source: openpam/trunk/lib/liboath/oath_base64.c @ 771

Last change on this file since 771 was 771, checked in by Dag-Erling Smørgrav, 7 years ago

Replace base{32,64}_decode() with table-driven implementations. The new
code is less strict about padding, thus ensuring compatibility with
implementations which do not understand padding, such as MIME::Base32.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 5.1 KB
Line 
1/*-
2 * Copyright (c) 2013-2014 Universitetet i Oslo
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 * 3. The name of the author may not be used to endorse or promote
14 *    products derived from this software without specific prior written
15 *    permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $Id: oath_base64.c 771 2014-03-06 17:54:58Z des $
30 */
31
32#ifdef HAVE_CONFIG_H
33# include "config.h"
34#endif
35
36#include <sys/types.h>
37
38#include <errno.h>
39#include <stdint.h>
40
41#include <security/oath.h>
42
43static const char b64enc[] =
44    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
45    "abcdefghijklmnopqrstuvwxyz"
46    "0123456789+/";
47
48static const uint8_t b64dec[256] = {
49        ['A'] =  0, ['B'] =  1, ['C'] =  2, ['D'] =  3,
50        ['E'] =  4, ['F'] =  5, ['G'] =  6, ['H'] =  7,
51        ['I'] =  8, ['J'] =  9, ['K'] = 10, ['L'] = 11,
52        ['M'] = 12, ['N'] = 13, ['O'] = 14, ['P'] = 15,
53        ['Q'] = 16, ['R'] = 17, ['S'] = 18, ['T'] = 19,
54        ['U'] = 20, ['V'] = 21, ['W'] = 22, ['X'] = 23,
55        ['Y'] = 24, ['Z'] = 25, ['a'] = 26, ['b'] = 27,
56        ['c'] = 28, ['d'] = 29, ['e'] = 30, ['f'] = 31,
57        ['g'] = 32, ['h'] = 33, ['i'] = 34, ['j'] = 35,
58        ['k'] = 36, ['l'] = 37, ['m'] = 38, ['n'] = 39,
59        ['o'] = 40, ['p'] = 41, ['q'] = 42, ['r'] = 43,
60        ['s'] = 44, ['t'] = 45, ['u'] = 46, ['v'] = 47,
61        ['w'] = 48, ['x'] = 49, ['y'] = 50, ['z'] = 51,
62        ['0'] = 52, ['1'] = 53, ['2'] = 54, ['3'] = 55,
63        ['4'] = 56, ['5'] = 57, ['6'] = 58, ['7'] = 59,
64        ['8'] = 60, ['9'] = 61, ['+'] = 62, ['/'] = 63,
65};
66
67/*
68 * Encode data in RFC 4648 base 64 representation.  The target buffer must
69 * have room for base64_enclen(len) characters and a terminating NUL.
70 */
71int
72base64_enc(const uint8_t *in, size_t ilen, char *out, size_t *olen)
73{
74        uint32_t bits;
75
76        if (*olen <= base64_enclen(ilen))
77                return (-1);
78        *olen = 0;
79        while (ilen >= 3) {
80                bits = 0;
81                bits |= (uint32_t)in[0] << 16;
82                bits |= (uint32_t)in[1] << 8;
83                bits |= (uint32_t)in[2];
84                ilen -= 3;
85                in += 3;
86                out[0] = b64enc[bits >> 18 & 0x3f];
87                out[1] = b64enc[bits >> 12 & 0x3f];
88                out[2] = b64enc[bits >> 6 & 0x3f];
89                out[3] = b64enc[bits & 0x3f];
90                *olen += 4;
91                out += 4;
92        }
93        if (ilen > 0) {
94                bits = 0;
95                switch (ilen) {
96                case 2:
97                        bits |= (uint32_t)in[1] << 8;
98                case 1:
99                        bits |= (uint32_t)in[0] << 16;
100                }
101                out[0] = b64enc[bits >> 18 & 0x3f];
102                out[1] = b64enc[bits >> 12 & 0x3f];
103                out[2] = ilen > 1 ? b64enc[bits >> 6 & 0x3f] : '=';
104                out[3] = '=';
105                *olen += 4;
106                out += 4;
107        }
108        out[0] = '\0';
109        ++*olen;
110        return (0);
111}
112
113/*
114 * Decode data in RFC 4648 base 64 representation, stopping at the
115 * terminating NUL, the first invalid (non-base64, non-whitespace)
116 * character or after len characters, whichever comes first.
117 *
118 * Padding is handled sloppily: any padding character following the data
119 * is silently consumed.  This not only simplifies the code but ensures
120 * compatibility with implementations which do not emit or understand
121 * padding.
122 *
123 * The olen argument is used by the caller to pass the size of the buffer
124 * and by base64_dec() to return the amount of data successfully decoded.
125 * If the buffer is too small, base64_dec() discards the excess data, but
126 * returns the total amount.
127 */
128int
129base64_dec(const char *in, size_t ilen, uint8_t *out, size_t *olen)
130{
131        size_t len;
132        int bits, shift, padding;
133
134        for (bits = shift = padding = len = 0; ilen && *in; --ilen, ++in) {
135                if (*in == ' ' || *in == '\t' || *in == '\r' || *in == '\n' ||
136                    (padding && *in == '=')) {
137                        /* consume */
138                        continue;
139                } else if (!padding && b64dec[(int)*in]) {
140                        /* shift into accumulator */
141                        shift += 6;
142                        bits = bits << 6 | b64dec[(int)*in];
143                } else if (!padding && shift && *in == '=') {
144                        /* final byte */
145                        shift = 0;
146                        padding = 1;
147                } else {
148                        /* error */
149                        *olen = 0;
150                        errno = EINVAL;
151                        return (-1);
152                }
153                if (shift >= 8) {
154                        /* output accumulated byte */
155                        shift -= 8;
156                        if (len++ < *olen)
157                                *out++ = (bits >> shift) & 0xff;
158                }
159        }
160        /* report decoded length */
161        *olen = len;
162        if (len > *olen) {
163                /* overflow */
164                errno = ENOSPC;
165                return (-1);
166        }
167        return (0);
168}
Note: See TracBrowser for help on using the repository browser.