1/* -*- buffer-read-only: t -*- vi: set ro: */ 2/* DO NOT EDIT! GENERATED AUTOMATICALLY! */ 3#line 1 4/* base64.c -- Encode binary data using printable characters. 5 Copyright (C) 1999, 2000, 2001, 2004, 2005, 2006, 2009, 2010 Free Software 6 Foundation, Inc. 7 8 This program is free software; you can redistribute it and/or modify 9 it under the terms of the GNU General Public License as published by 10 the Free Software Foundation; either version 3, or (at your option) 11 any later version. 12 13 This program is distributed in the hope that it will be useful, 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program; if not, write to the Free Software Foundation, 20 Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ 21 22/* Written by Simon Josefsson. Partially adapted from GNU MailUtils 23 * (mailbox/filter_trans.c, as of 2004-11-28). Improved by review 24 * from Paul Eggert, Bruno Haible, and Stepan Kasal. 25 * 26 * See also RFC 3548 <http://www.ietf.org/rfc/rfc3548.txt>. 27 * 28 * Be careful with error checking. Here is how you would typically 29 * use these functions: 30 * 31 * bool ok = base64_decode_alloc (in, inlen, &out, &outlen); 32 * if (!ok) 33 * FAIL: input was not valid base64 34 * if (out == NULL) 35 * FAIL: memory allocation error 36 * OK: data in OUT/OUTLEN 37 * 38 * size_t outlen = base64_encode_alloc (in, inlen, &out); 39 * if (out == NULL && outlen == 0 && inlen != 0) 40 * FAIL: input too long 41 * if (out == NULL) 42 * FAIL: memory allocation error 43 * OK: data in OUT/OUTLEN. 44 * 45 */ 46 47#include <config.h> 48 49/* Get prototype. */ 50#include "base64.h" 51 52/* Get malloc. */ 53#include <stdlib.h> 54 55/* Get UCHAR_MAX. */ 56#include <limits.h> 57 58#include <string.h> 59 60/* C89 compliant way to cast 'char' to 'unsigned char'. */ 61static inline unsigned char 62to_uchar (char ch) 63{ 64 return ch; 65} 66 67/* Base64 encode IN array of size INLEN into OUT array of size OUTLEN. 68 If OUTLEN is less than BASE64_LENGTH(INLEN), write as many bytes as 69 possible. If OUTLEN is larger than BASE64_LENGTH(INLEN), also zero 70 terminate the output buffer. */ 71void 72base64_encode (const char *restrict in, size_t inlen, 73 char *restrict out, size_t outlen) 74{ 75 static const char b64str[64] = 76 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 77 78 while (inlen && outlen) 79 { 80 *out++ = b64str[(to_uchar (in[0]) >> 2) & 0x3f]; 81 if (!--outlen) 82 break; 83 *out++ = b64str[((to_uchar (in[0]) << 4) 84 + (--inlen ? to_uchar (in[1]) >> 4 : 0)) 85 & 0x3f]; 86 if (!--outlen) 87 break; 88 *out++ = 89 (inlen 90 ? b64str[((to_uchar (in[1]) << 2) 91 + (--inlen ? to_uchar (in[2]) >> 6 : 0)) 92 & 0x3f] 93 : '='); 94 if (!--outlen) 95 break; 96 *out++ = inlen ? b64str[to_uchar (in[2]) & 0x3f] : '='; 97 if (!--outlen) 98 break; 99 if (inlen) 100 inlen--; 101 if (inlen) 102 in += 3; 103 } 104 105 if (outlen) 106 *out = '\0'; 107} 108 109/* Allocate a buffer and store zero terminated base64 encoded data 110 from array IN of size INLEN, returning BASE64_LENGTH(INLEN), i.e., 111 the length of the encoded data, excluding the terminating zero. On 112 return, the OUT variable will hold a pointer to newly allocated 113 memory that must be deallocated by the caller. If output string 114 length would overflow, 0 is returned and OUT is set to NULL. If 115 memory allocation failed, OUT is set to NULL, and the return value 116 indicates length of the requested memory block, i.e., 117 BASE64_LENGTH(inlen) + 1. */ 118size_t 119base64_encode_alloc (const char *in, size_t inlen, char **out) 120{ 121 size_t outlen = 1 + BASE64_LENGTH (inlen); 122 123 /* Check for overflow in outlen computation. 124 * 125 * If there is no overflow, outlen >= inlen. 126 * 127 * If the operation (inlen + 2) overflows then it yields at most +1, so 128 * outlen is 0. 129 * 130 * If the multiplication overflows, we lose at least half of the 131 * correct value, so the result is < ((inlen + 2) / 3) * 2, which is 132 * less than (inlen + 2) * 0.66667, which is less than inlen as soon as 133 * (inlen > 4). 134 */ 135 if (inlen > outlen) 136 { 137 *out = NULL; 138 return 0; 139 } 140 141 *out = malloc (outlen); 142 if (!*out) 143 return outlen; 144 145 base64_encode (in, inlen, *out, outlen); 146 147 return outlen - 1; 148} 149 150/* With this approach this file works independent of the charset used 151 (think EBCDIC). However, it does assume that the characters in the 152 Base64 alphabet (A-Za-z0-9+/) are encoded in 0..255. POSIX 153 1003.1-2001 require that char and unsigned char are 8-bit 154 quantities, though, taking care of that problem. But this may be a 155 potential problem on non-POSIX C99 platforms. 156 157 IBM C V6 for AIX mishandles "#define B64(x) ...'x'...", so use "_" 158 as the formal parameter rather than "x". */ 159#define B64(_) \ 160 ((_) == 'A' ? 0 \ 161 : (_) == 'B' ? 1 \ 162 : (_) == 'C' ? 2 \ 163 : (_) == 'D' ? 3 \ 164 : (_) == 'E' ? 4 \ 165 : (_) == 'F' ? 5 \ 166 : (_) == 'G' ? 6 \ 167 : (_) == 'H' ? 7 \ 168 : (_) == 'I' ? 8 \ 169 : (_) == 'J' ? 9 \ 170 : (_) == 'K' ? 10 \ 171 : (_) == 'L' ? 11 \ 172 : (_) == 'M' ? 12 \ 173 : (_) == 'N' ? 13 \ 174 : (_) == 'O' ? 14 \ 175 : (_) == 'P' ? 15 \ 176 : (_) == 'Q' ? 16 \ 177 : (_) == 'R' ? 17 \ 178 : (_) == 'S' ? 18 \ 179 : (_) == 'T' ? 19 \ 180 : (_) == 'U' ? 20 \ 181 : (_) == 'V' ? 21 \ 182 : (_) == 'W' ? 22 \ 183 : (_) == 'X' ? 23 \ 184 : (_) == 'Y' ? 24 \ 185 : (_) == 'Z' ? 25 \ 186 : (_) == 'a' ? 26 \ 187 : (_) == 'b' ? 27 \ 188 : (_) == 'c' ? 28 \ 189 : (_) == 'd' ? 29 \ 190 : (_) == 'e' ? 30 \ 191 : (_) == 'f' ? 31 \ 192 : (_) == 'g' ? 32 \ 193 : (_) == 'h' ? 33 \ 194 : (_) == 'i' ? 34 \ 195 : (_) == 'j' ? 35 \ 196 : (_) == 'k' ? 36 \ 197 : (_) == 'l' ? 37 \ 198 : (_) == 'm' ? 38 \ 199 : (_) == 'n' ? 39 \ 200 : (_) == 'o' ? 40 \ 201 : (_) == 'p' ? 41 \ 202 : (_) == 'q' ? 42 \ 203 : (_) == 'r' ? 43 \ 204 : (_) == 's' ? 44 \ 205 : (_) == 't' ? 45 \ 206 : (_) == 'u' ? 46 \ 207 : (_) == 'v' ? 47 \ 208 : (_) == 'w' ? 48 \ 209 : (_) == 'x' ? 49 \ 210 : (_) == 'y' ? 50 \ 211 : (_) == 'z' ? 51 \ 212 : (_) == '0' ? 52 \ 213 : (_) == '1' ? 53 \ 214 : (_) == '2' ? 54 \ 215 : (_) == '3' ? 55 \ 216 : (_) == '4' ? 56 \ 217 : (_) == '5' ? 57 \ 218 : (_) == '6' ? 58 \ 219 : (_) == '7' ? 59 \ 220 : (_) == '8' ? 60 \ 221 : (_) == '9' ? 61 \ 222 : (_) == '+' ? 62 \ 223 : (_) == '/' ? 63 \ 224 : -1) 225 226static const signed char b64[0x100] = { 227 B64 (0), B64 (1), B64 (2), B64 (3), 228 B64 (4), B64 (5), B64 (6), B64 (7), 229 B64 (8), B64 (9), B64 (10), B64 (11), 230 B64 (12), B64 (13), B64 (14), B64 (15), 231 B64 (16), B64 (17), B64 (18), B64 (19), 232 B64 (20), B64 (21), B64 (22), B64 (23), 233 B64 (24), B64 (25), B64 (26), B64 (27), 234 B64 (28), B64 (29), B64 (30), B64 (31), 235 B64 (32), B64 (33), B64 (34), B64 (35), 236 B64 (36), B64 (37), B64 (38), B64 (39), 237 B64 (40), B64 (41), B64 (42), B64 (43), 238 B64 (44), B64 (45), B64 (46), B64 (47), 239 B64 (48), B64 (49), B64 (50), B64 (51), 240 B64 (52), B64 (53), B64 (54), B64 (55), 241 B64 (56), B64 (57), B64 (58), B64 (59), 242 B64 (60), B64 (61), B64 (62), B64 (63), 243 B64 (64), B64 (65), B64 (66), B64 (67), 244 B64 (68), B64 (69), B64 (70), B64 (71), 245 B64 (72), B64 (73), B64 (74), B64 (75), 246 B64 (76), B64 (77), B64 (78), B64 (79), 247 B64 (80), B64 (81), B64 (82), B64 (83), 248 B64 (84), B64 (85), B64 (86), B64 (87), 249 B64 (88), B64 (89), B64 (90), B64 (91), 250 B64 (92), B64 (93), B64 (94), B64 (95), 251 B64 (96), B64 (97), B64 (98), B64 (99), 252 B64 (100), B64 (101), B64 (102), B64 (103), 253 B64 (104), B64 (105), B64 (106), B64 (107), 254 B64 (108), B64 (109), B64 (110), B64 (111), 255 B64 (112), B64 (113), B64 (114), B64 (115), 256 B64 (116), B64 (117), B64 (118), B64 (119), 257 B64 (120), B64 (121), B64 (122), B64 (123), 258 B64 (124), B64 (125), B64 (126), B64 (127), 259 B64 (128), B64 (129), B64 (130), B64 (131), 260 B64 (132), B64 (133), B64 (134), B64 (135), 261 B64 (136), B64 (137), B64 (138), B64 (139), 262 B64 (140), B64 (141), B64 (142), B64 (143), 263 B64 (144), B64 (145), B64 (146), B64 (147), 264 B64 (148), B64 (149), B64 (150), B64 (151), 265 B64 (152), B64 (153), B64 (154), B64 (155), 266 B64 (156), B64 (157), B64 (158), B64 (159), 267 B64 (160), B64 (161), B64 (162), B64 (163), 268 B64 (164), B64 (165), B64 (166), B64 (167), 269 B64 (168), B64 (169), B64 (170), B64 (171), 270 B64 (172), B64 (173), B64 (174), B64 (175), 271 B64 (176), B64 (177), B64 (178), B64 (179), 272 B64 (180), B64 (181), B64 (182), B64 (183), 273 B64 (184), B64 (185), B64 (186), B64 (187), 274 B64 (188), B64 (189), B64 (190), B64 (191), 275 B64 (192), B64 (193), B64 (194), B64 (195), 276 B64 (196), B64 (197), B64 (198), B64 (199), 277 B64 (200), B64 (201), B64 (202), B64 (203), 278 B64 (204), B64 (205), B64 (206), B64 (207), 279 B64 (208), B64 (209), B64 (210), B64 (211), 280 B64 (212), B64 (213), B64 (214), B64 (215), 281 B64 (216), B64 (217), B64 (218), B64 (219), 282 B64 (220), B64 (221), B64 (222), B64 (223), 283 B64 (224), B64 (225), B64 (226), B64 (227), 284 B64 (228), B64 (229), B64 (230), B64 (231), 285 B64 (232), B64 (233), B64 (234), B64 (235), 286 B64 (236), B64 (237), B64 (238), B64 (239), 287 B64 (240), B64 (241), B64 (242), B64 (243), 288 B64 (244), B64 (245), B64 (246), B64 (247), 289 B64 (248), B64 (249), B64 (250), B64 (251), 290 B64 (252), B64 (253), B64 (254), B64 (255) 291}; 292 293#if UCHAR_MAX == 255 294# define uchar_in_range(c) true 295#else 296# define uchar_in_range(c) ((c) <= 255) 297#endif 298 299/* Return true if CH is a character from the Base64 alphabet, and 300 false otherwise. Note that '=' is padding and not considered to be 301 part of the alphabet. */ 302bool 303isbase64 (char ch) 304{ 305 return uchar_in_range (to_uchar (ch)) && 0 <= b64[to_uchar (ch)]; 306} 307 308/* Initialize decode-context buffer, CTX. */ 309void 310base64_decode_ctx_init (struct base64_decode_context *ctx) 311{ 312 ctx->i = 0; 313} 314 315/* If CTX->i is 0 or 4, there are four or more bytes in [*IN..IN_END), and 316 none of those four is a newline, then return *IN. Otherwise, copy up to 317 4 - CTX->i non-newline bytes from that range into CTX->buf, starting at 318 index CTX->i and setting CTX->i to reflect the number of bytes copied, 319 and return CTX->buf. In either case, advance *IN to point to the byte 320 after the last one processed, and set *N_NON_NEWLINE to the number of 321 verified non-newline bytes accessible through the returned pointer. */ 322static inline char * 323get_4 (struct base64_decode_context *ctx, 324 char const *restrict *in, char const *restrict in_end, 325 size_t *n_non_newline) 326{ 327 if (ctx->i == 4) 328 ctx->i = 0; 329 330 if (ctx->i == 0) 331 { 332 char const *t = *in; 333 if (4 <= in_end - *in && memchr (t, '\n', 4) == NULL) 334 { 335 /* This is the common case: no newline. */ 336 *in += 4; 337 *n_non_newline = 4; 338 return (char *) t; 339 } 340 } 341 342 { 343 /* Copy non-newline bytes into BUF. */ 344 char const *p = *in; 345 while (p < in_end) 346 { 347 char c = *p++; 348 if (c != '\n') 349 { 350 ctx->buf[ctx->i++] = c; 351 if (ctx->i == 4) 352 break; 353 } 354 } 355 356 *in = p; 357 *n_non_newline = ctx->i; 358 return ctx->buf; 359 } 360} 361 362#define return_false \ 363 do \ 364 { \ 365 *outp = out; \ 366 return false; \ 367 } \ 368 while (false) 369 370/* Decode up to four bytes of base64-encoded data, IN, of length INLEN 371 into the output buffer, *OUT, of size *OUTLEN bytes. Return true if 372 decoding is successful, false otherwise. If *OUTLEN is too small, 373 as many bytes as possible are written to *OUT. On return, advance 374 *OUT to point to the byte after the last one written, and decrement 375 *OUTLEN to reflect the number of bytes remaining in *OUT. */ 376static inline bool 377decode_4 (char const *restrict in, size_t inlen, 378 char *restrict *outp, size_t *outleft) 379{ 380 char *out = *outp; 381 if (inlen < 2) 382 return false; 383 384 if (!isbase64 (in[0]) || !isbase64 (in[1])) 385 return false; 386 387 if (*outleft) 388 { 389 *out++ = ((b64[to_uchar (in[0])] << 2) 390 | (b64[to_uchar (in[1])] >> 4)); 391 --*outleft; 392 } 393 394 if (inlen == 2) 395 return_false; 396 397 if (in[2] == '=') 398 { 399 if (inlen != 4) 400 return_false; 401 402 if (in[3] != '=') 403 return_false; 404 } 405 else 406 { 407 if (!isbase64 (in[2])) 408 return_false; 409 410 if (*outleft) 411 { 412 *out++ = (((b64[to_uchar (in[1])] << 4) & 0xf0) 413 | (b64[to_uchar (in[2])] >> 2)); 414 --*outleft; 415 } 416 417 if (inlen == 3) 418 return_false; 419 420 if (in[3] == '=') 421 { 422 if (inlen != 4) 423 return_false; 424 } 425 else 426 { 427 if (!isbase64 (in[3])) 428 return_false; 429 430 if (*outleft) 431 { 432 *out++ = (((b64[to_uchar (in[2])] << 6) & 0xc0) 433 | b64[to_uchar (in[3])]); 434 --*outleft; 435 } 436 } 437 } 438 439 *outp = out; 440 return true; 441} 442 443/* Decode base64-encoded input array IN of length INLEN to output array 444 OUT that can hold *OUTLEN bytes. The input data may be interspersed 445 with newlines. Return true if decoding was successful, i.e. if the 446 input was valid base64 data, false otherwise. If *OUTLEN is too 447 small, as many bytes as possible will be written to OUT. On return, 448 *OUTLEN holds the length of decoded bytes in OUT. Note that as soon 449 as any non-alphabet, non-newline character is encountered, decoding 450 is stopped and false is returned. If INLEN is zero, then process 451 only whatever data is stored in CTX. 452 453 Initially, CTX must have been initialized via base64_decode_ctx_init. 454 Subsequent calls to this function must reuse whatever state is recorded 455 in that buffer. It is necessary for when a quadruple of base64 input 456 bytes spans two input buffers. 457 458 If CTX is NULL then newlines are treated as garbage and the input 459 buffer is processed as a unit. */ 460 461bool 462base64_decode_ctx (struct base64_decode_context *ctx, 463 const char *restrict in, size_t inlen, 464 char *restrict out, size_t *outlen) 465{ 466 size_t outleft = *outlen; 467 bool ignore_newlines = ctx != NULL; 468 bool flush_ctx = false; 469 unsigned int ctx_i = 0; 470 471 if (ignore_newlines) 472 { 473 ctx_i = ctx->i; 474 flush_ctx = inlen == 0; 475 } 476 477 478 while (true) 479 { 480 size_t outleft_save = outleft; 481 if (ctx_i == 0 && !flush_ctx) 482 { 483 while (true) 484 { 485 /* Save a copy of outleft, in case we need to re-parse this 486 block of four bytes. */ 487 outleft_save = outleft; 488 if (!decode_4 (in, inlen, &out, &outleft)) 489 break; 490 491 in += 4; 492 inlen -= 4; 493 } 494 } 495 496 if (inlen == 0 && !flush_ctx) 497 break; 498 499 /* Handle the common case of 72-byte wrapped lines. 500 This also handles any other multiple-of-4-byte wrapping. */ 501 if (inlen && *in == '\n' && ignore_newlines) 502 { 503 ++in; 504 --inlen; 505 continue; 506 } 507 508 /* Restore OUT and OUTLEFT. */ 509 out -= outleft_save - outleft; 510 outleft = outleft_save; 511 512 { 513 char const *in_end = in + inlen; 514 char const *non_nl; 515 516 if (ignore_newlines) 517 non_nl = get_4 (ctx, &in, in_end, &inlen); 518 else 519 non_nl = in; /* Might have nl in this case. */ 520 521 /* If the input is empty or consists solely of newlines (0 non-newlines), 522 then we're done. Likewise if there are fewer than 4 bytes when not 523 flushing context and not treating newlines as garbage. */ 524 if (inlen == 0 || (inlen < 4 && !flush_ctx && ignore_newlines)) 525 { 526 inlen = 0; 527 break; 528 } 529 if (!decode_4 (non_nl, inlen, &out, &outleft)) 530 break; 531 532 inlen = in_end - in; 533 } 534 } 535 536 *outlen -= outleft; 537 538 return inlen == 0; 539} 540 541/* Allocate an output buffer in *OUT, and decode the base64 encoded 542 data stored in IN of size INLEN to the *OUT buffer. On return, the 543 size of the decoded data is stored in *OUTLEN. OUTLEN may be NULL, 544 if the caller is not interested in the decoded length. *OUT may be 545 NULL to indicate an out of memory error, in which case *OUTLEN 546 contains the size of the memory block needed. The function returns 547 true on successful decoding and memory allocation errors. (Use the 548 *OUT and *OUTLEN parameters to differentiate between successful 549 decoding and memory error.) The function returns false if the 550 input was invalid, in which case *OUT is NULL and *OUTLEN is 551 undefined. */ 552bool 553base64_decode_alloc_ctx (struct base64_decode_context *ctx, 554 const char *in, size_t inlen, char **out, 555 size_t *outlen) 556{ 557 /* This may allocate a few bytes too many, depending on input, 558 but it's not worth the extra CPU time to compute the exact size. 559 The exact size is 3 * inlen / 4, minus 1 if the input ends 560 with "=" and minus another 1 if the input ends with "==". 561 Dividing before multiplying avoids the possibility of overflow. */ 562 size_t needlen = 3 * (inlen / 4) + 2; 563 564 *out = malloc (needlen); 565 if (!*out) 566 return true; 567 568 if (!base64_decode_ctx (ctx, in, inlen, *out, &needlen)) 569 { 570 free (*out); 571 *out = NULL; 572 return false; 573 } 574 575 if (outlen) 576 *outlen = needlen; 577 578 return true; 579} 580