Merge pull request #71 from paragonie/v2.x-sodium-fix

Backport fix from v3

Author: paragonie-security

src/Base64.php

@@ -230,7 +230,7 @@ public static function decode(
                 }
                 if ($variant > 0) {
                     try {
-                        return sodium_base642bin($encodedString, $variant);
+                        return sodium_base642bin(Binary::safeSubstr($encodedString, 0, $srcLen), $variant);
                     } catch (SodiumException $ex) {
                         throw new RangeException($ex->getMessage(), $ex->getCode(), $ex);
                     }

tests/Base64Test.php

@@ -131,4 +131,14 @@ protected function getNextChar(string $c): string
             'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/A'
         );
     }
+
+    public function testStrictPaddingSodium()
+    {
+        for ($i = 1; $i < 32; ++$i) {
+            $random = random_bytes($i);
+            $encoded = Base64::encode($random);
+            $decoded = Base64::decode($encoded, true);
+            $this->assertSame($decoded, $random);
+        }
+    }
 }

tests/Base64UrlSafeTest.php

@@ -101,4 +101,14 @@ protected function getNextChar(string $c): string
             'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_A'
         );
     }
+
+    public function testStrictPaddingSodium()
+    {
+        for ($i = 1; $i < 32; ++$i) {
+            $random = random_bytes($i);
+            $encoded = Base64UrlSafe::encode($random);
+            $decoded = Base64UrlSafe::decode($encoded, true);
+            $this->assertSame($decoded, $random);
+        }
+    }
 }