search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cleaned up errno handling.
[gnutls.git] / lib / auth / srp_sb64.c
blob4298f333422d101e3e0059cc9df60e79ac3e9f4d
1 /*
2 * Copyright (C) 2001-2012 Free Software Foundation, Inc.
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GnuTLS.
7 *
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 *
21 */
22
23 #include <gnutls_int.h>
24 #include <gnutls_errors.h>
25 #include <gnutls_datum.h>
26 #include <auth/srp_passwd.h>
27
28 #ifdef ENABLE_SRP
29
30 /* this a modified base64 for srp !!!
31 * It seems that everybody makes an own base64 conversion.
32 */
33 static const uint8_t b64table[] =
34 "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
35
36 static const uint8_t asciitable[128] = {
37 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
38 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
39 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
40 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
41 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
42 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
43 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
44 0xff, 0xff, 0xff, 0xff, 0x3e, 0x3f,
45 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
46 0x06, 0x07, 0x08, 0x09, 0xff, 0xff,
47 0xff, 0xff, 0xff, 0xff, 0xff, 0x0a,
48 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
49 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
50 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
51 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22,
52 0x23, 0xff, 0xff, 0xff, 0xff, 0xff,
53 0xff, 0x24, 0x25, 0x26, 0x27, 0x28,
54 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e,
55 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34,
56 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a,
57 0x3b, 0x3c, 0x3d, 0xff, 0xff, 0xff,
58 0xff, 0xff
59 };
60
61 inline static int
62 encode (uint8_t * result, const uint8_t * rdata, int left)
63 {
64
65 int data_len;
66 int c, ret = 4;
67 uint8_t data[3];
68
69 if (left > 3)
70 data_len = 3;
71 else
72 data_len = left;
73
74 data[0] = data[1] = data[2] = 0;
75 memcpy (data, rdata, data_len);
76
77 switch (data_len)
78 {
79 case 3:
80 result[0] = b64table[((data[0] & 0xfc) >> 2)];
81 result[1] =
82 b64table[(((((data[0] & 0x03) & 0xff) << 4) & 0xff) |
83 ((data[1] & 0xf0) >> 4))];
84 result[2] =
85 b64table[((((data[1] & 0x0f) << 2) & 0xff) |
86 ((data[2] & 0xc0) >> 6))];
87 result[3] = b64table[(data[2] & 0x3f) & 0xff];
88 break;
89 case 2:
90 if ((c = ((data[0] & 0xf0) >> 4)) != 0)
91 {
92 result[0] = b64table[c];
93 result[1] =
94 b64table[((((data[0] & 0x0f) << 2) & 0xff) |
95 ((data[1] & 0xc0) >> 6))];
96 result[2] = b64table[(data[1] & 0x3f) & 0xff];
97 result[3] = '\0';
98 ret -= 1;
99 }
100 else
101 {
102 if ((c = ((data[0] & 0x0f) << 2) | ((data[1] & 0xc0) >> 6)) != 0)
103 {
104 result[0] = b64table[c];
105 result[1] = b64table[data[1] & 0x3f];
106 result[2] = '\0';
107 result[3] = '\0';
108 ret -= 2;
109 }
110 else
111 {
112 result[0] = b64table[data[0] & 0x3f];
113 result[1] = '\0';
114 result[2] = '\0';
115 result[3] = '\0';
116 ret -= 3;
117 }
118 }
119 break;
120 case 1:
121 if ((c = ((data[0] & 0xc0) >> 6)) != 0)
122 {
123 result[0] = b64table[c];
124 result[1] = b64table[(data[0] & 0x3f) & 0xff];
125 result[2] = '\0';
126 result[3] = '\0';
127 ret -= 2;
128 }
129 else
130 {
131 result[0] = b64table[(data[0] & 0x3f) & 0xff];
132 result[1] = '\0';
133 result[2] = '\0';
134 result[3] = '\0';
135 ret -= 3;
136 }
137 break;
138 default:
139 return -1;
140 }
141
142 return ret;
143
144 }
145
146 /* encodes data and puts the result into result (locally allocated)
147 * The result_size is the return value
148 */
149 static int
150 _gnutls_sbase64_encode (uint8_t * data, size_t data_size, char ** result)
151 {
152 unsigned i, j;
153 int ret, tmp;
154 uint8_t tmpres[4];
155 int mod = data_size % 3;
156
157 ret = mod;
158 if (ret != 0)
159 ret = 4;
160 else
161 ret = 0;
162
163 ret += (data_size * 4) / 3;
164
165 (*result) = gnutls_calloc (1, ret + 1);
166 if ((*result) == NULL)
167 return -1;
168
169 i = j = 0;
170 /* encode the bytes that are not a multiple of 3
171 */
172 if (mod > 0)
173 {
174 tmp = encode (tmpres, &data[0], mod);
175 if (tmp < 0)
176 {
177 gnutls_free ((*result));
178 return tmp;
179 }
180
181 memcpy (&(*result)[0], tmpres, tmp);
182 i = mod;
183 j = tmp;
184
185 }
186 /* encode the rest
187 */
188 for (; i < data_size; i += 3, j += 4)
189 {
190 tmp = encode (tmpres, &data[i], data_size - i);
191 if (tmp < 0)
192 {
193 gnutls_free ((*result));
194 return tmp;
195 }
196 memcpy (&(*result)[j], tmpres, tmp);
197 }
198
199 return strlen (*result);
200 }
201
202
203 /* data must be 4 bytes
204 * result should be 3 bytes
205 */
206 #define TOASCII(c) (c < 127 ? asciitable[c] : 0xff)
207 inline static int
208 decode (uint8_t * result, const uint8_t * data)
209 {
210 uint8_t a1, a2;
211 int ret = 3;
212
213 memset (result, 0, 3);
214
215 a1 = TOASCII (data[3]);
216 a2 = TOASCII (data[2]);
217 if (a1 != 0xff)
218 result[2] = a1 & 0xff;
219 else
220 return -1;
221 if (a2 != 0xff)
222 result[2] |= ((a2 & 0x03) << 6) & 0xff;
223
224 a1 = a2;
225 a2 = TOASCII (data[1]);
226 if (a1 != 0xff)
227 result[1] = ((a1 & 0x3c) >> 2);
228 if (a2 != 0xff)
229 result[1] |= ((a2 & 0x0f) << 4);
230 else if (a1 == 0xff || result[1] == 0)
231 ret--;
232
233 a1 = a2;
234 a2 = TOASCII (data[0]);
235 if (a1 != 0xff)
236 result[0] = (((a1 & 0x30) >> 4) & 0xff);
237 if (a2 != 0xff)
238 result[0] |= ((a2 << 2) & 0xff);
239 else if (a1 == 0xff || result[0] == 0)
240 ret--;
241
242 return ret;
243 }
244
245 /* decodes data and puts the result into result (locally allocated)
246 * The result_size is the return value.
247 * That function does not ignore newlines tabs etc. You should remove them
248 * before calling it.
249 */
250 int
251 _gnutls_sbase64_decode (char * data, size_t idata_size, uint8_t ** result)
252 {
253 unsigned i, j;
254 int ret, left;
255 int data_size, tmp;
256 uint8_t datrev[4];
257 uint8_t tmpres[3];
258
259 data_size = (idata_size / 4) * 4;
260 left = idata_size % 4;
261
262 ret = (data_size / 4) * 3;
263
264 if (left > 0)
265 ret += 3;
266
267 (*result) = gnutls_malloc (ret + 1);
268 if ((*result) == NULL)
269 return -1;
270
271 /* the first "block" is treated with special care */
272 tmp = 0;
273 if (left > 0)
274 {
275 memset (datrev, 0, 4);
276 memcpy (&datrev[4 - left], data, left);
277
278 tmp = decode (tmpres, datrev);
279 if (tmp < 0)
280 {
281 gnutls_free ((*result));
282 *result = NULL;
283 return tmp;
284 }
285
286 memcpy (*result, &tmpres[3 - tmp], tmp);
287 if (tmp < 3)
288 ret -= (3 - tmp);
289 }
290
291 /* rest data */
292 for (i = left, j = tmp; i < idata_size; i += 4)
293 {
294 tmp = decode (tmpres, (uint8_t*)&data[i]);
295 if (tmp < 0)
296 {
297 gnutls_free ((*result));
298 *result = NULL;
299 return tmp;
300 }
301 memcpy (&(*result)[j], tmpres, tmp);
302 if (tmp < 3)
303 ret -= (3 - tmp);
304 j += 3;
305 }
306
307 return ret;
308 }
309
310 /**
311 * gnutls_srp_base64_encode:
312 * @data: contain the raw data
313 * @result: the place where base64 data will be copied
314 * @result_size: holds the size of the result
315 *
316 * This function will convert the given data to printable data, using
317 * the base64 encoding, as used in the libsrp. This is the encoding
318 * used in SRP password files. If the provided buffer is not long
319 * enough GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
320 *
321 * Warning! This base64 encoding is not the "standard" encoding, so
322 * do not use it for non-SRP purposes.
323 *
324 * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
325 * long enough, or 0 on success.
326 **/
327 int
328 gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result,
329 size_t * result_size)
330 {
331 char *res;
332 int size;
333
334 size = _gnutls_sbase64_encode (data->data, data->size, &res);
335 if (size < 0)
336 return size;
337
338 if (result == NULL || *result_size < (size_t) size)
339 {
340 gnutls_free (res);
341 *result_size = size;
342 return GNUTLS_E_SHORT_MEMORY_BUFFER;
343 }
344 else
345 {
346 memcpy (result, res, size);
347 gnutls_free (res);
348 *result_size = size;
349 }
350
351 return 0;
352 }
353
354 /**
355 * gnutls_srp_base64_encode_alloc:
356 * @data: contains the raw data
357 * @result: will hold the newly allocated encoded data
358 *
359 * This function will convert the given data to printable data, using
360 * the base64 encoding. This is the encoding used in SRP password
361 * files. This function will allocate the required memory to hold
362 * the encoded data.
363 *
364 * You should use gnutls_free() to free the returned data.
365 *
366 * Warning! This base64 encoding is not the "standard" encoding, so
367 * do not use it for non-SRP purposes.
368 *
369 * Returns: 0 on success, or an error code.
370 **/
371 int
372 gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data,
373 gnutls_datum_t * result)
374 {
375 char *res;
376 int size;
377
378 size = _gnutls_sbase64_encode (data->data, data->size, &res);
379 if (size < 0)
380 return size;
381
382 if (result == NULL)
383 {
384 gnutls_free (res);
385 return GNUTLS_E_INVALID_REQUEST;
386 }
387 else
388 {
389 result->data = (uint8_t*)res;
390 result->size = size;
391 }
392
393 return 0;
394 }
395
396 /**
397 * gnutls_srp_base64_decode:
398 * @b64_data: contain the encoded data
399 * @result: the place where decoded data will be copied
400 * @result_size: holds the size of the result
401 *
402 * This function will decode the given encoded data, using the base64
403 * encoding found in libsrp.
404 *
405 * Note that @b64_data should be null terminated.
406 *
407 * Warning! This base64 encoding is not the "standard" encoding, so
408 * do not use it for non-SRP purposes.
409 *
410 * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
411 * long enough, or 0 on success.
412 **/
413 int
414 gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result,
415 size_t * result_size)
416 {
417 uint8_t *res;
418 int size;
419
420 size = _gnutls_sbase64_decode ((char*)b64_data->data, b64_data->size, &res);
421 if (size < 0)
422 return size;
423
424 if (result == NULL || *result_size < (size_t) size)
425 {
426 gnutls_free (res);
427 *result_size = size;
428 return GNUTLS_E_SHORT_MEMORY_BUFFER;
429 }
430 else
431 {
432 memcpy (result, res, size);
433 gnutls_free (res);
434 *result_size = size;
435 }
436
437 return 0;
438 }
439
440 /**
441 * gnutls_srp_base64_decode_alloc:
442 * @b64_data: contains the encoded data
443 * @result: the place where decoded data lie
444 *
445 * This function will decode the given encoded data. The decoded data
446 * will be allocated, and stored into result. It will decode using
447 * the base64 algorithm as used in libsrp.
448 *
449 * You should use gnutls_free() to free the returned data.
450 *
451 * Warning! This base64 encoding is not the "standard" encoding, so
452 * do not use it for non-SRP purposes.
453 *
454 * Returns: 0 on success, or an error code.
455 **/
456 int
457 gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data,
458 gnutls_datum_t * result)
459 {
460 uint8_t *ret;
461 int size;
462
463 size = _gnutls_sbase64_decode ((char*)b64_data->data, b64_data->size, &ret);
464 if (size < 0)
465 return size;
466
467 if (result == NULL)
468 {
469 gnutls_free (ret);
470 return GNUTLS_E_INVALID_REQUEST;
471 }
472 else
473 {
474 result->data = ret;
475 result->size = size;
476 }
477
478 return 0;
479 }
480
481 #endif /* ENABLE_SRP */
Implementation of the SSL/TLS protocol