summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott <scott@paragonie.com>2016-03-12 17:18:25 -0500
committerScott <scott@paragonie.com>2016-03-12 17:18:25 -0500
commit0ed01f67e5a3837f3e8b52c2072127d429b3459a (patch)
treeea50c6f022d6ac17626fc14a84806a1fa8ab77b4
parent226bfbfbcb7524a4e16b9fa58105a5932b22dc2a (diff)
downloadconstant_time_encoding-0ed01f67e5a3837f3e8b52c2072127d429b3459a.zip
constant_time_encoding-0ed01f67e5a3837f3e8b52c2072127d429b3459a.tar.gz
constant_time_encoding-0ed01f67e5a3837f3e8b52c2072127d429b3459a.tar.bz2
Refactor into classes
Diffstat
-rw-r--r--README.md6
-rw-r--r--src/Base32.php267
-rw-r--r--src/Base64.php175
-rw-r--r--src/Base64DotSlash.php53
-rw-r--r--src/Base64DotSlashOrdered.php46
-rw-r--r--src/Core.php66
-rw-r--r--src/Encoding.php832
-rw-r--r--src/Hex.php71
-rw-r--r--tests/EncodingTest.php36
9 files changed, 746 insertions, 806 deletions
diff --git a/README.md b/README.md
index 7140030..9624786 100644
--- a/README.md
+++ b/README.md
@@ -2,8 +2,9 @@
[![Build Status](https://travis-ci.org/paragonie/constant_time_encoding.svg?branch=master)](https://travis-ci.org/paragonie/constant_time_encoding)
-Based on the work of [Steve "Sc00bz" Thomas](https://github.com/Sc00bz/ConstTimeEncoding), this library aims to offer
-character encoding functions that do not leak information about what you are encoding/decoding via processor cache
+Based on the [constant-time base64 implementation made by Steve "Sc00bz" Thomas](https://github.com/Sc00bz/ConstTimeEncoding),
+this library aims to offer character encoding functions that do not leak
+information about what you are encoding/decoding via processor cache
misses. Further reading on [cache-timing attacks](http://blog.ircmaxell.com/2014/11/its-all-about-time.html).
Our fork offers the following enchancements:
@@ -11,6 +12,7 @@ Our fork offers the following enchancements:
* `mbstring.func_overload` resistance
* Unit tests
* Composer- and Packagist-ready
+* Base16 encoding
* Base32 encoding
* Uses `pack()` and `unpack()` instead of `chr()` and `ord()`
diff --git a/src/Base32.php b/src/Base32.php
new file mode 100644
index 0000000..18a7e38
--- /dev/null
+++ b/src/Base32.php
@@ -0,0 +1,267 @@
+<?php
+namespace ParagonIE\ConstantTime;
+
+abstract class Base32
+{
+ /**
+ * Decode a Base32-encoded string into raw binary
+ *
+ * @param string $src
+ * @return string
+ */
+ public static function decode($src)
+ {
+ // Remove padding
+ $srcLen = Core::safeStrlen($src);
+ if ($srcLen === 0) {
+ return '';
+ }
+ if (($srcLen & 7) === 0) {
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ }
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ }
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ }
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ }
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ }
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ }
+ }
+ }
+ if (($srcLen & 7) === 1) {
+ return false;
+ }
+
+ $err = 0;
+ $dest = '';
+ for ($i = 0; $i + 8 <= $srcLen; $i += 8) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, 8));
+ $c0 = self::decode5Bits($chunk[1]);
+ $c1 = self::decode5Bits($chunk[2]);
+ $c2 = self::decode5Bits($chunk[3]);
+ $c3 = self::decode5Bits($chunk[4]);
+ $c4 = self::decode5Bits($chunk[5]);
+ $c5 = self::decode5Bits($chunk[6]);
+ $c6 = self::decode5Bits($chunk[7]);
+ $c7 = self::decode5Bits($chunk[8]);
+
+ $dest .= \pack(
+ 'CCCCC',
+ (($c0 << 3) | ($c1 >> 2) ) & 0xff,
+ (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
+ (($c3 << 4) | ($c4 >> 1) ) & 0xff,
+ (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff,
+ (($c6 << 5) | ($c7 ) ) & 0xff
+ );
+ $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6 | $c7) >> 8;
+ }
+ if ($i < $srcLen) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, $srcLen - $i));
+ $c0 = self::decode5Bits($chunk[1]);
+
+ if ($i + 6 < $srcLen) {
+ $c1 = self::decode5Bits($chunk[2]);
+ $c2 = self::decode5Bits($chunk[3]);
+ $c3 = self::decode5Bits($chunk[4]);
+ $c4 = self::decode5Bits($chunk[5]);
+ $c5 = self::decode5Bits($chunk[6]);
+ $c6 = self::decode5Bits($chunk[7]);
+
+ $dest .= \pack(
+ 'CCCC',
+ (($c0 << 3) | ($c1 >> 2) ) & 0xff,
+ (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
+ (($c3 << 4) | ($c4 >> 1) ) & 0xff,
+ (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff
+ );
+ $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6) >> 8;
+ } elseif ($i + 5 < $srcLen) {
+ $c1 = self::decode5Bits($chunk[2]);
+ $c2 = self::decode5Bits($chunk[3]);
+ $c3 = self::decode5Bits($chunk[4]);
+ $c4 = self::decode5Bits($chunk[5]);
+ $c5 = self::decode5Bits($chunk[6]);
+
+ $dest .= \pack(
+ 'CCCC',
+ (($c0 << 3) | ($c1 >> 2) ) & 0xff,
+ (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
+ (($c3 << 4) | ($c4 >> 1) ) & 0xff,
+ (($c4 << 7) | ($c5 << 2) ) & 0xff
+ );
+ $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5) >> 8;
+ } elseif ($i + 4 < $srcLen) {
+ $c1 = self::decode5Bits($chunk[2]);
+ $c2 = self::decode5Bits($chunk[3]);
+ $c3 = self::decode5Bits($chunk[4]);
+ $c4 = self::decode5Bits($chunk[5]);
+
+ $dest .= \pack(
+ 'CCC',
+ (($c0 << 3) | ($c1 >> 2) ) & 0xff,
+ (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
+ (($c3 << 4) | ($c4 >> 1) ) & 0xff
+ );
+ $err |= ($c0 | $c1 | $c2 | $c3 | $c4) >> 8;
+ } elseif ($i + 3 < $srcLen) {
+ $c1 = self::decode5Bits($chunk[2]);
+ $c2 = self::decode5Bits($chunk[3]);
+ $c3 = self::decode5Bits($chunk[4]);
+
+ $dest .= \pack(
+ 'CC',
+ (($c0 << 3) | ($c1 >> 2) ) & 0xff,
+ (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff
+ );
+ $err |= ($c0 | $c1 | $c2 | $c3) >> 8;
+ } elseif ($i + 2 < $srcLen) {
+ $c1 = self::decode5Bits($chunk[2]);
+ $c2 = self::decode5Bits($chunk[3]);
+
+ $dest .= \pack(
+ 'CC',
+ (($c0 << 3) | ($c1 >> 2) ) & 0xff,
+ (($c1 << 6) | ($c2 << 1) ) & 0xff
+ );
+ $err |= ($c0 | $c1 | $c2) >> 8;
+ } elseif ($i + 1 < $srcLen) {
+ $c1 = self::decode5Bits($chunk[2]);
+
+ $dest .= \pack(
+ 'C',
+ (($c0 << 3) | ($c1 >> 2) ) & 0xff
+ );
+ $err |= ($c0 | $c1) >> 8;
+ } else {
+ $dest .= \pack(
+ 'C',
+ (($c0 << 3) ) & 0xff
+ );
+ $err |= ($c0) >> 8;
+ }
+ }
+ if ($err !== 0) {
+ throw new \RangeException(
+ 'base32Decode() only expects characters in the correct base32 alphabet'
+ );
+ }
+ return $dest;
+ }
+
+ /**
+ * Encode into Base32 (RFC 4648)
+ *
+ * @param string $src
+ * @return string
+ */
+ public static function encode($src)
+ {
+ $dest = '';
+ $srcLen = Core::safeStrlen($src);
+ for ($i = 0; $i + 5 <= $srcLen; $i += 5) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, 5));
+ $b0 = $chunk[1];
+ $b1 = $chunk[2];
+ $b2 = $chunk[3];
+ $b3 = $chunk[4];
+ $b4 = $chunk[5];
+ $dest .=
+ self::encode5Bits( ($b0 >> 3) & 31) .
+ self::encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
+ self::encode5Bits((($b1 >> 1) ) & 31) .
+ self::encode5Bits((($b1 << 4) | ($b2 >> 4)) & 31) .
+ self::encode5Bits((($b2 << 1) | ($b3 >> 7)) & 31) .
+ self::encode5Bits((($b3 >> 2) ) & 31) .
+ self::encode5Bits((($b3 << 3) | ($b4 >> 5)) & 31) .
+ self::encode5Bits( $b4 & 31);
+ }
+ if ($i < $srcLen) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, $srcLen - $i));
+ $b0 = $chunk[1];
+ if ($i + 3 < $srcLen) {
+ $b1 = $chunk[2];
+ $b2 = $chunk[3];
+ $b3 = $chunk[4];
+ $dest .=
+ self::encode5Bits( ($b0 >> 3) & 31) .
+ self::encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
+ self::encode5Bits((($b1 >> 1) ) & 31) .
+ self::encode5Bits((($b1 << 4) | ($b2 >> 4)) & 31) .
+ self::encode5Bits((($b2 << 1) | ($b3 >> 7)) & 31) .
+ self::encode5Bits((($b3 >> 2) ) & 31) .
+ self::encode5Bits((($b3 << 3) ) & 31) .
+ '=';
+ } elseif ($i + 2 < $srcLen) {
+ $b1 = $chunk[2];
+ $b2 = $chunk[3];
+ $dest .=
+ self::encode5Bits( ($b0 >> 3) & 31) .
+ self::encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
+ self::encode5Bits((($b1 >> 1) ) & 31) .
+ self::encode5Bits((($b1 << 4) | ($b2 >> 4)) & 31) .
+ self::encode5Bits((($b2 << 1) ) & 31) .
+ '===';
+ } elseif ($i + 1 < $srcLen) {
+ $b1 = $chunk[2];
+ $dest .=
+ self::encode5Bits( ($b0 >> 3) & 31) .
+ self::encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
+ self::encode5Bits((($b1 >> 1) ) & 31) .
+ self::encode5Bits((($b1 << 4) ) & 31) .
+ '====';
+ } else {
+ $dest .=
+ self::encode5Bits( ($b0 >> 3) & 31) .
+ self::encode5Bits( ($b0 << 2) & 31) .
+ '======';
+ }
+ }
+ return $dest;
+ }
+
+
+
+ /**
+ *
+ * @param $src
+ * @return int
+ */
+ protected static function decode5Bits($src)
+ {
+ $ret = -1;
+
+ // if ($src > 64 && $src < 91) $ret += $src - 65 + 1; // -64
+ $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64);
+
+ // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23
+ $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23);
+
+ return $ret;
+ }
+
+ /**
+ * @param $src
+ * @return string
+ */
+ protected static function encode5Bits($src)
+ {
+ $diff = 0x41;
+
+ // if ($src > 25) $ret -= 40;
+ $diff -= ((25 - $src) >> 8) & 41;
+
+ return \pack('C', $src + $diff);
+ }
+
+} \ No newline at end of file
diff --git a/src/Base64.php b/src/Base64.php
new file mode 100644
index 0000000..477e848
--- /dev/null
+++ b/src/Base64.php
@@ -0,0 +1,175 @@
+<?php
+namespace ParagonIE\ConstantTime;
+
+abstract class Base64
+{
+ /**
+ * Encode into Base64
+ *
+ * Base64 character set "[A-Z][a-z][0-9]+/"
+ *
+ * @param string $src
+ * @return string
+ */
+ public static function encode($src)
+ {
+ $dest = '';
+ $srcLen = Core::safeStrlen($src);
+ for ($i = 0; $i + 3 <= $srcLen; $i += 3) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, 3));
+ $b0 = $chunk[1];
+ $b1 = $chunk[2];
+ $b2 = $chunk[3];
+
+ $dest .=
+ self::encode6Bits( $b0 >> 2 ) .
+ self::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) .
+ self::encode6Bits((($b1 << 2) | ($b2 >> 6)) & 63) .
+ self::encode6Bits( $b2 & 63);
+ }
+ if ($i < $srcLen) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, $srcLen - $i));
+ $b0 = $chunk[1];
+ if ($i + 1 < $srcLen) {
+ $b1 = $chunk[2];
+ $dest .=
+ self::encode6Bits( $b0 >> 2 ) .
+ self::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) .
+ self::encode6Bits( ($b1 << 2) & 63) . '=';
+ } else {
+ $dest .=
+ self::encode6Bits( $b0 >> 2) .
+ self::encode6Bits(($b0 << 4) & 63) . '==';
+ }
+ }
+ return $dest;
+ }
+
+ /**
+ * decode from base64 into binary
+ *
+ * Base64 character set "./[A-Z][a-z][0-9]"
+ *
+ * @param $src
+ * @return bool|string
+ * @throws \RangeException
+ */
+ public static function decode($src)
+ {
+ // Remove padding
+ $srcLen = Core::safeStrlen($src);
+ if ($srcLen === 0) {
+ return '';
+ }
+ if (($srcLen & 3) === 0) {
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ if ($src[$srcLen - 1] === '=') {
+ $srcLen--;
+ }
+ }
+ }
+ if (($srcLen & 3) === 1) {
+ return false;
+ }
+
+ $err = 0;
+ $dest = '';
+ for ($i = 0; $i + 4 <= $srcLen; $i += 4) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, 4));
+ $c0 = self::decode6Bits($chunk[1]);
+ $c1 = self::decode6Bits($chunk[2]);
+ $c2 = self::decode6Bits($chunk[3]);
+ $c3 = self::decode6Bits($chunk[4]);
+
+ $dest .= \pack(
+ 'CCC',
+ ((($c0 << 2) | ($c1 >> 4)) & 0xff),
+ ((($c1 << 4) | ($c2 >> 2)) & 0xff),
+ ((($c2 << 6) | $c3 ) & 0xff)
+ );
+ $err |= ($c0 | $c1 | $c2 | $c3) >> 8;
+ }
+ if ($i < $srcLen) {
+ $chunk = \unpack('C*', Core::safeSubstr($src, $i, $srcLen - $i));
+ $c0 = self::decode6Bits($chunk[1]);
+ $c1 = self::decode6Bits($chunk[2]);
+
+ if ($i + 2 < $srcLen) {
+ $c2 = self::decode6Bits($chunk[3]);
+ $dest .= \pack(
+ 'CC',
+ ((($c0 << 2) | ($c1 >> 4)) & 0xff),
+ ((($c1 << 4) | ($c2 >> 2)) & 0xff)
+ );
+ $err |= ($c0 | $c1 | $c2) >> 8;
+ } elseif($i + 1 < $srcLen) {
+ $dest .= \pack(
+ 'C',
+ ((($c0 << 2) | ($c1 >> 4)) & 0xff)
+ );
+ $err |= ($c0 | $c1) >> 8;
+ }
+ }
+ if ($err !== 0) {
+ throw new \RangeException(
+ 'base64decode() only expects characters in the correct base64 alphabet'
+ );
+ }
+ return $dest;
+ }
+
+ /**
+ *
+ * Base64 character set:
+ * [A-Z] [a-z] [0-9] + /
+ * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f
+ *
+ * @param $src
+ * @return int
+ */
+ protected static function decode6Bits($src)
+ {
+ $ret = -1;
+
+ // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64
+ $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64);
+
+ // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70
+ $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70);
+
+ // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5
+ $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5);
+
+ // if ($src == 0x2b) $ret += 62 + 1;
+ $ret += (((0x2a - $src) & ($src - 0x2c)) >> 8) & 63;
+
+ // if ($src == 0x2f) ret += 63 + 1;
+ $ret += (((0x2e - $src) & ($src - 0x30)) >> 8) & 64;
+
+ return $ret;
+ }
+
+ /**
+ * @param $src
+ * @return string
+ */
+ protected static function encode6Bits($src)
+ {
+ $diff = 0x41;
+
+ // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6
+ $diff += ((25 - $src) >> 8) & 6;
+
+ // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75
+ $diff -= ((51 - $src) >> 8) & 75;
+
+ // if ($src > 61) $diff += 0x2b - 0x30 - 10; // -15
+ $diff -= ((61 - $src) >> 8) & 15;
+
+ // if ($src > 62) $diff += 0x2f - 0x2b - 1; // 3
+ $diff += ((62 - $src) >> 8) & 3;
+
+ return \pack('C', $src + $diff);
+ }
+}
diff --git a/src/Base64DotSlash.php b/src/Base64DotSlash.php
new file mode 100644
index 0000000..039106f
--- /dev/null
+++ b/src/Base64DotSlash.php
@@ -0,0 +1,53 @@
+<?php
+namespace ParagonIE\ConstantTime;
+
+abstract class Base64DotSlash extends Base64
+{
+ /**
+ *
+ * Base64 character set:
+ * [A-Z] [a-z] [0-9] + /
+ * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f
+ *
+ * @param $src
+ * @return int
+ */
+ protected static function decode6Bits($src)
+ {
+ $ret = -1;
+
+ // if ($src > 0x2d && $src < 0x30) ret += $src - 0x2e + 1; // -45
+ $ret += (((0x2d - $src) & ($src - 0x30)) >> 8) & ($src - 45);
+
+ // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 2 + 1; // -62
+ $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 62);
+
+ // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 28 + 1; // -68
+ $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 68);
+
+ // if ($src > 0x2f && $src < 0x3a) ret += $src - 0x30 + 54 + 1; // 7
+ $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 7);
+
+ return $ret;
+ }
+
+ /**
+ * @param $src
+ * @return string
+ */
+ protected static function encode6Bits($src)
+ {
+ $src += 0x2e;
+
+ // if ($src > 0x2f) $src += 0x41 - 0x30; // 17
+ $src += ((0x2f - $src) >> 8) & 17;
+
+ // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6
+ $src += ((0x5a - $src) >> 8) & 6;
+
+ // if ($src > 0x7a) $src += 0x30 - 0x7b; // -75
+ $src -= ((0x7a - $src) >> 8) & 75;
+
+ return \pack('C', $src);
+ }
+}
diff --git a/src/Base64DotSlashOrdered.php b/src/Base64DotSlashOrdered.php
new file mode 100644
index 0000000..797cba5
--- /dev/null
+++ b/src/Base64DotSlashOrdered.php
@@ -0,0 +1,46 @@
+<?php
+namespace ParagonIE\ConstantTime;
+
+abstract class Base64DotSlashOrdered extends Base64
+{
+ /**
+ * Base64 character set:
+ * [A-Z] [a-z] [0-9] + /
+ * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f
+ *
+ * @param $src
+ * @return int
+ */
+ protected static function decode6Bits($src)
+ {
+ $ret = -1;
+
+ // if ($src > 0x2d && $src < 0x3a) ret += $src - 0x2e + 1; // -45
+ $ret += (((0x2d - $src) & ($src - 0x3a)) >> 8) & ($src - 45);
+
+ // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 12 + 1; // -52
+ $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 52);
+
+ // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 38 + 1; // -58
+ $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 58);
+
+ return $ret;
+ }
+
+ /**
+ * @param $src
+ * @return string
+ */
+ protected static function encode6Bits($src)
+ {
+ $src += 0x2e;
+
+ // if ($src > 0x39) $src += 0x41 - 0x3a; // 7
+ $src += ((0x39 - $src) >> 8) & 7;
+
+ // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6
+ $src += ((0x5a - $src) >> 8) & 6;
+
+ return \pack('C', $src);
+ }
+}
diff --git a/src/Core.php b/src/Core.php
new file mode 100644
index 0000000..b68dd2f
--- /dev/null
+++ b/src/Core.php
@@ -0,0 +1,66 @@
+<?php
+namespace ParagonIE\ConstantTime;
+
+abstract class Core
+{
+ /**
+ * Safe string length
+ *
+ * @ref mbstring.func_overload
+ *
+ * @param string $str
+ * @return int
+ */
+ public static function safeStrlen($str)
+ {
+ if (\function_exists('mb_strlen')) {
+ return \mb_strlen($str, '8bit');
+ } else {
+ return \strlen($str);
+ }
+ }
+
+ /**
+ * Safe substring
+ *
+ * @ref mbstring.func_overload
+ *
+ * @staticvar boolean $exists
+ * @param string $str
+ * @param int $start
+ * @param int $length
+ * @return string
+ * @throws \TypeError
+ */
+ public static function safeSubstr(
+ $str,
+ $start = 0,
+ $length = null
+ ) {
+ if (\function_exists('mb_substr')) {
+ // mb_substr($str, 0, NULL, '8bit') returns an empty string on PHP
+ // 5.3, so we have to find the length ourselves.
+ if ($length === null) {
+ if ($start >= 0) {
+ $length = self::safeStrlen($str) - $start;
+ } else {
+ $length = -$start;
+ }
+ }
+ // $length calculation above might result in a 0-length string
+ if ($length === 0) {
+ return '';
+ }
+ return \mb_substr($str, $start, $length, '8bit');
+ }
+ if ($length === 0) {
+ return '';
+ }
+ // Unlike mb_substr(), substr() doesn't accept NULL for length
+ if ($length !== null) {
+ return \substr($str, $start, $length);
+ } else {
+ return \substr($str, $start);
+ }
+ }
+} \ No newline at end of file
diff --git a/src/Encoding.php b/src/Encoding.php
index 46dcea8..657e855 100644
--- a/src/Encoding.php
+++ b/src/Encoding.php
@@ -22,578 +22,50 @@ namespace ParagonIE\ConstantTime;
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
-class Encoding
+abstract class Encoding
{
/**
- * Decode a Base32-encoded string into raw binary
+ * RFC 4648 Base32 encoding
*
- * @param string $src
+ * @param $str
* @return string
*/
- public static function base32Decode($src)
+ public static function base32Encode($str)
{
- // Remove padding
- $srcLen = self::safeStrlen($src);
- if ($srcLen === 0) {
- return '';
- }
- if (($srcLen & 7) === 0) {
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- }
- }
- if (($srcLen & 7) === 1) {
- return false;
- }
-
- $err = 0;
- $dest = '';
- for ($i = 0; $i + 8 <= $srcLen; $i += 8) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 8));
- $c0 = self::base32Decode5Bits($chunk[1]);
- $c1 = self::base32Decode5Bits($chunk[2]);
- $c2 = self::base32Decode5Bits($chunk[3]);
- $c3 = self::base32Decode5Bits($chunk[4]);
- $c4 = self::base32Decode5Bits($chunk[5]);
- $c5 = self::base32Decode5Bits($chunk[6]);
- $c6 = self::base32Decode5Bits($chunk[7]);
- $c7 = self::base32Decode5Bits($chunk[8]);
-
- $dest .= \pack(
- 'CCCCC',
- (($c0 << 3) | ($c1 >> 2) ) & 0xff,
- (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
- (($c3 << 4) | ($c4 >> 1) ) & 0xff,
- (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff,
- (($c6 << 5) | ($c7 ) ) & 0xff
- );
- $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6 | $c7) >> 8;
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, $srcLen - $i));
- $c0 = self::base32Decode5Bits($chunk[1]);
-
- if ($i + 6 < $srcLen) {
- $c1 = self::base32Decode5Bits($chunk[2]);
- $c2 = self::base32Decode5Bits($chunk[3]);
- $c3 = self::base32Decode5Bits($chunk[4]);
- $c4 = self::base32Decode5Bits($chunk[5]);
- $c5 = self::base32Decode5Bits($chunk[6]);
- $c6 = self::base32Decode5Bits($chunk[7]);
-
- $dest .= \pack(
- 'CCCC',
- (($c0 << 3) | ($c1 >> 2) ) & 0xff,
- (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
- (($c3 << 4) | ($c4 >> 1) ) & 0xff,
- (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff
- );
- $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6) >> 8;
- } elseif ($i + 5 < $srcLen) {
- $c1 = self::base32Decode5Bits($chunk[2]);
- $c2 = self::base32Decode5Bits($chunk[3]);
- $c3 = self::base32Decode5Bits($chunk[4]);
- $c4 = self::base32Decode5Bits($chunk[5]);
- $c5 = self::base32Decode5Bits($chunk[6]);
-
- $dest .= \pack(
- 'CCCC',
- (($c0 << 3) | ($c1 >> 2) ) & 0xff,
- (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
- (($c3 << 4) | ($c4 >> 1) ) & 0xff,
- (($c4 << 7) | ($c5 << 2) ) & 0xff
- );
- $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5) >> 8;
- } elseif ($i + 4 < $srcLen) {
- $c1 = self::base32Decode5Bits($chunk[2]);
- $c2 = self::base32Decode5Bits($chunk[3]);
- $c3 = self::base32Decode5Bits($chunk[4]);
- $c4 = self::base32Decode5Bits($chunk[5]);
-
- $dest .= \pack(
- 'CCC',
- (($c0 << 3) | ($c1 >> 2) ) & 0xff,
- (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff,
- (($c3 << 4) | ($c4 >> 1) ) & 0xff
- );
- $err |= ($c0 | $c1 | $c2 | $c3 | $c4) >> 8;
- } elseif ($i + 3 < $srcLen) {
- $c1 = self::base32Decode5Bits($chunk[2]);
- $c2 = self::base32Decode5Bits($chunk[3]);
- $c3 = self::base32Decode5Bits($chunk[4]);
-
- $dest .= \pack(
- 'CC',
- (($c0 << 3) | ($c1 >> 2) ) & 0xff,
- (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff
- );
- $err |= ($c0 | $c1 | $c2 | $c3) >> 8;
- } elseif ($i + 2 < $srcLen) {
- $c1 = self::base32Decode5Bits($chunk[2]);
- $c2 = self::base32Decode5Bits($chunk[3]);
-
- $dest .= \pack(
- 'CC',
- (($c0 << 3) | ($c1 >> 2) ) & 0xff,
- (($c1 << 6) | ($c2 << 1) ) & 0xff
- );
- $err |= ($c0 | $c1 | $c2) >> 8;
- } elseif ($i + 1 < $srcLen) {
- $c1 = self::base32Decode5Bits($chunk[2]);
-
- $dest .= \pack(
- 'C',
- (($c0 << 3) | ($c1 >> 2) ) & 0xff
- );
- $err |= ($c0 | $c1) >> 8;
- } else {
- $dest .= \pack(
- 'C',
- (($c0 << 3) ) & 0xff
- );
- $err |= ($c0) >> 8;
- }
- }
- if ($err !== 0) {
- throw new \RangeException(
- 'base32Decode() only expects characters in the correct base32 alphabet'
- );
- }
- return $dest;
+ return Base32::encode($str);
}
/**
- * Encode into Base32 (RFC 4648)
+ * RFC 4648 Base32 decoding
*
- * @param string $src
+ * @param $str
* @return string
*/
- public static function base32Encode($src)
+ public static function base32Decode($str)
{
- $dest = '';
- $srcLen = self::safeStrlen($src);
- for ($i = 0; $i + 5 <= $srcLen; $i += 5) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 5));
- $b0 = $chunk[1];
- $b1 = $chunk[2];
- $b2 = $chunk[3];
- $b3 = $chunk[4];
- $b4 = $chunk[5];
- $dest .=
- self::base32Encode5Bits( ($b0 >> 3) & 31) .
- self::base32Encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
- self::base32Encode5Bits((($b1 >> 1) ) & 31) .
- self::base32Encode5Bits((($b1 << 4) | ($b2 >> 4)) & 31) .
- self::base32Encode5Bits((($b2 << 1) | ($b3 >> 7)) & 31) .
- self::base32Encode5Bits((($b3 >> 2) ) & 31) .
- self::base32Encode5Bits((($b3 << 3) | ($b4 >> 5)) & 31) .
- self::base32Encode5Bits( $b4 & 31);
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, $srcLen - $i));
- $b0 = $chunk[1];
- if ($i + 3 < $srcLen) {
- $b1 = $chunk[2];
- $b2 = $chunk[3];
- $b3 = $chunk[4];
- $dest .=
- self::base32Encode5Bits( ($b0 >> 3) & 31) .
- self::base32Encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
- self::base32Encode5Bits((($b1 >> 1) ) & 31) .
- self::base32Encode5Bits((($b1 << 4) | ($b2 >> 4)) & 31) .
- self::base32Encode5Bits((($b2 << 1) | ($b3 >> 7)) & 31) .
- self::base32Encode5Bits((($b3 >> 2) ) & 31) .
- self::base32Encode5Bits((($b3 << 3) ) & 31) .
- '=';
- } elseif ($i + 2 < $srcLen) {
- $b1 = $chunk[2];
- $b2 = $chunk[3];
- $dest .=
- self::base32Encode5Bits( ($b0 >> 3) & 31) .
- self::base32Encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
- self::base32Encode5Bits((($b1 >> 1) ) & 31) .
- self::base32Encode5Bits((($b1 << 4) | ($b2 >> 4)) & 31) .
- self::base32Encode5Bits((($b2 << 1) ) & 31) .
- '===';
- } elseif ($i + 1 < $srcLen) {
- $b1 = $chunk[2];
- $dest .=
- self::base32Encode5Bits( ($b0 >> 3) & 31) .
- self::base32Encode5Bits((($b0 << 2) | ($b1 >> 6)) & 31) .
- self::base32Encode5Bits((($b1 >> 1) ) & 31) .
- self::base32Encode5Bits((($b1 << 4) ) & 31) .
- '====';
- } else {
- $dest .=
- self::base32Encode5Bits( ($b0 >> 3) & 31) .
- self::base32Encode5Bits( ($b0 << 2) & 31) .
- '======';
- }
- }
- return $dest;
+ return Base32::decode($str);
}
/**
- * Encode into Base64
- *
- * Base64 character set "[A-Z][a-z][0-9]+/"
+ * RFC 4648 Base64 encoding
*
- * @param string $src
+ * @param $str
* @return string
*/
- public static function base64Encode($src)
- {
- $dest = '';
- $srcLen = self::safeStrlen($src);
- for ($i = 0; $i + 3 <= $srcLen; $i += 3) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 3));
- $b0 = $chunk[1];
- $b1 = $chunk[2];
- $b2 = $chunk[3];
-
- $dest .=
- self::base64Encode6Bits( $b0 >> 2 ) .
- self::base64Encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) .
- self::base64Encode6Bits((($b1 << 2) | ($b2 >> 6)) & 63) .
- self::base64Encode6Bits( $b2 & 63);
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, $srcLen - $i));
- $b0 = $chunk[1];
- if ($i + 1 < $srcLen) {
- $b1 = $chunk[2];
- $dest .=
- self::base64Encode6Bits( $b0 >> 2 ) .
- self::base64Encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) .
- self::base64Encode6Bits( ($b1 << 2) & 63) . '=';
- } else {
- $dest .=
- self::base64Encode6Bits( $b0 >> 2) .
- self::base64Encode6Bits(($b0 << 4) & 63) . '==';
- }
- }
- return $dest;
- }
-
- /**
- * Decode from base64 into binary
- *
- * Base64 character set "./[A-Z][a-z][0-9]"
- *
- * @param $src
- * @return bool|string
- * @throws \RangeException
- */
- public static function base64Decode($src)
- {
- // Remove padding
- $srcLen = self::safeStrlen($src);
- if ($srcLen === 0) {
- return '';
- }
- if (($srcLen & 3) === 0) {
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- }
- }
- if (($srcLen & 3) === 1) {
- return false;
- }
-
- $err = 0;
- $dest = '';
- for ($i = 0; $i + 4 <= $srcLen; $i += 4) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 4));
- $c0 = self::base64Decode6Bits($chunk[1]);
- $c1 = self::base64Decode6Bits($chunk[2]);
- $c2 = self::base64Decode6Bits($chunk[3]);
- $c3 = self::base64Decode6Bits($chunk[4]);
-
- $dest .= \pack(
- 'CCC',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff),
- ((($c1 << 4) | ($c2 >> 2)) & 0xff),
- ((($c2 << 6) | $c3 ) & 0xff)
- );
- $err |= ($c0 | $c1 | $c2 | $c3) >> 8;
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, $srcLen - $i));
- $c0 = self::base64Decode6Bits($chunk[1]);
- $c1 = self::base64Decode6Bits($chunk[2]);
-
- if ($i + 2 < $srcLen) {
- $c2 = self::base64Decode6Bits($chunk[3]);
- $dest .= \pack(
- 'CC',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff),
- ((($c1 << 4) | ($c2 >> 2)) & 0xff)
- );
- $err |= ($c0 | $c1 | $c2) >> 8;
- } elseif($i + 1 < $srcLen) {
- $dest .= \pack(
- 'C',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff)
- );
- $err |= ($c0 | $c1) >> 8;
- }
- }
- if ($err !== 0) {
- throw new \RangeException(
- 'base64Decode() only expects characters in the correct base64 alphabet'
- );
- }
- return $dest;
- }
-
- /**
- * Encode into Base64
- *
- * Base64 character set "./[A-Z][a-z][0-9]"
- * @param $src
- * @return string
- */
- public static function base64EncodeDotSlash($src)
- {
- $dest = '';
- $srcLen = self::safeStrlen($src);
- for ($i = 0; $i + 3 <= $srcLen; $i += 3) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 3));
- $b0 = $chunk[1];
- $b1 = $chunk[2];
- $b2 = $chunk[3];
-
- $dest .=
- self::base64Encode6BitsDotSlash( $b0 >> 2 ) .
- self::base64Encode6BitsDotSlash((($b0 << 4) | ($b1 >> 4)) & 63) .
- self::base64Encode6BitsDotSlash((($b1 << 2) | ($b2 >> 6)) & 63) .
- self::base64Encode6BitsDotSlash( $b2 & 63);
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 3));
- $b0 = $chunk[1];
- if ($i + 1 < $srcLen) {
- $b1 = $chunk[2];
- $dest .=
- self::base64Encode6BitsDotSlash( $b0 >> 2 ) .
- self::base64Encode6BitsDotSlash((($b0 << 4) | ($b1 >> 4)) & 63) .
- self::base64Encode6BitsDotSlash( ($b1 << 2) & 63) . '=';
- } else {
- $dest .=
- self::base64Encode6BitsDotSlash( $b0 >> 2) .
- self::base64Encode6BitsDotSlash(($b0 << 4) & 63) . '==';
- }
- }
- return $dest;
- }
-
- /**
- * Decode from base64 to raw binary
- *
- * Base64 character set "./[A-Z][a-z][0-9]"
- *
- * @param $src
- * @return bool|string
- * @throws \RangeException
- */
- public static function base64DecodeDotSlash($src)
+ public static function base64Encode($str)
{
- // Remove padding
- $srcLen = self::safeStrlen($src);
- if ($srcLen === 0) {
- return '';
- }
- if (($srcLen & 3) === 0) {
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- }
- }
- if (($srcLen & 3) == 1) {
- return false;
- }
-
- $err = 0;
- $dest = '';
- for ($i = 0; $i + 4 <= $srcLen; $i += 4) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 4));
- $c0 = self::base64Decode6BitsDotSlash($chunk[1]);
- $c1 = self::base64Decode6BitsDotSlash($chunk[2]);
- $c2 = self::base64Decode6BitsDotSlash($chunk[3]);
- $c3 = self::base64Decode6BitsDotSlash($chunk[4]);
-
- $dest .= \pack(
- 'CCC',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff),
- ((($c1 << 4) | ($c2 >> 2)) & 0xff),
- ((($c2 << 6) | $c3 ) & 0xff)
- );
- $err |= ($c0 | $c1 | $c2 | $c3) >> 8;
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, $srcLen - $i));
- $c0 = self::base64Decode6BitsDotSlash($chunk[1]);
- $c1 = self::base64Decode6BitsDotSlash($chunk[2]);
-
- if ($i + 2 < $srcLen) {
- $c2 = self::base64Decode6BitsDotSlash($chunk[3]);
- $dest .= \pack(
- 'CC',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff),
- ((($c1 << 4) | ($c2 >> 2)) & 0xff)
- );
- $err |= ($c0 | $c1 | $c2) >> 8;
- } elseif($i + 1 < $srcLen) {
- $dest .= \pack(
- 'C',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff)
- );
- $err |= ($c0 | $c1) >> 8;
- }
- }
- if ($err !== 0) {
- throw new \RangeException(
- 'base64DecodeDotSlash() only expects characters in the correct base64 alphabet'
- );
- }
- return $dest;
+ return Base64::encode($str);
}
/**
- * Encode into Base64
+ * RFC 4648 Base32 decoding
*
- * Base64 character set "[.-9][A-Z][a-z]" or "./[0-9][A-Z][a-z]"
- * @param $src
+ * @param $str
* @return string
*/
- public static function base64EncodeDotSlashOrdered($src)
+ public static function base64Decode($str)
{
- $dest = '';
- $srcLen = self::safeStrlen($src);
- for ($i = 0; $i + 3 <= $srcLen; $i += 3) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 3));
- $b0 = $chunk[1];
- $b1 = $chunk[2];
- $b2 = $chunk[3];
- $dest .=
- self::base64Encode6BitsDotSlashOrdered( $b0 >> 2 ) .
- self::base64Encode6BitsDotSlashOrdered((($b0 << 4) | ($b1 >> 4)) & 63) .
- self::base64Encode6BitsDotSlashOrdered((($b1 << 2) | ($b2 >> 6)) & 63) .
- self::base64Encode6BitsDotSlashOrdered( $b2 & 63);
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 3));
- $b0 = $chunk[1];
- if ($i + 1 < $srcLen) {
- $b1 = $chunk[2];
- $dest .=
- self::base64Encode6BitsDotSlashOrdered( $b0 >> 2 ) .
- self::base64Encode6BitsDotSlashOrdered((($b0 << 4) | ($b1 >> 4)) & 63) .
- self::base64Encode6BitsDotSlashOrdered( ($b1 << 2) & 63) . '=';
- } else {
- $dest .=
- self::base64Encode6BitsDotSlashOrdered( $b0 >> 2) .
- self::base64Encode6BitsDotSlashOrdered(($b0 << 4) & 63) . '==';
- }
- }
- return $dest;
- }
-
-
- /**
- * Decode from base64 to raw binary
- *
- * Base64 character set "[.-9][A-Z][a-z]" or "./[0-9][A-Z][a-z]"
- *
- * @param $src
- * @return bool|string
- * @throws \RangeException
- */
- public static function base64DecodeDotSlashOrdered($src)
- {
- // Remove padding
- $srcLen = self::safeStrlen($src);
- if ($srcLen === 0) {
- return '';
- }
- if (($srcLen & 3) === 0) {
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- if ($src[$srcLen - 1] === '=') {
- $srcLen--;
- }
- }
- }
- if (($srcLen & 3) == 1) {
- return false;
- }
-
- $err = 0;
- $dest = '';
- for ($i = 0; $i + 4 <= $srcLen; $i += 4) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, 4));
- $c0 = self::base64Decode6BitsDotSlashOrdered($chunk[1]);
- $c1 = self::base64Decode6BitsDotSlashOrdered($chunk[2]);
- $c2 = self::base64Decode6BitsDotSlashOrdered($chunk[3]);
- $c3 = self::base64Decode6BitsDotSlashOrdered($chunk[4]);
-
- $dest .= \pack(
- 'CCC',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff),
- ((($c1 << 4) | ($c2 >> 2)) & 0xff),
- ((($c2 << 6) | $c3 ) & 0xff)
- );
- $err |= ($c0 | $c1 | $c2 | $c3) >> 8;
- }
- if ($i < $srcLen) {
- $chunk = \unpack('C*', self::safeSubstr($src, $i, $srcLen - $i));
- $c0 = self::base64Decode6BitsDotSlashOrdered($chunk[1]);
- $c1 = self::base64Decode6BitsDotSlashOrdered($chunk[2]);
- if ($i + 2 < $srcLen) {
- $c2 = self::base64Decode6BitsDotSlashOrdered($chunk[3]);
- $dest .= \pack(
- 'CC',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff),
- ((($c1 << 4) | ($c2 >> 2)) & 0xff)
- );
- $err |= ($c0 | $c1 | $c2) >> 8;
- } elseif($i + 1 < $srcLen) {
- $dest .= \pack(
- 'C',
- ((($c0 << 2) | ($c1 >> 4)) & 0xff)
- );
- $err |= ($c0 | $c1) >> 8;
- }
- }
- if ($err !== 0) {
- throw new \RangeException(
- 'base64DecodeDotSlashOrdered() only expects characters in the correct base64 alphabet'
- );
- }
- return $dest;
+ return Base64::decode($str);
}
/**
@@ -605,19 +77,7 @@ class Encoding
*/
public static function hexEncode($bin_string)
{
- $hex = '';
- $len = self::safeStrlen($bin_string);
- for ($i = 0; $i < $len; ++$i) {
- $chunk = \unpack('C', self::safeSubstr($bin_string, $i, 2));
- $c = $chunk[1] & 0xf;
- $b = $chunk[1] >> 4;
- $hex .= pack(
- 'CC',
- (87 + $b + ((($b - 10) >> 8) & ~38)),
- (87 + $c + ((($c - 10) >> 8) & ~38))
- );
- }
- return $hex;
+ return Hex::encode($bin_string);
}
/**
@@ -630,270 +90,58 @@ class Encoding
*/
public static function hexDecode($hex_string)
{
- $hex_pos = 0;
- $bin = '';
- $c_acc = 0;
- $hex_len = self::safeStrlen($hex_string);
- $state = 0;
-
- $chunk = \unpack('C*', $hex_string);
- while ($hex_pos < $hex_len) {
- ++$hex_pos;
- $c = $chunk[$hex_pos];
- $c_num = $c ^ 48;
- $c_num0 = ($c_num - 10) >> 8;
- $c_alpha = ($c & ~32) - 55;
- $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8;
- if (($c_num0 | $c_alpha0) === 0) {
- throw new \RangeException(
- 'hexEncode() only expects hexadecimal characters'
- );
- }
- $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0);
- if ($state === 0) {
- $c_acc = $c_val * 16;
- } else {
- $bin .= \pack('C', $c_acc | $c_val);
- }
- $state ^= 1;
- }
- return $bin;
+ return Hex::decode($hex_string);
}
/**
+ * Encode into Base64
*
- * @param $src
- * @return int
- */
- protected static function base32Decode5Bits($src)
- {
- $ret = -1;
-
- // if ($src > 64 && $src < 91) $ret += $src - 65 + 1; // -64
- $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64);
-
- // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23
- $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23);
-
- return $ret;
- }
-
- /**
+ * Base64 character set "./[A-Z][a-z][0-9]"
* @param $src
* @return string
*/
- protected static function base32Encode5Bits($src)
+ public static function base64EncodeDotSlash($src)
{
- $diff = 0x41;
-
- // if ($src > 25) $ret -= 40;
- $diff -= ((25 - $src) >> 8) & 41;
-
- return \pack('C', $src + $diff);
+ return Base64DotSlash::encode($src);
}
/**
+ * Decode from base64 to raw binary
*
- * Base64 character set:
- * [A-Z] [a-z] [0-9] + /
- * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f
+ * Base64 character set "./[A-Z][a-z][0-9]"
*
* @param $src
- * @return int
- */
- protected static function base64Decode6Bits($src)
- {
- $ret = -1;
-
- // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64
- $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64);
-
- // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70
- $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70);
-
- // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5
- $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5);
-
- // if ($src == 0x2b) $ret += 62 + 1;
- $ret += (((0x2a - $src) & ($src - 0x2c)) >> 8) & 63;
-
- // if ($src == 0x2f) ret += 63 + 1;
- $ret += (((0x2e - $src) & ($src - 0x30)) >> 8) & 64;
-
- return $ret;
- }
-
- /**
- * @param $src
- * @return string
+ * @return bool|string
+ * @throws \RangeException
*/
- protected static function base64Encode6Bits($src)
+ public static function base64DecodeDotSlash($src)
{
- $diff = 0x41;
-
- // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6
- $diff += ((25 - $src) >> 8) & 6;
-
- // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75
- $diff -= ((51 - $src) >> 8) & 75;
-
- // if ($src > 61) $diff += 0x2b - 0x30 - 10; // -15
- $diff -= ((61 - $src) >> 8) & 15;
-
- // if ($src > 62) $diff += 0x2f - 0x2b - 1; // 3
- $diff += ((62 - $src) >> 8) & 3;
-
- return \pack('C', $src + $diff);
+ return Base64DotSlash::decode($src);
}
/**
- * Base64 character set:
- * ./ [A-Z] [a-z] [0-9]
- * 0x2e-0x2f, 0x41-0x5a, 0x61-0x7a, 0x30-0x39
+ * Encode into Base64
*
- * @param $src
- * @return int
- */
- protected static function base64Decode6BitsDotSlash($src)
- {
- $ret = -1;
-
- // if ($src > 0x2d && $src < 0x30) ret += $src - 0x2e + 1; // -45
- $ret += (((0x2d - $src) & ($src - 0x30)) >> 8) & ($src - 45);
-
- // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 2 + 1; // -62
- $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 62);
-
- // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 28 + 1; // -68
- $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 68);
-
- // if ($src > 0x2f && $src < 0x3a) ret += $src - 0x30 + 54 + 1; // 7
- $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 7);
-
- return $ret;
- }
-
- /**
- * @param $src
- * @return string
- */
- protected static function base64Encode6BitsDotSlash($src)
- {
- $src += 0x2e;
-
- // if ($src > 0x2f) $src += 0x41 - 0x30; // 17
- $src += ((0x2f - $src) >> 8) & 17;
-
- // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6
- $src += ((0x5a - $src) >> 8) & 6;
-
- // if ($src > 0x7a) $src += 0x30 - 0x7b; // -75
- $src -= ((0x7a - $src) >> 8) & 75;
-
- return \pack('C', $src);
- }
-
- /**
- * Base64 character set:
- * [.-9] [A-Z] [a-z]
- * 0x2e-0x39, 0x41-0x5a, 0x61-0x7a
- * @param $src
- * @return int
- */
- protected static function base64Decode6BitsDotSlashOrdered($src)
- {
- $ret = -1;
-
- // if ($src > 0x2d && $src < 0x3a) ret += $src - 0x2e + 1; // -45
- $ret += (((0x2d - $src) & ($src - 0x3a)) >> 8) & ($src - 45);
-
- // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 12 + 1; // -52
- $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 52);
-
- // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 38 + 1; // -58
- $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 58);
-
- return $ret;
- }
-
- /**
- * Base64 character set:
- * [.-9] [A-Z] [a-z]
- * 0x2e-0x39, 0x41-0x5a, 0x61-0x7a
+ * Base64 character set "[.-9][A-Z][a-z]" or "./[0-9][A-Z][a-z]"
* @param $src
* @return string
*/
- protected static function base64Encode6BitsDotSlashOrdered($src)
+ public static function base64EncodeDotSlashOrdered($src)
{
- $src += 0x2e;
-
- // if ($src > 0x39) $src += 0x41 - 0x3a; // 7
- $src += ((0x39 - $src) >> 8) & 7;
-
- // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6
- $src += ((0x5a - $src) >> 8) & 6;
-
- return \pack('C', $src);
+ return Base64DotSlashOrdered::encode($src);
}
/**
- * Safe string length
+ * Decode from base64 to raw binary
*
- * @ref mbstring.func_overload
+ * Base64 character set "[.-9][A-Z][a-z]" or "./[0-9][A-Z][a-z]"
*
- * @param string $str
- * @return int
+ * @param $src
+ * @return bool|string
+ * @throws \RangeException
*/
- protected static function safeStrlen($str)
+ public static function base64DecodeDotSlashOrdered($src)
{
- if (\function_exists('mb_strlen')) {
- return \mb_strlen($str, '8bit');
- } else {
- return \strlen($str);
- }
- }
-
- /**
- * Safe substring
- *
- * @ref mbstring.func_overload
- *
- * @staticvar boolean $exists
- * @param string $str
- * @param int $start
- * @param int $length
- * @return string
- * @throws \TypeError
- */
- public static function safeSubstr(
- $str,
- $start = 0,
- $length = null
- ) {
- if (\function_exists('mb_substr')) {
- // mb_substr($str, 0, NULL, '8bit') returns an empty string on PHP
- // 5.3, so we have to find the length ourselves.
- if ($length === null) {
- if ($start >= 0) {
- $length = self::safeStrlen($str) - $start;
- } else {
- $length = -$start;
- }
- }
- // $length calculation above might result in a 0-length string
- if ($length === 0) {
- return '';
- }
- return \mb_substr($str, $start, $length, '8bit');
- }
- if ($length === 0) {
- return '';
- }
- // Unlike mb_substr(), substr() doesn't accept NULL for length
- if ($length !== null) {
- return \substr($str, $start, $length);
- } else {
- return \substr($str, $start);
- }
+ return Base64DotSlashOrdered::decode($src);
}
}
diff --git a/src/Hex.php b/src/Hex.php
new file mode 100644
index 0000000..0bf9d40
--- /dev/null
+++ b/src/Hex.php
@@ -0,0 +1,71 @@
+<?php
+namespace ParagonIE\ConstantTime;
+
+abstract class Hex
+{
+ /**
+ * Convert a binary string into a hexadecimal string without cache-timing
+ * leaks
+ *
+ * @param string $bin_string (raw binary)
+ * @return string
+ */
+ public static function encode($bin_string)
+ {
+ $hex = '';
+ $len = Core::safeStrlen($bin_string);
+ for ($i = 0; $i < $len; ++$i) {
+ $chunk = \unpack('C', Core::safeSubstr($bin_string, $i, 2));
+ $c = $chunk[1] & 0xf;
+ $b = $chunk[1] >> 4;
+ $hex .= pack(
+ 'CC',
+ (87 + $b + ((($b - 10) >> 8) & ~38)),
+ (87 + $c + ((($c - 10) >> 8) & ~38))
+ );
+ }
+ return $hex;
+ }
+
+ /**
+ * Convert a hexadecimal string into a binary string without cache-timing
+ * leaks
+ *
+ * @param string $hex_string
+ * @return string (raw binary)
+ * @throws \RangeException
+ */
+ public static function decode($hex_string)
+ {
+ $hex_pos = 0;
+ $bin = '';
+ $c_acc = 0;
+ $hex_len = Core::safeStrlen($hex_string);
+ $state = 0;
+
+ $chunk = \unpack('C*', $hex_string);
+ while ($hex_pos < $hex_len) {
+ ++$hex_pos;
+ $c = $chunk[$hex_pos];
+ $c_num = $c ^ 48;
+ $c_num0 = ($c_num - 10) >> 8;
+ $c_alpha = ($c & ~32) - 55;
+ $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8;
+ if (($c_num0 | $c_alpha0) === 0) {
+ throw new \RangeException(
+ 'hexEncode() only expects hexadecimal characters'
+ );
+ }
+ $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0);
+ if ($state === 0) {
+ $c_acc = $c_val * 16;
+ } else {
+ $bin .= \pack('C', $c_acc | $c_val);
+ }
+ $state ^= 1;
+ }
+ return $bin;
+ }
+
+
+} \ No newline at end of file
diff --git a/tests/EncodingTest.php b/tests/EncodingTest.php
index 41e2db1..9216e8b 100644
--- a/tests/EncodingTest.php
+++ b/tests/EncodingTest.php
@@ -152,10 +152,14 @@ class EncodingTest extends PHPUnit_Framework_TestCase
/**
* @covers Encoding::hexDecode()
* @covers Encoding::hexEncode()
- * @covers Encoding::base64Decode()
- * @covers Encoding::base64Encode()
* @covers Encoding::base32Decode()
* @covers Encoding::base32Encode()
+ * @covers Encoding::base64Decode()
+ * @covers Encoding::base64Encode()
+ * @covers Encoding::base64DotSlashDecode()
+ * @covers Encoding::base64DotSlashEncode()
+ * @covers Encoding::base64DotSlashOrderedDecode()
+ * @covers Encoding::base64DotSlashOrderedEncode()
*/
public function testBasicEncoding()
{
@@ -165,33 +169,41 @@ class EncodingTest extends PHPUnit_Framework_TestCase
$rand = random_bytes($i);
$enc = Encoding::hexEncode($rand);
$this->assertEquals(
+ \bin2hex($rand),
+ $enc,
+ "Hex Encoding - Length: " . $i
+ );
+ $this->assertEquals(
$rand,
- Encoding::hexDecode($enc)
+ Encoding::hexDecode($enc),
+ "Hex Encoding - Length: " . $i
);
$enc = Encoding::base32Encode($rand);
$this->assertEquals(
$rand,
- Encoding::base32Decode($enc)
+ Encoding::base32Decode($enc),
+ "Base32 Encoding - Length: " . $i
);
$enc = Encoding::base64Encode($rand);
-
$this->assertEquals(
- bin2hex($rand),
- bin2hex(Encoding::base64Decode($enc)),
- "Length: " . $i
+ $rand,
+ Encoding::base64Decode($enc),
+ "Base64 Encoding - Length: " . $i
);
$enc = Encoding::base64EncodeDotSlash($rand);
$this->assertEquals(
- bin2hex($rand),
- bin2hex(Encoding::base64DecodeDotSlash($enc))
+ $rand,
+ Encoding::base64DecodeDotSlash($enc),
+ "Base64 DotSlash Encoding - Length: " . $i
);
$enc = Encoding::base64EncodeDotSlashOrdered($rand);
$this->assertEquals(
- bin2hex($rand),
- bin2hex(Encoding::base64DecodeDotSlashOrdered($enc))
+ $rand,
+ Encoding::base64DecodeDotSlashOrdered($enc),
+ "Base64 Ordered DotSlash Encoding - Length: " . $i
);
}
}
generated by cgit v1.1 at 2025-05-10 14:01:47 +0000