From de1a694f8e870b1f47139f7fa8043e328babf3de Mon Sep 17 00:00:00 2001
From: Lukas Buchs <lukas.buchs@netas.ch>
Date: Fri, 14 Oct 2022 09:26:26 +0200
Subject: [PATCH] PHP 8 issues

---
 LICENSE                                     | 2 +-
 _test/client.html                           | 4 ++--
 _test/server.php                            | 4 ++--
 src/Attestation/Format/AndroidSafetyNet.php | 6 +++---
 src/Attestation/Format/Apple.php            | 2 +-
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/LICENSE b/LICENSE
index 38449bd..0580d1b 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright © 2021 Lukas Buchs
+Copyright © 2022 Lukas Buchs
 Copyright © 2018 Thomas Bleeker (CBOR & ByteBuffer part)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
diff --git a/_test/client.html b/_test/client.html
index 127d6f8..46dee4b 100644
--- a/_test/client.html
+++ b/_test/client.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html>
 <!--
-Copyright (C) 2018 Lukas Buchs
+Copyright (C) 2022 Lukas Buchs
 license https://github.com/lbuchs/WebAuthn/blob/master/LICENSE MIT
 -->
 <html>
@@ -513,7 +513,7 @@ <h1 style="margin: 40px 10px 2px 0;">lbuchs/WebAuthn</h1>
                         the browser may not warn about providing informations about your device.
                    </div>
                     <div style="margin-top:20px;font-size: 0.7em;font-style: italic">
-                        Copyright &copy; 2021 Lukas Buchs - <a href="https://raw.githubusercontent.com/lbuchs/WebAuthn/master/LICENSE">license therms</a>
+                        Copyright &copy; 2022 Lukas Buchs - <a href="https://raw.githubusercontent.com/lbuchs/WebAuthn/master/LICENSE">license therms</a>
                     </div>
 
                 </div>
diff --git a/_test/server.php b/_test/server.php
index 1a9fd62..c1e59ae 100644
--- a/_test/server.php
+++ b/_test/server.php
@@ -1,7 +1,7 @@
 <?php
 
 /*
- * Copyright (C) 2018 Lukas Buchs
+ * Copyright (C) 2022 Lukas Buchs
  * license https://github.com/lbuchs/WebAuthn/blob/master/LICENSE MIT
  *
  * Server test script for WebAuthn library. Saves new registrations in session.
@@ -312,7 +312,7 @@
                     } else if (is_object($value)) {
                         $value = chunk_split(strval($value), 64);
 
-                    } else if (is_string($value) && strlen($value) > 0 && htmlspecialchars($value) === '') {
+                    } else if (is_string($value) && strlen($value) > 0 && htmlspecialchars($value, ENT_QUOTES) === '') {
                         $value = chunk_split(bin2hex($value), 64);
                     }
                     $html .= '<tr><td>' . htmlspecialchars($key) . '</td><td style="font-family:monospace;">' . nl2br(htmlspecialchars($value)) . '</td>';
diff --git a/src/Attestation/Format/AndroidSafetyNet.php b/src/Attestation/Format/AndroidSafetyNet.php
index a027ca9..adc74ee 100644
--- a/src/Attestation/Format/AndroidSafetyNet.php
+++ b/src/Attestation/Format/AndroidSafetyNet.php
@@ -52,7 +52,7 @@ public function __construct($AttestionObject, AuthenticatorData $authenticatorDa
             throw new WebAuthnException('invalid JWS payload', WebAuthnException::INVALID_DATA);
         }
 
-        if (!$header->x5c || !is_array($header->x5c) || count($header->x5c) === 0) {
+        if (!isset($header->x5c) || !is_array($header->x5c) || count($header->x5c) === 0) {
             throw new WebAuthnException('No X.509 signature in JWS Header', WebAuthnException::INVALID_DATA);
         }
 
@@ -89,7 +89,7 @@ public function validateAttestation($clientDataHash) {
 
         // Verify that the nonce in the response is identical to the Base64 encoding
         // of the SHA-256 hash of the concatenation of authenticatorData and clientDataHash.
-        if (!$this->_payload->nonce || $this->_payload->nonce !== \base64_encode(\hash('SHA256', $this->_authenticatorData->getBinary() . $clientDataHash, true))) {
+        if (empty($this->_payload->nonce) || $this->_payload->nonce !== \base64_encode(\hash('SHA256', $this->_authenticatorData->getBinary() . $clientDataHash, true))) {
             throw new WebAuthnException('invalid nonce in JWS payload', WebAuthnException::INVALID_DATA);
         }
 
@@ -100,7 +100,7 @@ public function validateAttestation($clientDataHash) {
         }
 
         // Verify that the ctsProfileMatch attribute in the payload of response is true.
-        if (!$this->_payload->ctsProfileMatch) {
+        if (empty($this->_payload->ctsProfileMatch)) {
             throw new WebAuthnException('invalid ctsProfileMatch in payload', WebAuthnException::INVALID_DATA);
         }
 
diff --git a/src/Attestation/Format/Apple.php b/src/Attestation/Format/Apple.php
index e1f19f0..e4f38e0 100644
--- a/src/Attestation/Format/Apple.php
+++ b/src/Attestation/Format/Apple.php
@@ -105,7 +105,7 @@ protected function _validateOverX5c($clientDataHash) {
 
         // Verify that nonce equals the value of the extension with OID ( 1.2.840.113635.100.8.2 ) in credCert.
         $parsedCredCert = openssl_x509_parse($credCert);
-        $nonceExtension = isset($parsedCredCert['extensions']['1.2.840.113635.100.8.2']) ? $parsedCredCert['extensions']['1.2.840.113635.100.8.2'] : '';
+        $nonceExtension = $parsedCredCert['extensions']['1.2.840.113635.100.8.2'] ?? '';
 
         // nonce padded by ASN.1 string: 30 24 A1 22 04 20
         // 30     — type tag indicating sequence