10Sstevel@tonic-gate /* $OpenBSD: base64.c,v 1.4 2002/01/02 23:00:10 deraadt Exp $ */
20Sstevel@tonic-gate
30Sstevel@tonic-gate /*
40Sstevel@tonic-gate * Copyright (c) 1996 by Internet Software Consortium.
50Sstevel@tonic-gate *
60Sstevel@tonic-gate * Permission to use, copy, modify, and distribute this software for any
70Sstevel@tonic-gate * purpose with or without fee is hereby granted, provided that the above
80Sstevel@tonic-gate * copyright notice and this permission notice appear in all copies.
90Sstevel@tonic-gate *
100Sstevel@tonic-gate * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
110Sstevel@tonic-gate * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
120Sstevel@tonic-gate * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
130Sstevel@tonic-gate * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
140Sstevel@tonic-gate * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
150Sstevel@tonic-gate * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
160Sstevel@tonic-gate * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
170Sstevel@tonic-gate * SOFTWARE.
180Sstevel@tonic-gate */
190Sstevel@tonic-gate
200Sstevel@tonic-gate /*
210Sstevel@tonic-gate * Portions Copyright (c) 1995 by International Business Machines, Inc.
220Sstevel@tonic-gate *
230Sstevel@tonic-gate * International Business Machines, Inc. (hereinafter called IBM) grants
240Sstevel@tonic-gate * permission under its copyrights to use, copy, modify, and distribute this
250Sstevel@tonic-gate * Software with or without fee, provided that the above copyright notice and
260Sstevel@tonic-gate * all paragraphs of this notice appear in all copies, and that the name of IBM
270Sstevel@tonic-gate * not be used in connection with the marketing of any product incorporating
280Sstevel@tonic-gate * the Software or modifications thereof, without specific, written prior
290Sstevel@tonic-gate * permission.
300Sstevel@tonic-gate *
310Sstevel@tonic-gate * To the extent it has a right to do so, IBM grants an immunity from suit
320Sstevel@tonic-gate * under its patents, if any, for the use, sale or manufacture of products to
330Sstevel@tonic-gate * the extent that such products are used for performing Domain Name System
340Sstevel@tonic-gate * dynamic updates in TCP/IP networks by means of the Software. No immunity is
350Sstevel@tonic-gate * granted for any product per se or for any other function of any product.
360Sstevel@tonic-gate *
370Sstevel@tonic-gate * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
380Sstevel@tonic-gate * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
390Sstevel@tonic-gate * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
400Sstevel@tonic-gate * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
410Sstevel@tonic-gate * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
420Sstevel@tonic-gate * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
430Sstevel@tonic-gate */
440Sstevel@tonic-gate
45*5243Sjp161948 #pragma ident "%Z%%M% %I% %E% SMI"
46*5243Sjp161948
470Sstevel@tonic-gate #include "includes.h"
480Sstevel@tonic-gate
490Sstevel@tonic-gate #if !defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP)
500Sstevel@tonic-gate
510Sstevel@tonic-gate #include <sys/types.h>
520Sstevel@tonic-gate #include <sys/param.h>
530Sstevel@tonic-gate #include <sys/socket.h>
540Sstevel@tonic-gate #include <netinet/in.h>
550Sstevel@tonic-gate #include <arpa/inet.h>
560Sstevel@tonic-gate
570Sstevel@tonic-gate #include <ctype.h>
580Sstevel@tonic-gate #include <stdio.h>
590Sstevel@tonic-gate
600Sstevel@tonic-gate #include <stdlib.h>
610Sstevel@tonic-gate #include <string.h>
620Sstevel@tonic-gate
630Sstevel@tonic-gate #include "base64.h"
640Sstevel@tonic-gate
650Sstevel@tonic-gate /* XXX abort illegal in library */
660Sstevel@tonic-gate #define Assert(Cond) if (!(Cond)) abort()
670Sstevel@tonic-gate
680Sstevel@tonic-gate static const char Base64[] =
690Sstevel@tonic-gate "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
700Sstevel@tonic-gate static const char Pad64 = '=';
710Sstevel@tonic-gate
720Sstevel@tonic-gate /* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
730Sstevel@tonic-gate The following encoding technique is taken from RFC 1521 by Borenstein
740Sstevel@tonic-gate and Freed. It is reproduced here in a slightly edited form for
750Sstevel@tonic-gate convenience.
760Sstevel@tonic-gate
770Sstevel@tonic-gate A 65-character subset of US-ASCII is used, enabling 6 bits to be
780Sstevel@tonic-gate represented per printable character. (The extra 65th character, "=",
790Sstevel@tonic-gate is used to signify a special processing function.)
800Sstevel@tonic-gate
810Sstevel@tonic-gate The encoding process represents 24-bit groups of input bits as output
820Sstevel@tonic-gate strings of 4 encoded characters. Proceeding from left to right, a
830Sstevel@tonic-gate 24-bit input group is formed by concatenating 3 8-bit input groups.
840Sstevel@tonic-gate These 24 bits are then treated as 4 concatenated 6-bit groups, each
850Sstevel@tonic-gate of which is translated into a single digit in the base64 alphabet.
860Sstevel@tonic-gate
870Sstevel@tonic-gate Each 6-bit group is used as an index into an array of 64 printable
880Sstevel@tonic-gate characters. The character referenced by the index is placed in the
890Sstevel@tonic-gate output string.
900Sstevel@tonic-gate
910Sstevel@tonic-gate Table 1: The Base64 Alphabet
920Sstevel@tonic-gate
930Sstevel@tonic-gate Value Encoding Value Encoding Value Encoding Value Encoding
940Sstevel@tonic-gate 0 A 17 R 34 i 51 z
950Sstevel@tonic-gate 1 B 18 S 35 j 52 0
960Sstevel@tonic-gate 2 C 19 T 36 k 53 1
970Sstevel@tonic-gate 3 D 20 U 37 l 54 2
980Sstevel@tonic-gate 4 E 21 V 38 m 55 3
990Sstevel@tonic-gate 5 F 22 W 39 n 56 4
1000Sstevel@tonic-gate 6 G 23 X 40 o 57 5
1010Sstevel@tonic-gate 7 H 24 Y 41 p 58 6
1020Sstevel@tonic-gate 8 I 25 Z 42 q 59 7
1030Sstevel@tonic-gate 9 J 26 a 43 r 60 8
1040Sstevel@tonic-gate 10 K 27 b 44 s 61 9
1050Sstevel@tonic-gate 11 L 28 c 45 t 62 +
1060Sstevel@tonic-gate 12 M 29 d 46 u 63 /
1070Sstevel@tonic-gate 13 N 30 e 47 v
1080Sstevel@tonic-gate 14 O 31 f 48 w (pad) =
1090Sstevel@tonic-gate 15 P 32 g 49 x
1100Sstevel@tonic-gate 16 Q 33 h 50 y
1110Sstevel@tonic-gate
1120Sstevel@tonic-gate Special processing is performed if fewer than 24 bits are available
1130Sstevel@tonic-gate at the end of the data being encoded. A full encoding quantum is
1140Sstevel@tonic-gate always completed at the end of a quantity. When fewer than 24 input
1150Sstevel@tonic-gate bits are available in an input group, zero bits are added (on the
1160Sstevel@tonic-gate right) to form an integral number of 6-bit groups. Padding at the
1170Sstevel@tonic-gate end of the data is performed using the '=' character.
1180Sstevel@tonic-gate
1190Sstevel@tonic-gate Since all base64 input is an integral number of octets, only the
1200Sstevel@tonic-gate -------------------------------------------------
1210Sstevel@tonic-gate following cases can arise:
1220Sstevel@tonic-gate
1230Sstevel@tonic-gate (1) the final quantum of encoding input is an integral
1240Sstevel@tonic-gate multiple of 24 bits; here, the final unit of encoded
1250Sstevel@tonic-gate output will be an integral multiple of 4 characters
1260Sstevel@tonic-gate with no "=" padding,
1270Sstevel@tonic-gate (2) the final quantum of encoding input is exactly 8 bits;
1280Sstevel@tonic-gate here, the final unit of encoded output will be two
1290Sstevel@tonic-gate characters followed by two "=" padding characters, or
1300Sstevel@tonic-gate (3) the final quantum of encoding input is exactly 16 bits;
1310Sstevel@tonic-gate here, the final unit of encoded output will be three
1320Sstevel@tonic-gate characters followed by one "=" padding character.
1330Sstevel@tonic-gate */
1340Sstevel@tonic-gate
1350Sstevel@tonic-gate int
b64_ntop(u_char const * src,size_t srclength,char * target,size_t targsize)1360Sstevel@tonic-gate b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize)
1370Sstevel@tonic-gate {
1380Sstevel@tonic-gate size_t datalength = 0;
1390Sstevel@tonic-gate u_char input[3];
1400Sstevel@tonic-gate u_char output[4];
1410Sstevel@tonic-gate int i;
1420Sstevel@tonic-gate
1430Sstevel@tonic-gate while (2 < srclength) {
1440Sstevel@tonic-gate input[0] = *src++;
1450Sstevel@tonic-gate input[1] = *src++;
1460Sstevel@tonic-gate input[2] = *src++;
1470Sstevel@tonic-gate srclength -= 3;
1480Sstevel@tonic-gate
1490Sstevel@tonic-gate output[0] = input[0] >> 2;
1500Sstevel@tonic-gate output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
1510Sstevel@tonic-gate output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
1520Sstevel@tonic-gate output[3] = input[2] & 0x3f;
1530Sstevel@tonic-gate Assert(output[0] < 64);
1540Sstevel@tonic-gate Assert(output[1] < 64);
1550Sstevel@tonic-gate Assert(output[2] < 64);
1560Sstevel@tonic-gate Assert(output[3] < 64);
1570Sstevel@tonic-gate
1580Sstevel@tonic-gate if (datalength + 4 > targsize)
1590Sstevel@tonic-gate return (-1);
1600Sstevel@tonic-gate target[datalength++] = Base64[output[0]];
1610Sstevel@tonic-gate target[datalength++] = Base64[output[1]];
1620Sstevel@tonic-gate target[datalength++] = Base64[output[2]];
1630Sstevel@tonic-gate target[datalength++] = Base64[output[3]];
1640Sstevel@tonic-gate }
1650Sstevel@tonic-gate
1660Sstevel@tonic-gate /* Now we worry about padding. */
1670Sstevel@tonic-gate if (0 != srclength) {
1680Sstevel@tonic-gate /* Get what's left. */
1690Sstevel@tonic-gate input[0] = input[1] = input[2] = '\0';
1700Sstevel@tonic-gate for (i = 0; i < srclength; i++)
1710Sstevel@tonic-gate input[i] = *src++;
1720Sstevel@tonic-gate
1730Sstevel@tonic-gate output[0] = input[0] >> 2;
1740Sstevel@tonic-gate output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
1750Sstevel@tonic-gate output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
1760Sstevel@tonic-gate Assert(output[0] < 64);
1770Sstevel@tonic-gate Assert(output[1] < 64);
1780Sstevel@tonic-gate Assert(output[2] < 64);
1790Sstevel@tonic-gate
1800Sstevel@tonic-gate if (datalength + 4 > targsize)
1810Sstevel@tonic-gate return (-1);
1820Sstevel@tonic-gate target[datalength++] = Base64[output[0]];
1830Sstevel@tonic-gate target[datalength++] = Base64[output[1]];
1840Sstevel@tonic-gate if (srclength == 1)
1850Sstevel@tonic-gate target[datalength++] = Pad64;
1860Sstevel@tonic-gate else
1870Sstevel@tonic-gate target[datalength++] = Base64[output[2]];
1880Sstevel@tonic-gate target[datalength++] = Pad64;
1890Sstevel@tonic-gate }
1900Sstevel@tonic-gate if (datalength >= targsize)
1910Sstevel@tonic-gate return (-1);
1920Sstevel@tonic-gate target[datalength] = '\0'; /* Returned value doesn't count \0. */
1930Sstevel@tonic-gate return (datalength);
1940Sstevel@tonic-gate }
1950Sstevel@tonic-gate
1960Sstevel@tonic-gate /* skips all whitespace anywhere.
1970Sstevel@tonic-gate converts characters, four at a time, starting at (or after)
1980Sstevel@tonic-gate src from base - 64 numbers into three 8 bit bytes in the target area.
1990Sstevel@tonic-gate it returns the number of data bytes stored at the target, or -1 on error.
2000Sstevel@tonic-gate */
2010Sstevel@tonic-gate
2020Sstevel@tonic-gate int
b64_pton(u_char const * src,u_char * target,size_t targsize)203*5243Sjp161948 b64_pton(u_char const *src, u_char *target, size_t targsize)
2040Sstevel@tonic-gate {
2050Sstevel@tonic-gate int tarindex, state, ch;
2060Sstevel@tonic-gate char *pos;
2070Sstevel@tonic-gate
2080Sstevel@tonic-gate state = 0;
2090Sstevel@tonic-gate tarindex = 0;
2100Sstevel@tonic-gate
2110Sstevel@tonic-gate while ((ch = *src++) != '\0') {
2120Sstevel@tonic-gate if (isspace(ch)) /* Skip whitespace anywhere. */
2130Sstevel@tonic-gate continue;
2140Sstevel@tonic-gate
2150Sstevel@tonic-gate if (ch == Pad64)
2160Sstevel@tonic-gate break;
2170Sstevel@tonic-gate
2180Sstevel@tonic-gate pos = strchr(Base64, ch);
2190Sstevel@tonic-gate if (pos == 0) /* A non-base64 character. */
2200Sstevel@tonic-gate return (-1);
2210Sstevel@tonic-gate
2220Sstevel@tonic-gate switch (state) {
2230Sstevel@tonic-gate case 0:
2240Sstevel@tonic-gate if (target) {
2250Sstevel@tonic-gate if (tarindex >= targsize)
2260Sstevel@tonic-gate return (-1);
2270Sstevel@tonic-gate target[tarindex] = (pos - Base64) << 2;
2280Sstevel@tonic-gate }
2290Sstevel@tonic-gate state = 1;
2300Sstevel@tonic-gate break;
2310Sstevel@tonic-gate case 1:
2320Sstevel@tonic-gate if (target) {
2330Sstevel@tonic-gate if (tarindex + 1 >= targsize)
2340Sstevel@tonic-gate return (-1);
2350Sstevel@tonic-gate target[tarindex] |= (pos - Base64) >> 4;
2360Sstevel@tonic-gate target[tarindex+1] = ((pos - Base64) & 0x0f)
2370Sstevel@tonic-gate << 4 ;
2380Sstevel@tonic-gate }
2390Sstevel@tonic-gate tarindex++;
2400Sstevel@tonic-gate state = 2;
2410Sstevel@tonic-gate break;
2420Sstevel@tonic-gate case 2:
2430Sstevel@tonic-gate if (target) {
2440Sstevel@tonic-gate if (tarindex + 1 >= targsize)
2450Sstevel@tonic-gate return (-1);
2460Sstevel@tonic-gate target[tarindex] |= (pos - Base64) >> 2;
2470Sstevel@tonic-gate target[tarindex+1] = ((pos - Base64) & 0x03)
2480Sstevel@tonic-gate << 6;
2490Sstevel@tonic-gate }
2500Sstevel@tonic-gate tarindex++;
2510Sstevel@tonic-gate state = 3;
2520Sstevel@tonic-gate break;
2530Sstevel@tonic-gate case 3:
2540Sstevel@tonic-gate if (target) {
2550Sstevel@tonic-gate if (tarindex >= targsize)
2560Sstevel@tonic-gate return (-1);
2570Sstevel@tonic-gate target[tarindex] |= (pos - Base64);
2580Sstevel@tonic-gate }
2590Sstevel@tonic-gate tarindex++;
2600Sstevel@tonic-gate state = 0;
2610Sstevel@tonic-gate break;
2620Sstevel@tonic-gate }
2630Sstevel@tonic-gate }
2640Sstevel@tonic-gate
2650Sstevel@tonic-gate /*
2660Sstevel@tonic-gate * We are done decoding Base-64 chars. Let's see if we ended
2670Sstevel@tonic-gate * on a byte boundary, and/or with erroneous trailing characters.
2680Sstevel@tonic-gate */
2690Sstevel@tonic-gate
2700Sstevel@tonic-gate if (ch == Pad64) { /* We got a pad char. */
2710Sstevel@tonic-gate ch = *src++; /* Skip it, get next. */
2720Sstevel@tonic-gate switch (state) {
2730Sstevel@tonic-gate case 0: /* Invalid = in first position */
2740Sstevel@tonic-gate case 1: /* Invalid = in second position */
2750Sstevel@tonic-gate return (-1);
2760Sstevel@tonic-gate
2770Sstevel@tonic-gate case 2: /* Valid, means one byte of info */
2780Sstevel@tonic-gate /* Skip any number of spaces. */
2790Sstevel@tonic-gate for (; ch != '\0'; ch = *src++)
2800Sstevel@tonic-gate if (!isspace(ch))
2810Sstevel@tonic-gate break;
2820Sstevel@tonic-gate /* Make sure there is another trailing = sign. */
2830Sstevel@tonic-gate if (ch != Pad64)
2840Sstevel@tonic-gate return (-1);
2850Sstevel@tonic-gate ch = *src++; /* Skip the = */
2860Sstevel@tonic-gate /* Fall through to "single trailing =" case. */
2870Sstevel@tonic-gate /* FALLTHROUGH */
2880Sstevel@tonic-gate
2890Sstevel@tonic-gate case 3: /* Valid, means two bytes of info */
2900Sstevel@tonic-gate /*
2910Sstevel@tonic-gate * We know this char is an =. Is there anything but
2920Sstevel@tonic-gate * whitespace after it?
2930Sstevel@tonic-gate */
2940Sstevel@tonic-gate for (; ch != '\0'; ch = *src++)
2950Sstevel@tonic-gate if (!isspace(ch))
2960Sstevel@tonic-gate return (-1);
2970Sstevel@tonic-gate
2980Sstevel@tonic-gate /*
2990Sstevel@tonic-gate * Now make sure for cases 2 and 3 that the "extra"
3000Sstevel@tonic-gate * bits that slopped past the last full byte were
3010Sstevel@tonic-gate * zeros. If we don't check them, they become a
3020Sstevel@tonic-gate * subliminal channel.
3030Sstevel@tonic-gate */
3040Sstevel@tonic-gate if (target && target[tarindex] != 0)
3050Sstevel@tonic-gate return (-1);
3060Sstevel@tonic-gate }
3070Sstevel@tonic-gate } else {
3080Sstevel@tonic-gate /*
3090Sstevel@tonic-gate * We ended by seeing the end of the string. Make sure we
3100Sstevel@tonic-gate * have no partial bytes lying around.
3110Sstevel@tonic-gate */
3120Sstevel@tonic-gate if (state != 0)
3130Sstevel@tonic-gate return (-1);
3140Sstevel@tonic-gate }
3150Sstevel@tonic-gate
3160Sstevel@tonic-gate return (tarindex);
3170Sstevel@tonic-gate }
3180Sstevel@tonic-gate
3190Sstevel@tonic-gate #endif /* !defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP) */
320