Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:122643
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by qa.php.net (Postfix) with ESMTPS id 039921AD8F6
	for <internals@lists.php.net>; Thu, 14 Mar 2024 20:32:09 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1710448347; bh=tHVA0z/pLS+/v5jlvVwvxui2s3oMmPGbz7lIfDmdSJg=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=OCtBdNSShi4IVQCUx0C53I0wZLfPxjfwfIWNgL/lgfIdQJX7xUO3q/m1IvQrI5Ona
	 Sgt1bboPro7wUsPsTLqlcZgzJuTwKia65oUFYy+sPBw0tCXrQMW7FPPR5CSr8ug0q/
	 PJ4lYacipmbyNtu89ZXzZ24zDq5b3u+dU0IPVH34czkrc3x24qi3MfD7CAnRzZTWGw
	 0H4SRnl/UNgUkmI4BlejCXJHFyiORJxA/1wI3rNDYO4uBg766HVd14vWgltuAuMbg0
	 jmzDxszQErmiKaB3QlkfcTGLc9UHVGttawLN5lt/dJOejOfoMcv05xk7zKjjVp8ddY
	 jE88mA3GxIVXA==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 3099A18005A
	for <internals@lists.php.net>; Thu, 14 Mar 2024 20:32:23 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,HTML_MESSAGE,
	SPF_HELO_SOFTFAIL,SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY
	autolearn=no autolearn_force=no version=4.0.0
X-Spam-Virus: No
X-Envelope-From: <yohgaki@ohgaki.net>
Received: from mx3.es-i.jp (gw1.es-i.jp [180.42.98.129])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Thu, 14 Mar 2024 20:32:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=ohgaki.net; s=default; h=MIME-Version:References:In-Reply-To:
	From:Date:Message-ID:Subject:To:Cc:Content-Type; bh=gViU3FUOBvzG
	VfBUQnEteSVbZdQ6epXM3TT34f5V17Y=; b=HaiT27zXkw9aJgrRDSCeZ7YX5k3p
	SZQRNtqkeyPLZ1xZnk5QhH+ewDoP4gpMIT5v5HDVv0rJDMspvga3TGiBlkqfZErI
	4xbol9GT8WePjfrITZQ/Ws8SypGRA6Zlws9xlGqWziLAiWX8BCXrJ3mkru8aUgIb
	XPmCUwQNqBenEIY8IkhdsqqEVYt6U8q8L2Wc2bWCT0I7vNX9KCb+Zt8zhB2ouNzN
	PApnryK9Z76EoH93W8fall8RtRtySoY/Esmt+2xd+CMIjq2PR0WRQhEcbzsrIJMx
	oNsrWtp0KRSuV9+PLkSbtm6aWgVa3Jk9cS4hP/IkJyPnN35Y7wF5Dxm0aw==
Received: (qmail 13983 invoked by uid 89); 14 Mar 2024 20:31:58 +0000
Received: from mail-oa1-f50.google.com (yohgaki@ohgaki.net)
  by mx3.es-i.jp with ESMTPA; 14 Mar 2024 20:31:58 +0000
Received: by mail-oa1-f50.google.com with SMTP id 586e51a60fabf-2218da9620cso948118fac.3
        for <internals@lists.php.net>; Thu, 14 Mar 2024 13:31:58 -0700 (PDT)
X-Gm-Message-State: AOJu0YxoZHhit5mEtx+5iXaUjg2lF4bp3nDa7GVipb/XJhOJAc3YJ29l
	8t/k/vOi22lqs0d3fpfCskjCJ0JrhvHwwY3XccSEsCepw2BYfhD0RoMZsJ7HFH90fignoLQl3K4
	LoUShAuPuDPkbM0kqRWCq5+VjGA==
X-Google-Smtp-Source: AGHT+IGA8BNIn9lchBGKoiSVSBAwz8tPGeWeR0mFgXxauWOYarl8AAXIN8AqeJd8mdDHWPLZs0wnys2UIVJuQKTRqHk=
X-Received: by 2002:a05:6870:e995:b0:222:6b41:dc67 with SMTP id
 r21-20020a056870e99500b002226b41dc67mr2075421oao.0.1710448313815; Thu, 14 Mar
 2024 13:31:53 -0700 (PDT)
Precedence: bulk
list-help: <mailto:internals+help@lists.php.net
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: internals.lists.php.net
MIME-Version: 1.0
References: <9114cbe3-2b9c-4037-856b-20afc8f96f95@FamilleCollet.com>
In-Reply-To: <9114cbe3-2b9c-4037-856b-20afc8f96f95@FamilleCollet.com>
Date: Fri, 15 Mar 2024 05:31:17 +0900
X-Gmail-Original-Message-ID: <CAGa2bXbBrH2VjNaD8NMbQMH4UhXSWi4_8kbQYmLNLTW-BAf4yw@mail.gmail.com>
Message-ID: <CAGa2bXbBrH2VjNaD8NMbQMH4UhXSWi4_8kbQYmLNLTW-BAf4yw@mail.gmail.com>
Subject: Re: [PHP-DEV] base64_encode without padding
To: Remi Collet <Fedora@famillecollet.com>
Cc: php internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="00000000000026e5e10613a4c8b6"
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--00000000000026e5e10613a4c8b6
Content-Type: text/plain; charset="UTF-8"

>
> I think padding should be optional (on by default to keep BC)
>
> Of course in user land, simple to write
>
>    $enc = trim(base64_encode('foo'), '=');
>
> This proposal allow to simply use
>
>    $enc = base64_encode('foo', PHP_BASE64_NO_PADDING);
>
>
Please add PHP_BASE64_URL flag also.
BASE64 URL encoding (URL safe Base64 encoding) is used everywhere.
i.e. str_replace(['+','/','='], ['-','_',''], base64_encode($str);

https://base64.guru/standards/base64url

Decoding should be extended.
i.e. base64_decode($encoded, PHP_BASE64_URL)

Adding PHP_BASE64_STRICT flag may be reasonable, that requires specific
encoding strictly for decoding.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net



> And also expose it for extension as
>
>    PHPAPI extern zend_string *php_base64_encode_ex
>      (const unsigned char *, size_t, zend_long flags);
>
>
> Use case: for ARGON2 password hashing
> see https://github.com/php/php-src/pull/13635
>
> It may seems ugly to add and remove th padding char
>
> Is a RFC needed for such a minor feature ?
>
>
> Remi
>

--00000000000026e5e10613a4c8b6
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_quote"><blockquote class=3D"gmail_quot=
e" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204)=
;padding-left:1ex">I think padding should be optional (on by default to kee=
p BC)<br>
<br>
Of course in user land, simple to write<br>
<br>
=C2=A0 =C2=A0$enc =3D trim(base64_encode(&#39;foo&#39;), &#39;=3D&#39;);<br=
>
<br>
This proposal allow to simply use<br>
<br>
=C2=A0 =C2=A0$enc =3D base64_encode(&#39;foo&#39;, PHP_BASE64_NO_PADDING);<=
br>
<br></blockquote><div><br></div><div><div dir=3D"ltr" class=3D"gmail_signat=
ure">Please add PHP_BASE64_URL flag also.<br></div><div class=3D"gmail_sign=
ature">BASE64 URL encoding (URL safe Base64 encoding) is=C2=A0used everywhe=
re.<br></div><div class=3D"gmail_signature">i.e.=C2=A0str_replace([&#39;+&#=
39;,&#39;/&#39;,&#39;=3D&#39;], [&#39;-&#39;,&#39;_&#39;,&#39;&#39;], base6=
4_encode($str);</div><div class=3D"gmail_signature"><br></div><div class=3D=
"gmail_signature"><div dir=3D"ltr" class=3D"gmail_signature"><a href=3D"htt=
ps://base64.guru/standards/base64url" target=3D"_blank">https://base64.guru=
/standards/base64url</a><br></div><div dir=3D"ltr" class=3D"gmail_signature=
"><br></div><div class=3D"gmail_signature">Decoding should be extended.</di=
v></div><div class=3D"gmail_signature">i.e. base64_decode($encoded, PHP_BAS=
E64_URL)=C2=A0</div><div class=3D"gmail_signature"><br></div><div class=3D"=
gmail_signature">Adding PHP_BASE64_STRICT flag may be reasonable, that requ=
ires=C2=A0specific encoding strictly for decoding.</div><div dir=3D"ltr" cl=
ass=3D"gmail_signature"><br></div><div class=3D"gmail_signature">Regards,</=
div><div dir=3D"ltr" class=3D"gmail_signature"><br></div><div dir=3D"ltr" c=
lass=3D"gmail_signature">--<br>Yasuo Ohgaki <br><a href=3D"mailto:yohgaki@o=
hgaki.net" target=3D"_blank">yohgaki@ohgaki.net</a></div></div><div dir=3D"=
ltr" class=3D"gmail_signature"><br></div><div>=C2=A0</div><blockquote class=
=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rg=
b(204,204,204);padding-left:1ex">
And also expose it for extension as<br>
<br>
=C2=A0 =C2=A0PHPAPI extern zend_string *php_base64_encode_ex<br>
=C2=A0 =C2=A0 =C2=A0(const unsigned char *, size_t, zend_long flags);<br>
<br>
<br>
Use case: for ARGON2 password hashing<br>
see <a href=3D"https://github.com/php/php-src/pull/13635" rel=3D"noreferrer=
" target=3D"_blank">https://github.com/php/php-src/pull/13635</a><br>
<br>
It may seems ugly to add and remove th padding char<br>
<br>
Is a RFC needed for such a minor feature ?<br>
<br>
<br>
Remi<br>
</blockquote></div></div>

--00000000000026e5e10613a4c8b6--