Constant-Time Character Encoding in PHP Projects
Home Page: https://paragonie.com/blog/2016/06/constant-time-encoding-boring-cryptography-rfc-4648-and-you
License: Other
Edit: So for hours now I have been trying to get to the bottom of this to give you more details.
All I have managed to find out is that it only effects PHP 8 RC3 when JIT Enabled.
It doesn't always happen either... I cannot get a reliable reproducer - except that when I deploy to production it reproduces within moments and kills my live service.
I cannot replicate ever - even in production - when PHP preloading & JIT is disabled.
constant_time_encoding/src/Binary.php
Line 76 in 751efde
TypeError: mb_substr(): Argument #3 ($length) must be of type ?int, null given
#34 /vendor/paragonie/constant_time_encoding/src/Binary.php(76): mb_substr
#33 /vendor/paragonie/constant_time_encoding/src/Binary.php(76): ParagonIE\ConstantTime\Binary::safeSubstr
#32 /vendor/paragonie/hidden-string/src/HiddenString.php(173): ParagonIE\HiddenString\HiddenString::safeStrcpy
#31 /vendor/paragonie/hidden-string/src/HiddenString.php(56): ParagonIE\HiddenString\HiddenString::__construct
#30 /vendor/paragonie/halite/src/Symmetric/Crypto.php(208): ParagonIE\Halite\Symmetric\Crypto::decryptWithAd
#29 /vendor/paragonie/halite/src/Symmetric/Crypto.php(105): ParagonIE\Halite\Symmetric\Crypto::decrypt
#28 /vendor/philetaylor/doctrine-encrypt/Encryptors/HaliteEncryptor.php(82): Philetaylor\DoctrineEncryptBundle\Encryptors\HaliteEncryptor::decrypt
I don't think there's any reason to add these, since they're not covered by RFC 4648 and the only people who would be interested are BitCoin enthusiasts (which have very little overlap with the PHP community).
Happy to be proven wrong, though.
Base64Url doesn't have tailing = at the end, but Base64UrlSafe::encode produces those padding chars.
(Just for complete RFC 4648 coverage)
https://twitter.com/FiloSottile/status/1157776085955878913
$b = Base64::decode('00==');
echo Base64::encode($b);
Outputs 0w==
constant_time_encoding/tests/Base64Test.php
Lines 27 to 34 in 751efde
Should one of these test against encodeUnpadded like for Base32:
constant_time_encoding/tests/Base32Test.php
Lines 24 to 27 in 751efde
Just wanted to note that the copyright year may be updated to 2022 for
since all of were changed 23 days ago (see also LICENSE.txt) ๐
The subject says it all, I am using the gelf-php project, which uses this as a depedency and I am getting this error.
PHP Parse error: syntax error, unexpected ':', expecting ';' or '{' in paragonie/constant_time_encoding/src/Binary.php on line 46c
Just for the sake of total RFC 4648 compliance.
Hi,
which version of this package can I use to support both PHP 5.6 and 8.x?
I am not happy about having to do that, however, I am creating a WordPress plugin so I have to support what WP supports :/
Thanks
Using n from https://www.rfc-editor.org/rfc/rfc7517#appendix-A.1 throws an exception in v2.6.3:
<?php
require __DIR__ . '/vendor/autoload.php';
use ParagonIE\ConstantTime\Base64;
$str = '0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw';
$str = Base64::decode($str);
echo strlen($str);base64_decode has no problem with $str, altho neither sodium_base642bin($str, SODIUM_BASE64_VARIANT_ORIGINAL) nor sodium_base642bin($str, SODIUM_BASE64_VARIANT_URLSAFE) like the string.
They still work with 2.6.0.
Possibly related to #44.
$ vendor/bin/phpunit --verbose
PHPUnit 9.5.20 #StandWithUkraine
Runtime: PHP 8.1.6
Configuration: /home/X/Projects/constant_time_encoding/phpunit.xml.dist
.E.....E.......................................... 50 / 50 (100%)
Time: 00:01.520, Memory: 12.00 MB
There were 2 errors:
1) ParagonIE\ConstantTime\Tests\Base32HexTest::testDecodeNoPadding
Uninitialized string offset 8
/home/X/Projects/constant_time_encoding/src/Base32.php:200
/home/X/Projects/constant_time_encoding/tests/Base32HexTest.php:59
2) ParagonIE\ConstantTime\Tests\Base32Test::testDecodeNoPadding
Uninitialized string offset 8
/home/X/Projects/constant_time_encoding/src/Base32.php:200
/home/X/Projects/constant_time_encoding/tests/Base32Test.php:80
ERRORS!
Tests: 50, Assertions: 49865, Errors: 2.
The docblock reads "Convert a hexadecimal string into a binary string without cache-timing leaks". This doesn't happen to be the case.
<?php
use \ParagonIE\ConstantTime\Hex;
require __DIR__.'/vendor/autoload.php';
function random_hexadecimal_string()
{
$string = '';
for ($i=0; $i<32; $i++) {
$string .= chr( rand( 65, 90 ) );
}
return $string;
}
for ($i = 0; $i < 10; $i++) {
try {
$string = random_hexadecimal_string();
echo Hex::decode($string);
echo "\n";
} catch (\Exception $e) {
echo "fail: {$string}\n";
}
}
for ($i = 0; $i < 10; $i++) {
try {
$string = random_int(0, 999999999999999999);
echo Hex::decode($string);
echo "\n";
} catch (\Exception $e) {
echo "fail: {$string}\n";
}
}
Fails for all the hex decimal strings I've randomly generated.
I'm curious if there is any specific reason that you haven't used libsodium for constant-time Base64 generation...
sodium_bin2base64($data, SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING);
PHP Fatal error: Cannot declare interface EncoderInterface, because the name is already in use in ParagonIE/ConstantTime/EncoderInterface.php
Getting this error on console
libpng warning: iCCP: known incorrect sRGB profile
when using ParagonIE\ConstantTime\Encoding::hexEncode(random_bytes(16));
Please what are the ways to fix this.
The improvement for #28 recently released apparently contains a bug:
v2.5.0...v2.6.0#diff-267a11d22b48ca8dca6098fb78158b854362f5d98cfdc344de1f17c7d8b5da6bR199-R205
I think line 200 should have been encodedString[$srcLen - $j].
Would it be possible to release v1.0.2 with the fixes queued in the v1.x branch? I'm looking forward to be able to consistently catch \RangeException on decode failures.
In the following code I have one string that I test against Base64::decode() and against base64_decode() and each one behaves differently.
First, my code:
<?php
require __DIR__ . '/vendor/autoload.php';
use ParagonIE\ConstantTime\Base64;
$str = 'MIIFzzCCBLegAwIBAgIDAfdlMA0GCSqGSIb3DQEBBQUAMHMxCzAJBgNVBAYTAlBM
MSgwJgYDVQQKDB9LcmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMSQwIgYD
VQQDDBtDT1BFIFNaQUZJUiAtIEt3YWxpZmlrb3dhbnkxFDASBgNVBAUTC05yIHdw
aXN1OiA2MB4XDTExMTEwOTA2MDAwMFoXDTEzMTEwOTA2MDAwMFowgdkxCzAJBgNV
BAYTAlBMMRwwGgYDVQQKDBNVcnrEhWQgTWlhc3RhIEdkeW5pMRswGQYDVQQFExJQ
RVNFTDogNjEwNjA2MDMxMTgxGTAXBgNVBAMMEEplcnp5IFByemV3b3Jza2kxTzBN
BgNVBBAwRgwiQWwuIE1hcnN6YcWCa2EgUGnFgnN1ZHNraWVnbyA1Mi81NAwNODEt
MzgyIEdkeW5pYQwGUG9sc2thDAlwb21vcnNraWUxDjAMBgNVBCoMBUplcnp5MRMw
EQYDVQQEDApQcnpld29yc2tpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCM
m5vjGqHPthJCMqKpqssSISRos0PYDTcEQzyyurfX67EJWKtZj6HNwuDMEGJ02iBN
ZfjUl7r8dIi28bSKhNlsfycXZKYRcIjp0+r5RqtR2auo9GQ6veKb61DEAGIqaR+u
LLcJVTHCu0w9oXLGbRlGth5eNoj03CxXVAH2IfhbNwIDAQABo4IChzCCAoMwDAYD
VR0TAQH/BAIwADCCAUgGA1UdIAEB/wSCATwwggE4MIIBNAYJKoRoAYb3IwEBMIIB
JTCB3QYIKwYBBQUHAgIwgdAMgc1EZWtsYXJhY2phIHRhIGplc3Qgb8Wbd2lhZGN6
ZW5pZW0gd3lkYXdjeSwgxbxlIHRlbiBjZXJ0eWZpa2F0IHpvc3RhxYIgd3lkYW55
IGpha28gY2VydHlmaWthdCBrd2FsaWZpa293YW55IHpnb2RuaWUgeiB3eW1hZ2Fu
aWFtaSB1c3Rhd3kgbyBwb2RwaXNpZSBlbGVrdHJvbmljem55bSBvcmF6IHRvd2Fy
enlzesSFY3ltaSBqZWogcm96cG9yesSFZHplbmlhbWkuMEMGCCsGAQUFBwIBFjdo
dHRwOi8vd3d3Lmtpci5jb20ucGwvY2VydHlmaWthY2phX2tsdWN6eS9wb2xpdHlr
YS5odG1sMAkGA1UdCQQCMAAwIQYDVR0RBBowGIEWai5wcnpld29yc2tpQGdkeW5p
YS5wbDAOBgNVHQ8BAf8EBAMCBkAwgZ4GA1UdIwSBljCBk4AU3TGldJXipN4oGS3Z
YmnBDMFs8gKhd6R1MHMxCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9LcmFqb3dhIEl6
YmEgUm96bGljemVuaW93YSBTLkEuMSQwIgYDVQQDDBtDT1BFIFNaQUZJUiAtIEt3
YWxpZmlrb3dhbnkxFDASBgNVBAUTC05yIHdwaXN1OiA2ggJb9jBIBgNVHR8EQTA/
MD2gO6A5hjdodHRwOi8vd3d3Lmtpci5jb20ucGwvY2VydHlmaWthY2phX2tsdWN6
eS9DUkxfT1pLMzIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBYPIqnAreyeql7/opJ
jcar/qWZy9ruhB2q0lZFsJOhwgMnbQXzp/4vv93YJqcHGAXdHP6EO8FQX47mjo2Z
KQmi+cIHJHLONdX/3Im+M17V0iNAh7Z1lOSfTRT+iiwe/F8phcEaD5q2RmvYusR7
zXZq/cLL0If0hXoPZ/EHQxjN8pxzxiUx6bJAgturnIMEfRNesxwghdr1dkUjOhGL
f3kHVzgM6j3VAM7oFmMUb5y5s96Bzl10DodWitjOEH0vvnIcsppSxH1C1dCAi0o9
f/1y2XuLNhBNHMAyTqpYPX8Yvav1c+Z50OMaSXHAnTa20zv8UtiHbaAhwlifCelU
Mj93S';
$str = preg_replace('#[\r\n]#', '', $str);
echo strlen(base64_decode($str)) . "\n";
echo strlen(Base64::decode($str)) . "\n";
When I run that code I get the following output:
1491
Fatal error: Uncaught RangeException: Incorrect padding in /path/to/vendor/paragonie/constant_time_encoding/src/Base64.php:105
Stack trace:
#0 /path/to/test.php(42): ParagonIE\ConstantTime\Base64::decode('MIIFzzCCBLegAwI...')
#1 {main} thrown in /path/to/vendor/paragonie/constant_time_encoding/src/Base64.php on line 105
Any ideas? I was under the impression Base64::decode() was supposed to be a drop in replacement for base64_decode.
constant_time_encoding/src/Base64.php
Line 87 in aa342bf
In which situation can this method return a bool?
It's been a while since the last release and the changes from #48 which are somewhat security-sensitive are still pending. Could you release a new version?
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.