1 /* 2 * Copyright (c) 1996, 1998 by Internet Software Consortium. 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS 9 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES 10 * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE 11 * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 12 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 13 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS 14 * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS 15 * SOFTWARE. 16 */ 17 18 /* 19 * Portions Copyright (c) 1995 by International Business Machines, Inc. 20 * 21 * International Business Machines, Inc. (hereinafter called IBM) grants 22 * permission under its copyrights to use, copy, modify, and distribute this 23 * Software with or without fee, provided that the above copyright notice and 24 * all paragraphs of this notice appear in all copies, and that the name of IBM 25 * not be used in connection with the marketing of any product incorporating 26 * the Software or modifications thereof, without specific, written prior 27 * permission. 28 * 29 * To the extent it has a right to do so, IBM grants an immunity from suit 30 * under its patents, if any, for the use, sale or manufacture of products to 31 * the extent that such products are used for performing Domain Name System 32 * dynamic updates in TCP/IP networks by means of the Software. No immunity is 33 * granted for any product per se or for any other function of any product. 34 * 35 * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, 36 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 37 * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, 38 * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING 39 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN 40 * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. 41 */ 42 #include <ldns/config.h> 43 44 #include <sys/types.h> 45 #include <sys/param.h> 46 #ifdef HAVE_SYS_SOCKET_H 47 #include <sys/socket.h> 48 #endif 49 50 #ifdef HAVE_NETINET_IN_H 51 #include <netinet/in.h> 52 #endif 53 #ifdef HAVE_ARPA_INET_H 54 #include <arpa/inet.h> 55 #endif 56 57 #include <ctype.h> 58 #include <stdio.h> 59 #include <stdlib.h> 60 #include <string.h> 61 62 #define Assert(Cond) if (!(Cond)) abort() 63 64 static const char Base64[] = 65 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 66 static const char Pad64 = '='; 67 68 /* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) 69 The following encoding technique is taken from RFC 1521 by Borenstein 70 and Freed. It is reproduced here in a slightly edited form for 71 convenience. 72 73 A 65-character subset of US-ASCII is used, enabling 6 bits to be 74 represented per printable character. (The extra 65th character, "=", 75 is used to signify a special processing function.) 76 77 The encoding process represents 24-bit groups of input bits as output 78 strings of 4 encoded characters. Proceeding from left to right, a 79 24-bit input group is formed by concatenating 3 8-bit input groups. 80 These 24 bits are then treated as 4 concatenated 6-bit groups, each 81 of which is translated into a single digit in the base64 alphabet. 82 83 Each 6-bit group is used as an index into an array of 64 printable 84 characters. The character referenced by the index is placed in the 85 output string. 86 87 Table 1: The Base64 Alphabet 88 89 Value Encoding Value Encoding Value Encoding Value Encoding 90 0 A 17 R 34 i 51 z 91 1 B 18 S 35 j 52 0 92 2 C 19 T 36 k 53 1 93 3 D 20 U 37 l 54 2 94 4 E 21 V 38 m 55 3 95 5 F 22 W 39 n 56 4 96 6 G 23 X 40 o 57 5 97 7 H 24 Y 41 p 58 6 98 8 I 25 Z 42 q 59 7 99 9 J 26 a 43 r 60 8 100 10 K 27 b 44 s 61 9 101 11 L 28 c 45 t 62 + 102 12 M 29 d 46 u 63 / 103 13 N 30 e 47 v 104 14 O 31 f 48 w (pad) = 105 15 P 32 g 49 x 106 16 Q 33 h 50 y 107 108 Special processing is performed if fewer than 24 bits are available 109 at the end of the data being encoded. A full encoding quantum is 110 always completed at the end of a quantity. When fewer than 24 input 111 bits are available in an input group, zero bits are added (on the 112 right) to form an integral number of 6-bit groups. Padding at the 113 end of the data is performed using the '=' character. 114 115 Since all base64 input is an integral number of octets, only the 116 ------------------------------------------------- 117 following cases can arise: 118 119 (1) the final quantum of encoding input is an integral 120 multiple of 24 bits; here, the final unit of encoded 121 output will be an integral multiple of 4 characters 122 with no "=" padding, 123 (2) the final quantum of encoding input is exactly 8 bits; 124 here, the final unit of encoded output will be two 125 characters followed by two "=" padding characters, or 126 (3) the final quantum of encoding input is exactly 16 bits; 127 here, the final unit of encoded output will be three 128 characters followed by one "=" padding character. 129 */ 130 131 /* skips all whitespace anywhere. 132 converts characters, four at a time, starting at (or after) 133 src from base - 64 numbers into three 8 bit bytes in the target area. 134 it returns the number of data bytes stored at the target, or -1 on error. 135 */ 136 137 int 138 ldns_b64_pton(char const *src, uint8_t *target, size_t targsize) 139 { 140 int tarindex, state, ch; 141 char *pos; 142 143 state = 0; 144 tarindex = 0; 145 146 if (strlen(src) == 0) { 147 return 0; 148 } 149 150 while ((ch = *src++) != '\0') { 151 if (isspace((unsigned char)ch)) /* Skip whitespace anywhere. */ 152 continue; 153 154 if (ch == Pad64) 155 break; 156 157 pos = strchr(Base64, ch); 158 if (pos == 0) { 159 /* A non-base64 character. */ 160 return (-1); 161 } 162 163 switch (state) { 164 case 0: 165 if (target) { 166 if ((size_t)tarindex >= targsize) 167 return (-1); 168 target[tarindex] = (pos - Base64) << 2; 169 } 170 state = 1; 171 break; 172 case 1: 173 if (target) { 174 if ((size_t)tarindex + 1 >= targsize) 175 return (-1); 176 target[tarindex] |= (pos - Base64) >> 4; 177 target[tarindex+1] = ((pos - Base64) & 0x0f) 178 << 4 ; 179 } 180 tarindex++; 181 state = 2; 182 break; 183 case 2: 184 if (target) { 185 if ((size_t)tarindex + 1 >= targsize) 186 return (-1); 187 target[tarindex] |= (pos - Base64) >> 2; 188 target[tarindex+1] = ((pos - Base64) & 0x03) 189 << 6; 190 } 191 tarindex++; 192 state = 3; 193 break; 194 case 3: 195 if (target) { 196 if ((size_t)tarindex >= targsize) 197 return (-1); 198 target[tarindex] |= (pos - Base64); 199 } 200 tarindex++; 201 state = 0; 202 break; 203 default: 204 abort(); 205 } 206 } 207 208 /* 209 * We are done decoding Base-64 chars. Let's see if we ended 210 * on a byte boundary, and/or with erroneous trailing characters. 211 */ 212 213 if (ch == Pad64) { /* We got a pad char. */ 214 ch = *src++; /* Skip it, get next. */ 215 switch (state) { 216 case 0: /* Invalid = in first position */ 217 case 1: /* Invalid = in second position */ 218 return (-1); 219 220 case 2: /* Valid, means one byte of info */ 221 /* Skip any number of spaces. */ 222 for ((void)NULL; ch != '\0'; ch = *src++) 223 if (!isspace((unsigned char)ch)) 224 break; 225 /* Make sure there is another trailing = sign. */ 226 if (ch != Pad64) 227 return (-1); 228 ch = *src++; /* Skip the = */ 229 /* Fall through to "single trailing =" case. */ 230 /* FALLTHROUGH */ 231 232 case 3: /* Valid, means two bytes of info */ 233 /* 234 * We know this char is an =. Is there anything but 235 * whitespace after it? 236 */ 237 for ((void)NULL; ch != '\0'; ch = *src++) 238 if (!isspace((unsigned char)ch)) 239 return (-1); 240 241 /* 242 * Now make sure for cases 2 and 3 that the "extra" 243 * bits that slopped past the last full byte were 244 * zeros. If we don't check them, they become a 245 * subliminal channel. 246 */ 247 if (target && target[tarindex] != 0) 248 return (-1); 249 } 250 } else { 251 /* 252 * We ended by seeing the end of the string. Make sure we 253 * have no partial bytes lying around. 254 */ 255 if (state != 0) 256 return (-1); 257 } 258 259 return (tarindex); 260 } 261