diff options
-rw-r--r-- | src/core/base64.c | 100 | ||||
-rw-r--r-- | src/crypto/ocsp.c | 2 | ||||
-rw-r--r-- | src/include/ipxe/base64.h | 5 | ||||
-rw-r--r-- | src/net/tcp/httpcore.c | 3 | ||||
-rw-r--r-- | src/net/tcp/iscsi.c | 2 | ||||
-rw-r--r-- | src/net/validator.c | 3 | ||||
-rw-r--r-- | src/tests/base64_test.c | 46 |
7 files changed, 84 insertions, 77 deletions
diff --git a/src/core/base64.c b/src/core/base64.c index c115fcea..e452f7d4 100644 --- a/src/core/base64.c +++ b/src/core/base64.c @@ -43,80 +43,73 @@ static const char base64[64] = * Base64-encode data * * @v raw Raw data - * @v len Length of raw data - * @v encoded Buffer for encoded string - * - * The buffer must be the correct length for the encoded string. Use - * something like - * - * char buf[ base64_encoded_len ( len ) + 1 ]; - * - * (the +1 is for the terminating NUL) to provide a buffer of the - * correct size. + * @v raw_len Length of raw data + * @v data Buffer + * @v len Length of buffer + * @ret len Encoded length */ -void base64_encode ( const uint8_t *raw, size_t len, char *encoded ) { +size_t base64_encode ( const void *raw, size_t raw_len, char *data, + size_t len ) { const uint8_t *raw_bytes = ( ( const uint8_t * ) raw ); - uint8_t *encoded_bytes = ( ( uint8_t * ) encoded ); - size_t raw_bit_len = ( 8 * len ); + size_t raw_bit_len = ( 8 * raw_len ); + size_t used = 0; unsigned int bit; unsigned int byte; unsigned int shift; unsigned int tmp; - for ( bit = 0 ; bit < raw_bit_len ; bit += 6 ) { + for ( bit = 0 ; bit < raw_bit_len ; bit += 6, used++ ) { byte = ( bit / 8 ); shift = ( bit % 8 ); tmp = ( raw_bytes[byte] << shift ); - if ( ( byte + 1 ) < len ) + if ( ( byte + 1 ) < raw_len ) tmp |= ( raw_bytes[ byte + 1 ] >> ( 8 - shift ) ); tmp = ( ( tmp >> 2 ) & 0x3f ); - *(encoded_bytes++) = base64[tmp]; + if ( used < len ) + data[used] = base64[tmp]; } - for ( ; ( bit % 8 ) != 0 ; bit += 6 ) - *(encoded_bytes++) = '='; - *(encoded_bytes++) = '\0'; + for ( ; ( bit % 8 ) != 0 ; bit += 6, used++ ) { + if ( used < len ) + data[used] = '='; + } + if ( used < len ) + data[used] = '\0'; + if ( len ) + data[ len - 1 ] = '\0'; /* Ensure terminator exists */ - DBG ( "Base64-encoded to \"%s\":\n", encoded ); - DBG_HDA ( 0, raw, len ); - assert ( strlen ( encoded ) == base64_encoded_len ( len ) ); + return used; } /** * Base64-decode string * * @v encoded Encoded string - * @v raw Raw data - * @ret len Length of raw data, or negative error - * - * The buffer must be large enough to contain the decoded data. Use - * something like - * - * char buf[ base64_decoded_max_len ( encoded ) ]; - * - * to provide a buffer of the correct size. + * @v data Buffer + * @v len Length of buffer + * @ret len Length of data, or negative error */ -int base64_decode ( const char *encoded, uint8_t *raw ) { - const uint8_t *encoded_bytes = ( ( const uint8_t * ) encoded ); - uint8_t *raw_bytes = ( ( uint8_t * ) raw ); - uint8_t encoded_byte; +int base64_decode ( const char *encoded, void *data, size_t len ) { + const char *in = encoded; + uint8_t *out = data; + uint8_t in_char; char *match; - int decoded; + int in_bits; unsigned int bit = 0; unsigned int pad_count = 0; - size_t len; + size_t offset; - /* Zero the raw data */ - memset ( raw, 0, base64_decoded_max_len ( encoded ) ); + /* Zero the output buffer */ + memset ( data, 0, len ); /* Decode string */ - while ( ( encoded_byte = *(encoded_bytes++) ) ) { + while ( ( in_char = *(in++) ) ) { /* Ignore whitespace characters */ - if ( isspace ( encoded_byte ) ) + if ( isspace ( in_char ) ) continue; /* Process pad characters */ - if ( encoded_byte == '=' ) { + if ( in_char == '=' ) { if ( pad_count >= 2 ) { DBG ( "Base64-encoded string \"%s\" has too " "many pad characters\n", encoded ); @@ -133,18 +126,22 @@ int base64_decode ( const char *encoded, uint8_t *raw ) { } /* Process normal characters */ - match = strchr ( base64, encoded_byte ); + match = strchr ( base64, in_char ); if ( ! match ) { DBG ( "Base64-encoded string \"%s\" contains invalid " - "character '%c'\n", encoded, encoded_byte ); + "character '%c'\n", encoded, in_char ); return -EINVAL; } - decoded = ( match - base64 ); + in_bits = ( match - base64 ); /* Add to raw data */ - decoded <<= 2; - raw_bytes[ bit / 8 ] |= ( decoded >> ( bit % 8 ) ); - raw_bytes[ bit / 8 + 1 ] |= ( decoded << ( 8 - ( bit % 8 ) ) ); + in_bits <<= 2; + offset = ( bit / 8 ); + if ( offset < len ) + out[offset] |= ( in_bits >> ( bit % 8 ) ); + offset++; + if ( offset < len ) + out[offset] |= ( in_bits << ( 8 - ( bit % 8 ) ) ); bit += 6; } @@ -154,12 +151,7 @@ int base64_decode ( const char *encoded, uint8_t *raw ) { "%d\n", encoded, bit ); return -EINVAL; } - len = ( bit / 8 ); - - DBG ( "Base64-decoded \"%s\" to:\n", encoded ); - DBG_HDA ( 0, raw, len ); - assert ( len <= base64_decoded_max_len ( encoded ) ); /* Return length in bytes */ - return ( len ); + return ( bit / 8 ); } diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c index 66e47c57..5df55bc9 100644 --- a/src/crypto/ocsp.c +++ b/src/crypto/ocsp.c @@ -233,7 +233,7 @@ static int ocsp_uri_string ( struct ocsp_check *ocsp ) { goto err_path_base64; } base64_encode ( ocsp->request.builder.data, ocsp->request.builder.len, - path_base64_string ); + path_base64_string, path_len ); /* URI-encode the Base64-encoded request */ memset ( &path_uri, 0, sizeof ( path_uri ) ); diff --git a/src/include/ipxe/base64.h b/src/include/ipxe/base64.h index eeae2f39..0c70d838 100644 --- a/src/include/ipxe/base64.h +++ b/src/include/ipxe/base64.h @@ -35,7 +35,8 @@ static inline size_t base64_decoded_max_len ( const char *encoded ) { return ( ( ( strlen ( encoded ) + 4 - 1 ) / 4 ) * 3 ); } -extern void base64_encode ( const uint8_t *raw, size_t len, char *encoded ); -extern int base64_decode ( const char *encoded, uint8_t *raw ); +extern size_t base64_encode ( const void *raw, size_t raw_len, char *data, + size_t len ); +extern int base64_decode ( const char *encoded, void *data, size_t len ); #endif /* _IPXE_BASE64_H */ diff --git a/src/net/tcp/httpcore.c b/src/net/tcp/httpcore.c index d94ab5f0..f14ce9a8 100644 --- a/src/net/tcp/httpcore.c +++ b/src/net/tcp/httpcore.c @@ -1081,7 +1081,8 @@ static char * http_basic_auth ( struct http_request *http ) { snprintf ( user_pw, sizeof ( user_pw ), "%s:%s", user, password ); /* Base64-encode the "user:password" string */ - base64_encode ( ( void * ) user_pw, user_pw_len, user_pw_base64 ); + base64_encode ( user_pw, user_pw_len, user_pw_base64, + sizeof ( user_pw_base64 ) ); /* Generate the authorisation string */ len = asprintf ( &auth, "Authorization: Basic %s\r\n", diff --git a/src/net/tcp/iscsi.c b/src/net/tcp/iscsi.c index e553b214..0099bf5b 100644 --- a/src/net/tcp/iscsi.c +++ b/src/net/tcp/iscsi.c @@ -845,7 +845,7 @@ static int iscsi_large_binary_decode ( const char *encoded, uint8_t *raw, case 'x' : return base16_decode ( encoded, raw, len ); case 'b' : - return base64_decode ( encoded, raw ); + return base64_decode ( encoded, raw, len ); } } diff --git a/src/net/validator.c b/src/net/validator.c index 4c26cd1b..a01269da 100644 --- a/src/net/validator.c +++ b/src/net/validator.c @@ -254,7 +254,8 @@ static int validator_start_download ( struct validator *validator, /* Generate URI string */ len = snprintf ( uri_string, uri_string_len, "%s/%08x.der?subject=", crosscert, crc ); - base64_encode ( issuer->data, issuer->len, ( uri_string + len ) ); + base64_encode ( issuer->data, issuer->len, ( uri_string + len ), + ( uri_string_len - len ) ); DBGC ( validator, "VALIDATOR %p downloading cross-signed certificate " "from %s\n", validator, uri_string ); diff --git a/src/tests/base64_test.c b/src/tests/base64_test.c index b22158f5..0fc595d9 100644 --- a/src/tests/base64_test.c +++ b/src/tests/base64_test.c @@ -80,30 +80,42 @@ BASE64 ( random_test, * Report a base64 encoding test result * * @v test Base64 test + * @v file Test code file + * @v line Test code line */ -#define base64_encode_ok( test ) do { \ - size_t len = base64_encoded_len ( (test)->len ); \ - char buf[ len + 1 /* NUL */ ]; \ - ok ( len == strlen ( (test)->encoded ) ); \ - base64_encode ( (test)->data, (test)->len, buf ); \ - ok ( strcmp ( (test)->encoded, buf ) == 0 ); \ - } while ( 0 ) +static void base64_encode_okx ( struct base64_test *test, const char *file, + unsigned int line ) { + size_t len = base64_encoded_len ( test->len ); + char buf[ len + 1 /* NUL */ ]; + size_t check_len; + + okx ( len == strlen ( test->encoded ), file, line ); + check_len = base64_encode ( test->data, test->len, buf, sizeof ( buf )); + okx ( check_len == len, file, line ); + okx ( strcmp ( test->encoded, buf ) == 0, file, line ); +} +#define base64_encode_ok( test ) base64_encode_okx ( test, __FILE__, __LINE__ ) /** * Report a base64 decoding test result * * @v test Base64 test + * @v file Test code file + * @v line Test code line */ -#define base64_decode_ok( test ) do { \ - size_t max_len = base64_decoded_max_len ( (test)->encoded ); \ - uint8_t buf[max_len]; \ - int len; \ - len = base64_decode ( (test)->encoded, buf ); \ - ok ( len >= 0 ); \ - ok ( ( size_t ) len <= max_len ); \ - ok ( ( size_t ) len == (test)->len ); \ - ok ( memcmp ( (test)->data, buf, len ) == 0 ); \ - } while ( 0 ) +static void base64_decode_okx ( struct base64_test *test, const char *file, + unsigned int line ) { + size_t max_len = base64_decoded_max_len ( test->encoded ); + uint8_t buf[max_len]; + int len; + + len = base64_decode ( test->encoded, buf, sizeof ( buf ) ); + okx ( len >= 0, file, line ); + okx ( ( size_t ) len <= max_len, file, line ); + okx ( ( size_t ) len == test->len, file, line ); + okx ( memcmp ( test->data, buf, len ) == 0, file, line ); +} +#define base64_decode_ok( test ) base64_decode_okx ( test, __FILE__, __LINE__ ) /** * Perform Base64 self-tests |