| 1 | <?php
|
|---|
| 2 | declare(strict_types=1);
|
|---|
| 3 | namespace ParagonIE\ConstantTime;
|
|---|
| 4 |
|
|---|
| 5 | use TypeError;
|
|---|
| 6 |
|
|---|
| 7 | /**
|
|---|
| 8 | * Copyright (c) 2016 - 2022 Paragon Initiative Enterprises.
|
|---|
| 9 | * Copyright (c) 2014 Steve "Sc00bz" Thomas (steve at tobtu dot com)
|
|---|
| 10 | *
|
|---|
| 11 | * Permission is hereby granted, free of charge, to any person obtaining a copy
|
|---|
| 12 | * of this software and associated documentation files (the "Software"), to deal
|
|---|
| 13 | * in the Software without restriction, including without limitation the rights
|
|---|
| 14 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|---|
| 15 | * copies of the Software, and to permit persons to whom the Software is
|
|---|
| 16 | * furnished to do so, subject to the following conditions:
|
|---|
| 17 | *
|
|---|
| 18 | * The above copyright notice and this permission notice shall be included in all
|
|---|
| 19 | * copies or substantial portions of the Software.
|
|---|
| 20 | *
|
|---|
| 21 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|---|
| 22 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|---|
| 23 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|---|
| 24 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|---|
| 25 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|---|
| 26 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|---|
| 27 | * SOFTWARE.
|
|---|
| 28 | */
|
|---|
| 29 |
|
|---|
| 30 | /**
|
|---|
| 31 | * Class Binary
|
|---|
| 32 | *
|
|---|
| 33 | * Binary string operators that don't choke on
|
|---|
| 34 | * mbstring.func_overload
|
|---|
| 35 | *
|
|---|
| 36 | * @package ParagonIE\ConstantTime
|
|---|
| 37 | */
|
|---|
| 38 | abstract class Binary
|
|---|
| 39 | {
|
|---|
| 40 | /**
|
|---|
| 41 | * Safe string length
|
|---|
| 42 | *
|
|---|
| 43 | * @ref mbstring.func_overload
|
|---|
| 44 | *
|
|---|
| 45 | * @param string $str
|
|---|
| 46 | * @return int
|
|---|
| 47 | */
|
|---|
| 48 | public static function safeStrlen(
|
|---|
| 49 | #[\SensitiveParameter]
|
|---|
| 50 | string $str
|
|---|
| 51 | ): int {
|
|---|
| 52 | if (\function_exists('mb_strlen')) {
|
|---|
| 53 | // mb_strlen in PHP 7.x can return false.
|
|---|
| 54 | /** @psalm-suppress RedundantCast */
|
|---|
| 55 | return (int) \mb_strlen($str, '8bit');
|
|---|
| 56 | } else {
|
|---|
| 57 | return \strlen($str);
|
|---|
| 58 | }
|
|---|
| 59 | }
|
|---|
| 60 |
|
|---|
| 61 | /**
|
|---|
| 62 | * Safe substring
|
|---|
| 63 | *
|
|---|
| 64 | * @ref mbstring.func_overload
|
|---|
| 65 | *
|
|---|
| 66 | * @staticvar boolean $exists
|
|---|
| 67 | * @param string $str
|
|---|
| 68 | * @param int $start
|
|---|
| 69 | * @param ?int $length
|
|---|
| 70 | * @return string
|
|---|
| 71 | *
|
|---|
| 72 | * @throws TypeError
|
|---|
| 73 | */
|
|---|
| 74 | public static function safeSubstr(
|
|---|
| 75 | #[\SensitiveParameter]
|
|---|
| 76 | string $str,
|
|---|
| 77 | int $start = 0,
|
|---|
| 78 | ?int $length = null
|
|---|
| 79 | ): string {
|
|---|
| 80 | if ($length === 0) {
|
|---|
| 81 | return '';
|
|---|
| 82 | }
|
|---|
| 83 | if (\function_exists('mb_substr')) {
|
|---|
| 84 | return \mb_substr($str, $start, $length, '8bit');
|
|---|
| 85 | }
|
|---|
| 86 | // Unlike mb_substr(), substr() doesn't accept NULL for length
|
|---|
| 87 | if ($length !== null) {
|
|---|
| 88 | return \substr($str, $start, $length);
|
|---|
| 89 | } else {
|
|---|
| 90 | return \substr($str, $start);
|
|---|
| 91 | }
|
|---|
| 92 | }
|
|---|
| 93 | }
|
|---|
