Deleting Sensio Extra (#185)

* Deleting Sensio Extra
* Safe for Cose fix

Author: Spomky

composer.json

@@ -54,7 +54,6 @@
         "psr/http-message": "^1.0",
         "psr/log": "^1.1",
         "ramsey/uuid": "^3.8|^4.0",
-        "sensio/framework-extra-bundle": "^5.2",
         "spomky-labs/base64url": "^2.0",
         "spomky-labs/cbor-bundle": "^2.0",
         "spomky-labs/cbor-php": "^1.1|^2.0",

phpstan.neon

@@ -11,6 +11,30 @@ parameters:
         - '#Parameter (.*) of class FG\\ASN1\\Universal\\Integer constructor expects int, string given\.#'
         - '#Instanceof between Symfony\\Component\\HttpFoundation\\Response and Symfony\\Component\\HttpFoundation\\Response will always evaluate to true\.#'
         - '#Parameter (.*) of class Jose\\Component\\Core\\AlgorithmManager constructor expects array\<Jose\\Component\\Core\\Algorithm\>\, array\<int\, object\> given\.#'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 1
+          path: 'src/cose/src/Algorithm/ManagerFactory.php'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 1
+          path: 'src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 2
+          path: 'src/cose/src/Algorithm/Signature/ECDSA/ECSignature.php'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 1
+          path: 'src/cose/src/Algorithm/Signature/RSA/PSSRSA.php'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 1
+          path: 'src/cose/src/Algorithm/Signature/RSA/RSA.php'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 2
+          path: 'src/cose/src/Key/Ec2Key.php'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 1
+          path: 'src/cose/src/Key/Key.php'
+        - message: '#Function .* is unsafe to use\. .* Please add .* at the beginning of the file to use the variant provided by the .* library\.#'
+          count: 3
+          path: 'src/cose/src/Key/RsaKey.php'
     checkMissingIterableValueType: false
     checkGenericClassInNonGenericObjectType: false
     treatPhpDocTypesAsCertain: false

src/cose/src/Algorithm/ManagerFactory.php

@@ -14,7 +14,6 @@
 namespace Cose\Algorithm;
 
 use Assert\Assertion;
-use function Safe\sprintf;
 
 class ManagerFactory
 {

src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php

@@ -17,7 +17,6 @@
 use Cose\Algorithm\Signature\Signature;
 use Cose\Key\Ec2Key;
 use Cose\Key\Key;
-use function Safe\openssl_sign;
 
 abstract class ECDSA implements Signature
 {

src/cose/src/Algorithm/Signature/ECDSA/ECSignature.php

@@ -19,7 +19,6 @@
 use InvalidArgumentException;
 use function mb_strlen;
 use function mb_substr;
-use function Safe\hex2bin;
 use function str_pad;
 use const STR_PAD_LEFT;
 
@@ -53,12 +52,17 @@ public static function toAsn1(string $signature, int $length): string
         $totalLength = $lengthR + $lengthS + self::BYTE_SIZE + self::BYTE_SIZE;
         $lengthPrefix = $totalLength > self::ASN1_MAX_SINGLE_BYTE ? self::ASN1_LENGTH_2BYTES : '';
 
-        return hex2bin(
+        $bin = hex2bin(
             self::ASN1_SEQUENCE
             .$lengthPrefix.dechex($totalLength)
             .self::ASN1_INTEGER.dechex($lengthR).$pointR
             .self::ASN1_INTEGER.dechex($lengthS).$pointS
         );
+        if (false === $bin) {
+            throw new InvalidArgumentException('Unable to convert into ASN.1');
+        }
+
+        return $bin;
     }
 
     public static function fromAsn1(string $signature, int $length): string
@@ -78,7 +82,12 @@ public static function fromAsn1(string $signature, int $length): string
         $pointR = self::retrievePositiveInteger(self::readAsn1Integer($message, $position));
         $pointS = self::retrievePositiveInteger(self::readAsn1Integer($message, $position));
 
-        return hex2bin(str_pad($pointR, $length, '0', STR_PAD_LEFT).str_pad($pointS, $length, '0', STR_PAD_LEFT));
+        $bin = hex2bin(str_pad($pointR, $length, '0', STR_PAD_LEFT).str_pad($pointS, $length, '0', STR_PAD_LEFT));
+        if (false === $bin) {
+            throw new InvalidArgumentException('Unable to convert from ASN.1');
+        }
+
+        return $bin;
     }
 
     private static function octetLength(string $data): int

src/cose/src/Algorithm/Signature/RSA/PSSRSA.php

@@ -27,7 +27,6 @@
 use function ord;
 use function random_bytes;
 use RuntimeException;
-use function Safe\pack;
 use function str_pad;
 use function str_repeat;
 

src/cose/src/Algorithm/Signature/RSA/RSA.php

@@ -17,7 +17,7 @@
 use Cose\Algorithm\Signature\Signature;
 use Cose\Key\Key;
 use Cose\Key\RsaKey;
-use function Safe\openssl_sign;
+use InvalidArgumentException;
 
 abstract class RSA implements Signature
 {
@@ -26,7 +26,9 @@ public function sign(string $data, Key $key): string
         $key = $this->handleKey($key);
         Assertion::true($key->isPrivate(), 'The key is not private');
 
-        openssl_sign($data, $signature, $key->asPem(), $this->getHashAlgorithm());
+        if (false === openssl_sign($data, $signature, $key->asPem(), $this->getHashAlgorithm())) {
+            throw new InvalidArgumentException('Unable to sign the data');
+        }
 
         return $signature;
     }

src/cose/src/Key/Ec2Key.php

@@ -21,7 +21,6 @@
 use FG\ASN1\Universal\ObjectIdentifier;
 use FG\ASN1\Universal\OctetString;
 use FG\ASN1\Universal\Sequence;
-use function Safe\sprintf;
 
 class Ec2Key extends Key
 {

src/cose/src/Key/Key.php

@@ -15,7 +15,6 @@
 
 use function array_key_exists;
 use Assert\Assertion;
-use function Safe\sprintf;
 
 class Key
 {

src/cose/src/Key/RsaKey.php

@@ -21,8 +21,7 @@
 use FG\ASN1\Universal\NullObject;
 use FG\ASN1\Universal\ObjectIdentifier;
 use FG\ASN1\Universal\Sequence;
-use function Safe\sprintf;
-use function Safe\unpack;
+use InvalidArgumentException;
 
 class RsaKey extends Key
 {
@@ -189,7 +188,12 @@ public function asPem(): string
 
     private function fromBase64ToInteger(string $value): string
     {
-        $hex = current(unpack('H*', $value));
+        $data = unpack('H*', $value);
+        if (false === $data) {
+            throw new InvalidArgumentException('Unable to convert to an integer');
+        }
+
+        $hex = current($data);
 
         return BigInteger::fromBase($hex, 16)->toBase(10);
     }

src/symfony/composer.json

@@ -16,7 +16,6 @@
         }
     ],
     "require": {
-        "sensio/framework-extra-bundle": "^5.2",
         "spomky-labs/cbor-bundle": "^2.0",
         "symfony/config": "^4.4|^5.0",
         "symfony/dependency-injection": "^4.4|^5.0",

src/symfony/src/DependencyInjection/Compiler/HttpMessageFactoryCompilerPass.php

@@ -0,0 +1,30 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2020 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Webauthn\Bundle\DependencyInjection\Compiler;
+
+use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
+
+final class HttpMessageFactoryCompilerPass implements CompilerPassInterface
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function process(ContainerBuilder $container): void
+    {
+        if (!$container->hasDefinition('sensio_framework_extra.psr7.http_message_factory')) {
+            $container->setAlias('sensio_framework_extra.psr7.http_message_factory', 'webauthn.http.factory');
+        }
+    }
+}

src/symfony/src/DependencyInjection/WebauthnExtension.php

@@ -88,6 +88,7 @@ public function load(array $configs, ContainerBuilder $container): void
 
         $loader = new PhpFileLoader($container, new FileLocator(__DIR__.'/../Resources/config/'));
         $loader->load('services.php');
+        $loader->load('http_message_factory.php');
         $loader->load('cose.php');
         $loader->load('security.php');
 

src/symfony/src/Resources/config/http_message_factory.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2020 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
+use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
+
+return static function (ContainerConfigurator $container): void {
+    $container = $container->services()->defaults()
+        ->private()
+        ->autoconfigure()
+        ->autowire()
+    ;
+
+    $container->set('webauthn.http.factory')
+        ->class(PsrHttpFactory::class)
+    ;
+};
+//sensio_framework_extra.psr7.http_message_factory

src/symfony/src/WebauthnBundle.php

@@ -26,6 +26,7 @@
 use Webauthn\Bundle\DependencyInjection\Compiler\DynamicRouteCompilerPass;
 use Webauthn\Bundle\DependencyInjection\Compiler\EnforcedSafetyNetApiKeyVerificationCompilerPass;
 use Webauthn\Bundle\DependencyInjection\Compiler\ExtensionOutputCheckerCompilerPass;
+use Webauthn\Bundle\DependencyInjection\Compiler\HttpMessageFactoryCompilerPass;
 use Webauthn\Bundle\DependencyInjection\Compiler\LoggerSetterCompilerPass;
 use Webauthn\Bundle\DependencyInjection\Compiler\MetadataStatementRepositorySetterCompilerPass;
 use Webauthn\Bundle\DependencyInjection\WebauthnExtension;
@@ -56,6 +57,7 @@ public function build(ContainerBuilder $container): void
         $container->addCompilerPass(new CounterCheckerSetterCompilerPass());
         $container->addCompilerPass(new CertificateChainCheckerSetterCompilerPass());
         $container->addCompilerPass(new MetadataStatementRepositorySetterCompilerPass());
+        $container->addCompilerPass(new HttpMessageFactoryCompilerPass());
 
         $this->registerMappings($container);
 

tests/symfony/config/config.yml

@@ -267,13 +267,6 @@ webauthn:
         http_client: '@nyholm.psr7.psr17_factory'
         request_factory: '@nyholm.psr7.psr18_factory'
 
-
-sensio_framework_extra:
-    router:
-        annotations: false
-    psr_message:
-        enabled: true
-
 security:
     providers:
         default:

tests/symfony/functional/AppKernel.php

@@ -14,7 +14,6 @@
 namespace Webauthn\Bundle\Tests\Functional;
 
 use Doctrine\Bundle\DoctrineBundle\DoctrineBundle;
-use Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle;
 use SpomkyLabs\CborBundle\SpomkyLabsCborBundle;
 use Symfony\Bundle\FrameworkBundle\FrameworkBundle;
 use Symfony\Bundle\MonologBundle\MonologBundle;
@@ -44,7 +43,6 @@ public function registerBundles(): array
             new DoctrineBundle(),
             new SecurityBundle(),
             new MonologBundle(),
-            new SensioFrameworkExtraBundle(),
 
             new WebauthnBundle(),
         ];

tests/symfony/functional/Profile/TransportBindingProfileCreationTest.php

@@ -185,7 +185,6 @@ public function aValidRequestProcessedWithMinimalOptions(): void
         $client = self::createClient([], ['HTTPS' => 'on']);
         $client->request(Request::METHOD_POST, '/attestation/options', [], [], ['CONTENT_TYPE' => 'application/json', 'HTTP_HOST' => 'test.com'], json_encode($content));
         $response = $client->getResponse();
-        dump($response->getContent());
         $data = json_decode($response->getContent(), true);
 
         static::assertArrayHasKey('status', $data);