Home » Php » Is there a bulletproof way to detect base64 encoding in a string in php?

Is there a bulletproof way to detect base64 encoding in a string in php?

Posted by: admin October 26, 2017 Leave a comment

Questions:

I am currently working on a Website where I have mixed values stored in my db and I’d like to find a solution to detect a string for base64 encryption or not. I’ve come up with this piece of code so far with help from Abhinav bhardwaj on this post (Detect base64 encoding in PHP?):

function IsBase64($s)
{
    // Check if there are valid base64 characters
    if (!preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $s)) return false;
    // Decode the string in strict mode and check the results
    $decoded = base64_decode($s, true);
    if(false === $decoded) return false;
    // if string returned contains not printable chars
    if (0 < preg_match('/((?![[:graph:]])(?!\s)(?!\p{L}))./', $decoded, $matched)) return false;
    // Encode the string again
    if(base64_encode($decoded) != $s) return false;
    return true;
}

It only works halfway for example values like 1234, 7000, reno and other 4-lettered and digited inputs resolve as true even if they are not… Now my question: Is there any reliable way of doing the base64 detection or do i have to keep a list of unencoded and encoded tables and treat them different?

My Plan would have been to merge the data (which some of it needs decryption and some doesn’t) together in the end to one php result object and return it as a JSON text.

Any help on this is much appreciated!

Thank you in advanced!

Answers:

I will post Yoshis Answer as the final conclusion:

I think you’re out of luck. The false positives you mention, still are valid base64 encodings. You’d need to judge whether the decoded version makes any sense, but that will probably be a never ending story, and ultimately would probably also result in false positives. – Yoshi

Questions:
Answers:

base64 encoded string is basically (A-Z), (a-z), (0-9) padded with = to mod 4.So, any combination of letters in multiples of 4 is valid to be base64.

function IsBase64($str) {
    if (strlen($str) % 4 == 0) {
        return true;
    } else {
        return false;
    }
}