1 /* 2 * Copyright (c) 1996 by Internet Software Consortium. 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS 9 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES 10 * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE 11 * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 12 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 13 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS 14 * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS 15 * SOFTWARE. 16 */ 17 18 /* 19 * Portions Copyright (c) 1995 by International Business Machines, Inc. 20 * 21 * International Business Machines, Inc. (hereinafter called IBM) grants 22 * permission under its copyrights to use, copy, modify, and distribute this 23 * Software with or without fee, provided that the above copyright notice and 24 * all paragraphs of this notice appear in all copies, and that the name of IBM 25 * not be used in connection with the marketing of any product incorporating 26 * the Software or modifications thereof, without specific, written prior 27 * permission. 28 * 29 * To the extent it has a right to do so, IBM grants an immunity from suit 30 * under its patents, if any, for the use, sale or manufacture of products to 31 * the extent that such products are used for performing Domain Name System 32 * dynamic updates in TCP/IP networks by means of the Software. No immunity is 33 * granted for any product per se or for any other function of any product. 34 * 35 * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, 36 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 37 * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, 38 * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING 39 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN 40 * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. 41 */ 42 43 #include <sys/types.h> 44 #include <sys/param.h> 45 #include <sys/socket.h> 46 #include <netinet/in.h> 47 #include <arpa/inet.h> 48 #include <arpa/nameser.h> 49 50 #include <ctype.h> 51 #include <resolv.h> 52 #include <stdio.h> 53 54 #if defined(BSD) && (BSD >= 199103) && defined(AF_INET6) 55 # include <stdlib.h> 56 # include <string.h> 57 #else 58 # include "../conf/portability.h" 59 #endif 60 61 #define Assert(Cond) if (!(Cond)) abort() 62 63 static const char Base64[] = 64 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 65 static const char Pad64 = '='; 66 67 /* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) 68 The following encoding technique is taken from RFC 1521 by Borenstein 69 and Freed. It is reproduced here in a slightly edited form for 70 convenience. 71 72 A 65-character subset of US-ASCII is used, enabling 6 bits to be 73 represented per printable character. (The extra 65th character, "=", 74 is used to signify a special processing function.) 75 76 The encoding process represents 24-bit groups of input bits as output 77 strings of 4 encoded characters. Proceeding from left to right, a 78 24-bit input group is formed by concatenating 3 8-bit input groups. 79 These 24 bits are then treated as 4 concatenated 6-bit groups, each 80 of which is translated into a single digit in the base64 alphabet. 81 82 Each 6-bit group is used as an index into an array of 64 printable 83 characters. The character referenced by the index is placed in the 84 output string. 85 86 Table 1: The Base64 Alphabet 87 88 Value Encoding Value Encoding Value Encoding Value Encoding 89 0 A 17 R 34 i 51 z 90 1 B 18 S 35 j 52 0 91 2 C 19 T 36 k 53 1 92 3 D 20 U 37 l 54 2 93 4 E 21 V 38 m 55 3 94 5 F 22 W 39 n 56 4 95 6 G 23 X 40 o 57 5 96 7 H 24 Y 41 p 58 6 97 8 I 25 Z 42 q 59 7 98 9 J 26 a 43 r 60 8 99 10 K 27 b 44 s 61 9 100 11 L 28 c 45 t 62 + 101 12 M 29 d 46 u 63 / 102 13 N 30 e 47 v 103 14 O 31 f 48 w (pad) = 104 15 P 32 g 49 x 105 16 Q 33 h 50 y 106 107 Special processing is performed if fewer than 24 bits are available 108 at the end of the data being encoded. A full encoding quantum is 109 always completed at the end of a quantity. When fewer than 24 input 110 bits are available in an input group, zero bits are added (on the 111 right) to form an integral number of 6-bit groups. Padding at the 112 end of the data is performed using the '=' character. 113 114 Since all base64 input is an integral number of octets, only the 115 ------------------------------------------------- 116 following cases can arise: 117 118 (1) the final quantum of encoding input is an integral 119 multiple of 24 bits; here, the final unit of encoded 120 output will be an integral multiple of 4 characters 121 with no "=" padding, 122 (2) the final quantum of encoding input is exactly 8 bits; 123 here, the final unit of encoded output will be two 124 characters followed by two "=" padding characters, or 125 (3) the final quantum of encoding input is exactly 16 bits; 126 here, the final unit of encoded output will be three 127 characters followed by one "=" padding character. 128 */ 129 130 int 131 b64_ntop(src, srclength, target, targsize) 132 u_char const *src; 133 size_t srclength; 134 char *target; 135 size_t targsize; 136 { 137 size_t datalength = 0; 138 u_char input[3]; 139 u_char output[4]; 140 int i; 141 142 while (2 < srclength) { 143 input[0] = *src++; 144 input[1] = *src++; 145 input[2] = *src++; 146 srclength -= 3; 147 148 output[0] = input[0] >> 2; 149 output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); 150 output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); 151 output[3] = input[2] & 0x3f; 152 Assert(output[0] < 64); 153 Assert(output[1] < 64); 154 Assert(output[2] < 64); 155 Assert(output[3] < 64); 156 157 if (datalength + 4 > targsize) 158 return (-1); 159 target[datalength++] = Base64[output[0]]; 160 target[datalength++] = Base64[output[1]]; 161 target[datalength++] = Base64[output[2]]; 162 target[datalength++] = Base64[output[3]]; 163 } 164 165 /* Now we worry about padding. */ 166 if (0 != srclength) { 167 /* Get what's left. */ 168 input[0] = input[1] = input[2] = '\0'; 169 for (i = 0; i < srclength; i++) 170 input[i] = *src++; 171 172 output[0] = input[0] >> 2; 173 output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); 174 output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); 175 Assert(output[0] < 64); 176 Assert(output[1] < 64); 177 Assert(output[2] < 64); 178 179 if (datalength + 4 > targsize) 180 return (-1); 181 target[datalength++] = Base64[output[0]]; 182 target[datalength++] = Base64[output[1]]; 183 if (srclength == 1) 184 target[datalength++] = Pad64; 185 else 186 target[datalength++] = Base64[output[2]]; 187 target[datalength++] = Pad64; 188 } 189 if (datalength >= targsize) 190 return (-1); 191 target[datalength] = '\0'; /* Returned value doesn't count \0. */ 192 return (datalength); 193 } 194 195 /* skips all whitespace anywhere. 196 converts characters, four at a time, starting at (or after) 197 src from base - 64 numbers into three 8 bit bytes in the target area. 198 it returns the number of data bytes stored at the target, or -1 on error. 199 */ 200 201 int 202 b64_pton(src, target, targsize) 203 char const *src; 204 u_char *target; 205 size_t targsize; 206 { 207 int tarindex, state, ch; 208 char *pos; 209 210 state = 0; 211 tarindex = 0; 212 213 while ((ch = *src++) != '\0') { 214 if (isspace(ch)) /* Skip whitespace anywhere. */ 215 continue; 216 217 if (ch == Pad64) 218 break; 219 220 pos = strchr(Base64, ch); 221 if (pos == 0) /* A non-base64 character. */ 222 return (-1); 223 224 switch (state) { 225 case 0: 226 if (target) { 227 if (tarindex >= targsize) 228 return (-1); 229 target[tarindex] = (pos - Base64) << 2; 230 } 231 state = 1; 232 break; 233 case 1: 234 if (target) { 235 if (tarindex + 1 >= targsize) 236 return (-1); 237 target[tarindex] |= (pos - Base64) >> 4; 238 target[tarindex+1] = ((pos - Base64) & 0x0f) 239 << 4 ; 240 } 241 tarindex++; 242 state = 2; 243 break; 244 case 2: 245 if (target) { 246 if (tarindex + 1 >= targsize) 247 return (-1); 248 target[tarindex] |= (pos - Base64) >> 2; 249 target[tarindex+1] = ((pos - Base64) & 0x03) 250 << 6; 251 } 252 tarindex++; 253 state = 3; 254 break; 255 case 3: 256 if (target) { 257 if (tarindex >= targsize) 258 return (-1); 259 target[tarindex] |= (pos - Base64); 260 } 261 tarindex++; 262 state = 0; 263 break; 264 default: 265 abort(); 266 } 267 } 268 269 /* 270 * We are done decoding Base-64 chars. Let's see if we ended 271 * on a byte boundary, and/or with erroneous trailing characters. 272 */ 273 274 if (ch == Pad64) { /* We got a pad char. */ 275 ch = *src++; /* Skip it, get next. */ 276 switch (state) { 277 case 0: /* Invalid = in first position */ 278 case 1: /* Invalid = in second position */ 279 return (-1); 280 281 case 2: /* Valid, means one byte of info */ 282 /* Skip any number of spaces. */ 283 for (NULL; ch != '\0'; ch = *src++) 284 if (!isspace(ch)) 285 break; 286 /* Make sure there is another trailing = sign. */ 287 if (ch != Pad64) 288 return (-1); 289 ch = *src++; /* Skip the = */ 290 /* Fall through to "single trailing =" case. */ 291 /* FALLTHROUGH */ 292 293 case 3: /* Valid, means two bytes of info */ 294 /* 295 * We know this char is an =. Is there anything but 296 * whitespace after it? 297 */ 298 for (NULL; ch != '\0'; ch = *src++) 299 if (!isspace(ch)) 300 return (-1); 301 302 /* 303 * Now make sure for cases 2 and 3 that the "extra" 304 * bits that slopped past the last full byte were 305 * zeros. If we don't check them, they become a 306 * subliminal channel. 307 */ 308 if (target && target[tarindex] != 0) 309 return (-1); 310 } 311 } else { 312 /* 313 * We ended by seeing the end of the string. Make sure we 314 * have no partial bytes lying around. 315 */ 316 if (state != 0) 317 return (-1); 318 } 319 320 return (tarindex); 321 } 322