feature #413 Polyfill the random extension's interfaces and Secure engine (TimWolla, nicolas-grekas)

nicolas-grekas · nicolas-grekas · commit b78222a273aa · 2022-11-10T11:11:03.000+01:00
This PR was merged into the 1.27-dev branch. Discussion ---------- Polyfill the random extension's interfaces and Secure engine Commits ------- ebc6b56 Improve Random polyfill a bit 930fa6c Polyfill the random extension's interfaces and Secure engine
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,7 @@
 # 1.27.0
 
   * Add PHP 8.3 polyfill for `json_validate()`
+  * Add polyfill for PHP 8.2's `Random` interfaces, exceptions and `Secure` engine
   * Fix `IntlDateFormatter::formatObject()` signature
 
 # 1.26.0
diff --git a/README.md b/README.md
@@ -65,6 +65,9 @@ Polyfills are provided for:
 - the `AllowDynamicProperties` attribute introduced in PHP 8.2;
 - the `SensitiveParameter` attribute introduced in PHP 8.2;
 - the `SensitiveParameterValue` class introduced in PHP 8.2;
+- the `Random\Engine` interface introduced in PHP 8.2;
+- the `Random\CryptoSafeEngine` interface introduced in PHP 8.2;
+- the `Random\Engine\Secure` class introduced in PHP 8.2 (check [arokettu/random-polyfill](https://packagist.org/packages/arokettu/random-polyfill) for more engines);
 - the `json_validate` function introduced in PHP 8.3;
 
 It is strongly recommended to upgrade your PHP version and/or install the missing
diff --git a/src/Php82/NoDynamicProperties.php b/src/Php82/NoDynamicProperties.php
@@ -0,0 +1,23 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Polyfill\Php82;
+
+/**
+ * @internal
+ */
+trait NoDynamicProperties
+{
+    public function __set(string $name, $value): void
+    {
+        throw new \Error('Cannot create dynamic property '.self::class.'::$'.$name);
+    }
+}
diff --git a/src/Php82/README.md b/src/Php82/README.md
@@ -6,6 +6,9 @@ This component provides features added to PHP 8.2 core:
 - [`AllowDynamicProperties`](https://wiki.php.net/rfc/deprecate_dynamic_properties)
 - [`SensitiveParameter`](https://wiki.php.net/rfc/redact_parameters_in_back_traces)
 - [`SensitiveParameterValue`](https://wiki.php.net/rfc/redact_parameters_in_back_traces)
+- [`Random\Engine`](https://wiki.php.net/rfc/rng_extension)
+- [`Random\Engine\CryptoSafeEngine`](https://wiki.php.net/rfc/rng_extension)
+- [`Random\Engine\Secure`](https://wiki.php.net/rfc/rng_extension) (check [arokettu/random-polyfill](https://packagist.org/packages/arokettu/random-polyfill) for more engines)
 
 More information can be found in the
 [main Polyfill README](https://github.com/symfony/polyfill/blob/main/README.md).
diff --git a/src/Php82/Random/Engine/Secure.php b/src/Php82/Random/Engine/Secure.php
@@ -0,0 +1,50 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Polyfill\Php82\Random\Engine;
+
+use Random\RandomException;
+use Symfony\Polyfill\Php82\NoDynamicProperties;
+
+/**
+ * @author Tim Düsterhus <tim@bastelstu.be>
+ * @author Anton Smirnov <sandfox@sandfox.me>
+ *
+ * @internal
+ */
+class Secure
+{
+    use NoDynamicProperties;
+
+    public function generate(): string
+    {
+        try {
+            return random_bytes(\PHP_INT_SIZE);
+        } catch (\Exception $e) {
+            throw new RandomException($e->getMessage(), $e->getCode(), $e->getPrevious());
+        }
+    }
+
+    public function __sleep(): array
+    {
+        throw new \Exception("Serialization of 'Random\Engine\Secure' is not allowed");
+    }
+
+    public function __wakeup(): void
+    {
+        throw new \Exception("Unserialization of 'Random\Engine\Secure' is not allowed");
+    }
+
+    public function __clone()
+    {
+        throw new \Error('Trying to clone an uncloneable object of class Random\Engine\Secure');
+    }
+}
diff --git a/src/Php82/Resources/stubs/Random/BrokenRandomEngineError.php b/src/Php82/Resources/stubs/Random/BrokenRandomEngineError.php
@@ -0,0 +1,18 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Random;
+
+if (\PHP_VERSION_ID < 80200) {
+    class BrokenRandomEngineError extends RandomError
+    {
+    }
+}
diff --git a/src/Php82/Resources/stubs/Random/CryptoSafeEngine.php b/src/Php82/Resources/stubs/Random/CryptoSafeEngine.php
@@ -0,0 +1,18 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Random;
+
+if (\PHP_VERSION_ID < 80200) {
+    interface CryptoSafeEngine extends Engine
+    {
+    }
+}
diff --git a/src/Php82/Resources/stubs/Random/Engine.php b/src/Php82/Resources/stubs/Random/Engine.php
@@ -0,0 +1,19 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Random;
+
+if (\PHP_VERSION_ID < 80200) {
+    interface Engine
+    {
+        public function generate(): string;
+    }
+}
diff --git a/src/Php82/Resources/stubs/Random/Engine/Secure.php b/src/Php82/Resources/stubs/Random/Engine/Secure.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Random\Engine;
+
+use Symfony\Polyfill\Php82 as p;
+
+if (\PHP_VERSION_ID < 80200) {
+    final class Secure extends p\Random\Engine\Secure implements \Random\CryptoSafeEngine
+    {
+    }
+}
diff --git a/src/Php82/Resources/stubs/Random/RandomError.php b/src/Php82/Resources/stubs/Random/RandomError.php
@@ -0,0 +1,21 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Random;
+
+use Symfony\Polyfill\Php82\NoDynamicProperties;
+
+if (\PHP_VERSION_ID < 80200) {
+    class RandomError extends \Error
+    {
+        use NoDynamicProperties;
+    }
+}
diff --git a/src/Php82/Resources/stubs/Random/RandomException.php b/src/Php82/Resources/stubs/Random/RandomException.php
@@ -0,0 +1,21 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Random;
+
+use Symfony\Polyfill\Php82\NoDynamicProperties;
+
+if (\PHP_VERSION_ID < 80200) {
+    class RandomException extends \Exception
+    {
+        use NoDynamicProperties;
+    }
+}
diff --git a/tests/Php82/RandomSecureEngineTest.php b/tests/Php82/RandomSecureEngineTest.php
@@ -0,0 +1,68 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Polyfill\Tests\Php82;
+
+use PHPUnit\Framework\TestCase;
+use Symfony\Polyfill\Php82\Random\Engine\Secure as SecureEnginePolyfill;
+
+/**
+ * @author Tim Düsterhus <tim@bastelstu.be>
+ */
+class RandomSecureEngineTest extends TestCase
+{
+    public function secureEngineProvider()
+    {
+        yield [new SecureEnginePolyfill()];
+        yield [new \Random\Engine\Secure()];
+    }
+
+    /**
+     * @dataProvider secureEngineProvider
+     */
+    public function testGenerateLength($v)
+    {
+        $this->assertSame(\PHP_INT_SIZE, \strlen($v->generate()));
+    }
+
+    /**
+     * @dataProvider secureEngineProvider
+     */
+    public function testCloneIsNotAllowed($v)
+    {
+        $this->expectException(\Error::class);
+        $this->expectExceptionMessage("Trying to clone an uncloneable object of class Random\Engine\Secure");
+
+        clone $v;
+    }
+
+    /**
+     * @dataProvider secureEngineProvider
+     */
+    public function testSerializeIsNotAllowed($v)
+    {
+        $this->expectException(\Exception::class);
+        $this->expectExceptionMessage("Serialization of 'Random\Engine\Secure' is not allowed");
+
+        serialize($v);
+    }
+
+    /**
+     * @dataProvider secureEngineProvider
+     */
+    public function testUnserializeIsNotAllowed($v)
+    {
+        $this->expectException(\Exception::class);
+        $this->expectExceptionMessageMatches("{Unserialization of '.*Random\\\\Engine\\\\Secure' is not allowed}");
+
+        unserialize(sprintf('O:%d:"%s":0:{}', \strlen(\get_class($v)), \get_class($v)));
+    }
+}
