1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 * SPDX-License-Identifier: curl
23 ***************************************************************************/
25 /* Base64 encoding/decoding */
27 #include "curl_setup.h"
29 #if !defined(CURL_DISABLE_HTTP_AUTH) || defined(USE_SSH) || \
30 !defined(CURL_DISABLE_LDAP) || \
31 !defined(CURL_DISABLE_SMTP) || \
32 !defined(CURL_DISABLE_POP3) || \
33 !defined(CURL_DISABLE_IMAP) || \
34 !defined(CURL_DISABLE_DOH) || defined(USE_SSL)
36 #include "urldata.h" /* for the Curl_easy definition */
38 #include "curl_base64.h"
40 /* The last 3 #include files should be in this order */
41 #include "curl_printf.h"
42 #include "curl_memory.h"
45 /* ---- Base64 Encoding/Decoding Table --- */
46 /* Padding character string starts at offset 64. */
47 static const char base64[]=
48 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
50 /* The Base 64 encoding with a URL and filename safe alphabet, RFC 4648
52 static const char base64url[]=
53 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
55 static size_t decodeQuantum(unsigned char *dest, const char *src)
59 unsigned long i, x = 0;
61 for(i = 0, s = src; i < 4; i++, s++) {
67 const char *p = strchr(base64, *s);
69 x = (x << 6) + curlx_uztoul(p - base64);
76 dest[2] = curlx_ultouc(x & 0xFFUL);
80 dest[1] = curlx_ultouc(x & 0xFFUL);
83 dest[0] = curlx_ultouc(x & 0xFFUL);
89 * Curl_base64_decode()
91 * Given a base64 NUL-terminated string at src, decode it and return a
92 * pointer in *outptr to a newly allocated memory area holding decoded
93 * data. Size of decoded data is returned in variable pointed by outlen.
95 * Returns CURLE_OK on success, otherwise specific error code. Function
96 * output shall not be considered valid unless CURLE_OK is returned.
98 * When decoded data length is 0, returns NULL in *outptr.
102 CURLcode Curl_base64_decode(const char *src,
103 unsigned char **outptr, size_t *outlen)
112 unsigned char *newstr;
116 srclen = strlen(src);
118 /* Check the length of the input string is valid */
119 if(!srclen || srclen % 4)
120 return CURLE_BAD_CONTENT_ENCODING;
122 /* Find the position of any = padding characters */
123 padptr = strchr(src, '=');
126 /* A maximum of two = padding characters is allowed */
130 /* Check the = padding characters weren't part way through the input */
131 if(padptr + padding != src + srclen)
132 return CURLE_BAD_CONTENT_ENCODING;
135 /* Calculate the number of quantums */
136 numQuantums = srclen / 4;
138 /* Calculate the size of the decoded string */
139 rawlen = (numQuantums * 3) - padding;
141 /* Allocate our buffer including room for a null-terminator */
142 newstr = malloc(rawlen + 1);
144 return CURLE_OUT_OF_MEMORY;
148 /* Decode the quantums */
149 for(i = 0; i < numQuantums; i++) {
150 size_t result = decodeQuantum(pos, src);
154 return CURLE_BAD_CONTENT_ENCODING;
164 /* Return the decoded data */
171 static CURLcode base64_encode(const char *table64,
172 const char *inputbuff, size_t insize,
173 char **outptr, size_t *outlen)
175 unsigned char ibuf[3];
176 unsigned char obuf[4];
181 const char *indata = inputbuff;
182 const char *padstr = &table64[64]; /* Point to padding string. */
188 insize = strlen(indata);
190 #if SIZEOF_SIZE_T == 4
191 if(insize > UINT_MAX/4)
192 return CURLE_OUT_OF_MEMORY;
195 base64data = output = malloc(insize * 4 / 3 + 4);
197 return CURLE_OUT_OF_MEMORY;
200 for(i = inputparts = 0; i < 3; i++) {
203 ibuf[i] = (unsigned char) *indata;
211 obuf[0] = (unsigned char) ((ibuf[0] & 0xFC) >> 2);
212 obuf[1] = (unsigned char) (((ibuf[0] & 0x03) << 4) | \
213 ((ibuf[1] & 0xF0) >> 4));
214 obuf[2] = (unsigned char) (((ibuf[1] & 0x0F) << 2) | \
215 ((ibuf[2] & 0xC0) >> 6));
216 obuf[3] = (unsigned char) (ibuf[2] & 0x3F);
219 case 1: /* only one byte read */
220 i = msnprintf(output, 5, "%c%c%s%s",
227 case 2: /* two bytes read */
228 i = msnprintf(output, 5, "%c%c%c%s",
236 i = msnprintf(output, 5, "%c%c%c%c",
249 /* Return the pointer to the new data (allocated memory) */
250 *outptr = base64data;
252 /* Return the length of the new data */
253 *outlen = output - base64data;
259 * Curl_base64_encode()
261 * Given a pointer to an input buffer and an input size, encode it and
262 * return a pointer in *outptr to a newly allocated memory area holding
263 * encoded data. Size of encoded data is returned in variable pointed by
266 * Input length of 0 indicates input buffer holds a NUL-terminated string.
268 * Returns CURLE_OK on success, otherwise specific error code. Function
269 * output shall not be considered valid unless CURLE_OK is returned.
273 CURLcode Curl_base64_encode(const char *inputbuff, size_t insize,
274 char **outptr, size_t *outlen)
276 return base64_encode(base64, inputbuff, insize, outptr, outlen);
280 * Curl_base64url_encode()
282 * Given a pointer to an input buffer and an input size, encode it and
283 * return a pointer in *outptr to a newly allocated memory area holding
284 * encoded data. Size of encoded data is returned in variable pointed by
287 * Input length of 0 indicates input buffer holds a NUL-terminated string.
289 * Returns CURLE_OK on success, otherwise specific error code. Function
290 * output shall not be considered valid unless CURLE_OK is returned.
294 CURLcode Curl_base64url_encode(const char *inputbuff, size_t insize,
295 char **outptr, size_t *outlen)
297 return base64_encode(base64url, inputbuff, insize, outptr, outlen);
300 #endif /* no users so disabled */