2
0

base64.c 8.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * SPDX-License-Identifier: curl
  22. *
  23. ***************************************************************************/
  24. /* Base64 encoding/decoding */
  25. #include "curl_setup.h"
  26. #if !defined(CURL_DISABLE_HTTP_AUTH) || defined(USE_SSH) || \
  27. !defined(CURL_DISABLE_LDAP) || \
  28. !defined(CURL_DISABLE_SMTP) || \
  29. !defined(CURL_DISABLE_POP3) || \
  30. !defined(CURL_DISABLE_IMAP) || \
  31. !defined(CURL_DISABLE_DIGEST_AUTH) || \
  32. !defined(CURL_DISABLE_DOH) || defined(USE_SSL) || defined(BUILDING_CURL)
  33. #include "curl/curl.h"
  34. #include "warnless.h"
  35. #include "curl_base64.h"
  36. /* The last 2 #include files should be in this order */
  37. #ifdef BUILDING_LIBCURL
  38. #include "curl_memory.h"
  39. #endif
  40. #include "memdebug.h"
  41. /* ---- Base64 Encoding/Decoding Table --- */
  42. /* Padding character string starts at offset 64. */
  43. static const char base64encdec[]=
  44. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
  45. /* The Base 64 encoding with a URL and filename safe alphabet, RFC 4648
  46. section 5 */
  47. static const char base64url[]=
  48. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
  49. static const unsigned char decodetable[] =
  50. { 62, 255, 255, 255, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255,
  51. 255, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
  52. 17, 18, 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, 255, 26, 27, 28,
  53. 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
  54. 48, 49, 50, 51 };
  55. /*
  56. * Curl_base64_decode()
  57. *
  58. * Given a base64 NUL-terminated string at src, decode it and return a
  59. * pointer in *outptr to a newly allocated memory area holding decoded
  60. * data. Size of decoded data is returned in variable pointed by outlen.
  61. *
  62. * Returns CURLE_OK on success, otherwise specific error code. Function
  63. * output shall not be considered valid unless CURLE_OK is returned.
  64. *
  65. * When decoded data length is 0, returns NULL in *outptr.
  66. *
  67. * @unittest: 1302
  68. */
  69. CURLcode Curl_base64_decode(const char *src,
  70. unsigned char **outptr, size_t *outlen)
  71. {
  72. size_t srclen = 0;
  73. size_t padding = 0;
  74. size_t i;
  75. size_t numQuantums;
  76. size_t fullQuantums;
  77. size_t rawlen = 0;
  78. unsigned char *pos;
  79. unsigned char *newstr;
  80. unsigned char lookup[256];
  81. *outptr = NULL;
  82. *outlen = 0;
  83. srclen = strlen(src);
  84. /* Check the length of the input string is valid */
  85. if(!srclen || srclen % 4)
  86. return CURLE_BAD_CONTENT_ENCODING;
  87. /* srclen is at least 4 here */
  88. while(src[srclen - 1 - padding] == '=') {
  89. /* count padding characters */
  90. padding++;
  91. /* A maximum of two = padding characters is allowed */
  92. if(padding > 2)
  93. return CURLE_BAD_CONTENT_ENCODING;
  94. }
  95. /* Calculate the number of quantums */
  96. numQuantums = srclen / 4;
  97. fullQuantums = numQuantums - (padding ? 1 : 0);
  98. /* Calculate the size of the decoded string */
  99. rawlen = (numQuantums * 3) - padding;
  100. /* Allocate our buffer including room for a null-terminator */
  101. newstr = malloc(rawlen + 1);
  102. if(!newstr)
  103. return CURLE_OUT_OF_MEMORY;
  104. pos = newstr;
  105. memset(lookup, 0xff, sizeof(lookup));
  106. memcpy(&lookup['+'], decodetable, sizeof(decodetable));
  107. /* replaces
  108. {
  109. unsigned char c;
  110. const unsigned char *p = (const unsigned char *)base64encdec;
  111. for(c = 0; *p; c++, p++)
  112. lookup[*p] = c;
  113. }
  114. */
  115. /* Decode the complete quantums first */
  116. for(i = 0; i < fullQuantums; i++) {
  117. unsigned char val;
  118. unsigned int x = 0;
  119. int j;
  120. for(j = 0; j < 4; j++) {
  121. val = lookup[(unsigned char)*src++];
  122. if(val == 0xff) /* bad symbol */
  123. goto bad;
  124. x = (x << 6) | val;
  125. }
  126. pos[2] = x & 0xff;
  127. pos[1] = (x >> 8) & 0xff;
  128. pos[0] = (x >> 16) & 0xff;
  129. pos += 3;
  130. }
  131. if(padding) {
  132. /* this means either 8 or 16 bits output */
  133. unsigned char val;
  134. unsigned int x = 0;
  135. int j;
  136. size_t padc = 0;
  137. for(j = 0; j < 4; j++) {
  138. if(*src == '=') {
  139. x <<= 6;
  140. src++;
  141. if(++padc > padding)
  142. /* this is a badly placed '=' symbol! */
  143. goto bad;
  144. }
  145. else {
  146. val = lookup[(unsigned char)*src++];
  147. if(val == 0xff) /* bad symbol */
  148. goto bad;
  149. x = (x << 6) | val;
  150. }
  151. }
  152. if(padding == 1)
  153. pos[1] = (x >> 8) & 0xff;
  154. pos[0] = (x >> 16) & 0xff;
  155. pos += 3 - padding;
  156. }
  157. /* Zero terminate */
  158. *pos = '\0';
  159. /* Return the decoded data */
  160. *outptr = newstr;
  161. *outlen = rawlen;
  162. return CURLE_OK;
  163. bad:
  164. free(newstr);
  165. return CURLE_BAD_CONTENT_ENCODING;
  166. }
  167. static CURLcode base64_encode(const char *table64,
  168. const char *inputbuff, size_t insize,
  169. char **outptr, size_t *outlen)
  170. {
  171. char *output;
  172. char *base64data;
  173. const unsigned char *in = (unsigned char *)inputbuff;
  174. const char *padstr = &table64[64]; /* Point to padding string. */
  175. *outptr = NULL;
  176. *outlen = 0;
  177. if(!insize)
  178. insize = strlen(inputbuff);
  179. #if SIZEOF_SIZE_T == 4
  180. if(insize > UINT_MAX/4)
  181. return CURLE_OUT_OF_MEMORY;
  182. #endif
  183. base64data = output = malloc((insize + 2) / 3 * 4 + 1);
  184. if(!output)
  185. return CURLE_OUT_OF_MEMORY;
  186. while(insize >= 3) {
  187. *output++ = table64[ in[0] >> 2 ];
  188. *output++ = table64[ ((in[0] & 0x03) << 4) | (in[1] >> 4) ];
  189. *output++ = table64[ ((in[1] & 0x0F) << 2) | ((in[2] & 0xC0) >> 6) ];
  190. *output++ = table64[ in[2] & 0x3F ];
  191. insize -= 3;
  192. in += 3;
  193. }
  194. if(insize) {
  195. /* this is only one or two bytes now */
  196. *output++ = table64[ in[0] >> 2 ];
  197. if(insize == 1) {
  198. *output++ = table64[ ((in[0] & 0x03) << 4) ];
  199. if(*padstr) {
  200. *output++ = *padstr;
  201. *output++ = *padstr;
  202. }
  203. }
  204. else {
  205. /* insize == 2 */
  206. *output++ = table64[ ((in[0] & 0x03) << 4) | ((in[1] & 0xF0) >> 4) ];
  207. *output++ = table64[ ((in[1] & 0x0F) << 2) ];
  208. if(*padstr)
  209. *output++ = *padstr;
  210. }
  211. }
  212. /* Zero terminate */
  213. *output = '\0';
  214. /* Return the pointer to the new data (allocated memory) */
  215. *outptr = base64data;
  216. /* Return the length of the new data */
  217. *outlen = (size_t)(output - base64data);
  218. return CURLE_OK;
  219. }
  220. /*
  221. * Curl_base64_encode()
  222. *
  223. * Given a pointer to an input buffer and an input size, encode it and
  224. * return a pointer in *outptr to a newly allocated memory area holding
  225. * encoded data. Size of encoded data is returned in variable pointed by
  226. * outlen.
  227. *
  228. * Input length of 0 indicates input buffer holds a NUL-terminated string.
  229. *
  230. * Returns CURLE_OK on success, otherwise specific error code. Function
  231. * output shall not be considered valid unless CURLE_OK is returned.
  232. *
  233. * @unittest: 1302
  234. */
  235. CURLcode Curl_base64_encode(const char *inputbuff, size_t insize,
  236. char **outptr, size_t *outlen)
  237. {
  238. return base64_encode(base64encdec, inputbuff, insize, outptr, outlen);
  239. }
  240. /*
  241. * Curl_base64url_encode()
  242. *
  243. * Given a pointer to an input buffer and an input size, encode it and
  244. * return a pointer in *outptr to a newly allocated memory area holding
  245. * encoded data. Size of encoded data is returned in variable pointed by
  246. * outlen.
  247. *
  248. * Input length of 0 indicates input buffer holds a NUL-terminated string.
  249. *
  250. * Returns CURLE_OK on success, otherwise specific error code. Function
  251. * output shall not be considered valid unless CURLE_OK is returned.
  252. *
  253. * @unittest: 1302
  254. */
  255. CURLcode Curl_base64url_encode(const char *inputbuff, size_t insize,
  256. char **outptr, size_t *outlen)
  257. {
  258. return base64_encode(base64url, inputbuff, insize, outptr, outlen);
  259. }
  260. #endif /* no users so disabled */