -110,7 +110,11 @@ public static function load($key, $password = '') $result['hash'] = \str_replace('id-', '', $params['hashAlgorithm']['algorithm']); $result['MGFHash'] = \str_replace('id-', '', $params['maskGenAlgorithm']['parameters']['algorithm']); if (isset($params['saltLength'])) { - $result['saltLength'] = (int) $params['saltLength']->toString(); + if (is_int($params['saltLength'])) { + $result['saltLength'] = $params['saltLength']; + } else { + $result['saltLength'] = (int) $params['saltLength']->toString(); + } } if (isset($key['meta'])) { $result['meta'] = $key['meta']; diff --git a/composer/phpseclib/phpseclib/phpseclib/File/X509.php b/composer/phpseclib/phpseclib/phpseclib/File/X509.php index 62b2a59..4cbadc2 100644 --- a/composer/phpseclib/phpseclib/phpseclib/File/X509.php +++ b/composer/phpseclib/phpseclib/phpseclib/File/X509.php @@ -2127,7 +2127,7 @@ public function saveSPKAC(array $spkac, $format = self::FORMAT_PEM) /** * Load a Certificate Revocation List * - * @param string $crl + * @param string|array $crl * @param int $mode * @return mixed */ diff --git a/scoper.inc.php b/scoper.inc.php index c1246e4..323931b 100644 --- a/scoper.inc.php +++ b/scoper.inc.php @@ -93,6 +93,33 @@ static function (string $filePath, string $prefix, string $content): string { $s_prefix = str_replace('\\', '\\\\', $prefix); $content = str_replace("'phpseclib3\\\\", "'\\\\" . $s_prefix . '\\\\phpseclib3\\\\', $content); $content = str_replace("'\\\\phpseclib3", "'\\\\" . $s_prefix . '\\\\phpseclib3', $content); + + // Specific patch for Crypt/RSA/Formats/Keys/PSS.php: handle saltLength being an int or an object + if (str_contains($filePath, 'Crypt/RSA/Formats/Keys/PSS.php')) { + $search = '$result[\'saltLength\'] = (int) $params[\'saltLength\']->toString();'; + $replace = <<<'PHP' +if (is_int($params['saltLength'])) { + $result['saltLength'] = $params['saltLength']; + } else { + $result['saltLength'] = (int) $params['saltLength']->toString(); + } +PHP; + if (strpos($content, $search) !== false) { + $content = str_replace($search, $replace, $content); + } else { + $content = preg_replace( + '/\$result\\[\\\'saltLength\\\']\\s*=\\s*\\(int\\)\\s*\\$params\\[\\\'saltLength\\\']\\->toString\\(\\);/m', + $replace, + $content + ); + } + } + + // Specific patch for File/X509.php: update docblock param type for $crl to string|array + if (str_contains($filePath, 'File/X509.php')) { + $content = str_replace('@param string $crl', '@param string|array $crl', $content); + } + return $content; }, // patchers for pdfparser