/src/PROJ/curl/lib/base64.c

Source (jump to first uncovered line)
/***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at https://curl.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 * SPDX-License-Identifier: curl
 *
 ***************************************************************************/

/* Base64 encoding/decoding */

#include "curl_setup.h"

#if !defined(CURL_DISABLE_HTTP_AUTH) || defined(USE_SSH) || \
  !defined(CURL_DISABLE_LDAP) || \
  !defined(CURL_DISABLE_SMTP) || \
  !defined(CURL_DISABLE_POP3) || \
  !defined(CURL_DISABLE_IMAP) || \
  !defined(CURL_DISABLE_DIGEST_AUTH) || \
  !defined(CURL_DISABLE_DOH) || defined(USE_SSL) || defined(BUILDING_CURL)
#include "curl/curl.h"
#include "warnless.h"
#include "curl_base64.h"

/* The last 2 #include files should be in this order */
#ifdef BUILDING_LIBCURL
#include "curl_memory.h"
#endif
#include "memdebug.h"

/* ---- Base64 Encoding/Decoding Table --- */
/* Padding character string starts at offset 64. */
static const char base64encdec[]=
  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";

/* The Base 64 encoding with a URL and filename safe alphabet, RFC 4648
   section 5 */
static const char base64url[]=
  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";

static const unsigned char decodetable[] =
{ 62, 255, 255, 255, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255,
  255, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
  17, 18, 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, 255, 26, 27, 28,
  29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
  48, 49, 50, 51 };
/*
 * Curl_base64_decode()
 *
 * Given a base64 NUL-terminated string at src, decode it and return a
 * pointer in *outptr to a newly allocated memory area holding decoded
 * data. Size of decoded data is returned in variable pointed by outlen.
 *
 * Returns CURLE_OK on success, otherwise specific error code. Function
 * output shall not be considered valid unless CURLE_OK is returned.
 *
 * When decoded data length is 0, returns NULL in *outptr.
 *
 * @unittest: 1302
 */
CURLcode Curl_base64_decode(const char *src,
                            unsigned char **outptr, size_t *outlen)
{
  size_t srclen = 0;
  size_t padding = 0;
  size_t i;
  size_t numQuantums;
  size_t fullQuantums;
  size_t rawlen = 0;
  unsigned char *pos;
  unsigned char *newstr;
  unsigned char lookup[256];

  *outptr = NULL;
  *outlen = 0;
  srclen = strlen(src);

  /* Check the length of the input string is valid */
  if(!srclen || srclen % 4)
    return CURLE_BAD_CONTENT_ENCODING;

  /* srclen is at least 4 here */
  while(src[srclen - 1 - padding] == '=') {
    /* count padding characters */
    padding++;
    /* A maximum of two = padding characters is allowed */
    if(padding > 2)
      return CURLE_BAD_CONTENT_ENCODING;
  }

  /* Calculate the number of quantums */
  numQuantums = srclen / 4;
  fullQuantums = numQuantums - (padding ? 1 : 0);

  /* Calculate the size of the decoded string */
  rawlen = (numQuantums * 3) - padding;

  /* Allocate our buffer including room for a null-terminator */
  newstr = malloc(rawlen + 1);
  if(!newstr)
    return CURLE_OUT_OF_MEMORY;

  pos = newstr;

  memset(lookup, 0xff, sizeof(lookup));
  memcpy(&lookup['+'], decodetable, sizeof(decodetable));
  /* replaces
  {
    unsigned char c;
    const unsigned char *p = (const unsigned char *)base64encdec;
    for(c = 0; *p; c++, p++)
      lookup[*p] = c;
  }
  */

  /* Decode the complete quantums first */
  for(i = 0; i < fullQuantums; i++) {
    unsigned char val;
    unsigned int x = 0;
    int j;

    for(j = 0; j < 4; j++) {
      val = lookup[(unsigned char)*src++];
      if(val == 0xff) /* bad symbol */
        goto bad;
      x = (x << 6) | val;
    }
    pos[2] = x & 0xff;
    pos[1] = (x >> 8) & 0xff;
    pos[0] = (x >> 16) & 0xff;
    pos += 3;
  }
  if(padding) {
    /* this means either 8 or 16 bits output */
    unsigned char val;
    unsigned int x = 0;
    int j;
    size_t padc = 0;
    for(j = 0; j < 4; j++) {
      if(*src == '=') {
        x <<= 6;
        src++;
        if(++padc > padding)
          /* this is a badly placed '=' symbol! */
          goto bad;
      }
      else {
        val = lookup[(unsigned char)*src++];
        if(val == 0xff) /* bad symbol */
          goto bad;
        x = (x << 6) | val;
      }
    }
    if(padding == 1)
      pos[1] = (x >> 8) & 0xff;
    pos[0] = (x >> 16) & 0xff;
    pos += 3 - padding;
  }

  /* Zero terminate */
  *pos = '\0';

  /* Return the decoded data */
  *outptr = newstr;
  *outlen = rawlen;

  return CURLE_OK;
bad:
  free(newstr);
  return CURLE_BAD_CONTENT_ENCODING;
}

static CURLcode base64_encode(const char *table64,
                              const char *inputbuff, size_t insize,
                              char **outptr, size_t *outlen)
{
  char *output;
  char *base64data;
  const unsigned char *in = (unsigned char *)inputbuff;
  const char *padstr = &table64[64];    /* Point to padding string. */

  *outptr = NULL;
  *outlen = 0;

  if(!insize)
    insize = strlen(inputbuff);

#if SIZEOF_SIZE_T == 4
  if(insize > UINT_MAX/4)
    return CURLE_OUT_OF_MEMORY;
#endif

  base64data = output = malloc((insize + 2) / 3 * 4 + 1);
  if(!output)
    return CURLE_OUT_OF_MEMORY;

  while(insize >= 3) {
    *output++ = table64[ in[0] >> 2 ];
    *output++ = table64[ ((in[0] & 0x03) << 4) | (in[1] >> 4) ];
    *output++ = table64[ ((in[1] & 0x0F) << 2) | ((in[2] & 0xC0) >> 6) ];
    *output++ = table64[ in[2] & 0x3F ];
    insize -= 3;
    in += 3;
  }
  if(insize) {
    /* this is only one or two bytes now */
    *output++ = table64[ in[0] >> 2 ];
    if(insize == 1) {
      *output++ = table64[ ((in[0] & 0x03) << 4) ];
      if(*padstr) {
        *output++ = *padstr;
        *output++ = *padstr;
      }
    }
    else {
      /* insize == 2 */
      *output++ = table64[ ((in[0] & 0x03) << 4) | ((in[1] & 0xF0) >> 4) ];
      *output++ = table64[ ((in[1] & 0x0F) << 2) ];
      if(*padstr)
        *output++ = *padstr;
    }
  }

  /* Zero terminate */
  *output = '\0';

  /* Return the pointer to the new data (allocated memory) */
  *outptr = base64data;

  /* Return the length of the new data */
  *outlen = output - base64data;

  return CURLE_OK;
}

/*
 * Curl_base64_encode()
 *
 * Given a pointer to an input buffer and an input size, encode it and
 * return a pointer in *outptr to a newly allocated memory area holding
 * encoded data. Size of encoded data is returned in variable pointed by
 * outlen.
 *
 * Input length of 0 indicates input buffer holds a NUL-terminated string.
 *
 * Returns CURLE_OK on success, otherwise specific error code. Function
 * output shall not be considered valid unless CURLE_OK is returned.
 *
 * @unittest: 1302
 */
CURLcode Curl_base64_encode(const char *inputbuff, size_t insize,
                            char **outptr, size_t *outlen)
{
  return base64_encode(base64encdec, inputbuff, insize, outptr, outlen);
}

/*
 * Curl_base64url_encode()
 *
 * Given a pointer to an input buffer and an input size, encode it and
 * return a pointer in *outptr to a newly allocated memory area holding
 * encoded data. Size of encoded data is returned in variable pointed by
 * outlen.
 *
 * Input length of 0 indicates input buffer holds a NUL-terminated string.
 *
 * Returns CURLE_OK on success, otherwise specific error code. Function
 * output shall not be considered valid unless CURLE_OK is returned.
 *
 * @unittest: 1302
 */
CURLcode Curl_base64url_encode(const char *inputbuff, size_t insize,
                               char **outptr, size_t *outlen)
{
  return base64_encode(base64url, inputbuff, insize, outptr, outlen);
}

#endif /* no users so disabled */

Coverage Report

Created: 2024-02-25 06:14

Line	Count	Source (jump to first uncovered line)
1		/***************************************************************************
2		* _ _ ____ _
3		* Project ___\| \| \| \| _ \\| \|
4		* / __\| \| \| \| \|_) \| \|
5		* \| (__\| \|_\| \| _ <\| \|___
6		* \___\|\___/\|_\| \_\_____\|
7		*
8		* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9		*
10		* This software is licensed as described in the file COPYING, which
11		* you should have received as part of this distribution. The terms
12		* are also available at https://curl.se/docs/copyright.html.
13		*
14		* You may opt to use, copy, modify, merge, publish, distribute and/or sell
15		* copies of the Software, and permit persons to whom the Software is
16		* furnished to do so, under the terms of the COPYING file.
17		*
18		* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19		* KIND, either express or implied.
20		*
21		* SPDX-License-Identifier: curl
22		*
23		***************************************************************************/
24
25		/* Base64 encoding/decoding */
26
27		#include "curl_setup.h"
28
29		#if !defined(CURL_DISABLE_HTTP_AUTH) \|\| defined(USE_SSH) \|\| \
30		!defined(CURL_DISABLE_LDAP) \|\| \
31		!defined(CURL_DISABLE_SMTP) \|\| \
32		!defined(CURL_DISABLE_POP3) \|\| \
33		!defined(CURL_DISABLE_IMAP) \|\| \
34		!defined(CURL_DISABLE_DIGEST_AUTH) \|\| \
35		!defined(CURL_DISABLE_DOH) \|\| defined(USE_SSL) \|\| defined(BUILDING_CURL)
36		#include "curl/curl.h"
37		#include "warnless.h"
38		#include "curl_base64.h"
39
40		/* The last 2 #include files should be in this order */
41		#ifdef BUILDING_LIBCURL
42		#include "curl_memory.h"
43		#endif
44		#include "memdebug.h"
45
46		/* ---- Base64 Encoding/Decoding Table --- */
47		/* Padding character string starts at offset 64. */
48		static const char base64encdec[]=
49		"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
50
51		/* The Base 64 encoding with a URL and filename safe alphabet, RFC 4648
52		section 5 */
53		static const char base64url[]=
54		"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
55
56		static const unsigned char decodetable[] =
57		{ 62, 255, 255, 255, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255,
58		255, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
59		17, 18, 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, 255, 26, 27, 28,
60		29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
61		48, 49, 50, 51 };
62		/*
63		* Curl_base64_decode()
64		*
65		* Given a base64 NUL-terminated string at src, decode it and return a
66		* pointer in *outptr to a newly allocated memory area holding decoded
67		* data. Size of decoded data is returned in variable pointed by outlen.
68		*
69		* Returns CURLE_OK on success, otherwise specific error code. Function
70		* output shall not be considered valid unless CURLE_OK is returned.
71		*
72		* When decoded data length is 0, returns NULL in *outptr.
73		*
74		* @unittest: 1302
75		*/
76		CURLcode Curl_base64_decode(const char *src,
77		unsigned char *outptr, size_t outlen)
78	0	{
79	0	size_t srclen = 0;
80	0	size_t padding = 0;
81	0	size_t i;
82	0	size_t numQuantums;
83	0	size_t fullQuantums;
84	0	size_t rawlen = 0;
85	0	unsigned char *pos;
86	0	unsigned char *newstr;
87	0	unsigned char lookup[256];
88
89	0	*outptr = NULL;
90	0	*outlen = 0;
91	0	srclen = strlen(src);
92
93		/* Check the length of the input string is valid */
94	0	if(!srclen \|\| srclen % 4)
95	0	return CURLE_BAD_CONTENT_ENCODING;
96
97		/* srclen is at least 4 here */
98	0	while(src[srclen - 1 - padding] == '=') {
99		/* count padding characters */
100	0	padding++;
101		/* A maximum of two = padding characters is allowed */
102	0	if(padding > 2)
103	0	return CURLE_BAD_CONTENT_ENCODING;
104	0	}
105
106		/* Calculate the number of quantums */
107	0	numQuantums = srclen / 4;
108	0	fullQuantums = numQuantums - (padding ? 1 : 0);
109
110		/* Calculate the size of the decoded string */
111	0	rawlen = (numQuantums * 3) - padding;
112
113		/* Allocate our buffer including room for a null-terminator */
114	0	newstr = malloc(rawlen + 1);
115	0	if(!newstr)
116	0	return CURLE_OUT_OF_MEMORY;
117
118	0	pos = newstr;
119
120	0	memset(lookup, 0xff, sizeof(lookup));
121	0	memcpy(&lookup['+'], decodetable, sizeof(decodetable));
122		/* replaces
123		{
124		unsigned char c;
125		const unsigned char p = (const unsigned char )base64encdec;
126		for(c = 0; *p; c++, p++)
127		lookup[*p] = c;
128		}
129		*/
130
131		/* Decode the complete quantums first */
132	0	for(i = 0; i < fullQuantums; i++) {
133	0	unsigned char val;
134	0	unsigned int x = 0;
135	0	int j;
136
137	0	for(j = 0; j < 4; j++) {
138	0	val = lookup[(unsigned char)*src++];
139	0	if(val == 0xff) /* bad symbol */
140	0	goto bad;
141	0	x = (x << 6) \| val;
142	0	}
143	0	pos[2] = x & 0xff;
144	0	pos[1] = (x >> 8) & 0xff;
145	0	pos[0] = (x >> 16) & 0xff;
146	0	pos += 3;
147	0	}
148	0	if(padding) {
149		/* this means either 8 or 16 bits output */
150	0	unsigned char val;
151	0	unsigned int x = 0;
152	0	int j;
153	0	size_t padc = 0;
154	0	for(j = 0; j < 4; j++) {
155	0	if(*src == '=') {
156	0	x <<= 6;
157	0	src++;
158	0	if(++padc > padding)
159		/* this is a badly placed '=' symbol! */
160	0	goto bad;
161	0	}
162	0	else {
163	0	val = lookup[(unsigned char)*src++];
164	0	if(val == 0xff) /* bad symbol */
165	0	goto bad;
166	0	x = (x << 6) \| val;
167	0	}
168	0	}
169	0	if(padding == 1)
170	0	pos[1] = (x >> 8) & 0xff;
171	0	pos[0] = (x >> 16) & 0xff;
172	0	pos += 3 - padding;
173	0	}
174
175		/* Zero terminate */
176	0	*pos = '\0';
177
178		/* Return the decoded data */
179	0	*outptr = newstr;
180	0	*outlen = rawlen;
181
182	0	return CURLE_OK;
183	0	bad:
184	0	free(newstr);
185	0	return CURLE_BAD_CONTENT_ENCODING;
186	0	}
187
188		static CURLcode base64_encode(const char *table64,
189		const char *inputbuff, size_t insize,
190		char *outptr, size_t outlen)
191	0	{
192	0	char *output;
193	0	char *base64data;
194	0	const unsigned char in = (unsigned char )inputbuff;
195	0	const char padstr = &table64[64]; / Point to padding string. */
196
197	0	*outptr = NULL;
198	0	*outlen = 0;
199
200	0	if(!insize)
201	0	insize = strlen(inputbuff);
202
203		#if SIZEOF_SIZE_T == 4
204		if(insize > UINT_MAX/4)
205		return CURLE_OUT_OF_MEMORY;
206		#endif
207
208	0	base64data = output = malloc((insize + 2) / 3 * 4 + 1);
209	0	if(!output)
210	0	return CURLE_OUT_OF_MEMORY;
211
212	0	while(insize >= 3) {
213	0	*output++ = table64[ in[0] >> 2 ];
214	0	*output++ = table64[ ((in[0] & 0x03) << 4) \| (in[1] >> 4) ];
215	0	*output++ = table64[ ((in[1] & 0x0F) << 2) \| ((in[2] & 0xC0) >> 6) ];
216	0	*output++ = table64[ in[2] & 0x3F ];
217	0	insize -= 3;
218	0	in += 3;
219	0	}
220	0	if(insize) {
221		/* this is only one or two bytes now */
222	0	*output++ = table64[ in[0] >> 2 ];
223	0	if(insize == 1) {
224	0	*output++ = table64[ ((in[0] & 0x03) << 4) ];
225	0	if(*padstr) {
226	0	output++ = padstr;
227	0	output++ = padstr;
228	0	}
229	0	}
230	0	else {
231		/* insize == 2 */
232	0	*output++ = table64[ ((in[0] & 0x03) << 4) \| ((in[1] & 0xF0) >> 4) ];
233	0	*output++ = table64[ ((in[1] & 0x0F) << 2) ];
234	0	if(*padstr)
235	0	output++ = padstr;
236	0	}
237	0	}
238
239		/* Zero terminate */
240	0	*output = '\0';
241
242		/* Return the pointer to the new data (allocated memory) */
243	0	*outptr = base64data;
244
245		/* Return the length of the new data */
246	0	*outlen = output - base64data;
247
248	0	return CURLE_OK;
249	0	}
250
251		/*
252		* Curl_base64_encode()
253		*
254		* Given a pointer to an input buffer and an input size, encode it and
255		* return a pointer in *outptr to a newly allocated memory area holding
256		* encoded data. Size of encoded data is returned in variable pointed by
257		* outlen.
258		*
259		* Input length of 0 indicates input buffer holds a NUL-terminated string.
260		*
261		* Returns CURLE_OK on success, otherwise specific error code. Function
262		* output shall not be considered valid unless CURLE_OK is returned.
263		*
264		* @unittest: 1302
265		*/
266		CURLcode Curl_base64_encode(const char *inputbuff, size_t insize,
267		char *outptr, size_t outlen)
268	0	{
269	0	return base64_encode(base64encdec, inputbuff, insize, outptr, outlen);
270	0	}
271
272		/*
273		* Curl_base64url_encode()
274		*
275		* Given a pointer to an input buffer and an input size, encode it and
276		* return a pointer in *outptr to a newly allocated memory area holding
277		* encoded data. Size of encoded data is returned in variable pointed by
278		* outlen.
279		*
280		* Input length of 0 indicates input buffer holds a NUL-terminated string.
281		*
282		* Returns CURLE_OK on success, otherwise specific error code. Function
283		* output shall not be considered valid unless CURLE_OK is returned.
284		*
285		* @unittest: 1302
286		*/
287		CURLcode Curl_base64url_encode(const char *inputbuff, size_t insize,
288		char *outptr, size_t outlen)
289	0	{
290	0	return base64_encode(base64url, inputbuff, insize, outptr, outlen);
291	0	}
292
293		#endif /* no users so disabled */