Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:119243 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 96428 invoked from network); 9 Jan 2023 18:49:41 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 9 Jan 2023 18:49:41 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id E14261804F7 for ; Mon, 9 Jan 2023 10:49:40 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: **** X-Spam-Status: No, score=4.0 required=5.0 tests=BAYES_50, HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-qk1-f176.google.com (mail-qk1-f176.google.com [209.85.222.176]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Mon, 9 Jan 2023 10:49:40 -0800 (PST) Received: by mail-qk1-f176.google.com with SMTP id p12so4673871qkm.0 for ; Mon, 09 Jan 2023 10:49:40 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=pG++h6xq/Oe7srIR6mppPd2CndjnOh7SQBToLs+uVhg=; b=uqa3opf6usk7W9fmKXtmNQtJg+tH3kTuSG7cYP03jtVlOAGK6YwJ6WfIr5To3osu+o JOgtip5dDGAAaLrPPIS+yJG4pvXdlXBc6/+HKt1OTbvrpESa5MznY0bGYc47E3zzb9oP zwH6wKa0kILBBfnDgHlLJAkCcYlS3hBIdJENfmA/82eUmXgyUEnRbyJs2g7MajxLniJv /bDYul+p86t3w+jT0nFiKjI0dHjqKFvx/w1APi68UoJ5LszEFwkCGkxPxsFeH1MNXGhA 7Ms8Y1dBmlrGFfw4x05SFM69HT9Ox4QZMbmtECUaabVhc41iKvIfigqZI9RyYmIroFn9 mOSw== X-Gm-Message-State: AFqh2kp2oszOyqUya7ZeHPo3BKajCxHg34Xb0YEmtsqOBpCSmrHEPSms b5FlJj4o2nJN9XdX0HWgJi9n5A/sDLnQJEUkO2CMjFweFJ1fJK8eP24= X-Google-Smtp-Source: AMrXdXtiekYSc0c7KIWlxeyWHqYhOiFnr0fET7L6ulA4eJSCRZvWTrCKnN66xq/LogVnAWctYiuLtFoVyIAIU3eWlhI= X-Received: by 2002:a37:de09:0:b0:705:70cc:ec5b with SMTP id h9-20020a37de09000000b0070570ccec5bmr1094639qkj.285.1673290179456; Mon, 09 Jan 2023 10:49:39 -0800 (PST) MIME-Version: 1.0 Date: Mon, 9 Jan 2023 12:49:28 -0600 Message-ID: To: PHP internals Content-Type: multipart/alternative; boundary="000000000000c181bb05f1d93a78" Subject: base64url format From: pollita@php.net (Sara Golemon) --000000000000c181bb05f1d93a78 Content-Type: text/plain; charset="UTF-8" I've been working with JWTs lately and that means working with Base64URL format. (Ref: https://www.rfc-editor.org/rfc/rfc4648#section-5 ) This is essentially the same thing as normal Base64, but instead of '+' and '/', it uses '-' and '_', respectively. It also allows leaving off the training '=' padding characters. So far, I've just been including polyfills like this: function base64url_decode(string $str): string { return base64_decode(str_pad(strtr($str, '-_', '+/'), (4 - (strlen($str) % 4)) % 4, '=')); } function base64_encode(string $str): string { return rtrim(strtr(base64_encode($str), '+/', '-_'), '='); } These work fine, but they create a LOT of string copies along the way which shouldn't be necessary. Would anyone mind if skipped RFC and just added `base64url_encode()` and `base64url_decode()` to PHP 8.3? Can hold a vote if anyone objects, but this seems fairly non-controversial. -Sara --000000000000c181bb05f1d93a78--