base64.c 8.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * SPDX-License-Identifier: curl
  22. *
  23. ***************************************************************************/
  24. /* Base64 encoding/decoding */
  25. #include "curl_setup.h"
  26. #if !defined(CURL_DISABLE_HTTP_AUTH) || defined(USE_SSH) || \
  27. !defined(CURL_DISABLE_LDAP) || \
  28. !defined(CURL_DISABLE_SMTP) || \
  29. !defined(CURL_DISABLE_POP3) || \
  30. !defined(CURL_DISABLE_IMAP) || \
  31. !defined(CURL_DISABLE_DOH) || defined(USE_SSL)
  32. #include "urldata.h" /* for the Curl_easy definition */
  33. #include "warnless.h"
  34. #include "curl_base64.h"
  35. /* The last 3 #include files should be in this order */
  36. #include "curl_printf.h"
  37. #include "curl_memory.h"
  38. #include "memdebug.h"
  39. /* ---- Base64 Encoding/Decoding Table --- */
  40. /* Padding character string starts at offset 64. */
  41. static const char base64[]=
  42. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
  43. /* The Base 64 encoding with a URL and filename safe alphabet, RFC 4648
  44. section 5 */
  45. static const char base64url[]=
  46. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
  47. static size_t decodeQuantum(unsigned char *dest, const char *src)
  48. {
  49. size_t padding = 0;
  50. const char *s;
  51. unsigned long i, x = 0;
  52. for(i = 0, s = src; i < 4; i++, s++) {
  53. if(*s == '=') {
  54. x <<= 6;
  55. padding++;
  56. }
  57. else {
  58. const char *p = strchr(base64, *s);
  59. if(p)
  60. x = (x << 6) + curlx_uztoul(p - base64);
  61. else
  62. return 0;
  63. }
  64. }
  65. if(padding < 1)
  66. dest[2] = curlx_ultouc(x & 0xFFUL);
  67. x >>= 8;
  68. if(padding < 2)
  69. dest[1] = curlx_ultouc(x & 0xFFUL);
  70. x >>= 8;
  71. dest[0] = curlx_ultouc(x & 0xFFUL);
  72. return 3 - padding;
  73. }
  74. /*
  75. * Curl_base64_decode()
  76. *
  77. * Given a base64 NUL-terminated string at src, decode it and return a
  78. * pointer in *outptr to a newly allocated memory area holding decoded
  79. * data. Size of decoded data is returned in variable pointed by outlen.
  80. *
  81. * Returns CURLE_OK on success, otherwise specific error code. Function
  82. * output shall not be considered valid unless CURLE_OK is returned.
  83. *
  84. * When decoded data length is 0, returns NULL in *outptr.
  85. *
  86. * @unittest: 1302
  87. */
  88. CURLcode Curl_base64_decode(const char *src,
  89. unsigned char **outptr, size_t *outlen)
  90. {
  91. size_t srclen = 0;
  92. size_t padding = 0;
  93. size_t i;
  94. size_t numQuantums;
  95. size_t rawlen = 0;
  96. const char *padptr;
  97. unsigned char *pos;
  98. unsigned char *newstr;
  99. *outptr = NULL;
  100. *outlen = 0;
  101. srclen = strlen(src);
  102. /* Check the length of the input string is valid */
  103. if(!srclen || srclen % 4)
  104. return CURLE_BAD_CONTENT_ENCODING;
  105. /* Find the position of any = padding characters */
  106. padptr = strchr(src, '=');
  107. if(padptr) {
  108. padding++;
  109. /* A maximum of two = padding characters is allowed */
  110. if(padptr[1] == '=')
  111. padding++;
  112. /* Check the = padding characters weren't part way through the input */
  113. if(padptr + padding != src + srclen)
  114. return CURLE_BAD_CONTENT_ENCODING;
  115. }
  116. /* Calculate the number of quantums */
  117. numQuantums = srclen / 4;
  118. /* Calculate the size of the decoded string */
  119. rawlen = (numQuantums * 3) - padding;
  120. /* Allocate our buffer including room for a null-terminator */
  121. newstr = malloc(rawlen + 1);
  122. if(!newstr)
  123. return CURLE_OUT_OF_MEMORY;
  124. pos = newstr;
  125. /* Decode the quantums */
  126. for(i = 0; i < numQuantums; i++) {
  127. size_t result = decodeQuantum(pos, src);
  128. if(!result) {
  129. free(newstr);
  130. return CURLE_BAD_CONTENT_ENCODING;
  131. }
  132. pos += result;
  133. src += 4;
  134. }
  135. /* Zero terminate */
  136. *pos = '\0';
  137. /* Return the decoded data */
  138. *outptr = newstr;
  139. *outlen = rawlen;
  140. return CURLE_OK;
  141. }
  142. static CURLcode base64_encode(const char *table64,
  143. const char *inputbuff, size_t insize,
  144. char **outptr, size_t *outlen)
  145. {
  146. unsigned char ibuf[3];
  147. unsigned char obuf[4];
  148. int i;
  149. int inputparts;
  150. char *output;
  151. char *base64data;
  152. const char *indata = inputbuff;
  153. const char *padstr = &table64[64]; /* Point to padding string. */
  154. *outptr = NULL;
  155. *outlen = 0;
  156. if(!insize)
  157. insize = strlen(indata);
  158. #if SIZEOF_SIZE_T == 4
  159. if(insize > UINT_MAX/4)
  160. return CURLE_OUT_OF_MEMORY;
  161. #endif
  162. base64data = output = malloc(insize * 4 / 3 + 4);
  163. if(!output)
  164. return CURLE_OUT_OF_MEMORY;
  165. while(insize > 0) {
  166. for(i = inputparts = 0; i < 3; i++) {
  167. if(insize > 0) {
  168. inputparts++;
  169. ibuf[i] = (unsigned char) *indata;
  170. indata++;
  171. insize--;
  172. }
  173. else
  174. ibuf[i] = 0;
  175. }
  176. obuf[0] = (unsigned char) ((ibuf[0] & 0xFC) >> 2);
  177. obuf[1] = (unsigned char) (((ibuf[0] & 0x03) << 4) | \
  178. ((ibuf[1] & 0xF0) >> 4));
  179. obuf[2] = (unsigned char) (((ibuf[1] & 0x0F) << 2) | \
  180. ((ibuf[2] & 0xC0) >> 6));
  181. obuf[3] = (unsigned char) (ibuf[2] & 0x3F);
  182. switch(inputparts) {
  183. case 1: /* only one byte read */
  184. i = msnprintf(output, 5, "%c%c%s%s",
  185. table64[obuf[0]],
  186. table64[obuf[1]],
  187. padstr,
  188. padstr);
  189. break;
  190. case 2: /* two bytes read */
  191. i = msnprintf(output, 5, "%c%c%c%s",
  192. table64[obuf[0]],
  193. table64[obuf[1]],
  194. table64[obuf[2]],
  195. padstr);
  196. break;
  197. default:
  198. i = msnprintf(output, 5, "%c%c%c%c",
  199. table64[obuf[0]],
  200. table64[obuf[1]],
  201. table64[obuf[2]],
  202. table64[obuf[3]]);
  203. break;
  204. }
  205. output += i;
  206. }
  207. /* Zero terminate */
  208. *output = '\0';
  209. /* Return the pointer to the new data (allocated memory) */
  210. *outptr = base64data;
  211. /* Return the length of the new data */
  212. *outlen = output - base64data;
  213. return CURLE_OK;
  214. }
  215. /*
  216. * Curl_base64_encode()
  217. *
  218. * Given a pointer to an input buffer and an input size, encode it and
  219. * return a pointer in *outptr to a newly allocated memory area holding
  220. * encoded data. Size of encoded data is returned in variable pointed by
  221. * outlen.
  222. *
  223. * Input length of 0 indicates input buffer holds a NUL-terminated string.
  224. *
  225. * Returns CURLE_OK on success, otherwise specific error code. Function
  226. * output shall not be considered valid unless CURLE_OK is returned.
  227. *
  228. * @unittest: 1302
  229. */
  230. CURLcode Curl_base64_encode(const char *inputbuff, size_t insize,
  231. char **outptr, size_t *outlen)
  232. {
  233. return base64_encode(base64, inputbuff, insize, outptr, outlen);
  234. }
  235. /*
  236. * Curl_base64url_encode()
  237. *
  238. * Given a pointer to an input buffer and an input size, encode it and
  239. * return a pointer in *outptr to a newly allocated memory area holding
  240. * encoded data. Size of encoded data is returned in variable pointed by
  241. * outlen.
  242. *
  243. * Input length of 0 indicates input buffer holds a NUL-terminated string.
  244. *
  245. * Returns CURLE_OK on success, otherwise specific error code. Function
  246. * output shall not be considered valid unless CURLE_OK is returned.
  247. *
  248. * @unittest: 1302
  249. */
  250. CURLcode Curl_base64url_encode(const char *inputbuff, size_t insize,
  251. char **outptr, size_t *outlen)
  252. {
  253. return base64_encode(base64url, inputbuff, insize, outptr, outlen);
  254. }
  255. #endif /* no users so disabled */