Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Add more precise return types for the openssl cipher functions #4043

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ondrejmirtes merged 1 commit into phpstan:2.1.x from stof:better_openssl_types
Sep 12, 2025

Conversation

@stof
Copy link
Contributor

@stof stof commented Jun 4, 2025

Those functions return false (and trigger a warning) only when the argument is an unknown algorithm, which is not something worth checking when using them with a known algorithm.

I'm providing this improvement only on PHP 8+, because PHP 7 can have other kind of warnings (that have been upgraded to ValueError in PHP 8)

Replaces #3582

@stof stof force-pushed the better_openssl_types branch from 6144182 to ecfa6c2 Compare June 4, 2025 11:40
Comment on lines 38 to 63
public function getTypeFromFunctionCall(FunctionReflection $functionReflection, FuncCall $functionCall, Scope $scope): Type
{
$returnType = ParametersAcceptorSelector::selectFromArgs(
$scope,
$functionCall->getArgs(),
$functionReflection->getVariants(),
)->getReturnType();

if (!$this->phpVersion->throwsValueErrorForInternalFunctions()) {
return $returnType;
}

if (count($functionCall->getArgs()) < 1) {
return $returnType;
}

$strings = $scope->getType($functionCall->getArgs()[0]->value)->getConstantStrings();
$results = array_unique(array_map(fn (ConstantStringType $algorithm): bool => $this->isSupportedAlgorithm($algorithm->getValue()), $strings));

if (count($results) === 1) {
return $results[0]
? TypeCombinator::remove($returnType, new ConstantBooleanType(false))
: new ConstantBooleanType(false);
}

return $returnType;
Copy link
Contributor

@staabm staabm Jun 4, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

instead of

$returnType = ParametersAcceptorSelector::selectFromArgs(
			$scope,
			$functionCall->getArgs(),
			$functionReflection->getVariants(),
		)->getReturnType();

you can just return null; for the cases where the extension cannot provide a better type then the default.
that way you can simplify the extension a bit.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I refactored the code to return null for all such cases.

return in_array(strtoupper($algorithm), $this->getSupportedAlgorithms(), true);
}

/** @return string[] */
Copy link
Contributor

@staabm staabm Jun 4, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

might work to use a more precise return type

Suggested change
/** @return string[] */
/** @return uppercase-string[] */

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I inspired from MbFunctionsReturnTypeExtensionTrait, which also uses simply string[]

staabm reacted with thumbs up emoji
@stof stof force-pushed the better_openssl_types branch from ecfa6c2 to bb6367d Compare June 4, 2025 12:47
Copy link
Contributor

staabm commented Jun 4, 2025

Needs cs fix

@stof stof force-pushed the better_openssl_types branch from bb6367d to 1e9efb6 Compare June 5, 2025 08:32
Copy link
Contributor Author

stof commented Jun 5, 2025

@staabm done

conf/config.neon Outdated
tags:
- phpstan.dynamicFunctionThrowTypeExtension

-
Copy link
Member

@ondrejmirtes ondrejmirtes Jul 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please put this on 2.1.x and use AutowiredService attribute instead of changing config.neon. Thanks.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ondrejmirtes sorry for the delay. This is now done.

@stof stof changed the base branch from 1.12.x to 2.1.x September 12, 2025 10:53
@stof stof force-pushed the better_openssl_types branch from 1e9efb6 to 1c9db7a Compare September 12, 2025 10:54
@ondrejmirtes ondrejmirtes merged commit 163d178 into phpstan:2.1.x Sep 12, 2025
421 of 457 checks passed
Copy link
Member

Thank you.

Copy link
Contributor Author

stof commented Oct 15, 2025

@ondrejmirtes I discovered that in PHP <8.5, the openssl_get_cipher_methods function uses a different source of truth than the resolution of cipher algorithms in other functions, which means that some algorithms returned in this function are actually not supported in openssl_cipher_iv_length. See php/php-src#19994

Maybe this return type extension should be restricted to run only on PHP 8.5+ instead of PHP 8.0+. Or maybe it should perform actual filtering by attempting to read the iv length for PHP 8.0 to 8.4.

Copy link
Member

Please open an issue, this comment would get lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ondrejmirtes ondrejmirtes ondrejmirtes requested changes

+1 more reviewer

@staabm staabm staabm left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /