1 /***************************************************************************
2  *                                  _   _ ____  _
3  *  Project                     ___| | | |  _ \| |
4  *                             / __| | | | |_) | |
5  *                            | (__| |_| |  _ <| |___
6  *                             \___|\___/|_| \_\_____|
7  *
8  * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
9  *
10  * This software is licensed as described in the file COPYING, which
11  * you should have received as part of this distribution. The terms
12  * are also available at https://curl.haxx.se/docs/copyright.html.
13  *
14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15  * copies of the Software, and permit persons to whom the Software is
16  * furnished to do so, under the terms of the COPYING file.
17  *
18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19  * KIND, either express or implied.
20  *
21  ***************************************************************************/
22 
23 /* Base64 encoding/decoding */
24 
25 #include "curl_setup.h"
26 #include "urldata.h" /* for the Curl_easy definition */
27 #include "warnless.h"
28 #include "curl_base64.h"
29 #include "non-ascii.h"
30 
31 /* The last 3 #include files should be in this order */
32 #include "curl_printf.h"
33 #include "curl_memory.h"
34 #include "memdebug.h"
35 
36 /* ---- Base64 Encoding/Decoding Table --- */
37 static const char base64[]=
38   "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
39 
40 /* The Base 64 encoding with an URL and filename safe alphabet, RFC 4648
41    section 5 */
42 static const char base64url[]=
43   "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
44 
decodeQuantum(unsigned char * dest,const char * src)45 static size_t decodeQuantum(unsigned char *dest, const char *src)
46 {
47   size_t padding = 0;
48   const char *s, *p;
49   unsigned long i, x = 0;
50 
51   for(i = 0, s = src; i < 4; i++, s++) {
52     if(*s == '=') {
53       x = (x << 6);
54       padding++;
55     }
56     else {
57       unsigned long v = 0;
58       p = base64;
59 
60       while(*p && (*p != *s)) {
61         v++;
62         p++;
63       }
64 
65       if(*p == *s)
66         x = (x << 6) + v;
67       else
68         return 0;
69     }
70   }
71 
72   if(padding < 1)
73     dest[2] = curlx_ultouc(x & 0xFFUL);
74 
75   x >>= 8;
76   if(padding < 2)
77     dest[1] = curlx_ultouc(x & 0xFFUL);
78 
79   x >>= 8;
80   dest[0] = curlx_ultouc(x & 0xFFUL);
81 
82   return 3 - padding;
83 }
84 
85 /*
86  * Curl_base64_decode()
87  *
88  * Given a base64 NUL-terminated string at src, decode it and return a
89  * pointer in *outptr to a newly allocated memory area holding decoded
90  * data. Size of decoded data is returned in variable pointed by outlen.
91  *
92  * Returns CURLE_OK on success, otherwise specific error code. Function
93  * output shall not be considered valid unless CURLE_OK is returned.
94  *
95  * When decoded data length is 0, returns NULL in *outptr.
96  *
97  * @unittest: 1302
98  */
Curl_base64_decode(const char * src,unsigned char ** outptr,size_t * outlen)99 CURLcode Curl_base64_decode(const char *src,
100                             unsigned char **outptr, size_t *outlen)
101 {
102   size_t srclen = 0;
103   size_t length = 0;
104   size_t padding = 0;
105   size_t i;
106   size_t numQuantums;
107   size_t rawlen = 0;
108   unsigned char *pos;
109   unsigned char *newstr;
110 
111   *outptr = NULL;
112   *outlen = 0;
113   srclen = strlen(src);
114 
115   /* Check the length of the input string is valid */
116   if(!srclen || srclen % 4)
117     return CURLE_BAD_CONTENT_ENCODING;
118 
119   /* Find the position of any = padding characters */
120   while((src[length] != '=') && src[length])
121     length++;
122 
123   /* A maximum of two = padding characters is allowed */
124   if(src[length] == '=') {
125     padding++;
126     if(src[length + 1] == '=')
127       padding++;
128   }
129 
130   /* Check the = padding characters weren't part way through the input */
131   if(length + padding != srclen)
132     return CURLE_BAD_CONTENT_ENCODING;
133 
134   /* Calculate the number of quantums */
135   numQuantums = srclen / 4;
136 
137   /* Calculate the size of the decoded string */
138   rawlen = (numQuantums * 3) - padding;
139 
140   /* Allocate our buffer including room for a zero terminator */
141   newstr = malloc(rawlen + 1);
142   if(!newstr)
143     return CURLE_OUT_OF_MEMORY;
144 
145   pos = newstr;
146 
147   /* Decode the quantums */
148   for(i = 0; i < numQuantums; i++) {
149     size_t result = decodeQuantum(pos, src);
150     if(!result) {
151       free(newstr);
152 
153       return CURLE_BAD_CONTENT_ENCODING;
154     }
155 
156     pos += result;
157     src += 4;
158   }
159 
160   /* Zero terminate */
161   *pos = '\0';
162 
163   /* Return the decoded data */
164   *outptr = newstr;
165   *outlen = rawlen;
166 
167   return CURLE_OK;
168 }
169 
base64_encode(const char * table64,struct Curl_easy * data,const char * inputbuff,size_t insize,char ** outptr,size_t * outlen)170 static CURLcode base64_encode(const char *table64,
171                               struct Curl_easy *data,
172                               const char *inputbuff, size_t insize,
173                               char **outptr, size_t *outlen)
174 {
175   CURLcode result;
176   unsigned char ibuf[3];
177   unsigned char obuf[4];
178   int i;
179   int inputparts;
180   char *output;
181   char *base64data;
182   char *convbuf = NULL;
183 
184   const char *indata = inputbuff;
185 
186   *outptr = NULL;
187   *outlen = 0;
188 
189   if(!insize)
190     insize = strlen(indata);
191 
192 #if SIZEOF_SIZE_T == 4
193   if(insize > UINT_MAX/4)
194     return CURLE_OUT_OF_MEMORY;
195 #endif
196 
197   base64data = output = malloc(insize * 4 / 3 + 4);
198   if(!output)
199     return CURLE_OUT_OF_MEMORY;
200 
201   /*
202    * The base64 data needs to be created using the network encoding
203    * not the host encoding.  And we can't change the actual input
204    * so we copy it to a buffer, translate it, and use that instead.
205    */
206   result = Curl_convert_clone(data, indata, insize, &convbuf);
207   if(result) {
208     free(output);
209     return result;
210   }
211 
212   if(convbuf)
213     indata = (char *)convbuf;
214 
215   while(insize > 0) {
216     for(i = inputparts = 0; i < 3; i++) {
217       if(insize > 0) {
218         inputparts++;
219         ibuf[i] = (unsigned char) *indata;
220         indata++;
221         insize--;
222       }
223       else
224         ibuf[i] = 0;
225     }
226 
227     obuf[0] = (unsigned char)  ((ibuf[0] & 0xFC) >> 2);
228     obuf[1] = (unsigned char) (((ibuf[0] & 0x03) << 4) | \
229                                ((ibuf[1] & 0xF0) >> 4));
230     obuf[2] = (unsigned char) (((ibuf[1] & 0x0F) << 2) | \
231                                ((ibuf[2] & 0xC0) >> 6));
232     obuf[3] = (unsigned char)   (ibuf[2] & 0x3F);
233 
234     switch(inputparts) {
235     case 1: /* only one byte read */
236       msnprintf(output, 5, "%c%c==",
237                 table64[obuf[0]],
238                 table64[obuf[1]]);
239       break;
240 
241     case 2: /* two bytes read */
242       msnprintf(output, 5, "%c%c%c=",
243                 table64[obuf[0]],
244                 table64[obuf[1]],
245                 table64[obuf[2]]);
246       break;
247 
248     default:
249       msnprintf(output, 5, "%c%c%c%c",
250                 table64[obuf[0]],
251                 table64[obuf[1]],
252                 table64[obuf[2]],
253                 table64[obuf[3]]);
254       break;
255     }
256     output += 4;
257   }
258 
259   /* Zero terminate */
260   *output = '\0';
261 
262   /* Return the pointer to the new data (allocated memory) */
263   *outptr = base64data;
264 
265   free(convbuf);
266 
267   /* Return the length of the new data */
268   *outlen = strlen(base64data);
269 
270   return CURLE_OK;
271 }
272 
273 /*
274  * Curl_base64_encode()
275  *
276  * Given a pointer to an input buffer and an input size, encode it and
277  * return a pointer in *outptr to a newly allocated memory area holding
278  * encoded data. Size of encoded data is returned in variable pointed by
279  * outlen.
280  *
281  * Input length of 0 indicates input buffer holds a NUL-terminated string.
282  *
283  * Returns CURLE_OK on success, otherwise specific error code. Function
284  * output shall not be considered valid unless CURLE_OK is returned.
285  *
286  * When encoded data length is 0, returns NULL in *outptr.
287  *
288  * @unittest: 1302
289  */
Curl_base64_encode(struct Curl_easy * data,const char * inputbuff,size_t insize,char ** outptr,size_t * outlen)290 CURLcode Curl_base64_encode(struct Curl_easy *data,
291                             const char *inputbuff, size_t insize,
292                             char **outptr, size_t *outlen)
293 {
294   return base64_encode(base64, data, inputbuff, insize, outptr, outlen);
295 }
296 
297 /*
298  * Curl_base64url_encode()
299  *
300  * Given a pointer to an input buffer and an input size, encode it and
301  * return a pointer in *outptr to a newly allocated memory area holding
302  * encoded data. Size of encoded data is returned in variable pointed by
303  * outlen.
304  *
305  * Input length of 0 indicates input buffer holds a NUL-terminated string.
306  *
307  * Returns CURLE_OK on success, otherwise specific error code. Function
308  * output shall not be considered valid unless CURLE_OK is returned.
309  *
310  * When encoded data length is 0, returns NULL in *outptr.
311  *
312  * @unittest: 1302
313  */
Curl_base64url_encode(struct Curl_easy * data,const char * inputbuff,size_t insize,char ** outptr,size_t * outlen)314 CURLcode Curl_base64url_encode(struct Curl_easy *data,
315                                const char *inputbuff, size_t insize,
316                                char **outptr, size_t *outlen)
317 {
318   return base64_encode(base64url, data, inputbuff, insize, outptr, outlen);
319 }
320