1 /*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel (at) haxx.se>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at http://curl.haxx.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 ***************************************************************************/ 22 23 /* Base64 encoding/decoding */ 24 25 #include "curl_setup.h" 26 #include "curl_printf.h" 27 #include "urldata.h" /* for the SessionHandle definition */ 28 #include "warnless.h" 29 #include "curl_base64.h" 30 #include "non-ascii.h" 31 32 /* The last #include files should be: */ 33 #include "curl_memory.h" 34 #include "memdebug.h" 35 36 /* ---- Base64 Encoding/Decoding Table --- */ 37 static const char base64[]= 38 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 39 40 /* The Base 64 encoding with an URL and filename safe alphabet, RFC 4648 41 section 5 */ 42 static const char base64url[]= 43 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; 44 45 static size_t decodeQuantum(unsigned char *dest, const char *src) 46 { 47 size_t padding = 0; 48 const char *s, *p; 49 unsigned long i, x = 0; 50 51 for(i = 0, s = src; i < 4; i++, s++) { 52 unsigned long v = 0; 53 54 if(*s == '=') { 55 x = (x << 6); 56 padding++; 57 } 58 else { 59 p = base64; 60 61 while(*p && (*p != *s)) { 62 v++; 63 p++; 64 } 65 66 if(*p == *s) 67 x = (x << 6) + v; 68 else 69 return 0; 70 } 71 } 72 73 if(padding < 1) 74 dest[2] = curlx_ultouc(x & 0xFFUL); 75 76 x >>= 8; 77 if(padding < 2) 78 dest[1] = curlx_ultouc(x & 0xFFUL); 79 80 x >>= 8; 81 dest[0] = curlx_ultouc(x & 0xFFUL); 82 83 return 3 - padding; 84 } 85 86 /* 87 * Curl_base64_decode() 88 * 89 * Given a base64 NUL-terminated string at src, decode it and return a 90 * pointer in *outptr to a newly allocated memory area holding decoded 91 * data. Size of decoded data is returned in variable pointed by outlen. 92 * 93 * Returns CURLE_OK on success, otherwise specific error code. Function 94 * output shall not be considered valid unless CURLE_OK is returned. 95 * 96 * When decoded data length is 0, returns NULL in *outptr. 97 * 98 * @unittest: 1302 99 */ 100 CURLcode Curl_base64_decode(const char *src, 101 unsigned char **outptr, size_t *outlen) 102 { 103 size_t srclen = 0; 104 size_t length = 0; 105 size_t padding = 0; 106 size_t i; 107 size_t numQuantums; 108 size_t rawlen = 0; 109 unsigned char *pos; 110 unsigned char *newstr; 111 112 *outptr = NULL; 113 *outlen = 0; 114 srclen = strlen(src); 115 116 /* Check the length of the input string is valid */ 117 if(!srclen || srclen % 4) 118 return CURLE_BAD_CONTENT_ENCODING; 119 120 /* Find the position of any = padding characters */ 121 while((src[length] != '=') && src[length]) 122 length++; 123 124 /* A maximum of two = padding characters is allowed */ 125 if(src[length] == '=') { 126 padding++; 127 if(src[length + 1] == '=') 128 padding++; 129 } 130 131 /* Check the = padding characters weren't part way through the input */ 132 if(length + padding != srclen) 133 return CURLE_BAD_CONTENT_ENCODING; 134 135 /* Calculate the number of quantums */ 136 numQuantums = srclen / 4; 137 138 /* Calculate the size of the decoded string */ 139 rawlen = (numQuantums * 3) - padding; 140 141 /* Allocate our buffer including room for a zero terminator */ 142 newstr = malloc(rawlen + 1); 143 if(!newstr) 144 return CURLE_OUT_OF_MEMORY; 145 146 pos = newstr; 147 148 /* Decode the quantums */ 149 for(i = 0; i < numQuantums; i++) { 150 size_t result = decodeQuantum(pos, src); 151 if(!result) { 152 free(newstr); 153 154 return CURLE_BAD_CONTENT_ENCODING; 155 } 156 157 pos += result; 158 src += 4; 159 } 160 161 /* Zero terminate */ 162 *pos = '\0'; 163 164 /* Return the decoded data */ 165 *outptr = newstr; 166 *outlen = rawlen; 167 168 return CURLE_OK; 169 } 170 171 static CURLcode base64_encode(const char *table64, 172 struct SessionHandle *data, 173 const char *inputbuff, size_t insize, 174 char **outptr, size_t *outlen) 175 { 176 CURLcode error; 177 unsigned char ibuf[3]; 178 unsigned char obuf[4]; 179 int i; 180 int inputparts; 181 char *output; 182 char *base64data; 183 char *convbuf = NULL; 184 185 const char *indata = inputbuff; 186 187 *outptr = NULL; 188 *outlen = 0; 189 190 if(0 == insize) 191 insize = strlen(indata); 192 193 base64data = output = malloc(insize*4/3+4); 194 if(NULL == output) 195 return CURLE_OUT_OF_MEMORY; 196 197 /* 198 * The base64 data needs to be created using the network encoding 199 * not the host encoding. And we can't change the actual input 200 * so we copy it to a buffer, translate it, and use that instead. 201 */ 202 error = Curl_convert_clone(data, indata, insize, &convbuf); 203 if(error) { 204 free(output); 205 return error; 206 } 207 208 if(convbuf) 209 indata = (char *)convbuf; 210 211 while(insize > 0) { 212 for(i = inputparts = 0; i < 3; i++) { 213 if(insize > 0) { 214 inputparts++; 215 ibuf[i] = (unsigned char) *indata; 216 indata++; 217 insize--; 218 } 219 else 220 ibuf[i] = 0; 221 } 222 223 obuf[0] = (unsigned char) ((ibuf[0] & 0xFC) >> 2); 224 obuf[1] = (unsigned char) (((ibuf[0] & 0x03) << 4) | \ 225 ((ibuf[1] & 0xF0) >> 4)); 226 obuf[2] = (unsigned char) (((ibuf[1] & 0x0F) << 2) | \ 227 ((ibuf[2] & 0xC0) >> 6)); 228 obuf[3] = (unsigned char) (ibuf[2] & 0x3F); 229 230 switch(inputparts) { 231 case 1: /* only one byte read */ 232 snprintf(output, 5, "%c%c==", 233 table64[obuf[0]], 234 table64[obuf[1]]); 235 break; 236 case 2: /* two bytes read */ 237 snprintf(output, 5, "%c%c%c=", 238 table64[obuf[0]], 239 table64[obuf[1]], 240 table64[obuf[2]]); 241 break; 242 default: 243 snprintf(output, 5, "%c%c%c%c", 244 table64[obuf[0]], 245 table64[obuf[1]], 246 table64[obuf[2]], 247 table64[obuf[3]] ); 248 break; 249 } 250 output += 4; 251 } 252 *output = '\0'; 253 *outptr = base64data; /* return pointer to new data, allocated memory */ 254 255 free(convbuf); 256 257 *outlen = strlen(base64data); /* return the length of the new data */ 258 259 return CURLE_OK; 260 } 261 262 /* 263 * Curl_base64_encode() 264 * 265 * Given a pointer to an input buffer and an input size, encode it and 266 * return a pointer in *outptr to a newly allocated memory area holding 267 * encoded data. Size of encoded data is returned in variable pointed by 268 * outlen. 269 * 270 * Input length of 0 indicates input buffer holds a NUL-terminated string. 271 * 272 * Returns CURLE_OK on success, otherwise specific error code. Function 273 * output shall not be considered valid unless CURLE_OK is returned. 274 * 275 * When encoded data length is 0, returns NULL in *outptr. 276 * 277 * @unittest: 1302 278 */ 279 CURLcode Curl_base64_encode(struct SessionHandle *data, 280 const char *inputbuff, size_t insize, 281 char **outptr, size_t *outlen) 282 { 283 return base64_encode(base64, data, inputbuff, insize, outptr, outlen); 284 } 285 286 /* 287 * Curl_base64url_encode() 288 * 289 * Given a pointer to an input buffer and an input size, encode it and 290 * return a pointer in *outptr to a newly allocated memory area holding 291 * encoded data. Size of encoded data is returned in variable pointed by 292 * outlen. 293 * 294 * Input length of 0 indicates input buffer holds a NUL-terminated string. 295 * 296 * Returns CURLE_OK on success, otherwise specific error code. Function 297 * output shall not be considered valid unless CURLE_OK is returned. 298 * 299 * When encoded data length is 0, returns NULL in *outptr. 300 * 301 * @unittest: 1302 302 */ 303 CURLcode Curl_base64url_encode(struct SessionHandle *data, 304 const char *inputbuff, size_t insize, 305 char **outptr, size_t *outlen) 306 { 307 return base64_encode(base64url, data, inputbuff, insize, outptr, outlen); 308 } 309 /* ---- End of Base64 Encoding ---- */ 310
