From 4b5f1cb2dd3da78576ebfe4c723808d9317ac2f8 Mon Sep 17 00:00:00 2001 From: Cyperghost Date: Mon, 19 Feb 2024 12:31:22 +0100 Subject: [PATCH] Remove using of `Binary::safeStrlen` --- .../lib/system/service/worker/Encryption.class.php | 11 +++++------ .../service/worker/ServiceWorkerHandler.class.php | 6 ++---- .../files/lib/system/service/worker/Util.class.php | 2 +- .../files/lib/system/service/worker/VAPID.class.php | 3 +-- 4 files changed, 9 insertions(+), 13 deletions(-) diff --git a/wcfsetup/install/files/lib/system/service/worker/Encryption.class.php b/wcfsetup/install/files/lib/system/service/worker/Encryption.class.php index 8a628b8740..7a9a595d4a 100644 --- a/wcfsetup/install/files/lib/system/service/worker/Encryption.class.php +++ b/wcfsetup/install/files/lib/system/service/worker/Encryption.class.php @@ -8,7 +8,6 @@ use Jose\Component\Core\Util\ECKey; use Jose\Component\KeyManagement\JWKFactory; use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64UrlSafe; -use ParagonIE\ConstantTime\Binary; use wcf\data\service\worker\ServiceWorker; /** @@ -104,9 +103,9 @@ final class Encryption return \str_pad($result, 32, "\x00", STR_PAD_LEFT); } - private static function addPadding(string $payload, string $contentEncoding): string + private static function addPadding(#[\SensitiveParameter] string $payload, string $contentEncoding): string { - $length = Binary::safeStrlen($payload); + $length = \mb_strlen($payload, '8bit'); $paddingLength = ServiceWorkerHandler::MAX_PAYLOAD_LENGTH - $length; if ($contentEncoding === ServiceWorker::CONTENT_ENCODING_AES128GCM) { @@ -122,7 +121,7 @@ final class Encryption { if ($contentEncoding === ServiceWorker::CONTENT_ENCODING_AESGCM) { \assert($context !== null); - \assert(Binary::safeStrlen($context) === 135); + \assert(\mb_strlen($context, '8bit') === 135); return 'Content-Encoding: ' . $type . "\x00" . Encryption::CURVE_ALGORITHM . $context; } elseif ($contentEncoding === ServiceWorker::CONTENT_ENCODING_AES128GCM) { @@ -140,7 +139,7 @@ final class Encryption if ($contentEncoding === ServiceWorker::CONTENT_ENCODING_AES128GCM) { return $salt . \pack('N*', 4096) - . \pack('C*', Binary::safeStrlen($publicKey)) + . \pack('C*', \mb_strlen($publicKey, '8bit')) . $publicKey; } elseif ($contentEncoding === ServiceWorker::CONTENT_ENCODING_AESGCM) { return ""; @@ -160,7 +159,7 @@ final class Encryption if ($contentEncoding === ServiceWorker::CONTENT_ENCODING_AES128GCM) { return null; } - \assert(mb_strlen($clientPublicKey, '8bit') === VAPID::PUBLIC_KEY_LENGTH); + \assert(\mb_strlen($clientPublicKey, '8bit') === VAPID::PUBLIC_KEY_LENGTH); $len = \pack('n', 65); diff --git a/wcfsetup/install/files/lib/system/service/worker/ServiceWorkerHandler.class.php b/wcfsetup/install/files/lib/system/service/worker/ServiceWorkerHandler.class.php index 53a69eed5a..ba5251749e 100644 --- a/wcfsetup/install/files/lib/system/service/worker/ServiceWorkerHandler.class.php +++ b/wcfsetup/install/files/lib/system/service/worker/ServiceWorkerHandler.class.php @@ -7,7 +7,6 @@ use GuzzleHttp\ClientInterface; use GuzzleHttp\Psr7\Request; use Jose\Component\KeyManagement\JWKFactory; use ParagonIE\ConstantTime\Base64UrlSafe; -use ParagonIE\ConstantTime\Binary; use wcf\data\option\OptionEditor; use wcf\data\service\worker\ServiceWorker; use wcf\system\io\HttpFactory; @@ -36,7 +35,6 @@ final class ServiceWorkerHandler extends SingletonFactory /** * @internal - * @TODO */ public static function createNewKeys(): void { @@ -59,7 +57,7 @@ final class ServiceWorkerHandler extends SingletonFactory */ public function sendToServiceWorker(ServiceWorker $serviceWorker, string $payload): void { - if (Binary::safeStrlen($payload) > self::MAX_PAYLOAD_LENGTH) { + if (\mb_strlen($payload, '8bit') > self::MAX_PAYLOAD_LENGTH) { throw new \RuntimeException( 'Content is too large, maximum payload length is ' . self::MAX_PAYLOAD_LENGTH . ' bytes' ); @@ -75,7 +73,7 @@ final class ServiceWorkerHandler extends SingletonFactory $payload, $headers ); - $headers['Content-Length'] = Binary::safeStrlen($content); + $headers['Content-Length'] = \mb_strlen($content, '8bit'); VAPID::addHeader($serviceWorker, $headers); $this->getClient()->send( diff --git a/wcfsetup/install/files/lib/system/service/worker/Util.class.php b/wcfsetup/install/files/lib/system/service/worker/Util.class.php index a174727701..0a2a495c29 100644 --- a/wcfsetup/install/files/lib/system/service/worker/Util.class.php +++ b/wcfsetup/install/files/lib/system/service/worker/Util.class.php @@ -27,7 +27,7 @@ final class Util throw new \InvalidArgumentException('Invalid public key format'); } $data = Binary::safeSubstr($data, 2); - $dataLength = Binary::safeStrlen($data); + $dataLength = \mb_strlen($data, '8bit'); return [ 'x' => \hex2bin(Binary::safeSubstr($data, 0, $dataLength / 2)), diff --git a/wcfsetup/install/files/lib/system/service/worker/VAPID.class.php b/wcfsetup/install/files/lib/system/service/worker/VAPID.class.php index a6a2f299d3..e620f7c861 100644 --- a/wcfsetup/install/files/lib/system/service/worker/VAPID.class.php +++ b/wcfsetup/install/files/lib/system/service/worker/VAPID.class.php @@ -8,7 +8,6 @@ use Jose\Component\Signature\Algorithm\ES256; use Jose\Component\Signature\JWSBuilder; use Jose\Component\Signature\Serializer\CompactSerializer; use ParagonIE\ConstantTime\Base64UrlSafe; -use ParagonIE\ConstantTime\Binary; use wcf\data\service\worker\ServiceWorker; use wcf\util\JSON; @@ -34,7 +33,7 @@ final class VAPID { $rawPublicKey = Base64Url::decode(SERVICE_WORKER_PUBLIC_KEY); // Validate the length of the public key - if (Binary::safeStrlen($rawPublicKey) !== VAPID::PUBLIC_KEY_LENGTH) { + if (\mb_strlen($rawPublicKey, '8bit') !== VAPID::PUBLIC_KEY_LENGTH) { throw new \RuntimeException('Invalid public key length'); } ['x' => $x, 'y' => $y] = Util::unserializePublicKey($rawPublicKey); -- 2.20.1