diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon/plugins/stroke/stroke_ca.c | 11 | ||||
| -rw-r--r-- | src/charon/plugins/stroke/stroke_cred.c | 34 | ||||
| -rw-r--r-- | src/charon/plugins/unit_tester/Makefile.am | 3 | ||||
| -rw-r--r-- | src/charon/plugins/unit_tester/tests.h | 3 | ||||
| -rw-r--r-- | src/libfast/session.c | 2 | ||||
| -rw-r--r-- | src/libstrongswan/Makefile.am | 1 | ||||
| -rwxr-xr-x | src/libstrongswan/asn1/pem.c | 26 | ||||
| -rw-r--r-- | src/libstrongswan/asn1/ttodata.c | 435 | ||||
| -rw-r--r-- | src/libstrongswan/asn1/ttodata.h | 28 | ||||
| -rw-r--r-- | src/libstrongswan/chunk.c | 171 | ||||
| -rw-r--r-- | src/libstrongswan/chunk.h | 52 |
11 files changed, 229 insertions, 537 deletions
diff --git a/src/charon/plugins/stroke/stroke_ca.c b/src/charon/plugins/stroke/stroke_ca.c index c61aadba1..11de24135 100644 --- a/src/charon/plugins/stroke/stroke_ca.c +++ b/src/charon/plugins/stroke/stroke_ca.c @@ -195,12 +195,13 @@ static enumerator_t *create_inner_cdp_hashandurl(ca_section_t *section, cdp_data { if (current->matches(current, data->id)) { - chunk_t hash = current->get_encoding(current); - char *hash_str = chunk_to_hex(hash, FALSE); - char *url = malloc(strlen(section->certuribase) + 40 + 1); + char *url, *hash; + + url = malloc(strlen(section->certuribase) + 40 + 1); strcpy(url, section->certuribase); - strncat(url, hash_str, 40); - free(hash_str); + hash = chunk_to_hex(current->get_encoding(current), NULL, FALSE).ptr; + strncat(url, hash, 40); + free(hash); enumerator = enumerator_create_single(url, free); break; diff --git a/src/charon/plugins/stroke/stroke_cred.c b/src/charon/plugins/stroke/stroke_cred.c index 7d0d14699..1b8498ab5 100644 --- a/src/charon/plugins/stroke/stroke_cred.c +++ b/src/charon/plugins/stroke/stroke_cred.c @@ -26,7 +26,6 @@ #include <utils/linked_list.h> #include <utils/mutex.h> #include <utils/lexparser.h> -#include <asn1/ttodata.h> #include <asn1/pem.h> #include <daemon.h> @@ -541,15 +540,14 @@ static void cache_cert(private_stroke_cred_t *this, certificate_t *cert) if (add_crl(this, crl)) { char buf[256]; - char *hex; - chunk_t chunk; + chunk_t chunk, hex; identification_t *id; id = crl->get_authKeyIdentifier(crl); chunk = id->get_encoding(id); - hex = chunk_to_hex(chunk, FALSE); + hex = chunk_to_hex(chunk, NULL, FALSE); snprintf(buf, sizeof(buf), "%s/%s.crl", CRL_DIR, hex); - free(hex); + free(hex.ptr); chunk = cert->get_encoding(cert); if (chunk_write(chunk, buf, 022, TRUE)) @@ -615,25 +613,23 @@ static err_t extract_secret(chunk_t *secret, chunk_t *line) { /* treat as an ASCII string */ *secret = chunk_clone(raw_secret); + return NULL; } - else + /* treat 0x as hex, 0s as base64 */ + if (raw_secret.len > 2) { - size_t len; - err_t ugh; - - /* secret converted to binary form doesn't use more space than the raw_secret */ - *secret = chunk_alloc(raw_secret.len); - - /* convert from HEX or Base64 to binary */ - ugh = ttodata(raw_secret.ptr, raw_secret.len, 0, secret->ptr, secret->len, &len); - - if (ugh != NULL) + if (strncasecmp("0x", raw_secret.ptr, 2) == 0) { - chunk_clear(secret); - return ugh; + *secret = chunk_from_hex(chunk_skip(raw_secret, 2), NULL); + return NULL; + } + if (strncasecmp("0s", raw_secret.ptr, 2) == 0) + { + *secret = chunk_from_base64(chunk_skip(raw_secret, 2), NULL); + return NULL; } - secret->len = len; } + *secret = chunk_clone(raw_secret); return NULL; } diff --git a/src/charon/plugins/unit_tester/Makefile.am b/src/charon/plugins/unit_tester/Makefile.am index fe80c9803..6d91c9ecf 100644 --- a/src/charon/plugins/unit_tester/Makefile.am +++ b/src/charon/plugins/unit_tester/Makefile.am @@ -15,6 +15,7 @@ libcharon_unit_tester_la_SOURCES = unit_tester.c unit_tester.h \ tests/test_mutex.c \ tests/test_rsa_gen.c \ tests/test_med_db.c \ - tests/test_aes.c + tests/test_aes.c \ + tests/test_chunk.c libcharon_unit_tester_la_LDFLAGS = -module diff --git a/src/charon/plugins/unit_tester/tests.h b/src/charon/plugins/unit_tester/tests.h index 8cb543967..9512fe6a7 100644 --- a/src/charon/plugins/unit_tester/tests.h +++ b/src/charon/plugins/unit_tester/tests.h @@ -33,4 +33,5 @@ DEFINE_TEST("mutex primitive", test_mutex, FALSE) DEFINE_TEST("RSA key generation", test_rsa_gen, FALSE) DEFINE_TEST("RSA subjectPublicKeyInfo loading", test_rsa_load_any, FALSE) DEFINE_TEST("Mediation database key fetch", test_med_db, FALSE) -DEFINE_TEST("AES-128 encryption", test_aes128, TRUE) +DEFINE_TEST("AES-128 encryption", test_aes128, FALSE) +DEFINE_TEST("Base64 converter", test_chunk_base64, TRUE) diff --git a/src/libfast/session.c b/src/libfast/session.c index 87b7a266d..bff610772 100644 --- a/src/libfast/session.c +++ b/src/libfast/session.c @@ -87,7 +87,7 @@ static void create_sid(private_session_t *this, request_t *request) if (rng) { rng->get_bytes(rng, sizeof(buf), buf); - this->sid = chunk_to_hex(chunk, FALSE); + this->sid = chunk_to_hex(chunk, NULL, FALSE).ptr; request->add_cookie(request, "SID", this->sid); rng->destroy(rng); } diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index bcd115128..fbd220854 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -18,7 +18,6 @@ printf_hook.c printf_hook.h \ asn1/asn1.c asn1/asn1.h \ asn1/oid.c asn1/oid.h \ asn1/pem.c asn1/pem.h \ -asn1/ttodata.c asn1/ttodata.h \ crypto/crypters/crypter.c crypto/crypters/crypter.h \ crypto/hashers/hasher.h crypto/hashers/hasher.c \ crypto/pkcs9.c crypto/pkcs9.h \ diff --git a/src/libstrongswan/asn1/pem.c b/src/libstrongswan/asn1/pem.c index 6c946b413..5cba781cb 100755 --- a/src/libstrongswan/asn1/pem.c +++ b/src/libstrongswan/asn1/pem.c @@ -27,7 +27,6 @@ #include <library.h> #include <debug.h> #include <asn1/asn1.h> -#include <asn1/ttodata.h> #include <utils/lexparser.h> #include <crypto/hashers/hasher.h> @@ -232,7 +231,6 @@ err_t pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp) encrypted = TRUE; else if (match("DEK-Info", &name)) { - size_t len = 0; chunk_t dek; if (!extract_token(&dek, ',', &value)) @@ -262,19 +260,12 @@ err_t pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp) { return "encryption algorithm not supported"; } - eat_whitespace(&value); - ugh = ttodata(value.ptr, value.len, 16, iv.ptr, 16, &len); - if (ugh) - return "error in IV"; - - iv.len = len; + iv = chunk_from_hex(value, iv.ptr); } } else /* state is PEM_BODY */ { - const char *ugh = NULL; - size_t len = 0; chunk_t data; /* remove any trailing whitespace */ @@ -292,18 +283,15 @@ err_t pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp) DBG2(" Armor checksum: %.*s", (int)data.len, data.ptr); continue; } - - ugh = ttodata(data.ptr, data.len, 64, dst.ptr, blob->len - dst.len, &len); - if (ugh) + + if (blob->len - dst.len < data.len / 4 * 3) { state = PEM_ABORT; - break; - } - else - { - dst.ptr += len; - dst.len += len; } + data = chunk_from_base64(data, dst.ptr); + + dst.ptr += data.len; + dst.len += data.len; } } } diff --git a/src/libstrongswan/asn1/ttodata.c b/src/libstrongswan/asn1/ttodata.c deleted file mode 100644 index 6cffecd40..000000000 --- a/src/libstrongswan/asn1/ttodata.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - * convert from text form of arbitrary data (e.g., keys) to binary - * Copyright (C) 2000 Henry Spencer. - * - * This library is free software; you can redistribute it and/or modify it - * under the terms of the GNU Library General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public - * License for more details. - * - * $Id$ - */ - -#include "ttodata.h" - -#include <string.h> -#include <ctype.h> - -/* converters and misc */ -static int unhex(const char *, char *, size_t); -static int unb64(const char *, char *, size_t); -static int untext(const char *, char *, size_t); -static const char *badch(const char *, int, char *, size_t); - -/* internal error codes for converters */ -#define SHORT (-2) /* internal buffer too short */ -#define BADPAD (-3) /* bad base64 padding */ -#define BADCH0 (-4) /* invalid character 0 */ -#define BADCH1 (-5) /* invalid character 1 */ -#define BADCH2 (-6) /* invalid character 2 */ -#define BADCH3 (-7) /* invalid character 3 */ -#define BADOFF(code) (BADCH0-(code)) - -/** - * convert text to data, with verbose error reports - * - * If some of this looks slightly odd, it's because it has changed - * repeatedly (from the original atodata()) without a major rewrite. - * - * @param src - * @param srclen 0 means apply strlen() - * @param base 0 means figure it out - * @param dst need not be valid if dstlen is 0 - * @param dstlen - * @param lenp where to record length (NULL is nowhere) - * @param errp error buffer - * @param flags - * @return NULL on success, else literal or errp - */ -const char *ttodatav(const char *src, size_t srclen, int base, char *dst, size_t dstlen, size_t *lenp, char *errp, size_t errlen, unsigned int flags) -{ - size_t ingroup; /* number of input bytes converted at once */ - char buf[4]; /* output from conversion */ - int nbytes; /* size of output */ - int (*decode)(const char *, char *, size_t); - char *stop; - int ndone; - int i; - int underscoreok; - int skipSpace = 0; - - if (srclen == 0) - { - srclen = strlen(src); - } - if (dstlen == 0) - { - dst = buf; /* point it somewhere valid */ - } - stop = dst + dstlen; - - if (base == 0) - { - if (srclen < 2) - { - return "input too short to be valid"; - } - if (*src++ != '0') - { - return "input does not begin with format prefix"; - } - switch (*src++) - { - case 'x': - case 'X': - base = 16; - break; - case 's': - case 'S': - base = 64; - break; - case 't': - case 'T': - base = 256; - break; - default: - return "unknown format prefix"; - } - srclen -= 2; - } - switch (base) - { - case 16: - decode = unhex; - underscoreok = 1; - ingroup = 2; - break; - case 64: - decode = unb64; - underscoreok = 0; - ingroup = 4; - if(flags & TTODATAV_IGNORESPACE) - { - skipSpace = 1; - } - break; - case 256: - decode = untext; - ingroup = 1; - underscoreok = 0; - break; - default: - return "unknown base"; - } - - /* proceed */ - ndone = 0; - while (srclen > 0) - { - char stage[4]; /* staging area for group */ - size_t sl = 0; - - /* Grab ingroup characters into stage, - * squeezing out blanks if we are supposed to ignore them. - */ - for (sl = 0; sl < ingroup; src++, srclen--) - { - if (srclen == 0) - { - return "input ends in mid-byte, perhaps truncated"; - } - else if (!(skipSpace && (*src == ' ' || *src == '\t'))) - { - stage[sl++] = *src; - } - } - - nbytes = (*decode)(stage, buf, sizeof(buf)); - switch (nbytes) - { - case BADCH0: - case BADCH1: - case BADCH2: - case BADCH3: - return badch(stage, nbytes, errp, errlen); - case SHORT: - return "internal buffer too short (\"can't happen\")"; - case BADPAD: - return "bad (non-zero) padding at end of base64 input"; - } - if (nbytes <= 0) - { - return "unknown internal error"; - } - for (i = 0; i < nbytes; i++) - { - if (dst < stop) - { - *dst++ = buf[i]; - } - ndone++; - } - while (srclen >= 1 && skipSpace && (*src == ' ' || *src == '\t')) - { - src++; - srclen--; - } - if (underscoreok && srclen > 1 && (*src == '_' || *src == ':')) - { - /* srclen > 1 means not last character */ - src++; - srclen--; - } - } - - if (ndone == 0) - { - return "no data bytes specified by input"; - } - if (lenp != NULL) - { - *lenp = ndone; - } - return NULL; -} - -/** - * ttodata - convert text to data - * - * @param src - * @param srclen 0 means apply strlen() - * @param base 0 means figure it out - * @param dst need not be valid if dstlen is 0 - * @param dstlen - * @param lenp where to record length (NULL is nowhere) - * @return NULL on success, else literal - */ -const char *ttodata(const char *src, size_t srclen, int base, char *dst, size_t dstlen, size_t *lenp) -{ - return ttodatav(src, srclen, base, dst, dstlen, lenp, (char *)NULL, - (size_t)0, TTODATAV_SPACECOUNTS); -} - -/** - * atodata - convert ASCII to data - * - * backward-compatibility interface - * - * @param src - * @param srclen - * @param dst - * @param dstlen - * @return 0 for failure, true length for success - */ -size_t atodata(const char *src, size_t srclen, char *dst, size_t dstlen) -{ - size_t len; - const char *err; - - err = ttodata(src, srclen, 0, dst, dstlen, &len); - return (err)? 0:len; -} - -/** - * atobytes - convert ASCII to data bytes - * - * another backward-compatibility interface - */ -const char *atobytes(const char *src, size_t srclen, char *dst, size_t dstlen, size_t *lenp) -{ - return ttodata(src, srclen, 0, dst, dstlen, lenp); -} - -/** - * unhex - convert two ASCII hex digits to byte - * - * @param src known to be full length - * @param dstnumber of result bytes, or error code - * @param dstlen not large enough is a failure - * @return - */ -static int unhex(const char *src, char *dst, size_t dstlen) -{ - char *p; - unsigned byte; - static char hex[] = "0123456789abcdef"; - - if (dstlen < 1) - { - return SHORT; - } - - p = strchr(hex, *src); - if (p == NULL) - { - p = strchr(hex, tolower(*src)); - } - if (p == NULL) - { - return BADCH0; - } - byte = (p - hex) << 4; - src++; - - p = strchr(hex, *src); - if (p == NULL) - { - p = strchr(hex, tolower(*src)); - } - if (p == NULL) - { - return BADCH1; - } - byte |= (p - hex); - - *dst = byte; - return 1; -} - -/** - * unb64 - convert four ASCII base64 digits to three bytes - * - * Note that a base64 digit group is padded out with '=' if it represents - * less than three bytes: one byte is dd==, two is ddd=, three is dddd. - * - * @param src known to be full length - * @param dst - * @param dstlen - * @return number of result bytes, or error code - */ -static int unb64(const char *src, char *dst, size_t dstlen) -{ - char *p; - unsigned byte1; - unsigned byte2; - static char base64[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - - if (dstlen < 3) - { - return SHORT; - } - p = strchr(base64, *src++); - - if (p == NULL) - { - return BADCH0; - } - byte1 = (p - base64) << 2; /* first six bits */ - - p = strchr(base64, *src++); - if (p == NULL) - { - return BADCH1; - } - - byte2 = p - base64; /* next six: two plus four */ - *dst++ = byte1 | (byte2 >> 4); - byte1 = (byte2 & 0xf) << 4; - - p = strchr(base64, *src++); - if (p == NULL) - { - if (*(src-1) == '=' && *src == '=') - { - if (byte1 != 0) /* bad padding */ - { - return BADPAD; - } - return 1; - } - return BADCH2; - } - - byte2 = p - base64; /* next six: four plus two */ - *dst++ = byte1 | (byte2 >> 2); - byte1 = (byte2 & 0x3) << 6; - - p = strchr(base64, *src++); - if (p == NULL) - { - if (*(src-1) == '=') - { - if (byte1 != 0) /* bad padding */ - { - return BADPAD; - } - return 2; - } - return BADCH3; - } - byte2 = p - base64; /* last six */ - *dst++ = byte1 | byte2; - - return 3; -} - -/** - * untext - convert one ASCII character to byte - * - * @param src known to be full length - * @param dst - * @param dstlen not large enough is a failure - * @return number of result bytes, or error code - */ -static int untext(const char *src, char *dst, size_t dstlen) -{ - if (dstlen < 1) - { - return SHORT; - } - *dst = *src; - return 1; -} - -/** - * badch - produce a nice complaint about an unknown character - * - * If the compiler complains that the array bigenough[] has a negative - * size, that means the TTODATAV_BUF constant has been set too small. - * - * @param src - * @param errcode - * @param errp might be NULL - * @param errlen - * @return literal or errp - */ -static const char *badch(const char *src, int errcode, char *errp, size_t errlen) -{ - static const char pre[] = "unknown character (`"; - static const char suf[] = "') in input"; - char buf[5]; -# define REQD (sizeof(pre) - 1 + sizeof(buf) - 1 + sizeof(suf)) - struct sizecheck { - char bigenough[TTODATAV_BUF - REQD]; /* see above */ - }; - char ch; - - if (errp == NULL || errlen < REQD) - { - return "unknown character in input"; - } - strcpy(errp, pre); - ch = *(src + BADOFF(errcode)); - if (isprint(ch)) - { - buf[0] = ch; - buf[1] = '\0'; - } - else - { - buf[0] = '\\'; - buf[1] = ((ch & 0700) >> 6) + '0'; - buf[2] = ((ch & 0070) >> 3) + '0'; - buf[3] = ((ch & 0007) >> 0) + '0'; - buf[4] = '\0'; - } - strcat(errp, buf); - strcat(errp, suf); - return (const char *)errp; -} diff --git a/src/libstrongswan/asn1/ttodata.h b/src/libstrongswan/asn1/ttodata.h deleted file mode 100644 index 89ce53b84..000000000 --- a/src/libstrongswan/asn1/ttodata.h +++ /dev/null @@ -1,28 +0,0 @@ -/* - * convert from text form of arbitrary data (e.g., keys) to binary - * Copyright (C) 2000 Henry Spencer. - * - * This library is free software; you can redistribute it and/or modify it - * under the terms of the GNU Library General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public - * License for more details. - */ - -#ifndef TTODATA_H_ -#define TTODATA_H_ - -#include <library.h> - -#define TTODATAV_BUF 40 /* ttodatav's largest non-literal message */ -#define TTODATAV_IGNORESPACE (1<<1) /* ignore spaces in base64 encodings*/ -#define TTODATAV_SPACECOUNTS 0 /* do not ignore spaces in base64 */ - -err_t ttodata(const char *src, size_t srclen, int base, char *buf, size_t buflen, size_t *needed); - - -#endif /* TTODATA_H_ @} */ diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c index 14524e77b..cbd90bd6a 100644 --- a/src/libstrongswan/chunk.c +++ b/src/libstrongswan/chunk.c @@ -241,6 +241,7 @@ bool chunk_write(chunk_t chunk, char *path, mode_t mask, bool force) return good; } + /** hex conversion digits */ static char hexdig_upper[] = "0123456789ABCDEF"; static char hexdig_lower[] = "0123456789abcdef"; @@ -248,10 +249,9 @@ static char hexdig_lower[] = "0123456789abcdef"; /** * Described in header. */ -char *chunk_to_hex(chunk_t chunk, bool uppercase) +chunk_t chunk_to_hex(chunk_t chunk, char *buf, bool uppercase) { - int i; - char *str; + int i, len;; char *hexdig = hexdig_lower; if (uppercase) @@ -259,15 +259,158 @@ char *chunk_to_hex(chunk_t chunk, bool uppercase) hexdig = hexdig_upper; } - str = malloc(chunk.len * 2 + 1); - str[chunk.len * 2] = '\0'; + len = chunk.len * 2; + if (!buf) + { + buf = malloc(len + 1); + } + buf[len] = '\0'; + + for (i = 0; i < chunk.len; i++) + { + buf[i*2] = hexdig[(chunk.ptr[i] >> 4) & 0xF]; + buf[i*2+1] = hexdig[(chunk.ptr[i] ) & 0xF]; + } + return chunk_create(buf, len); +} + +/** + * convert a signle hex character to its binary value + */ +static char hex2bin(char hex) +{ + switch (hex) + { + case '0' ... '9': + return hex - '0'; + case 'A' ... 'F': + return hex - 'A' + 10; + case 'a' ... 'f': + return hex - 'a' + 10; + default: + return 0; + } +} + +/** + * Described in header. + */ +chunk_t chunk_from_hex(chunk_t hex, char *buf) +{ + int i, len; + + len = hex.len / 2; + if (!buf) + { + buf = malloc(len); + } + for (i = 0; i < len; i++) + { + buf[i] = hex2bin(*hex.ptr++) << 4; + buf[i] |= hex2bin(*hex.ptr++); + } + return chunk_create(buf, len); +} + +/** base 64 conversion digits */ +static char b64digits[] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + +/** + * Described in header. + */ +chunk_t chunk_to_base64(chunk_t chunk, char *buf) +{ + int i, len; + char *pos; + + len = chunk.len + ((3 - chunk.len % 3) % 3); + if (!buf) + { + buf = malloc(len * 4 / 3 + 1); + } + pos = buf; + for (i = 0; i < len; i+=3) + { + *pos++ = b64digits[chunk.ptr[i] >> 2]; + if (i+1 >= chunk.len) + { + *pos++ = b64digits[(chunk.ptr[i] & 0x03) << 4]; + *pos++ = '='; + *pos++ = '='; + break; + } + *pos++ = b64digits[((chunk.ptr[i] & 0x03) << 4) | (chunk.ptr[i+1] >> 4)]; + if (i+2 >= chunk.len) + { + *pos++ = b64digits[(chunk.ptr[i+1] & 0x0F) << 2]; + *pos++ = '='; + break; + } + *pos++ = b64digits[((chunk.ptr[i+1] & 0x0F) << 2) | (chunk.ptr[i+2] >> 6)]; + *pos++ = b64digits[chunk.ptr[i+2] & 0x3F]; + } + *pos = '\0'; + return chunk_create(buf, len * 4 / 3); +} + +/** + * convert a base 64 digit to its binary form (inversion of b64digits array) + */ +static int b642bin(char b64) +{ + switch (b64) + { + case 'A' ... 'Z': + return b64 - 'A'; + case 'a' ... 'z': + return ('Z' - 'A' + 1) + b64 - 'a'; + case '0' ... '9': + return ('Z' - 'A' + 1) + ('z' - 'a' + 1) + b64 - '0'; + case '+': + case '-': + return 62; + case '/': + case '_': + return 63; + case '=': + return 0; + default: + return -1; + } +} + +/** + * Described in header. + */ +chunk_t chunk_from_base64(chunk_t base64, char *buf) +{ + u_char *pos, byte[4]; + int i, j, len, outlen; - for (i = 0; i < chunk.len; i ++) + len = base64.len / 4 * 3; + if (!buf) { - str[i*2] = hexdig[(chunk.ptr[i] >> 4) & 0xF]; - str[i*2+1] = hexdig[(chunk.ptr[i] ) & 0xF]; + buf = malloc(len); } - return str; + pos = base64.ptr; + outlen = 0; + for (i = 0; i < len; i+=3) + { + outlen += 3; + for (j = 0; j < 4; j++) + { + if (*pos == '=') + { + outlen--; + } + byte[j] = b642bin(*pos++); + } + buf[i] = (byte[0] << 2) | (byte[1] >> 4); + buf[i+1] = (byte[1] << 4) | (byte[2] >> 2); + buf[i+2] = (byte[2] << 6) | (byte[3]); + } + return chunk_create(buf, outlen); } /** @@ -328,16 +471,6 @@ bool chunk_equals(chunk_t a, chunk_t b) } /** - * Described in header. - */ -bool chunk_equals_or_null(chunk_t a, chunk_t b) -{ - if (a.ptr == NULL || b.ptr == NULL) - return TRUE; - return a.len == b.len && memeq(a.ptr, b.ptr, a.len); -} - -/** * output handler in printf() for chunks */ static int chunk_print(FILE *stream, const struct printf_info *info, diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h index 447469b06..195d01fcd 100644 --- a/src/libstrongswan/chunk.h +++ b/src/libstrongswan/chunk.h @@ -85,9 +85,51 @@ void chunk_split(chunk_t chunk, const char *mode, ...); bool chunk_write(chunk_t chunk, char *path, mode_t mask, bool force); /** - * convert a chunk to an allocated hex string + * Convert a chunk of data to hex encoding. + * + * The resulting string is '\0' terminated, but the chunk does not include + * the '\0'. If buf is supplied, it must hold at least (chunk.len * 2 + 1). + * + * @param chunk data to convert + * @param buff buffer to write to, NULL to malloc + * @param uppercase TRUE to use uppercase letters + * @return chunk of encoded data */ -char *chunk_to_hex(chunk_t chunk, bool uppercase); +chunk_t chunk_to_hex(chunk_t chunk, char *buf, bool uppercase); + +/** + * Convert a hex encoded in a binary chunk. + * + * If buf is supplied, it must hold at least (hex.len / 2). + * + * @param hex hex encoded input data + * @param buf buffer to write decoded data, NULL to malloc + * @return converted data + */ +chunk_t chunk_from_hex(chunk_t hex, char *buf); + +/** + * Convert a chunk of data to its base64 encoding. + * + * The resulting string is '\0' terminated, but the chunk does not include + * the '\0'. If buf is supplied, it must hold at least (chunk.len * 4 / 3 + 1). + * + * @param chunk data to convert + * @param buff buffer to write to, NULL to malloc + * @return chunk of encoded data + */ +chunk_t chunk_to_base64(chunk_t chunk, char *buf); + +/** + * Convert a base64 in a binary chunk. + * + * If buf is supplied, it must hold at least (base64.len / 4 * 3). + * + * @param base64 base64 encoded input data + * @param buf buffer to write decoded data, NULL to malloc + * @return converted data + */ +chunk_t chunk_from_base64(chunk_t base64, char *buf); /** * Free contents of a chunk @@ -157,12 +199,6 @@ int chunk_compare(chunk_t a, chunk_t b); bool chunk_equals(chunk_t a, chunk_t b); /** - * Compare two chunks for equality, - * NULL chunks are always equal. - */ -bool chunk_equals_or_null(chunk_t a, chunk_t b); - -/** * Get printf hooks for a chunk. * * Arguments are: |