diff options
| author | Paragon Initiative Enterprises <security@paragonie.com> | 2016-06-12 20:42:47 -0400 |
|---|---|---|
| committer | Paragon Initiative Enterprises <security@paragonie.com> | 2016-06-12 20:42:47 -0400 |
| commit | 83f4c006f9d20db6e5d70a7d01ef125cadebfaec (patch) | |
| tree | b403b5068077c113d9472a57e63b0516363a1a59 | |
| parent | 4ed9623466a93dbdc74edc91d46860f9e58d4c04 (diff) | |
| download | constant_time_encoding-83f4c006f9d20db6e5d70a7d01ef125cadebfaec.zip constant_time_encoding-83f4c006f9d20db6e5d70a7d01ef125cadebfaec.tar.gz constant_time_encoding-83f4c006f9d20db6e5d70a7d01ef125cadebfaec.tar.bz2 | |
Add support for unpadded encoding
| -rw-r--r-- | src/Base32.php | 22 | ||||
| -rw-r--r-- | src/Base64.php | 14 | ||||
| -rw-r--r-- | src/EncoderInterface.php | 9 | ||||
| -rw-r--r-- | src/Hex.php | 18 | ||||
| -rw-r--r-- | src/RFC4648.php | 10 | ||||
| -rw-r--r-- | tests/Base64Test.php | 6 |
6 files changed, 52 insertions, 27 deletions
diff --git a/src/Base32.php b/src/Base32.php index 6231cc5..c5ee3de 100644 --- a/src/Base32.php +++ b/src/Base32.php @@ -39,9 +39,9 @@ abstract class Base32 implements EncoderInterface * @param string $src * @return string */ - public static function decode(string $src): string + public static function decode(string $src, bool $strictPadding = false): string { - return static::doDecode($src, false); + return static::doDecode($src, false, $strictPadding); } /** @@ -50,9 +50,9 @@ abstract class Base32 implements EncoderInterface * @param string $src * @return string */ - public static function decodeUpper(string $src): string + public static function decodeUpper(string $src, bool $strictPadding = false): string { - return static::doDecode($src, true); + return static::doDecode($src, true, $strictPadding); } /** @@ -161,9 +161,10 @@ abstract class Base32 implements EncoderInterface * * @param string $src * @param bool $upper + * @param bool $strictPadding * @return string */ - protected static function doDecode(string $src, bool $upper = false): string + protected static function doDecode(string $src, bool $upper = false, bool $strictPadding = false): string { // We do this to reduce code duplication: $method = $upper @@ -185,9 +186,14 @@ abstract class Base32 implements EncoderInterface } } if (($srcLen & 7) === 1) { - throw new \RangeException( - 'Incorrect padding' - ); + if ($strictPadding) { + throw new \RangeException( + 'Incorrect padding' + ); + } else { + $src = \rtrim($src, '='); + $srcLen = Binary::safeStrlen($src); + } } $err = 0; diff --git a/src/Base64.php b/src/Base64.php index 480c851..89289a9 100644 --- a/src/Base64.php +++ b/src/Base64.php @@ -83,10 +83,11 @@ abstract class Base64 implements EncoderInterface * Base64 character set "./[A-Z][a-z][0-9]" * * @param string $src + * @param bool $strictPadding * @return string|bool * @throws \RangeException */ - public static function decode(string $src): string + public static function decode(string $src, bool $strictPadding = false): string { // Remove padding $srcLen = Binary::safeStrlen($src); @@ -102,9 +103,14 @@ abstract class Base64 implements EncoderInterface } } if (($srcLen & 3) === 1) { - throw new \RangeException( - 'Incorrect padding' - ); + if ($strictPadding) { + throw new \RangeException( + 'Incorrect padding' + ); + } else { + $src = \rtrim($src, '='); + $srcLen = Binary::safeStrlen($src); + } } $err = 0; diff --git a/src/EncoderInterface.php b/src/EncoderInterface.php index 79744ce..ca69916 100644 --- a/src/EncoderInterface.php +++ b/src/EncoderInterface.php @@ -35,17 +35,18 @@ interface EncoderInterface * Convert a binary string into a hexadecimal string without cache-timing * leaks * - * @param string $bin_string (raw binary) + * @param string $binString (raw binary) * @return string */ - public static function encode(string $bin_string): string; + public static function encode(string $binString): string; /** * Convert a binary string into a hexadecimal string without cache-timing * leaks * - * @param string $encoded_string + * @param string $encodedString + * @param bool $strictPadding Error on invalid padding * @return string (raw binary) */ - public static function decode(string $encoded_string): string; + public static function decode(string $encodedString, bool $strictPadding = false): string; } diff --git a/src/Hex.php b/src/Hex.php index fac29d8..1d10937 100644 --- a/src/Hex.php +++ b/src/Hex.php @@ -84,23 +84,29 @@ abstract class Hex implements EncoderInterface * leaks * * @param string $hex_string + * @param bool $strictPadding * @return string (raw binary) * @throws \RangeException */ - public static function decode(string $hex_string): string + public static function decode(string $hexString, bool $strictPadding = false): string { $hex_pos = 0; $bin = ''; $c_acc = 0; - $hex_len = Binary::safeStrlen($hex_string); + $hex_len = Binary::safeStrlen($hexString); $state = 0; if (($hex_len & 1) !== 0) { - throw new \RangeException( - 'Expected an even number of hexadecimal characters' - ); + if ($strictPadding) { + throw new \RangeException( + 'Expected an even number of hexadecimal characters' + ); + } else { + $hexString = '0' . $hexString; + ++$hex_len; + } } - $chunk = \unpack('C*', $hex_string); + $chunk = \unpack('C*', $hexString); while ($hex_pos < $hex_len) { ++$hex_pos; $c = $chunk[$hex_pos]; diff --git a/src/RFC4648.php b/src/RFC4648.php index 04af38b..63b2ee6 100644 --- a/src/RFC4648.php +++ b/src/RFC4648.php @@ -57,7 +57,7 @@ abstract class RFC4648 */ public function base64Decode(string $str): string { - return Base64::decode($str); + return Base64::decode($str, true); } /** @@ -83,7 +83,7 @@ abstract class RFC4648 */ public function base64UrlSafeDecode(string $str): string { - return Base64UrlSafe::decode($str); + return Base64UrlSafe::decode($str, true); } /** @@ -109,7 +109,7 @@ abstract class RFC4648 */ public function base32Decode(string $str): string { - return Base32::decodeUpper($str); + return Base32::decodeUpper($str, true); } /** @@ -135,7 +135,7 @@ abstract class RFC4648 */ public function base32HexDecode(string $str): string { - return Base32::decodeUpper($str); + return Base32::decodeUpper($str, true); } /** @@ -161,6 +161,6 @@ abstract class RFC4648 */ public function base16Decode(string $str): string { - return Hex::decode($str); + return Hex::decode($str, true); } }
\ No newline at end of file diff --git a/tests/Base64Test.php b/tests/Base64Test.php index 9eb014b..2fca82a 100644 --- a/tests/Base64Test.php +++ b/tests/Base64Test.php @@ -22,6 +22,12 @@ class Base64Test extends PHPUnit_Framework_TestCase \base64_encode($random), $enc ); + + $unpadded = \rtrim($enc, '='); + $this->assertSame( + $random, + Base64::decode($unpadded, true) + ); } } } |