Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:119244
Return-Path: <cmbecker69@gmx.de>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 98214 invoked from network); 9 Jan 2023 18:55:39 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 9 Jan 2023 18:55:39 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 197FC1804B4;
	Mon,  9 Jan 2023 10:55:39 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT,
	FREEMAIL_FROM,NICE_REPLY_A,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS8560 212.227.0.0/16
X-Spam-Virus: No
X-Envelope-From: <cmbecker69@gmx.de>
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS;
	Mon,  9 Jan 2023 10:55:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.de; s=s31663417;
	t=1673290537; bh=E0Xp4IGusRjIoUC1mP7WHwHZMnb87wmQ1637ne86YgY=;
	h=X-UI-Sender-Class:Date:Subject:To:References:From:In-Reply-To;
	b=fewbP4DOn4UxECtyJdkMkZpKQYFp4kXVwUWVisigOI0/mGLqQiZd7V2Qsygg5hc2N
	 vHy0CGBU+gTPSELmmFDnKo5fj17ts+K3HDyeFmDYJq1dIauFV9d05SqjwMvCIP5Gdf
	 rQpoXQaMSxjsewo7Tj1TRjuR2p61IrLazgS+5j6VXk7Z3JQjd9EG5QTE7y0gCwO+Zd
	 9Ercc8UcIFEWv7nh+IBPL2cJmvul7cbYtmHhzVlKDUsdhIt7RjvPWiqbMvTmdy0oAj
	 t+VX9YVkggcAT2UHd9lj7b9dR4FOr6R+fPP/IiTiW/JWEBUhpuJOYxPs0raXzsPCX0
	 BeGWtN4ydvCLA==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from [192.168.2.130] ([79.220.80.221]) by mail.gmx.net (mrgmx005
 [212.227.17.190]) with ESMTPSA (Nemesis) id 1Mt75H-1ovVbt3p0L-00tPx0; Mon, 09
 Jan 2023 19:55:36 +0100
Message-ID: <09cd3838-6246-11b6-5201-33710bee70f2@gmx.de>
Date: Mon, 9 Jan 2023 19:55:36 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.6.1
To: Sara Golemon <pollita@php.net>, PHP internals <internals@lists.php.net>
References: <CAESVnVo3NyM_RGybyLQSko0F=fBSnSWG3gkVZtU-DS8W=79fdA@mail.gmail.com>
In-Reply-To: <CAESVnVo3NyM_RGybyLQSko0F=fBSnSWG3gkVZtU-DS8W=79fdA@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:27fsYRWT1WChWl9a9S8ZnDt+jtjKDFdqXLcu73ZxlX/zLq8dscw
 82CH0GtlmIBwRCWj94wlnggUDc2PEFr5iYYtQT7RafJ+05P2sUayzLYYO+9qIkQwq30SKjb
 LxMsdiqeW6zc/8563gJXXsqLFzc0dOvr6+4utFTQAVbL5TLf2O94D/pY3sgckxe1YKgM5Yx
 I1ySjpJYDPm2nu8YlT6yQ==
UI-OutboundReport: notjunk:1;M01:P0:B5qviYeH7qc=;tPbD7o0zWu6jcz14mHwFnzqPtX/
 ggk3HKMo4pOK4MBh8+TZ4S6R8UPziU1f+RcQfEdqfyQ3GIitJwEadbNu4osb/6mQIhVSXCQ73
 4tEgGLEqkSQ0WI8wTDW+nECseTu2ukc69e+jWJmP0hqIYJhK6tPCws1iJl1PBDMi67HA6fdBB
 pNSuPiOhZ7iq0eUUC6RgDaDi7SavTteJXfaK8gTxyOk8sDQR5uyesAM9i5NZMicaMxgutIrSf
 gBnFxCeF5WUgX9pT4pTbG6fuMg1cb42h7DSGKooDt08xXTjIMCE7Mo+OD+4BmluxGwSqir3RJ
 KWMhcl7SspL2WDXMuleOiZpZw5C5VjJWeF41fBWzRsxxt/amdfrqD1By2P/90U401a1cY2s/m
 Yn/iROidjpz1oGt0I5ODIXgSKQurS4SPxTqc1KiAZg6+bbDxIEShQA6hYFgo1QZFfdW/PycJ3
 M76FKxo75ooAywCivwF6LOefWqxCZb1e/Nriaz0vo6j2LJdKwF4LUvxWnzNX3Mz2rPSinHmLe
 ASQ7DzKe6jfjenpYFGJ6MTDbqUxDt0fv3abytnOLxlyshRAxWf/PliKZSPCv/LXGm2KwTfOSb
 8I0WsrIBCYTrQtquscJ9cD04sT2beCsjuojNRL0WmHhBkDS5nQy1VNYKV3VGbcc24mt25H45f
 eJyFTA3aFWMS4zv6vDkdHsmBAUnAAFLBBDXKYpeehZeFGfzQeAoVjVkvOQB8K8GDyrncry3w2
 RxflSnqiDER6uPZimhRU1LZeoSvQ7gPVmyMJIVIJj4Hv112LGa+mAqlbnG5rUfHeM2aKU3EH1
 zuBtMSe4pf7CI7g/47KTtu0WWrKQxjZSgeFtXrfIu77y0724JRI9cCuwpkwqv3plB4VOsL2X2
 jjYVx7epI8k7vC47IRU7DvfdFtZzPUIISjTJFbRdW4aBj3eHM5/5hHUwYtmXE5UQvZj1nGDTS
 S2RqOA==
Subject: Re: base64url format
From: cmbecker69@gmx.de ("Christoph M. Becker")

On 09.01.2023 at 19:49, Sara Golemon wrote:

> I've been working with JWTs lately and that means working with Base64URL
> format. (Ref: https://www.rfc-editor.org/rfc/rfc4648#section-5 )
> This is essentially the same thing as normal Base64, but instead of '+' =
and
> '/', it uses '-' and '_', respectively. It also allows leaving off the
> training '=3D' padding characters.
>
> So far, I've just been including polyfills like this:
>
> function base64url_decode(string $str): string {
>     return base64_decode(str_pad(strtr($str, '-_', '+/'), (4 -
> (strlen($str) % 4)) % 4, '=3D'));
> }
>
> function base64_encode(string $str): string {
>     return rtrim(strtr(base64_encode($str), '+/', '-_'), '=3D');
> }
>
> These work fine, but they create a LOT of string copies along the way wh=
ich
> shouldn't be necessary.
> Would anyone mind if skipped RFC and just added `base64url_encode()` and
> `base64url_decode()` to PHP 8.3?
>
> Can hold a vote if anyone objects, but this seems fairly non-controversi=
al.

IMO, go with a PR first.  If that is controversial, an RFC can still be
done.

I, personally, would be more interested in base32, but that's another stor=
y.

=2D-
Christoph M. Becker