1<?php
2
3/**
4 * Class ParagonIE_Sodium_Core_Base64UrlSafe
5 *
6 * Copyright (c) 2016 - 2018 Paragon Initiative Enterprises.
7 * Copyright (c) 2014 Steve "Sc00bz" Thomas (steve at tobtu dot com)
8 */
9class ParagonIE_Sodium_Core_Base64_UrlSafe
10{
11 // COPY ParagonIE_Sodium_Core_Base64_Common STARTING HERE
12 /**
13 * Encode into Base64
14 *
15 * Base64 character set "[A-Z][a-z][0-9]+/"
16 *
17 * @param string $src
18 * @return string
19 * @throws TypeError
20 */
21 public static function encode($src)
22 {
23 return self::doEncode($src, true);
24 }
25
26 /**
27 * Encode into Base64, no = padding
28 *
29 * Base64 character set "[A-Z][a-z][0-9]+/"
30 *
31 * @param string $src
32 * @return string
33 * @throws TypeError
34 */
35 public static function encodeUnpadded($src)
36 {
37 return self::doEncode($src, false);
38 }
39
40 /**
41 * @param string $src
42 * @param bool $pad Include = padding?
43 * @return string
44 * @throws TypeError
45 */
46 protected static function doEncode($src, $pad = true)
47 {
48 $dest = '';
49 $srcLen = ParagonIE_Sodium_Core_Util::strlen($src);
50 // Main loop (no padding):
51 for ($i = 0; $i + 3 <= $srcLen; $i += 3) {
52 /** @var array<int, int> $chunk */
53 $chunk = unpack('C*', ParagonIE_Sodium_Core_Util::substr($src, $i, 3));
54 $b0 = $chunk[1];
55 $b1 = $chunk[2];
56 $b2 = $chunk[3];
57
58 $dest .=
59 self::encode6Bits( $b0 >> 2 ) .
60 self::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) .
61 self::encode6Bits((($b1 << 2) | ($b2 >> 6)) & 63) .
62 self::encode6Bits( $b2 & 63);
63 }
64 // The last chunk, which may have padding:
65 if ($i < $srcLen) {
66 /** @var array<int, int> $chunk */
67 $chunk = unpack('C*', ParagonIE_Sodium_Core_Util::substr($src, $i, $srcLen - $i));
68 $b0 = $chunk[1];
69 if ($i + 1 < $srcLen) {
70 $b1 = $chunk[2];
71 $dest .=
72 self::encode6Bits($b0 >> 2) .
73 self::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) .
74 self::encode6Bits(($b1 << 2) & 63);
75 if ($pad) {
76 $dest .= '=';
77 }
78 } else {
79 $dest .=
80 self::encode6Bits( $b0 >> 2) .
81 self::encode6Bits(($b0 << 4) & 63);
82 if ($pad) {
83 $dest .= '==';
84 }
85 }
86 }
87 return $dest;
88 }
89
90 /**
91 * decode from base64 into binary
92 *
93 * Base64 character set "./[A-Z][a-z][0-9]"
94 *
95 * @param string $src
96 * @param bool $strictPadding
97 * @return string
98 * @throws RangeException
99 * @throws TypeError
100 * @psalm-suppress RedundantCondition
101 */
102 public static function decode($src, $strictPadding = false)
103 {
104 // Remove padding
105 $srcLen = ParagonIE_Sodium_Core_Util::strlen($src);
106 if ($srcLen === 0) {
107 return '';
108 }
109
110 if ($strictPadding) {
111 if (($srcLen & 3) === 0) {
112 if ($src[$srcLen - 1] === '=') {
113 $srcLen--;
114 if ($src[$srcLen - 1] === '=') {
115 $srcLen--;
116 }
117 }
118 }
119 if (($srcLen & 3) === 1) {
120 throw new RangeException(
121 'Incorrect padding'
122 );
123 }
124 if ($src[$srcLen - 1] === '=') {
125 throw new RangeException(
126 'Incorrect padding'
127 );
128 }
129 } else {
130 $src = rtrim($src, '=');
131 $srcLen = ParagonIE_Sodium_Core_Util::strlen($src);
132 }
133
134 $err = 0;
135 $dest = '';
136 // Main loop (no padding):
137 for ($i = 0; $i + 4 <= $srcLen; $i += 4) {
138 /** @var array<int, int> $chunk */
139 $chunk = unpack('C*', ParagonIE_Sodium_Core_Util::substr($src, $i, 4));
140 $c0 = self::decode6Bits($chunk[1]);
141 $c1 = self::decode6Bits($chunk[2]);
142 $c2 = self::decode6Bits($chunk[3]);
143 $c3 = self::decode6Bits($chunk[4]);
144
145 $dest .= pack(
146 'CCC',
147 ((($c0 << 2) | ($c1 >> 4)) & 0xff),
148 ((($c1 << 4) | ($c2 >> 2)) & 0xff),
149 ((($c2 << 6) | $c3) & 0xff)
150 );
151 $err |= ($c0 | $c1 | $c2 | $c3) >> 8;
152 }
153 // The last chunk, which may have padding:
154 if ($i < $srcLen) {
155 /** @var array<int, int> $chunk */
156 $chunk = unpack('C*', ParagonIE_Sodium_Core_Util::substr($src, $i, $srcLen - $i));
157 $c0 = self::decode6Bits($chunk[1]);
158
159 if ($i + 2 < $srcLen) {
160 $c1 = self::decode6Bits($chunk[2]);
161 $c2 = self::decode6Bits($chunk[3]);
162 $dest .= pack(
163 'CC',
164 ((($c0 << 2) | ($c1 >> 4)) & 0xff),
165 ((($c1 << 4) | ($c2 >> 2)) & 0xff)
166 );
167 $err |= ($c0 | $c1 | $c2) >> 8;
168 } elseif ($i + 1 < $srcLen) {
169 $c1 = self::decode6Bits($chunk[2]);
170 $dest .= pack(
171 'C',
172 ((($c0 << 2) | ($c1 >> 4)) & 0xff)
173 );
174 $err |= ($c0 | $c1) >> 8;
175 } elseif ($i < $srcLen && $strictPadding) {
176 $err |= 1;
177 }
178 }
179 /** @var bool $check */
180 $check = ($err === 0);
181 if (!$check) {
182 throw new RangeException(
183 'Base64::decode() only expects characters in the correct base64 alphabet'
184 );
185 }
186 return $dest;
187 }
188
189 /**
190 * @param string $encodedString
191 * @return string
192 */
193 public static function decodeNoPadding(
194 #[SensitiveParameter]
195 $encodedString
196 ) {
197 $srcLen = strlen($encodedString);
198 if ($srcLen === 0) {
199 return '';
200 }
201 if (($srcLen & 3) === 0) {
202 // If $strLen is not zero, and it is divisible by 4, then it's at least 4.
203 if ($encodedString[$srcLen - 1] === '=' || $encodedString[$srcLen - 2] === '=') {
204 throw new InvalidArgumentException(
205 "decodeNoPadding() doesn't tolerate padding"
206 );
207 }
208 }
209 return self::decode(
210 $encodedString,
211 true
212 );
213 }
214
215 // COPY ParagonIE_Sodium_Core_Base64_Common ENDING HERE
216 /**
217 * Uses bitwise operators instead of table-lookups to turn 6-bit integers
218 * into 8-bit integers.
219 *
220 * Base64 character set:
221 * [A-Z] [a-z] [0-9] + /
222 * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f
223 *
224 * @param int $src
225 * @return int
226 */
227 protected static function decode6Bits($src)
228 {
229 $ret = -1;
230
231 // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64
232 $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64);
233
234 // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70
235 $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70);
236
237 // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5
238 $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5);
239
240 // if ($src == 0x2c) $ret += 62 + 1;
241 $ret += (((0x2c - $src) & ($src - 0x2e)) >> 8) & 63;
242
243 // if ($src == 0x5f) ret += 63 + 1;
244 $ret += (((0x5e - $src) & ($src - 0x60)) >> 8) & 64;
245
246 return $ret;
247 }
248
249 /**
250 * Uses bitwise operators instead of table-lookups to turn 8-bit integers
251 * into 6-bit integers.
252 *
253 * @param int $src
254 * @return string
255 */
256 protected static function encode6Bits($src)
257 {
258 $diff = 0x41;
259
260 // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6
261 $diff += ((25 - $src) >> 8) & 6;
262
263 // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75
264 $diff -= ((51 - $src) >> 8) & 75;
265
266 // if ($src > 61) $diff += 0x2d - 0x30 - 10; // -13
267 $diff -= ((61 - $src) >> 8) & 13;
268
269 // if ($src > 62) $diff += 0x5f - 0x2b - 1; // 3
270 $diff += ((62 - $src) >> 8) & 49;
271
272 return pack('C', $src + $diff);
273 }
274}
275