Avoid in-out length in base64

This commit is contained in:
Manuel Pégourié-Gonnard 2015-06-02 16:30:35 +01:00
parent 3335205a21
commit ba56136b5c
6 changed files with 41 additions and 45 deletions

View File

@ -37,37 +37,39 @@ extern "C" {
* \brief Encode a buffer into base64 format
*
* \param dst destination buffer
* \param dlen size of the buffer
* \param dlen size of the destination buffer
* \param olen number of bytes written
* \param src source buffer
* \param slen amount of data to be encoded
*
* \return 0 if successful, or MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL.
* *dlen is always updated to reflect the amount
* *olen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
* \note Call this function with dlen = 0 to obtain the
* required buffer size in *olen
*/
int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen );
/**
* \brief Decode a base64-formatted buffer
*
* \param dst destination buffer (can be NULL for checking size)
* \param dlen size of the buffer
* \param dlen size of the destination buffer
* \param olen number of bytes written
* \param src source buffer
* \param slen amount of data to be decoded
*
* \return 0 if successful, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL, or
* MBEDTLS_ERR_BASE64_INVALID_CHARACTER if the input data is
* not correct. *dlen is always updated to reflect the amount
* not correct. *olen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *dst = NULL or *dlen = 0 to obtain
* the required buffer size in *dlen
* \note Call this function with *dst = NULL or dlen = 0 to obtain
* the required buffer size in *olen
*/
int mbedtls_base64_decode( unsigned char *dst, size_t *dlen,
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen );
/**

View File

@ -78,7 +78,7 @@ static const unsigned char base64_dec_map[128] =
/*
* Encode a buffer into base64 format
*/
int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen )
{
size_t i, n;
@ -87,7 +87,7 @@ int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
if( slen == 0 )
{
*dlen = 0;
*olen = 0;
return( 0 );
}
@ -100,9 +100,9 @@ int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
default: break;
}
if( *dlen < n + 1 )
if( dlen < n + 1 )
{
*dlen = n + 1;
*olen = n + 1;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
}
@ -135,7 +135,7 @@ int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
*p++ = '=';
}
*dlen = p - dst;
*olen = p - dst;
*p = 0;
return( 0 );
@ -144,7 +144,7 @@ int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
/*
* Decode a base64-formatted buffer
*/
int mbedtls_base64_decode( unsigned char *dst, size_t *dlen,
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen )
{
size_t i, n;
@ -195,9 +195,9 @@ int mbedtls_base64_decode( unsigned char *dst, size_t *dlen,
n = ( ( n * 6 ) + 7 ) >> 3;
n -= j;
if( dst == NULL || *dlen < n )
if( dst == NULL || dlen < n )
{
*dlen = n;
*olen = n;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
}
@ -218,7 +218,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t *dlen,
}
}
*dlen = p - dst;
*olen = p - dst;
return( 0 );
}
@ -253,10 +253,9 @@ int mbedtls_base64_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " Base64 encoding test: " );
len = sizeof( buffer );
src = base64_test_dec;
if( mbedtls_base64_encode( buffer, &len, src, 64 ) != 0 ||
if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 )
{
if( verbose != 0 )
@ -268,10 +267,9 @@ int mbedtls_base64_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( "passed\n Base64 decoding test: " );
len = sizeof( buffer );
src = base64_test_enc;
if( mbedtls_base64_decode( buffer, &len, src, 88 ) != 0 ||
if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 )
{
if( verbose != 0 )

View File

@ -315,8 +315,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
}
len = 0;
ret = mbedtls_base64_decode( NULL, &len, s1, s2 - s1 );
ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 );
if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
@ -324,7 +323,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
if( ( buf = mbedtls_calloc( 1, len ) ) == NULL )
return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
if( ( ret = mbedtls_base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 )
if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 )
{
mbedtls_free( buf );
return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
@ -396,9 +395,9 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer,
{
int ret;
unsigned char *encode_buf, *c, *p = buf;
size_t len = 0, use_len = 0, add_len = 0;
size_t len = 0, use_len, add_len = 0;
mbedtls_base64_encode( NULL, &use_len, der_data, der_len );
mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len );
add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1;
if( use_len + add_len > buf_len )
@ -410,7 +409,7 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer,
if( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL )
return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
if( ( ret = mbedtls_base64_encode( encode_buf, &use_len, der_data,
if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data,
der_len ) ) != 0 )
{
mbedtls_free( encode_buf );

View File

@ -720,8 +720,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " > Write username to server: %s", opt.user_name );
fflush( stdout );
n = sizeof( base );
ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_name,
ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_name,
strlen( opt.user_name ) );
if( ret != 0 ) {
@ -741,8 +740,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " > Write password to server: %s", opt.user_pwd );
fflush( stdout );
n = sizeof( base );
ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_pwd,
ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_pwd,
strlen( opt.user_pwd ) );
if( ret != 0 ) {

View File

@ -96,14 +96,14 @@ int convert_pem_to_der( const unsigned char *input, size_t ilen,
if( s2 <= s1 || s2 > end )
return( -1 );
ret = mbedtls_base64_decode( NULL, &len, (const unsigned char *) s1, s2 - s1 );
ret = mbedtls_base64_decode( NULL, 0, &len, (const unsigned char *) s1, s2 - s1 );
if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
return( ret );
if( len > *olen )
return( -1 );
if( ( ret = mbedtls_base64_decode( output, &len, (const unsigned char *) s1,
if( ( ret = mbedtls_base64_decode( output, len, &len, (const unsigned char *) s1,
s2 - s1 ) ) != 0 )
{
return( ret );

View File

@ -13,13 +13,13 @@ void mbedtls_base64_encode( char *src_string, char *dst_string, int dst_buf_size
{
unsigned char src_str[1000];
unsigned char dst_str[1000];
size_t len = dst_buf_size;
size_t len;
memset(src_str, 0x00, 1000);
memset(dst_str, 0x00, 1000);
strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 );
TEST_ASSERT( mbedtls_base64_encode( dst_str, &len, src_str, strlen( (char *) src_str ) ) == result );
TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, strlen( (char *) src_str ) ) == result );
if( result == 0 )
{
TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 );
@ -32,14 +32,14 @@ void mbedtls_base64_decode( char *src_string, char *dst_string, int result )
{
unsigned char src_str[1000];
unsigned char dst_str[1000];
size_t len = 1000;
size_t len;
int res;
memset(src_str, 0x00, 1000);
memset(dst_str, 0x00, 1000);
strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 );
res = mbedtls_base64_decode( dst_str, &len, src_str, strlen( (char *) src_str ) );
res = mbedtls_base64_decode( dst_str, sizeof( dst_str ), &len, src_str, strlen( (char *) src_str ) );
TEST_ASSERT( res == result );
if( result == 0 )
{
@ -53,12 +53,12 @@ void base64_encode_hex( char *src_hex, char *dst, int dst_buf_size,
int result )
{
unsigned char *src = NULL, *res = NULL;
size_t len = dst_buf_size, src_len;
size_t len, src_len;
src = unhexify_alloc( src_hex, &src_len );
res = zero_alloc( dst_buf_size );
TEST_ASSERT( mbedtls_base64_encode( res, &len, src, src_len ) == result );
TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src, src_len ) == result );
if( result == 0 )
{
TEST_ASSERT( len == strlen( dst ) );
@ -76,12 +76,12 @@ void base64_decode_hex( char *src, char *dst_hex, int dst_buf_size,
int result )
{
unsigned char *dst = NULL, *res = NULL;
size_t len = dst_buf_size, dst_len;
size_t len, dst_len;
dst = unhexify_alloc( dst_hex, &dst_len );
res = zero_alloc( dst_buf_size );
TEST_ASSERT( mbedtls_base64_decode( res, &len, (unsigned char *) src,
TEST_ASSERT( mbedtls_base64_decode( res, dst_buf_size, &len, (unsigned char *) src,
strlen( src ) ) == result );
if( result == 0 )
{
@ -104,8 +104,7 @@ void base64_decode_hex_src( char *src_hex, char *dst_ref, int result )
src = unhexify_alloc( src_hex, &src_len );
len = sizeof( dst );
TEST_ASSERT( mbedtls_base64_decode( dst, &len, src, src_len ) == result );
TEST_ASSERT( mbedtls_base64_decode( dst, sizeof( dst ), &len, src, src_len ) == result );
if( result == 0 )
{
TEST_ASSERT( len == strlen( dst_ref ) );