1 /***************************************************************************
2  * Copyright (c) 2009-2010 Open Information Security Foundation
3  * Copyright (c) 2010-2013 Qualys, Inc.
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions are
8  * met:
9  *
10  * - Redistributions of source code must retain the above copyright
11  *   notice, this list of conditions and the following disclaimer.
12 
13  * - Redistributions in binary form must reproduce the above copyright
14  *   notice, this list of conditions and the following disclaimer in the
15  *   documentation and/or other materials provided with the distribution.
16 
17  * - Neither the name of the Qualys, Inc. nor the names of its
18  *   contributors may be used to endorse or promote products derived from
19  *   this software without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32  ***************************************************************************/
33 
34 /**
35  * @file
36  * @author Ivan Ristic <ivanr@webkreator.com>
37  */
38 
39 /* Adapted from the libb64 project (http://sourceforge.net/projects/libb64), which is in public domain. */
40 
41 #include "bstr.h"
42 #include "htp_base64.h"
43 
44 /**
45  * Decode single base64-encoded character.
46  *
47  * @param[in] value_in
48  * @return decoded character
49  */
htp_base64_decode_single(signed char value_in)50 int htp_base64_decode_single(signed char value_in) {
51     static const signed char decoding[] = {62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61,
52         -1, -1, -1, -2, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17,
53         18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34,
54         35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51};
55     static const signed char decoding_size = sizeof (decoding);
56 
57     value_in -= 43;
58 
59     if ((value_in < 0) || (value_in > decoding_size - 1)) return -1;
60 
61     return decoding[(int) value_in];
62 }
63 
64 /**
65  * Initialize base64 decoder.
66  *
67  * @param[in] decoder
68  */
htp_base64_decoder_init(htp_base64_decoder * decoder)69 void htp_base64_decoder_init(htp_base64_decoder *decoder) {
70     decoder->step = step_a;
71     decoder->plainchar = 0;
72 }
73 
74 /**
75  * Feed the supplied memory range to the decoder.
76  *
77  * @param[in] decoder
78  * @param[in] _code_in
79  * @param[in] length_in
80  * @param[in] _plaintext_out
81  * @param[in] length_out
82  * @return how many bytes were placed into plaintext output
83  */
htp_base64_decode(htp_base64_decoder * decoder,const void * _code_in,int length_in,void * _plaintext_out,int length_out)84 int htp_base64_decode(htp_base64_decoder *decoder, const void *_code_in, int length_in, void *_plaintext_out, int length_out) {
85     const unsigned char *code_in = (const unsigned char *)_code_in;
86     unsigned char *plaintext_out = (unsigned char *)_plaintext_out;
87     const unsigned char *codechar = code_in;
88     unsigned char *plainchar = plaintext_out;
89     signed char fragment;
90 
91     if (length_out <= 0) return 0;
92 
93     *plainchar = decoder->plainchar;
94 
95     switch (decoder->step) {
96             while (1) {
97                 case step_a:
98                 do {
99                     if (codechar == code_in + length_in) {
100                         decoder->step = step_a;
101                         decoder->plainchar = *plainchar;
102                         return plainchar - plaintext_out;
103                     }
104                     fragment = (char) htp_base64_decode_single(*codechar++);
105                 } while (fragment < 0);
106                 *plainchar = (fragment & 0x03f) << 2;
107                 /* fall through */
108 
109                 case step_b:
110                 do {
111                     if (codechar == code_in + length_in) {
112                         decoder->step = step_b;
113                         decoder->plainchar = *plainchar;
114                         return plainchar - plaintext_out;
115                     }
116                     fragment = (char) htp_base64_decode_single(*codechar++);
117                 } while (fragment < 0);
118                 *plainchar++ |= (fragment & 0x030) >> 4;
119                 *plainchar = (fragment & 0x00f) << 4;
120                 if (--length_out == 0) {
121                     return plainchar - plaintext_out;
122                 }
123                 /* fall through */
124 
125                 case step_c:
126                 do {
127                     if (codechar == code_in + length_in) {
128                         decoder->step = step_c;
129                         decoder->plainchar = *plainchar;
130                         return plainchar - plaintext_out;
131                     }
132                     fragment = (char) htp_base64_decode_single(*codechar++);
133                 } while (fragment < 0);
134                 *plainchar++ |= (fragment & 0x03c) >> 2;
135                 *plainchar = (fragment & 0x003) << 6;
136                 if (--length_out == 0) {
137                     return plainchar - plaintext_out;
138                 }
139                 /* fall through */
140 
141                 case step_d:
142                 do {
143                     if (codechar == code_in + length_in) {
144                         decoder->step = step_d;
145                         decoder->plainchar = *plainchar;
146                         return plainchar - plaintext_out;
147                     }
148                     fragment = (char) htp_base64_decode_single(*codechar++);
149                 } while (fragment < 0);
150                 *plainchar++ |= (fragment & 0x03f);
151                 if (--length_out == 0) {
152                     return plainchar - plaintext_out;
153                 }
154                 /* fall through */
155             }
156     }
157 
158     /* control should not reach here */
159     return plainchar - plaintext_out;
160 }
161 
162 /**
163  * Base64-decode input, given as bstring.
164  *
165  * @param[in] input
166  * @return new base64-decoded bstring
167  */
htp_base64_decode_bstr(bstr * input)168 bstr *htp_base64_decode_bstr(bstr *input) {
169     return htp_base64_decode_mem(bstr_ptr(input), bstr_len(input));
170 }
171 
172 /**
173  * Base64-decode input, given as memory range.
174  *
175  * @param[in] data
176  * @param[in] len
177  * @return new base64-decoded bstring
178  */
htp_base64_decode_mem(const void * data,size_t len)179 bstr *htp_base64_decode_mem(const void *data, size_t len) {
180     htp_base64_decoder decoder;
181     bstr *r = NULL;
182 
183     htp_base64_decoder_init(&decoder);
184 
185     unsigned char *tmpstr = malloc(len);
186     if (tmpstr == NULL) return NULL;
187 
188     int resulting_len = htp_base64_decode(&decoder, data, len, tmpstr, len);
189     if (resulting_len > 0) {
190         r = bstr_dup_mem(tmpstr, resulting_len);
191     }
192 
193     free(tmpstr);
194 
195     return r;
196 }
197