diff options
| author | Paragon Initiative Enterprises <security@paragonie.com> | 2016-06-12 21:00:24 -0400 |
|---|---|---|
| committer | Paragon Initiative Enterprises <security@paragonie.com> | 2016-06-12 21:00:24 -0400 |
| commit | d96e63b79a7135a65659ba5b1cb02826172bfedd (patch) | |
| tree | 50db1bc8009bf25295a1a810b07d69596a0be9ee | |
| parent | de6245d18de0bf839954e2c4a801e53f02e1604a (diff) | |
| download | constant_time_encoding-origin/v1.x.zip constant_time_encoding-origin/v1.x.tar.gz constant_time_encoding-origin/v1.x.tar.bz2 | |
Include important file in git commitv1.0.1origin/v1.x
| -rw-r--r-- | src/Base64.php | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/src/Base64.php b/src/Base64.php index 46fc78d..7e6e24b 100644 --- a/src/Base64.php +++ b/src/Base64.php @@ -85,25 +85,30 @@ abstract class Base64 implements EncoderInterface * @return string|bool * @throws \RangeException */ - public static function decode($src) + public static function decode($src, $strictPadding = false) { // Remove padding $srcLen = Binary::safeStrlen($src); if ($srcLen === 0) { return ''; } - if (($srcLen & 3) === 0) { - if ($src[$srcLen - 1] === '=') { - $srcLen--; + if ($strictPadding) { + if (($srcLen & 3) === 0) { if ($src[$srcLen - 1] === '=') { $srcLen--; + if ($src[$srcLen - 1] === '=') { + $srcLen--; + } } } - } - if (($srcLen & 3) === 1) { - throw new \RangeException( - 'Incorrect padding' - ); + if (($srcLen & 3) === 1) { + throw new \RangeException( + 'Incorrect padding' + ); + } + } else { + $src = \rtrim($src, '='); + $srcLen = Binary::safeStrlen($src); } $err = 0; @@ -128,9 +133,8 @@ abstract class Base64 implements EncoderInterface if ($i < $srcLen) { $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); $c0 = static::decode6Bits($chunk[1]); - $c1 = static::decode6Bits($chunk[2]); - if ($i + 2 < $srcLen) { + $c1 = static::decode6Bits($chunk[2]); $c2 = static::decode6Bits($chunk[3]); $dest .= \pack( 'CC', @@ -139,11 +143,14 @@ abstract class Base64 implements EncoderInterface ); $err |= ($c0 | $c1 | $c2) >> 8; } elseif($i + 1 < $srcLen) { + $c1 = static::decode6Bits($chunk[2]); $dest .= \pack( 'C', ((($c0 << 2) | ($c1 >> 4)) & 0xff) ); $err |= ($c0 | $c1) >> 8; + } elseif ($i < $srcLen && $strictPadding) { + $err |= 1; } } if ($err !== 0) { |