base64.c 8.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * SPDX-License-Identifier: curl
  22. *
  23. ***************************************************************************/
  24. /* Base64 encoding/decoding */
  25. #include "curl_setup.h"
  26. #if !defined(CURL_DISABLE_HTTP_AUTH) || defined(USE_SSH) || \
  27. !defined(CURL_DISABLE_LDAP) || \
  28. !defined(CURL_DISABLE_SMTP) || \
  29. !defined(CURL_DISABLE_POP3) || \
  30. !defined(CURL_DISABLE_IMAP) || \
  31. !defined(CURL_DISABLE_DOH) || defined(USE_SSL)
  32. #include "urldata.h" /* for the Curl_easy definition */
  33. #include "warnless.h"
  34. #include "curl_base64.h"
  35. /* The last 2 #include files should be in this order */
  36. #include "curl_memory.h"
  37. #include "memdebug.h"
  38. /* ---- Base64 Encoding/Decoding Table --- */
  39. /* Padding character string starts at offset 64. */
  40. static const char base64encdec[]=
  41. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
  42. /* The Base 64 encoding with a URL and filename safe alphabet, RFC 4648
  43. section 5 */
  44. static const char base64url[]=
  45. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
  46. static const unsigned char decodetable[] =
  47. { 62, 255, 255, 255, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255,
  48. 255, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
  49. 17, 18, 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, 255, 26, 27, 28,
  50. 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
  51. 48, 49, 50, 51 };
  52. /*
  53. * Curl_base64_decode()
  54. *
  55. * Given a base64 NUL-terminated string at src, decode it and return a
  56. * pointer in *outptr to a newly allocated memory area holding decoded
  57. * data. Size of decoded data is returned in variable pointed by outlen.
  58. *
  59. * Returns CURLE_OK on success, otherwise specific error code. Function
  60. * output shall not be considered valid unless CURLE_OK is returned.
  61. *
  62. * When decoded data length is 0, returns NULL in *outptr.
  63. *
  64. * @unittest: 1302
  65. */
  66. CURLcode Curl_base64_decode(const char *src,
  67. unsigned char **outptr, size_t *outlen)
  68. {
  69. size_t srclen = 0;
  70. size_t padding = 0;
  71. size_t i;
  72. size_t numQuantums;
  73. size_t fullQuantums;
  74. size_t rawlen = 0;
  75. unsigned char *pos;
  76. unsigned char *newstr;
  77. unsigned char lookup[256];
  78. *outptr = NULL;
  79. *outlen = 0;
  80. srclen = strlen(src);
  81. /* Check the length of the input string is valid */
  82. if(!srclen || srclen % 4)
  83. return CURLE_BAD_CONTENT_ENCODING;
  84. /* srclen is at least 4 here */
  85. while(src[srclen - 1 - padding] == '=') {
  86. /* count padding characters */
  87. padding++;
  88. /* A maximum of two = padding characters is allowed */
  89. if(padding > 2)
  90. return CURLE_BAD_CONTENT_ENCODING;
  91. }
  92. /* Calculate the number of quantums */
  93. numQuantums = srclen / 4;
  94. fullQuantums = numQuantums - (padding ? 1 : 0);
  95. /* Calculate the size of the decoded string */
  96. rawlen = (numQuantums * 3) - padding;
  97. /* Allocate our buffer including room for a null-terminator */
  98. newstr = malloc(rawlen + 1);
  99. if(!newstr)
  100. return CURLE_OUT_OF_MEMORY;
  101. pos = newstr;
  102. memset(lookup, 0xff, sizeof(lookup));
  103. memcpy(&lookup['+'], decodetable, sizeof(decodetable));
  104. /* replaces
  105. {
  106. unsigned char c;
  107. const unsigned char *p = (const unsigned char *)base64encdec;
  108. for(c = 0; *p; c++, p++)
  109. lookup[*p] = c;
  110. }
  111. */
  112. /* Decode the complete quantums first */
  113. for(i = 0; i < fullQuantums; i++) {
  114. unsigned char val;
  115. unsigned int x = 0;
  116. int j;
  117. for(j = 0; j < 4; j++) {
  118. val = lookup[(unsigned char)*src++];
  119. if(val == 0xff) /* bad symbol */
  120. goto bad;
  121. x = (x << 6) | val;
  122. }
  123. pos[2] = x & 0xff;
  124. pos[1] = (x >> 8) & 0xff;
  125. pos[0] = (x >> 16) & 0xff;
  126. pos += 3;
  127. }
  128. if(padding) {
  129. /* this means either 8 or 16 bits output */
  130. unsigned char val;
  131. unsigned int x = 0;
  132. int j;
  133. size_t padc = 0;
  134. for(j = 0; j < 4; j++) {
  135. if(*src == '=') {
  136. x <<= 6;
  137. src++;
  138. if(++padc > padding)
  139. /* this is a badly placed '=' symbol! */
  140. goto bad;
  141. }
  142. else {
  143. val = lookup[(unsigned char)*src++];
  144. if(val == 0xff) /* bad symbol */
  145. goto bad;
  146. x = (x << 6) | val;
  147. }
  148. }
  149. if(padding == 1)
  150. pos[1] = (x >> 8) & 0xff;
  151. pos[0] = (x >> 16) & 0xff;
  152. pos += 3 - padding;
  153. }
  154. /* Zero terminate */
  155. *pos = '\0';
  156. /* Return the decoded data */
  157. *outptr = newstr;
  158. *outlen = rawlen;
  159. return CURLE_OK;
  160. bad:
  161. free(newstr);
  162. return CURLE_BAD_CONTENT_ENCODING;
  163. }
  164. static CURLcode base64_encode(const char *table64,
  165. const char *inputbuff, size_t insize,
  166. char **outptr, size_t *outlen)
  167. {
  168. char *output;
  169. char *base64data;
  170. const unsigned char *in = (unsigned char *)inputbuff;
  171. const char *padstr = &table64[64]; /* Point to padding string. */
  172. *outptr = NULL;
  173. *outlen = 0;
  174. if(!insize)
  175. insize = strlen(inputbuff);
  176. #if SIZEOF_SIZE_T == 4
  177. if(insize > UINT_MAX/4)
  178. return CURLE_OUT_OF_MEMORY;
  179. #endif
  180. base64data = output = malloc((insize + 2) / 3 * 4 + 1);
  181. if(!output)
  182. return CURLE_OUT_OF_MEMORY;
  183. while(insize >= 3) {
  184. *output++ = table64[ in[0] >> 2 ];
  185. *output++ = table64[ ((in[0] & 0x03) << 4) | (in[1] >> 4) ];
  186. *output++ = table64[ ((in[1] & 0x0F) << 2) | ((in[2] & 0xC0) >> 6) ];
  187. *output++ = table64[ in[2] & 0x3F ];
  188. insize -= 3;
  189. in += 3;
  190. }
  191. if(insize) {
  192. /* this is only one or two bytes now */
  193. *output++ = table64[ in[0] >> 2 ];
  194. if(insize == 1) {
  195. *output++ = table64[ ((in[0] & 0x03) << 4) ];
  196. if(*padstr) {
  197. *output++ = *padstr;
  198. *output++ = *padstr;
  199. }
  200. }
  201. else {
  202. /* insize == 2 */
  203. *output++ = table64[ ((in[0] & 0x03) << 4) | ((in[1] & 0xF0) >> 4) ];
  204. *output++ = table64[ ((in[1] & 0x0F) << 2) ];
  205. if(*padstr)
  206. *output++ = *padstr;
  207. }
  208. }
  209. /* Zero terminate */
  210. *output = '\0';
  211. /* Return the pointer to the new data (allocated memory) */
  212. *outptr = base64data;
  213. /* Return the length of the new data */
  214. *outlen = output - base64data;
  215. return CURLE_OK;
  216. }
  217. /*
  218. * Curl_base64_encode()
  219. *
  220. * Given a pointer to an input buffer and an input size, encode it and
  221. * return a pointer in *outptr to a newly allocated memory area holding
  222. * encoded data. Size of encoded data is returned in variable pointed by
  223. * outlen.
  224. *
  225. * Input length of 0 indicates input buffer holds a NUL-terminated string.
  226. *
  227. * Returns CURLE_OK on success, otherwise specific error code. Function
  228. * output shall not be considered valid unless CURLE_OK is returned.
  229. *
  230. * @unittest: 1302
  231. */
  232. CURLcode Curl_base64_encode(const char *inputbuff, size_t insize,
  233. char **outptr, size_t *outlen)
  234. {
  235. return base64_encode(base64encdec, inputbuff, insize, outptr, outlen);
  236. }
  237. /*
  238. * Curl_base64url_encode()
  239. *
  240. * Given a pointer to an input buffer and an input size, encode it and
  241. * return a pointer in *outptr to a newly allocated memory area holding
  242. * encoded data. Size of encoded data is returned in variable pointed by
  243. * outlen.
  244. *
  245. * Input length of 0 indicates input buffer holds a NUL-terminated string.
  246. *
  247. * Returns CURLE_OK on success, otherwise specific error code. Function
  248. * output shall not be considered valid unless CURLE_OK is returned.
  249. *
  250. * @unittest: 1302
  251. */
  252. CURLcode Curl_base64url_encode(const char *inputbuff, size_t insize,
  253. char **outptr, size_t *outlen)
  254. {
  255. return base64_encode(base64url, inputbuff, insize, outptr, outlen);
  256. }
  257. #endif /* no users so disabled */