Bump to PHP 8.2 and leverage its new features (#66)

tvdijen · web-flow · commit 803cec9eb3b6 · 2025-09-23T21:26:41.000+02:00
* Add ext-random to list of direct dependencies and use the new 8.2 exception

* Use new openssl builtin to replace constants
diff --git a/src/Backend/OpenSSL.php b/src/Backend/OpenSSL.php
@@ -15,6 +15,7 @@
 use function chr;
 use function mb_strlen;
 use function openssl_cipher_iv_length;
+use function openssl_cipher_key_length;
 use function openssl_decrypt;
 use function openssl_encrypt;
 use function openssl_sign;
@@ -252,7 +253,7 @@ public function setCipher(string $cipher): void
             default:
                 $this->cipher = C::$BLOCK_CIPHER_ALGORITHMS[$cipher];
                 $this->blocksize = C::$BLOCK_SIZES[$cipher];
-                $this->keysize = C::$BLOCK_CIPHER_KEY_SIZES[$cipher];
+                $this->keysize = openssl_cipher_key_length(C::$BLOCK_CIPHER_ALGORITHMS[$cipher]);
         }
     }
 
diff --git a/src/Constants.php b/src/Constants.php
@@ -217,17 +217,6 @@ class Constants extends \SimpleSAML\XML\Constants
         self::BLOCK_ENC_AES256_GCM => 16,
     ];
 
-    /** @var array<string, positive-int> */
-    public static array $BLOCK_CIPHER_KEY_SIZES = [
-        self::BLOCK_ENC_3DES => 24,
-        self::BLOCK_ENC_AES128 => 16,
-        self::BLOCK_ENC_AES192 => 24,
-        self::BLOCK_ENC_AES256 => 32,
-        self::BLOCK_ENC_AES128_GCM => 16,
-        self::BLOCK_ENC_AES192_GCM => 24,
-        self::BLOCK_ENC_AES256_GCM => 32,
-    ];
-
     /** @var array<string, string> */
     public static array $RSA_DIGESTS = [
         self::SIG_RSA_SHA1 => self::DIGEST_SHA1,
@@ -261,7 +250,7 @@ class Constants extends \SimpleSAML\XML\Constants
         self::C14N_INCLUSIVE_WITHOUT_COMMENTS,
         self::C14N_EXCLUSIVE_WITH_COMMENTS,
         self::C14N_EXCLUSIVE_WITHOUT_COMMENTS,
-//        self::C14N11_INCLUSIVE_WITH_COMMENTS,
-//        self::C14N11_INCLUSIVE_WITHOUT_COMMENTS,
+        self::C14N11_INCLUSIVE_WITH_COMMENTS,
+        self::C14N11_INCLUSIVE_WITHOUT_COMMENTS,
     ];
 }
diff --git a/src/Utils/Random.php b/src/Utils/Random.php
@@ -4,7 +4,7 @@
 
 namespace SimpleSAML\XMLSecurity\Utils;
 
-use Exception;
+use Random\RandomException;
 use SimpleSAML\Assert\Assert;
 use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException;
 use SimpleSAML\XMLSecurity\Exception\RuntimeException;
@@ -43,7 +43,7 @@ public static function generateRandomBytes(int $length): string
             return random_bytes($length);
         } catch (ValueError) { // @phpstan-ignore-line
             throw new InvalidArgumentException('Invalid length received to generate random bytes.');
-        } catch (Exception) {
+        } catch (RandomException) {
             throw new RuntimeException(
                 'Cannot generate random bytes, no cryptographically secure random generator available.',
             );
