Commit 76db2065 authored by fpirsch's avatar fpirsch

fix incorrect padding with multi-byte strings

As far as encrypting and paddings are concerned, we are talking about **bytes** and not **characters**. So basic strlen/substr functions must be used instead of their mbstring version.
parent cffded66
...@@ -116,7 +116,7 @@ class Crypter { ...@@ -116,7 +116,7 @@ class Crypter {
*/ */
protected static function pad($value) protected static function pad($value)
{ {
$pad = static::$block - (Str::length($value) % static::$block); $pad = static::$block - (strlen($value) % static::$block);
return $value .= str_repeat(chr($pad), $pad); return $value .= str_repeat(chr($pad), $pad);
} }
...@@ -128,15 +128,8 @@ class Crypter { ...@@ -128,15 +128,8 @@ class Crypter {
* @return string * @return string
*/ */
protected static function unpad($value) protected static function unpad($value)
{
if (MB_STRING)
{
$pad = ord(mb_substr($value, -1, 1, Config::get('application.encoding')));
}
else
{ {
$pad = ord(substr($value, -1)); $pad = ord(substr($value, -1));
}
if ($pad and $pad <= static::$block) if ($pad and $pad <= static::$block)
{ {
...@@ -145,12 +138,7 @@ class Crypter { ...@@ -145,12 +138,7 @@ class Crypter {
// as the padding appears to have been changed. // as the padding appears to have been changed.
if (preg_match('/'.chr($pad).'{'.$pad.'}$/', $value)) if (preg_match('/'.chr($pad).'{'.$pad.'}$/', $value))
{ {
if (MB_STRING) return substr($value, 0, strlen($value) - $pad);
{
return mb_substr($value, 0, Str::length($value) - $pad, Config::get('application.encoding'));
}
return substr($value, 0, Str::length($value) - $pad);
} }
// If the padding characters do not match the expected padding // If the padding characters do not match the expected padding
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment