1 #! /usr/bin/env python 2 3 """RFC 3548: Base16, Base32, Base64 Data Encodings""" 4 5 # Modified 04-Oct-1995 by Jack Jansen to use binascii module 6 # Modified 30-Dec-2003 by Barry Warsaw to add full RFC 3548 support 7 8 import re 9 import struct 10 import binascii 11 12 13 __all__ = [ 14 # Legacy interface exports traditional RFC 1521 Base64 encodings 15 'encode', 'decode', 'encodestring', 'decodestring', 16 # Generalized interface for other encodings 17 'b64encode', 'b64decode', 'b32encode', 'b32decode', 18 'b16encode', 'b16decode', 19 # Standard Base64 encoding 20 'standard_b64encode', 'standard_b64decode', 21 # Some common Base64 alternatives. As referenced by RFC 3458, see thread 22 # starting at: 23 # 24 # http://zgp.org/pipermail/p2p-hackers/2001-September/000316.html 25 'urlsafe_b64encode', 'urlsafe_b64decode', 26 ] 27 28 _translation = [chr(_x) for _x in range(256)] 29 EMPTYSTRING = '' 30 31 32 def _translate(s, altchars): 33 translation = _translation[:] 34 for k, v in altchars.items(): 35 translation[ord(k)] = v 36 return s.translate(''.join(translation)) 37 38 39 41 # Base64 encoding/decoding uses binascii 42 43 def b64encode(s, altchars=None): 44 """Encode a string using Base64. 45 46 s is the string to encode. Optional altchars must be a string of at least 47 length 2 (additional characters are ignored) which specifies an 48 alternative alphabet for the '+' and '/' characters. This allows an 49 application to e.g. generate url or filesystem safe Base64 strings. 50 51 The encoded string is returned. 52 """ 53 # Strip off the trailing newline 54 encoded = binascii.b2a_base64(s)[:-1] 55 if altchars is not None: 56 return _translate(encoded, {'+': altchars[0], '/': altchars[1]}) 57 return encoded 58 59 60 def b64decode(s, altchars=None): 61 """Decode a Base64 encoded string. 62 63 s is the string to decode. Optional altchars must be a string of at least 64 length 2 (additional characters are ignored) which specifies the 65 alternative alphabet used instead of the '+' and '/' characters. 66 67 The decoded string is returned. A TypeError is raised if s were 68 incorrectly padded or if there are non-alphabet characters present in the 69 string. 70 """ 71 if altchars is not None: 72 s = _translate(s, {altchars[0]: '+', altchars[1]: '/'}) 73 try: 74 return binascii.a2b_base64(s) 75 except binascii.Error, msg: 76 # Transform this exception for consistency 77 raise TypeError(msg) 78 79 80 def standard_b64encode(s): 81 """Encode a string using the standard Base64 alphabet. 82 83 s is the string to encode. The encoded string is returned. 84 """ 85 return b64encode(s) 86 87 def standard_b64decode(s): 88 """Decode a string encoded with the standard Base64 alphabet. 89 90 s is the string to decode. The decoded string is returned. A TypeError 91 is raised if the string is incorrectly padded or if there are non-alphabet 92 characters present in the string. 93 """ 94 return b64decode(s) 95 96 def urlsafe_b64encode(s): 97 """Encode a string using a url-safe Base64 alphabet. 98 99 s is the string to encode. The encoded string is returned. The alphabet 100 uses '-' instead of '+' and '_' instead of '/'. 101 """ 102 return b64encode(s, '-_') 103 104 def urlsafe_b64decode(s): 105 """Decode a string encoded with the standard Base64 alphabet. 106 107 s is the string to decode. The decoded string is returned. A TypeError 108 is raised if the string is incorrectly padded or if there are non-alphabet 109 characters present in the string. 110 111 The alphabet uses '-' instead of '+' and '_' instead of '/'. 112 """ 113 return b64decode(s, '-_') 114 115 116 118 # Base32 encoding/decoding must be done in Python 119 _b32alphabet = { 120 0: 'A', 9: 'J', 18: 'S', 27: '3', 121 1: 'B', 10: 'K', 19: 'T', 28: '4', 122 2: 'C', 11: 'L', 20: 'U', 29: '5', 123 3: 'D', 12: 'M', 21: 'V', 30: '6', 124 4: 'E', 13: 'N', 22: 'W', 31: '7', 125 5: 'F', 14: 'O', 23: 'X', 126 6: 'G', 15: 'P', 24: 'Y', 127 7: 'H', 16: 'Q', 25: 'Z', 128 8: 'I', 17: 'R', 26: '2', 129 } 130 131 _b32tab = _b32alphabet.items() 132 _b32tab.sort() 133 _b32tab = [v for k, v in _b32tab] 134 _b32rev = dict([(v, long(k)) for k, v in _b32alphabet.items()]) 135 136 137 def b32encode(s): 138 """Encode a string using Base32. 139 140 s is the string to encode. The encoded string is returned. 141 """ 142 parts = [] 143 quanta, leftover = divmod(len(s), 5) 144 # Pad the last quantum with zero bits if necessary 145 if leftover: 146 s += ('\0' * (5 - leftover)) 147 quanta += 1 148 for i in range(quanta): 149 # c1 and c2 are 16 bits wide, c3 is 8 bits wide. The intent of this 150 # code is to process the 40 bits in units of 5 bits. So we take the 1 151 # leftover bit of c1 and tack it onto c2. Then we take the 2 leftover 152 # bits of c2 and tack them onto c3. The shifts and masks are intended 153 # to give us values of exactly 5 bits in width. 154 c1, c2, c3 = struct.unpack('!HHB', s[i*5:(i+1)*5]) 155 c2 += (c1 & 1) << 16 # 17 bits wide 156 c3 += (c2 & 3) << 8 # 10 bits wide 157 parts.extend([_b32tab[c1 >> 11], # bits 1 - 5 158 _b32tab[(c1 >> 6) & 0x1f], # bits 6 - 10 159 _b32tab[(c1 >> 1) & 0x1f], # bits 11 - 15 160 _b32tab[c2 >> 12], # bits 16 - 20 (1 - 5) 161 _b32tab[(c2 >> 7) & 0x1f], # bits 21 - 25 (6 - 10) 162 _b32tab[(c2 >> 2) & 0x1f], # bits 26 - 30 (11 - 15) 163 _b32tab[c3 >> 5], # bits 31 - 35 (1 - 5) 164 _b32tab[c3 & 0x1f], # bits 36 - 40 (1 - 5) 165 ]) 166 encoded = EMPTYSTRING.join(parts) 167 # Adjust for any leftover partial quanta 168 if leftover == 1: 169 return encoded[:-6] + '======' 170 elif leftover == 2: 171 return encoded[:-4] + '====' 172 elif leftover == 3: 173 return encoded[:-3] + '===' 174 elif leftover == 4: 175 return encoded[:-1] + '=' 176 return encoded 177 178 179 def b32decode(s, casefold=False, map01=None): 180 """Decode a Base32 encoded string. 181 182 s is the string to decode. Optional casefold is a flag specifying whether 183 a lowercase alphabet is acceptable as input. For security purposes, the 184 default is False. 185 186 RFC 3548 allows for optional mapping of the digit 0 (zero) to the letter O 187 (oh), and for optional mapping of the digit 1 (one) to either the letter I 188 (eye) or letter L (el). The optional argument map01 when not None, 189 specifies which letter the digit 1 should be mapped to (when map01 is not 190 None, the digit 0 is always mapped to the letter O). For security 191 purposes the default is None, so that 0 and 1 are not allowed in the 192 input. 193 194 The decoded string is returned. A TypeError is raised if s were 195 incorrectly padded or if there are non-alphabet characters present in the 196 string. 197 """ 198 quanta, leftover = divmod(len(s), 8) 199 if leftover: 200 raise TypeError('Incorrect padding') 201 # Handle section 2.4 zero and one mapping. The flag map01 will be either 202 # False, or the character to map the digit 1 (one) to. It should be 203 # either L (el) or I (eye). 204 if map01: 205 s = _translate(s, {'0': 'O', '1': map01}) 206 if casefold: 207 s = s.upper() 208 # Strip off pad characters from the right. We need to count the pad 209 # characters because this will tell us how many null bytes to remove from 210 # the end of the decoded string. 211 padchars = 0 212 mo = re.search('(?P<pad>[=]*)$', s) 213 if mo: 214 padchars = len(mo.group('pad')) 215 if padchars > 0: 216 s = s[:-padchars] 217 # Now decode the full quanta 218 parts = [] 219 acc = 0 220 shift = 35 221 for c in s: 222 val = _b32rev.get(c) 223 if val is None: 224 raise TypeError('Non-base32 digit found') 225 acc += _b32rev[c] << shift 226 shift -= 5 227 if shift < 0: 228 parts.append(binascii.unhexlify('%010x' % acc)) 229 acc = 0 230 shift = 35 231 # Process the last, partial quanta 232 last = binascii.unhexlify('%010x' % acc) 233 if padchars == 0: 234 last = '' # No characters 235 elif padchars == 1: 236 last = last[:-1] 237 elif padchars == 3: 238 last = last[:-2] 239 elif padchars == 4: 240 last = last[:-3] 241 elif padchars == 6: 242 last = last[:-4] 243 else: 244 raise TypeError('Incorrect padding') 245 parts.append(last) 246 return EMPTYSTRING.join(parts) 247 248 249 251 # RFC 3548, Base 16 Alphabet specifies uppercase, but hexlify() returns 252 # lowercase. The RFC also recommends against accepting input case 253 # insensitively. 254 def b16encode(s): 255 """Encode a string using Base16. 256 257 s is the string to encode. The encoded string is returned. 258 """ 259 return binascii.hexlify(s).upper() 260 261 262 def b16decode(s, casefold=False): 263 """Decode a Base16 encoded string. 264 265 s is the string to decode. Optional casefold is a flag specifying whether 266 a lowercase alphabet is acceptable as input. For security purposes, the 267 default is False. 268 269 The decoded string is returned. A TypeError is raised if s were 270 incorrectly padded or if there are non-alphabet characters present in the 271 string. 272 """ 273 if casefold: 274 s = s.upper() 275 if re.search('[^0-9A-F]', s): 276 raise TypeError('Non-base16 digit found') 277 return binascii.unhexlify(s) 278 279 280 282 # Legacy interface. This code could be cleaned up since I don't believe 283 # binascii has any line length limitations. It just doesn't seem worth it 284 # though. 285 286 MAXLINESIZE = 76 # Excluding the CRLF 287 MAXBINSIZE = (MAXLINESIZE//4)*3 288 289 def encode(input, output): 290 """Encode a file.""" 291 while True: 292 s = input.read(MAXBINSIZE) 293 if not s: 294 break 295 while len(s) < MAXBINSIZE: 296 ns = input.read(MAXBINSIZE-len(s)) 297 if not ns: 298 break 299 s += ns 300 line = binascii.b2a_base64(s) 301 output.write(line) 302 303 304 def decode(input, output): 305 """Decode a file.""" 306 while True: 307 line = input.readline() 308 if not line: 309 break 310 s = binascii.a2b_base64(line) 311 output.write(s) 312 313 314 def encodestring(s): 315 """Encode a string into multiple lines of base-64 data.""" 316 pieces = [] 317 for i in range(0, len(s), MAXBINSIZE): 318 chunk = s[i : i + MAXBINSIZE] 319 pieces.append(binascii.b2a_base64(chunk)) 320 return "".join(pieces) 321 322 323 def decodestring(s): 324 """Decode a string.""" 325 return binascii.a2b_base64(s) 326 327 328 330 # Useable as a script... 331 def test(): 332 """Small test program""" 333 import sys, getopt 334 try: 335 opts, args = getopt.getopt(sys.argv[1:], 'deut') 336 except getopt.error, msg: 337 sys.stdout = sys.stderr 338 print msg 339 print """usage: %s [-d|-e|-u|-t] [file|-] 340 -d, -u: decode 341 -e: encode (default) 342 -t: encode and decode string 'Aladdin:open sesame'"""%sys.argv[0] 343 sys.exit(2) 344 func = encode 345 for o, a in opts: 346 if o == '-e': func = encode 347 if o == '-d': func = decode 348 if o == '-u': func = decode 349 if o == '-t': test1(); return 350 if args and args[0] != '-': 351 with open(args[0], 'rb') as f: 352 func(f, sys.stdout) 353 else: 354 func(sys.stdin, sys.stdout) 355 356 357 def test1(): 358 s0 = "Aladdin:open sesame" 359 s1 = encodestring(s0) 360 s2 = decodestring(s1) 361 print s0, repr(s1), s2 362 363 364 if __name__ == '__main__': 365 test() 366
