v3 - require PHP 7, use strict types

Author: paragonie-scott

CHANGELOG.md

@@ -1,6 +1,12 @@
-# Version 2.0.0 (not released yet)
+# Version 3.0.0 (2016-05-18)
 
-* Update `defuse/php-encryption` to `2.0.0` (not released yet either)
+* Set minimum PHP version to 7.0
+* Use strict_types
+
+# Version 2.0.0 (2016-05-18)
+
+* Update `defuse/php-encryption` to `2.0.0`
+* Use `paragonie/constant_time_encoding`
 
 # Version 1.1.0
 

composer.json

@@ -28,11 +28,11 @@
         ]
     },
     "require": {
+        "php": ">= 7.0",
         "defuse/php-encryption": "^2.0",
-        "paragonie/random_compat": "^1|^2",
-        "paragonie/constant_time_encoding": "^1|^2"
+        "paragonie/constant_time_encoding": "^2"
     },
     "require-dev": {
-        "defuse/php-encryption": "^2.0"
+        "phpunit/phpunit": "^5|^6"
     }
 }

src/PasswordLock.php

@@ -1,4 +1,5 @@
 <?php
+declare(strict_types=1);
 namespace ParagonIE\PasswordLock;
 
 use \Defuse\Crypto\Crypto;
@@ -17,7 +18,7 @@ class PasswordLock
      * @return string
      * @throws \Exception
      */
-    public static function hashAndEncrypt($password, Key $aesKey)
+    public static function hashAndEncrypt(string $password, Key $aesKey): string
     {
         if (!\is_string($password)) {
             throw new \InvalidArgumentException(
@@ -46,7 +47,7 @@ public static function hashAndEncrypt($password, Key $aesKey)
      * @throws \Exception
      * @throws \InvalidArgumentException
      */
-    public static function decryptAndVerifyLegacy($password, $ciphertext, $aesKey)
+    public static function decryptAndVerifyLegacy(string $password, string $ciphertext, string $aesKey): bool
     {
         if (!\is_string($password)) {
             throw new \InvalidArgumentException(
@@ -79,7 +80,7 @@ public static function decryptAndVerifyLegacy($password, $ciphertext, $aesKey)
      * @throws \Exception
      * @throws \InvalidArgumentException
      */
-    public static function decryptAndVerify($password, $ciphertext, Key $aesKey)
+    public static function decryptAndVerify(string $password, string $ciphertext, Key $aesKey): bool
     {
         if (!\is_string($password)) {
             throw new \InvalidArgumentException(
@@ -111,7 +112,7 @@ public static function decryptAndVerify($password, $ciphertext, Key $aesKey)
      * @param Key $newKey
      * @return string
      */
-    public static function rotateKey($ciphertext, Key $oldKey, Key $newKey)
+    public static function rotateKey(string $ciphertext, Key $oldKey, Key $newKey): string
     {
         $plaintext = Crypto::decrypt($ciphertext, $oldKey);
         return Crypto::encrypt($plaintext, $newKey);
@@ -128,11 +129,11 @@ public static function rotateKey($ciphertext, Key $oldKey, Key $newKey)
      * @throws \Exception
      */
     public static function upgradeFromVersion1(
-        $password,
-        $ciphertext,
-        $oldKey,
+        string $password,
+        string $ciphertext,
+        string $oldKey,
         Key $newKey
-    ) {
+    ): string {
         if (!self::decryptAndVerifyLegacy($password, $ciphertext, $oldKey)) {
             throw new \Exception(
                 'The correct password is necessary for legacy migration.'

tests/PasswordLockTest.php

@@ -1,5 +1,7 @@
 <?php
+declare(strict_types=1);
 use \ParagonIE\PasswordLock\PasswordLock;
+use \Defuse\Crypto\Key;
 /**
  * @backupGlobals disabled
  * @backupStaticAttributes disabled
@@ -8,7 +10,7 @@ class PasswordLockTest extends PHPUnit_Framework_TestCase
 {
     public function testHash()
     {
-        $key = \Defuse\Crypto\Key::createNewRandomKey();
+        $key = Key::createNewRandomKey();
 
         $password = PasswordLock::hashAndEncrypt('YELLOW SUBMARINE', $key);
 
@@ -26,7 +28,7 @@ public function testHash()
      */
     public function testBitflip()
     {
-        $key = \Defuse\Crypto\Key::createNewRandomKey();
+        $key = Key::createNewRandomKey();
         $password = PasswordLock::hashAndEncrypt('YELLOW SUBMARINE', $key);
         $password[0] = (\ord($password[0]) === 0 ? 255 : 0);