Convert to PHP7 (#7)

* Convert to php7

* Update Random.php

* Update Aes.php

* Update Aes.php

* Update .travis.yml

* Update Str.php

* Update Random.php

* Update Cryptobase.php

* Update Hash.php

* Update Hash.php

* Update Pkcs7.php

* Update Cryptobase.php

* Update Pkcs7.php

* Update Support.php

* Update Otp.php

* Update Otp.php

* Update Huffman.php

* Update Rc4.php

* Update AesCtr.php

* Delete Mcrypt.php

* Delete McryptTest.php

* Update Spritz.php

* Update README.md

* Update README.md

* no message

* Delete mcryptvectors.json

* Delete BlockCiphersGenericTest.php

* Update AesTest.php

* Update Hash.php

* Update Rc4.php

* Update Support.php

* Update Spritz.php

* Update README.md

* Update Cryptobase.php

* Update Cryptobase.php

* Update Hash.php

* Update Hash.php

* Update load.php

* Update load.php

* Update Support.php

* Update Cryptobase.php

.travis.yml

@@ -2,10 +2,6 @@ language: php
 dist: precise
 
 php: 
-  - 5.3
-  - 5.4
-  - 5.5
-  - 5.6
   - 7.0
   - 7.1
   - 7.2

README.md

@@ -8,7 +8,7 @@
 [![Latest Stable Version](https://poser.pugx.org/mmeyer2k/dcrypt/version)](https://packagist.org/packages/mmeyer2k/dcrypt)
 [![SensioLabsInsight](https://insight.sensiolabs.com/projects/c48adefc-874e-4d14-88dc-05f7f407f968/mini.png)](https://insight.sensiolabs.com/projects/c48adefc-874e-4d14-88dc-05f7f407f968)
 
-A petite library of essential encryption functions for PHP (5.3 - 7.2).
+A petite library of essential encryption functions for PHP7. For PHP5 support, check out the legacy branch [here](https://github.com/mmeyer2k/dcrypt/tree/4.0.2).
 
 - [Install](#install)
 - [Features](#features)
@@ -27,12 +27,12 @@ A petite library of essential encryption functions for PHP (5.3 - 7.2).
 Add the following to the require section of your `composer.json` file, then run `composer install`.
 ```json
 "require": {
-  "mmeyer2k/dcrypt": "~4.0"
+  "mmeyer2k/dcrypt": "~5.0"
 }
 ```
 Or using the command line...
 ```bash
-composer require "mmeyer2k/dcrypt=~4.0"
+composer require "mmeyer2k/dcrypt=~5.0"
 ```
 In environments where composer is not available, Dcrypt can be used by including `load.php`.
 ```php
@@ -58,39 +58,6 @@ $encrypted = \Dcrypt\AesCtr::encrypt($plaintext, $password);
 $plaintext = \Dcrypt\AesCtr::decrypt($encrypted, $password);
 ```
 
-
-### Customizable Encryption (via Mcrypt)
-If you have special requirements, `\Dcrypt\Mcrypt` might be the best solution.
-```php
-# encrypt with serpent in ecb mode with sha512 hmac
-$encrypted = \Dcrypt\Mcrypt::encrypt(
-  'message', 
-  'password', 
-  0, # specifies that no key hardening will take place (see below...)
-  MCRYPT_SERPENT, 
-  MCRYPT_MODE_ECB, 
-  'sha512'
-);
-```
-As with `\Dcrypt\Aes`, all time-safe HMAC verification, strong IV creation and padding (PKCS#7) are handled for you.
-
-When used with all default options, `\Dcrypt\Mcrypt` is compatible with `\Dcrypt\Aes`.
-```php
-$encrypted = \Dcrypt\Mcrypt::encrypt($plaintext, 'password');
-
-$plaintext = \Dcrypt\Aes::decrypt($encrypted, 'password');
-```
-
-Supported (and tested) modes: `MCRYPT_MODE_CBC`, `MCRYPT_MODE_CFB`, `MCRYPT_MODE_ECB`, `MCRYPT_MODE_OFB`, `MCRYPT_MODE_NOFB`
-
-Supported (and tested) ciphers: `MCRYPT_3DES`, `MCRYPT_BLOWFISH`, `MCRYPT_BLOWFISH_COMPAT`, `MCRYPT_DES`, `MCRYPT_LOKI97`, `MCRYPT_CAST_128`, `MCRYPT_CAST_256`, `MCRYPT_RC2`, `MCRYPT_RIJNDAEL_128`, `MCRYPT_RIJNDAEL_192`, `MCRYPT_RIJNDAEL_256`, `MCRYPT_SAFERPLU`, `MCRYPT_SERPENT`, `MCRYPT_TRIPLEDES`, `MCRYPT_TWOFISH`, `MCRYPT_XTEA`
-
-Supported (and tested) hash algos: all!
-
-**NOTE**: PHP's libmcrypt has fallen out of favor due to its stale codebase and inability to use AES-NI. Only use `\Dcrypt\Mcrypt` if there is a strong need. In nearly all cases `\Dcrypt\Aes` (which uses OpenSSL) is preferred.
-
-**NOTE**: Mcrypt module is removed in PHP 7.1+.
-
 ### Iterative HMAC Key Hardening
 To reduce the effectiveness of brute-force cracking on your encrypted blobs, you can provide an integer `$cost` parameter
 in your encryption/decryption calls. This integer will cause dcrypt to perform `$cost` number of extra HMAC operations on the key before passing it off to the underlying encryption system.

composer.json

@@ -10,7 +10,7 @@
         }
     ],
     "require": {
-        "php": ">=5.3.0"
+        "php": ">=7.0.0"
     },
     "require-dev": {
         "mmeyer2k/retro": "dev-master"
@@ -25,9 +25,5 @@
         "tests/TestSupport.php"
       ]
     },
-    "suggest": {
-        "paragonie/random_compat": "Provides PHP7-like random_int() and random_bytes() functions.",
-        "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes."
-    },
     "minimum-stability": "dev"
 }

load.php

@@ -25,7 +25,6 @@
         'Cryptobase',
         'Hash',
         'Huffman',
-        'Mcrypt',
         'Aes',
         'AesCtr',
         'Otp',

src/Aes.php

@@ -3,7 +3,7 @@
 /**
  * Aes.php
  * 
- * PHP version 5
+ * PHP version 7
  * 
  * @category Dcrypt
  * @package  Dcrypt
@@ -62,7 +62,7 @@ class Aes extends Cryptobase
      * 
      * @return string
      */
-    public static function decrypt($cyphertext, $password, $cost = 0)
+    public static function decrypt(string $cyphertext, string $password, int $cost = 0): string
     {
         // Find the IV at the beginning of the cypher text
         $iv = Str::substr($cyphertext, 0, self::IVSIZE);
@@ -95,7 +95,7 @@ public static function decrypt($cyphertext, $password, $cost = 0)
      * 
      * @return string 
      */
-    public static function encrypt($plaintext, $password, $cost = 0)
+    public static function encrypt(string $plaintext, string $password, int $cost = 0): string
     {
         // Generate IV of appropriate size.
         $iv = Random::bytes(self::IVSIZE);
@@ -123,7 +123,7 @@ public static function encrypt($plaintext, $password, $cost = 0)
      * 
      * @return string
      */
-    protected static function mode()
+    protected static function mode(): string
     {
         return substr(static::CIPHER, -3);
     }

src/AesCtr.php

@@ -3,7 +3,7 @@
 /**
  * AesCtr.php
  * 
- * PHP version 5
+ * PHP version 7
  * 
  * @category Dcrypt
  * @package  Dcrypt

src/Cryptobase.php

@@ -38,7 +38,7 @@ class Cryptobase
      *
      * @return string
      */
-    protected static function checksum($cyphertext, $iv, $key, $cipher = 'rijndael-128', $mode = 'cbc', $algo = 'sha256')
+    protected static function checksum(string $cyphertext, string $iv, string $key, string $cipher = 'rijndael-128', string $mode = 'cbc', string $algo = 'sha256'): string
     {
         // Prevent potentially large string concat by hmac-ing the cyphertext
         // by itself...
@@ -66,7 +66,7 @@ protected static function checksum($cyphertext, $iv, $key, $cipher = 'rijndael-1
      *
      * @return string
      */
-    private static function hashNormalize($hash, $size, $algo)
+    private static function hashNormalize(string $hash, int $size, string $algo): string
     {
         // Extend hash if too short
         while (Str::strlen($hash) < $size) {
@@ -89,7 +89,7 @@ private static function hashNormalize($hash, $size, $algo)
      *
      * @return string
      */
-    protected static function key($password, $iv, $cost, $cipher = 'rijndael-128', $mode = 'cbc', $algo = 'sha256')
+    protected static function key(string $password, string $iv, int $cost, string $cipher = 'rijndael-128', string $mode = 'cbc', string $algo = 'sha256'): string
     {
         // This if statement allows the usage of the Openssl library without
         // the need to have the mcrypt plugin installed at all.
@@ -112,7 +112,7 @@ protected static function key($password, $iv, $cost, $cipher = 'rijndael-128', $
      * @param string $calculated
      * @param string $supplied
      */
-    protected static function checksumVerify($calculated, $supplied)
+    protected static function checksumVerify(string $calculated, string $supplied)
     {
         if (!Str::equal($calculated, $supplied)) {
             $e = 'Decryption can not proceed due to invalid cyphertext checksum.';

src/Hash.php

@@ -3,7 +3,7 @@
 /**
  * Hash.php
  * 
- * PHP version 5
+ * PHP version 7
  * 
  * @category Dcrypt
  * @package  Dcrypt
@@ -40,14 +40,15 @@ final class Hash extends Support
      *  
      * @param string       $input    Data to hash
      * @param string       $password Password to use in HMAC call
-     * @param integer      $cost     Number of iterations to use
+     * @param int          $cost     Number of iterations to use
      * @param string|null  $salt     Initialization vector to use in HMAC calls
+     *
      * @return string
      */
-    private static function build($input, $password, $cost, $salt = null)
+    private static function build(string $input, string $password, int $cost, $salt = null): string
     {
         // Generate salt if needed
-        $salt = $salt === null ? Random::bytes(16) : $salt;
+        $salt = $salt ?? Random::bytes(16);
 
         // Verify and normalize cost value
         $cost = self::cost($cost);
@@ -69,12 +70,12 @@ private static function build($input, $password, $cost, $salt = null)
      * 
      * @return int
      */
-    private static function cost($cost)
+    private static function cost(int $cost): int
     {
         return $cost % \pow(2, 32);
     }
 
-    private static function costHash($cost, $salt, $password)
+    private static function costHash(int $cost, string $salt, string $password): string
     {
         // Hash and return first 12 bytes
         $hash = Str::substr(\hash_hmac(self::ALGO, $cost, $salt, true), 0, 12);
@@ -93,12 +94,12 @@ private static function costHash($cost, $salt, $password)
      * 
      * @param string  $data Data to hash.
      * @param string  $key  Key to use to authenticate the hash.
-     * @param integer $iter Number of times to iteratate the hash
+     * @param int     $iter Number of times to iteratate the hash
      * @param string  $algo Name of algo (sha256 or sha512 recommended)
      * 
      * @return string
      */
-    public static function ihmac($data, $key, $iter, $algo = 'sha256')
+    public static function ihmac(string $data, string $key, int $iter, string $algo = 'sha256'): string
     {
         $iter = abs($iter);
 
@@ -118,11 +119,11 @@ public static function ihmac($data, $key, $iter, $algo = 'sha256')
      * 
      * @param string  $input    Data to hash.
      * @param string  $password HMAC validation password.
-     * @param integer $cost     Cost value of the hash.
+     * @param int     $cost     Cost value of the hash.
      * 
      * @return string
      */
-    public static function make($input, $password, $cost = 250000)
+    public static function make(string $input, string $password, int $cost = 250000): string
     {
         return self::build($input, $password, $cost, null);
     }
@@ -136,7 +137,7 @@ public static function make($input, $password, $cost = 250000)
      * 
      * @return boolean
      */
-    public static function verify($input, $hash, $password)
+    public static function verify(string $input, string $hash, string $password): bool
     {
         // Get the salt value from the decrypted prefix
         $salt = Str::substr($hash, 0, 16);

src/Huffman.php

@@ -27,12 +27,13 @@
 final class Huffman
 {
     /**
-     * Compress data
+     * Compress data with Huffman's algo
+     *
+     * @param string $data Data to compress
      *
-     * @param string $data
      * @return string
      */
-    public static function encode($data)
+    public static function encode(string $data): string
     {
         $dictionary = self::frequencyMap($data);
 
@@ -68,12 +69,13 @@ public static function encode($data)
     }
 
     /**
-     * Decompress data
+     * Decompress Huffman string.
+     *
+     * @param string $data String to decompress.
      *
-     * @param string $data
      * @return string
      */
-    public static function decode($data)
+    public static function decode(string $data): string
     {
         $dictionary = self::unpackDictionary($data);