| /* This Source Code Form is subject to the terms of the Mozilla Public |
| * License, v. 2.0. If a copy of the MPL was not distributed with this |
| * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| |
| /* |
| * Base64 decoding (ascii to binary). |
| */ |
| |
| #include "nssb64.h" |
| #include "nspr.h" |
| #include "secitem.h" |
| #include "secerr.h" |
| |
| /* |
| * XXX We want this basic support to go into NSPR (the PL part). |
| * Until that can happen, the PL interface is going to be kept entirely |
| * internal here -- all static functions and opaque data structures. |
| * When someone can get it moved over into NSPR, that should be done: |
| * - giving everything names that are accepted by the NSPR module owners |
| * (though I tried to choose ones that would work without modification) |
| * - exporting the functions (remove static declarations and add |
| * to nssutil.def as necessary) |
| * - put prototypes into appropriate header file (probably replacing |
| * the entire current lib/libc/include/plbase64.h in NSPR) |
| * along with a typedef for the context structure (which should be |
| * kept opaque -- definition in the source file only, but typedef |
| * ala "typedef struct PLBase64FooStr PLBase64Foo;" in header file) |
| * - modify anything else as necessary to conform to NSPR required style |
| * (I looked but found no formatting guide to follow) |
| * |
| * You will want to move over everything from here down to the comment |
| * which says "XXX End of base64 decoding code to be moved into NSPR", |
| * into a new file in NSPR. |
| */ |
| |
| /* |
| ************************************************************** |
| * XXX Beginning of base64 decoding code to be moved into NSPR. |
| */ |
| |
| /* |
| * This typedef would belong in the NSPR header file (i.e. plbase64.h). |
| */ |
| typedef struct PLBase64DecoderStr PLBase64Decoder; |
| |
| /* |
| * The following implementation of base64 decoding was based on code |
| * found in libmime (specifically, in mimeenc.c). It has been adapted to |
| * use PR types and naming as well as to provide other necessary semantics |
| * (like buffer-in/buffer-out in addition to "streaming" without undue |
| * performance hit of extra copying if you made the buffer versions |
| * use the output_fn). It also incorporates some aspects of the current |
| * NSPR base64 decoding code. As such, you may find similarities to |
| * both of those implementations. I tried to use names that reflected |
| * the original code when possible. For this reason you may find some |
| * inconsistencies -- libmime used lots of "in" and "out" whereas the |
| * NSPR version uses "src" and "dest"; sometimes I changed one to the other |
| * and sometimes I left them when I thought the subroutines were at least |
| * self-consistent. |
| */ |
| |
| PR_BEGIN_EXTERN_C |
| |
| /* |
| * Opaque object used by the decoder to store state. |
| */ |
| struct PLBase64DecoderStr { |
| /* Current token (or portion, if token_size < 4) being decoded. */ |
| unsigned char token[4]; |
| int token_size; |
| |
| /* |
| * Where to write the decoded data (used when streaming, not when |
| * doing all in-memory (buffer) operations). |
| * |
| * Note that this definition is chosen to be compatible with PR_Write. |
| */ |
| PRInt32 (*output_fn)(void *output_arg, const unsigned char *buf, |
| PRInt32 size); |
| void *output_arg; |
| |
| /* |
| * Where the decoded output goes -- either temporarily (in the streaming |
| * case, staged here before it goes to the output function) or what will |
| * be the entire buffered result for users of the buffer version. |
| */ |
| unsigned char *output_buffer; |
| PRUint32 output_buflen; /* the total length of allocated buffer */ |
| PRUint32 output_length; /* the length that is currently populated */ |
| }; |
| |
| PR_END_EXTERN_C |
| |
| /* A constant time range check for unsigned chars. |
| * Returns 255 if a <= x <= b and 0 otherwise. |
| */ |
| static inline unsigned char |
| ct_u8_in_range(unsigned char x, unsigned char a, unsigned char b) |
| { |
| /* Let x, a, b be ints in {0, 1, ... 255}. |
| * The value (a - x - 1) is in {-256, ..., 254}, so the low |
| * 8 bits of |
| * (a - x - 1) >> 8 |
| * are all 1 if a <= x and all 0 if a > x. |
| * |
| * Likewise the low 8 bits of |
| * ((a - x - 1) >> 8) & ((x - c - 1) >> 8) |
| * are all 1 if a <= x <= c and all 0 otherwise. |
| * |
| * The same is true if we perform the shift after the AND |
| * ((a - x - 1) & (x - b - 1)) >> 8. |
| */ |
| return (unsigned char)(((a - x - 1) & (x - b - 1)) >> 8); |
| } |
| |
| /* Convert a base64 code [A-Za-z0-9+/] to its value in {1, 2, ..., 64}. |
| * The use of 1-64 instead of 0-63 is so that the special value of zero can |
| * denote an invalid mapping; that was much easier than trying to fill in the |
| * other values with some value other than zero, and to check for it. |
| * Just remember to SUBTRACT ONE when using the value retrieved. |
| */ |
| static unsigned char |
| pl_base64_codetovaluep1(unsigned char code) |
| { |
| unsigned char mask; |
| unsigned char res = 0; |
| |
| /* The range 'A' to 'Z' is mapped to 1 to 26 */ |
| mask = ct_u8_in_range(code, 'A', 'Z'); |
| res |= mask & (code - 'A' + 1); |
| |
| /* The range 'a' to 'z' is mapped to 27 to 52 */ |
| mask = ct_u8_in_range(code, 'a', 'z'); |
| res |= mask & (code - 'a' + 27); |
| |
| /* The range '0' to '9' is mapped to 53 to 62 */ |
| mask = ct_u8_in_range(code, '0', '9'); |
| res |= mask & (code - '0' + 53); |
| |
| /* The code '+' is mapped to 63 */ |
| mask = ct_u8_in_range(code, '+', '+'); |
| res |= mask & 63; |
| |
| /* The code '/' is mapped to 64 */ |
| mask = ct_u8_in_range(code, '/', '/'); |
| res |= mask & 64; |
| |
| /* All other characters, including '=' are mapped to 0. */ |
| return res; |
| } |
| |
| #define B64_PAD '=' |
| |
| /* |
| * Reads 4; writes 3 (known, or expected, to have no trailing padding). |
| * Returns bytes written; -1 on error (unexpected character). |
| */ |
| static int |
| pl_base64_decode_4to3(const unsigned char *in, unsigned char *out) |
| { |
| int j; |
| PRUint32 num = 0; |
| unsigned char bits; |
| |
| for (j = 0; j < 4; j++) { |
| bits = pl_base64_codetovaluep1(in[j]); |
| if (bits == 0) |
| return -1; |
| num = (num << 6) | (bits - 1); |
| } |
| |
| out[0] = (unsigned char)(num >> 16); |
| out[1] = (unsigned char)((num >> 8) & 0xFF); |
| out[2] = (unsigned char)(num & 0xFF); |
| |
| return 3; |
| } |
| |
| /* |
| * Reads 3; writes 2 (caller already confirmed EOF or trailing padding). |
| * Returns bytes written; -1 on error (unexpected character). |
| */ |
| static int |
| pl_base64_decode_3to2(const unsigned char *in, unsigned char *out) |
| { |
| PRUint32 num = 0; |
| unsigned char bits1, bits2, bits3; |
| |
| bits1 = pl_base64_codetovaluep1(in[0]); |
| bits2 = pl_base64_codetovaluep1(in[1]); |
| bits3 = pl_base64_codetovaluep1(in[2]); |
| |
| if ((bits1 == 0) || (bits2 == 0) || (bits3 == 0)) |
| return -1; |
| |
| num = ((PRUint32)(bits1 - 1)) << 10; |
| num |= ((PRUint32)(bits2 - 1)) << 4; |
| num |= ((PRUint32)(bits3 - 1)) >> 2; |
| |
| out[0] = (unsigned char)(num >> 8); |
| out[1] = (unsigned char)(num & 0xFF); |
| |
| return 2; |
| } |
| |
| /* |
| * Reads 2; writes 1 (caller already confirmed EOF or trailing padding). |
| * Returns bytes written; -1 on error (unexpected character). |
| */ |
| static int |
| pl_base64_decode_2to1(const unsigned char *in, unsigned char *out) |
| { |
| PRUint32 num = 0; |
| unsigned char bits1, bits2; |
| |
| bits1 = pl_base64_codetovaluep1(in[0]); |
| bits2 = pl_base64_codetovaluep1(in[1]); |
| |
| if ((bits1 == 0) || (bits2 == 0)) |
| return -1; |
| |
| num = ((PRUint32)(bits1 - 1)) << 2; |
| num |= ((PRUint32)(bits2 - 1)) >> 4; |
| |
| out[0] = (unsigned char)num; |
| |
| return 1; |
| } |
| |
| /* |
| * Reads 4; writes 0-3. Returns bytes written or -1 on error. |
| * (Writes less than 3 only at (presumed) EOF.) |
| */ |
| static int |
| pl_base64_decode_token(const unsigned char *in, unsigned char *out) |
| { |
| if (in[3] != B64_PAD) |
| return pl_base64_decode_4to3(in, out); |
| |
| if (in[2] == B64_PAD) |
| return pl_base64_decode_2to1(in, out); |
| |
| return pl_base64_decode_3to2(in, out); |
| } |
| |
| static PRStatus |
| pl_base64_decode_buffer(PLBase64Decoder *data, const unsigned char *in, |
| PRUint32 length) |
| { |
| unsigned char *out = data->output_buffer; |
| unsigned char *token = data->token; |
| int i, n = 0; |
| |
| i = data->token_size; |
| data->token_size = 0; |
| |
| while (length > 0) { |
| while (i < 4 && length > 0) { |
| /* |
| * XXX Note that the following simply ignores any unexpected |
| * characters. This is exactly what the original code in |
| * libmime did, and I am leaving it. We certainly want to skip |
| * over whitespace (we must); this does much more than that. |
| * I am not confident changing it, and I don't want to slow |
| * the processing down doing more complicated checking, but |
| * someone else might have different ideas in the future. |
| */ |
| if (pl_base64_codetovaluep1(*in) > 0 || *in == B64_PAD) |
| token[i++] = *in; |
| in++; |
| length--; |
| } |
| |
| if (i < 4) { |
| /* Didn't get enough for a complete token. */ |
| data->token_size = i; |
| break; |
| } |
| i = 0; |
| |
| PR_ASSERT((PRUint32)(out - data->output_buffer + 3) <= data->output_buflen); |
| |
| /* |
| * Assume we are not at the end; the following function only works |
| * for an internal token (no trailing padding characters) but is |
| * faster that way. If it hits an invalid character (padding) it |
| * will return an error; we break out of the loop and try again |
| * calling the routine that will handle a final token. |
| * Note that we intentionally do it this way rather than explicitly |
| * add a check for padding here (because that would just slow down |
| * the normal case) nor do we rely on checking whether we have more |
| * input to process (because that would also slow it down but also |
| * because we want to allow trailing garbage, especially white space |
| * and cannot tell that without read-ahead, also a slow proposition). |
| * Whew. Understand? |
| */ |
| n = pl_base64_decode_4to3(token, out); |
| if (n < 0) |
| break; |
| |
| /* Advance "out" by the number of bytes just written to it. */ |
| out += n; |
| n = 0; |
| } |
| |
| /* |
| * See big comment above, before call to pl_base64_decode_4to3. |
| * Here we check if we error'd out of loop, and allow for the case |
| * that we are processing the last interesting token. If the routine |
| * which should handle padding characters also fails, then we just |
| * have bad input and give up. |
| */ |
| if (n < 0) { |
| n = pl_base64_decode_token(token, out); |
| if (n < 0) |
| return PR_FAILURE; |
| |
| out += n; |
| } |
| |
| /* |
| * As explained above, we can get here with more input remaining, but |
| * it should be all characters we do not care about (i.e. would be |
| * ignored when transferring from "in" to "token" in loop above, |
| * except here we choose to ignore extraneous pad characters, too). |
| * Swallow it, performing that check. If we find more characters that |
| * we would expect to decode, something is wrong. |
| */ |
| while (length > 0) { |
| if (pl_base64_codetovaluep1(*in) > 0) |
| return PR_FAILURE; |
| in++; |
| length--; |
| } |
| |
| /* Record the length of decoded data we have left in output_buffer. */ |
| data->output_length = (PRUint32)(out - data->output_buffer); |
| return PR_SUCCESS; |
| } |
| |
| /* |
| * Flush any remaining buffered characters. Given well-formed input, |
| * this will have nothing to do. If the input was missing the padding |
| * characters at the end, though, there could be 1-3 characters left |
| * behind -- we will tolerate that by adding the padding for them. |
| */ |
| static PRStatus |
| pl_base64_decode_flush(PLBase64Decoder *data) |
| { |
| int count; |
| |
| /* |
| * If no remaining characters, or all are padding (also not well-formed |
| * input, but again, be tolerant), then nothing more to do. (And, that |
| * is considered successful.) |
| */ |
| if (data->token_size == 0 || data->token[0] == B64_PAD) |
| return PR_SUCCESS; |
| |
| /* |
| * Assume we have all the interesting input except for some expected |
| * padding characters. Add them and decode the resulting token. |
| */ |
| while (data->token_size < 4) |
| data->token[data->token_size++] = B64_PAD; |
| |
| data->token_size = 0; /* so a subsequent flush call is a no-op */ |
| |
| count = pl_base64_decode_token(data->token, |
| data->output_buffer + data->output_length); |
| if (count < 0) |
| return PR_FAILURE; |
| |
| /* |
| * If there is an output function, call it with this last bit of data. |
| * Otherwise we are doing all buffered output, and the decoded bytes |
| * are now there, we just need to reflect that in the length. |
| */ |
| if (data->output_fn != NULL) { |
| PRInt32 output_result; |
| |
| PR_ASSERT(data->output_length == 0); |
| output_result = data->output_fn(data->output_arg, |
| data->output_buffer, |
| (PRInt32)count); |
| if (output_result < 0) |
| return PR_FAILURE; |
| } else { |
| data->output_length += count; |
| } |
| |
| return PR_SUCCESS; |
| } |
| |
| /* |
| * The maximum space needed to hold the output of the decoder given |
| * input data of length "size". |
| */ |
| static PRUint32 |
| PL_Base64MaxDecodedLength(PRUint32 size) |
| { |
| return size * 0.75; |
| } |
| |
| /* |
| * A distinct internal creation function for the buffer version to use. |
| * (It does not want to specify an output_fn, and we want the normal |
| * Create function to require that.) If more common initialization |
| * of the decoding context needs to be done, it should be done *here*. |
| */ |
| static PLBase64Decoder * |
| pl_base64_create_decoder(void) |
| { |
| return PR_NEWZAP(PLBase64Decoder); |
| } |
| |
| /* |
| * Function to start a base64 decoding context. |
| * An "output_fn" is required; the "output_arg" parameter to that is optional. |
| */ |
| static PLBase64Decoder * |
| PL_CreateBase64Decoder(PRInt32 (*output_fn)(void *, const unsigned char *, |
| PRInt32), |
| void *output_arg) |
| { |
| PLBase64Decoder *data; |
| |
| if (output_fn == NULL) { |
| PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0); |
| return NULL; |
| } |
| |
| data = pl_base64_create_decoder(); |
| if (data != NULL) { |
| data->output_fn = output_fn; |
| data->output_arg = output_arg; |
| } |
| return data; |
| } |
| |
| /* |
| * Push data through the decoder, causing the output_fn (provided to Create) |
| * to be called with the decoded data. |
| */ |
| static PRStatus |
| PL_UpdateBase64Decoder(PLBase64Decoder *data, const char *buffer, |
| PRUint32 size) |
| { |
| PRUint32 need_length; |
| PRStatus status; |
| |
| /* XXX Should we do argument checking only in debug build? */ |
| if (data == NULL || buffer == NULL || size == 0) { |
| PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0); |
| return PR_FAILURE; |
| } |
| |
| /* |
| * How much space could this update need for decoding? |
| */ |
| need_length = PL_Base64MaxDecodedLength(size + data->token_size); |
| |
| /* |
| * Make sure we have at least that much. If not, (re-)allocate. |
| */ |
| if (need_length > data->output_buflen) { |
| unsigned char *output_buffer = data->output_buffer; |
| |
| if (output_buffer != NULL) |
| output_buffer = (unsigned char *)PR_Realloc(output_buffer, |
| need_length); |
| else |
| output_buffer = (unsigned char *)PR_Malloc(need_length); |
| |
| if (output_buffer == NULL) |
| return PR_FAILURE; |
| |
| data->output_buffer = output_buffer; |
| data->output_buflen = need_length; |
| } |
| |
| /* There should not have been any leftover output data in the buffer. */ |
| PR_ASSERT(data->output_length == 0); |
| data->output_length = 0; |
| |
| status = pl_base64_decode_buffer(data, (const unsigned char *)buffer, |
| size); |
| |
| /* Now that we have some decoded data, write it. */ |
| if (status == PR_SUCCESS && data->output_length > 0) { |
| PRInt32 output_result; |
| |
| PR_ASSERT(data->output_fn != NULL); |
| output_result = data->output_fn(data->output_arg, |
| data->output_buffer, |
| (PRInt32)data->output_length); |
| if (output_result < 0) |
| status = PR_FAILURE; |
| } |
| |
| data->output_length = 0; |
| return status; |
| } |
| |
| /* |
| * When you're done decoding, call this to free the data. If "abort_p" |
| * is false, then calling this may cause the output_fn to be called |
| * one last time (as the last buffered data is flushed out). |
| */ |
| static PRStatus |
| PL_DestroyBase64Decoder(PLBase64Decoder *data, PRBool abort_p) |
| { |
| PRStatus status = PR_SUCCESS; |
| |
| /* XXX Should we do argument checking only in debug build? */ |
| if (data == NULL) { |
| PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0); |
| return PR_FAILURE; |
| } |
| |
| /* Flush out the last few buffered characters. */ |
| if (!abort_p) |
| status = pl_base64_decode_flush(data); |
| |
| if (data->output_buffer != NULL) |
| PR_Free(data->output_buffer); |
| PR_Free(data); |
| |
| return status; |
| } |
| |
| /* |
| * Perform base64 decoding from an input buffer to an output buffer. |
| * The output buffer can be provided (as "dest"); you can also pass in |
| * a NULL and this function will allocate a buffer large enough for you, |
| * and return it. If you do provide the output buffer, you must also |
| * provide the maximum length of that buffer (as "maxdestlen"). |
| * The actual decoded length of output will be returned to you in |
| * "output_destlen". |
| * |
| * Return value is NULL on error, the output buffer (allocated or provided) |
| * otherwise. |
| */ |
| static unsigned char * |
| PL_Base64DecodeBuffer(const char *src, PRUint32 srclen, unsigned char *dest, |
| PRUint32 maxdestlen, PRUint32 *output_destlen) |
| { |
| PRUint32 need_length; |
| unsigned char *output_buffer = NULL; |
| PLBase64Decoder *data = NULL; |
| PRStatus status; |
| |
| PR_ASSERT(srclen > 0); |
| if (srclen == 0) { |
| PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0); |
| return NULL; |
| } |
| |
| /* |
| * How much space could we possibly need for decoding this input? |
| */ |
| need_length = PL_Base64MaxDecodedLength(srclen); |
| |
| /* |
| * Make sure we have at least that much, if output buffer provided. |
| * If no output buffer provided, then we allocate that much. |
| */ |
| if (dest != NULL) { |
| PR_ASSERT(maxdestlen >= need_length); |
| if (maxdestlen < need_length) { |
| PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0); |
| goto loser; |
| } |
| output_buffer = dest; |
| } else { |
| output_buffer = (unsigned char *)PR_Malloc(need_length); |
| if (output_buffer == NULL) |
| goto loser; |
| maxdestlen = need_length; |
| } |
| |
| data = pl_base64_create_decoder(); |
| if (data == NULL) |
| goto loser; |
| |
| data->output_buflen = maxdestlen; |
| data->output_buffer = output_buffer; |
| |
| status = pl_base64_decode_buffer(data, (const unsigned char *)src, |
| srclen); |
| |
| /* |
| * We do not wait for Destroy to flush, because Destroy will also |
| * get rid of our decoder context, which we need to look at first! |
| */ |
| if (status == PR_SUCCESS) |
| status = pl_base64_decode_flush(data); |
| |
| /* Must clear this or Destroy will free it. */ |
| data->output_buffer = NULL; |
| |
| if (status == PR_SUCCESS) { |
| *output_destlen = data->output_length; |
| status = PL_DestroyBase64Decoder(data, PR_FALSE); |
| data = NULL; |
| if (status == PR_FAILURE) |
| goto loser; |
| return output_buffer; |
| } |
| |
| loser: |
| if (dest == NULL && output_buffer != NULL) |
| PR_Free(output_buffer); |
| if (data != NULL) |
| (void)PL_DestroyBase64Decoder(data, PR_TRUE); |
| return NULL; |
| } |
| |
| /* |
| * XXX End of base64 decoding code to be moved into NSPR. |
| ******************************************************** |
| */ |
| |
| /* |
| * This is the beginning of the NSS cover functions. These will |
| * provide the interface we want to expose as NSS-ish. For example, |
| * they will operate on our Items, do any special handling or checking |
| * we want to do, etc. |
| */ |
| |
| PR_BEGIN_EXTERN_C |
| |
| /* |
| * A boring cover structure for now. Perhaps someday it will include |
| * some more interesting fields. |
| */ |
| struct NSSBase64DecoderStr { |
| PLBase64Decoder *pl_data; |
| }; |
| |
| PR_END_EXTERN_C |
| |
| /* |
| * Function to start a base64 decoding context. |
| */ |
| NSSBase64Decoder * |
| NSSBase64Decoder_Create(PRInt32 (*output_fn)(void *, const unsigned char *, |
| PRInt32), |
| void *output_arg) |
| { |
| PLBase64Decoder *pl_data; |
| NSSBase64Decoder *nss_data; |
| |
| nss_data = PORT_ZNew(NSSBase64Decoder); |
| if (nss_data == NULL) |
| return NULL; |
| |
| pl_data = PL_CreateBase64Decoder(output_fn, output_arg); |
| if (pl_data == NULL) { |
| PORT_Free(nss_data); |
| return NULL; |
| } |
| |
| nss_data->pl_data = pl_data; |
| return nss_data; |
| } |
| |
| /* |
| * Push data through the decoder, causing the output_fn (provided to Create) |
| * to be called with the decoded data. |
| */ |
| SECStatus |
| NSSBase64Decoder_Update(NSSBase64Decoder *data, const char *buffer, |
| PRUint32 size) |
| { |
| PRStatus pr_status; |
| |
| /* XXX Should we do argument checking only in debug build? */ |
| if (data == NULL) { |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| return SECFailure; |
| } |
| |
| pr_status = PL_UpdateBase64Decoder(data->pl_data, buffer, size); |
| if (pr_status == PR_FAILURE) |
| return SECFailure; |
| |
| return SECSuccess; |
| } |
| |
| /* |
| * When you're done decoding, call this to free the data. If "abort_p" |
| * is false, then calling this may cause the output_fn to be called |
| * one last time (as the last buffered data is flushed out). |
| */ |
| SECStatus |
| NSSBase64Decoder_Destroy(NSSBase64Decoder *data, PRBool abort_p) |
| { |
| PRStatus pr_status; |
| |
| /* XXX Should we do argument checking only in debug build? */ |
| if (data == NULL) { |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| return SECFailure; |
| } |
| |
| pr_status = PL_DestroyBase64Decoder(data->pl_data, abort_p); |
| |
| PORT_Free(data); |
| |
| if (pr_status == PR_FAILURE) |
| return SECFailure; |
| |
| return SECSuccess; |
| } |
| |
| /* |
| * Perform base64 decoding from an ascii string "inStr" to an Item. |
| * The length of the input must be provided as "inLen". The Item |
| * may be provided (as "outItemOpt"); you can also pass in a NULL |
| * and the Item will be allocated for you. |
| * |
| * In any case, the data within the Item will be allocated for you. |
| * All allocation will happen out of the passed-in "arenaOpt", if non-NULL. |
| * If "arenaOpt" is NULL, standard allocation (heap) will be used and |
| * you will want to free the result via SECITEM_FreeItem. |
| * |
| * Return value is NULL on error, the Item (allocated or provided) otherwise. |
| */ |
| SECItem * |
| NSSBase64_DecodeBuffer(PLArenaPool *arenaOpt, SECItem *outItemOpt, |
| const char *inStr, unsigned int inLen) |
| { |
| SECItem *out_item = NULL; |
| PRUint32 max_out_len = 0; |
| void *mark = NULL; |
| unsigned char *dummy = NULL; |
| |
| if ((outItemOpt != NULL && outItemOpt->data != NULL) || inLen == 0) { |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| return NULL; |
| } |
| |
| if (arenaOpt != NULL) |
| mark = PORT_ArenaMark(arenaOpt); |
| |
| max_out_len = PL_Base64MaxDecodedLength(inLen); |
| if (max_out_len == 0) { |
| goto loser; |
| } |
| out_item = SECITEM_AllocItem(arenaOpt, outItemOpt, max_out_len); |
| if (out_item == NULL) { |
| goto loser; |
| } |
| |
| dummy = PL_Base64DecodeBuffer(inStr, inLen, out_item->data, |
| max_out_len, &out_item->len); |
| if (dummy == NULL) { |
| goto loser; |
| } |
| if (arenaOpt != NULL) { |
| PORT_ArenaUnmark(arenaOpt, mark); |
| } |
| return out_item; |
| |
| loser: |
| if (arenaOpt != NULL) { |
| PORT_ArenaRelease(arenaOpt, mark); |
| if (outItemOpt != NULL) { |
| outItemOpt->data = NULL; |
| outItemOpt->len = 0; |
| } |
| } else if (dummy == NULL) { |
| SECITEM_FreeItem(out_item, (PRBool)(outItemOpt == NULL)); |
| } |
| return NULL; |
| } |
| |
| /* |
| * XXX Everything below is deprecated. If you add new stuff, put it |
| * *above*, not below. |
| */ |
| |
| /* |
| * XXX The following "ATOB" functions are provided for backward compatibility |
| * with current code. They should be considered strongly deprecated. |
| * When we can convert all our code over to using the new NSSBase64Decoder_ |
| * functions defined above, we should get rid of these altogether. (Remove |
| * protoypes from base64.h as well -- actually, remove that file completely). |
| * If someone thinks either of these functions provides such a very useful |
| * interface (though, as shown, the same functionality can already be |
| * obtained by calling NSSBase64_DecodeBuffer directly), fine -- but then |
| * that API should be provided with a nice new NSSFoo name and using |
| * appropriate types, etc. |
| */ |
| |
| #include "base64.h" |
| |
| /* |
| ** Return an PORT_Alloc'd string which is the base64 decoded version |
| ** of the input string; set *lenp to the length of the returned data. |
| */ |
| unsigned char * |
| ATOB_AsciiToData(const char *string, unsigned int *lenp) |
| { |
| SECItem binary_item, *dummy; |
| |
| binary_item.data = NULL; |
| binary_item.len = 0; |
| |
| dummy = NSSBase64_DecodeBuffer(NULL, &binary_item, string, |
| (PRUint32)PORT_Strlen(string)); |
| if (dummy == NULL) |
| return NULL; |
| |
| PORT_Assert(dummy == &binary_item); |
| |
| *lenp = dummy->len; |
| return dummy->data; |
| } |
| |
| /* |
| ** Convert from ascii to binary encoding of an item. |
| */ |
| SECStatus |
| ATOB_ConvertAsciiToItem(SECItem *binary_item, const char *ascii) |
| { |
| SECItem *dummy; |
| |
| if (binary_item == NULL) { |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| return SECFailure; |
| } |
| |
| /* |
| * XXX Would prefer to assert here if data is non-null (actually, |
| * don't need to, just let NSSBase64_DecodeBuffer do it), so as to |
| * to catch unintended memory leaks, but callers are not clean in |
| * this respect so we need to explicitly clear here to avoid the |
| * assert in NSSBase64_DecodeBuffer. |
| */ |
| binary_item->data = NULL; |
| binary_item->len = 0; |
| |
| dummy = NSSBase64_DecodeBuffer(NULL, binary_item, ascii, |
| (PRUint32)PORT_Strlen(ascii)); |
| |
| if (dummy == NULL) |
| return SECFailure; |
| |
| return SECSuccess; |
| } |