Skip to content
Permalink
Browse files
base64.c: Fix off-by-one error and cleanup.
  • Loading branch information
conte91 committed Jan 15, 2020
1 parent 012d929 commit a9e41d69e8a0ee10a9fbcae6e2d044b19d87f713
Showing with 62 additions and 28 deletions.
  1. +12 −12 src/base64.c
  2. +22 −6 src/base64.h
  3. +25 −9 src/cipher.c
  4. +3 −0 tests/api.h
  5. +0 −1 tests/tests_unit.c
@@ -28,13 +28,10 @@
YWxsIHlvdXIgYmFzZSBhcmUgYmVsb25nIHRvIHVz
*/
#ifndef BASE64_H
#define BASE64_H

#include "base64.h"
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <string.h>

static const char *b64 =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" ;
@@ -67,11 +64,8 @@ static const unsigned char unb64[] = {
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, //240
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, //250
0, 0, 0, 0, 0, 0,
}; // This array has 255 elements
}; // This array has 256 elements

// Converts binary data of length=len to base64 characters.
// Length of the resultant string is stored in flen
// (you must pass pointer flen).
char *base64( const void *binaryData, int len, int *flen )
{
const unsigned char *bin = (const unsigned char *) binaryData ;
@@ -124,8 +118,8 @@ unsigned char *unbase64( const char *ascii, int len, int *flen )
int charNo;
int pad = 0 ;

if ( len < 2 ) { // 2 accesses below would be OOB.
// catch empty string, return NULL as result.
if ((len <= 0) || (len % 4 != 0)) { // 2 accesses below would be OOB.
// catch empty string or incorrect padding size, return NULL as result.
*flen = 0;
return 0;
}
@@ -149,6 +143,14 @@ unsigned char *unbase64( const char *ascii, int len, int *flen )
}
}

/*
* Length is guaranteed to be >0 and a multiple of 4 here,
* so the integer division will be exact and positive.
* Any '=' in the input padding removes a byte
* from the output.
*
* Note that this guarantees a positive value for flen.
*/
*flen = 3 * len / 4 - pad ;
bin = malloc( *flen ) ;
if ( !bin ) {
@@ -182,5 +184,3 @@ unsigned char *unbase64( const char *ascii, int len, int *flen )

return bin ;
}

#endif
@@ -36,12 +36,28 @@
#ifndef _BASE64_H_
#define _BASE64_H_


// Converts binary data of length=len to base64 characters.
// Length of the resultant string is stored in flen
// (you must pass pointer flen).
char *base64( const void *binaryData, int len, int *flen );
/**
* Converts binary data of length=len to base64 characters.
*
* @param[in] binaryData Binary buffer to encode. Must be len bytes long.
* @paramm[in] len Length of the binaryData buffer.
* @param[out] flen Resulting length of the encoded buffer.
* @return Decoded buffer, or NULL if an error occurred. Must be free()'d by the
* caller.
*/
char *base64(const void *binaryData, int len, int *flen);

/**
* Decodes the provided base64 string.
*
* @param[in] ascii Base64-encoded buffer to decoded. Must contain a
* zero-terminated string.
* @param[in] len Length of the string to decode (excluding the terminating
* character).
* @param[out] flen Resulting length of the decoded buffer.
* @return Decoded buffer, or NULL if an error occurred. Must be free()'d by the
* caller.
*/
unsigned char *unbase64( const char *ascii, int len, int *flen );


#endif
@@ -101,10 +101,14 @@ static uint8_t *cipher_aes_encrypt(const unsigned char *in, int inlen,
return enc_cat;
}

// Encrypts a given constant char array of length inlen using the AES algorithm with CBC mode
// and base64 encodes the result.
//
// Must free() returned value (allocated inside base64() function)
/**
* Encrypts a given constant char array of length inlen using the AES algorithm with CBC mode
* and base64 encodes the result.
*
* Must free() returned value (allocated inside base64() function)
*
* @return Encrypted, base64-encoded buffer, or NULL in case of error.
*/
char *cipher_aes_b64_encrypt(const unsigned char *in, int inlen, int *outb64len,
const uint8_t *key)
{
@@ -240,10 +244,16 @@ char *cipher_aes_hmac_decrypt(const uint8_t *in, int inlen,
return ret;
}

// Decrypts a given constant char array of length inlen using the AES algorithm with CBC mode
// and base64 decodes the result.
//
// Must free() returned value (allocated inside base64() function)
/**
* Decrypts a given constant char array of length inlen using the AES algorithm with CBC mode
* and base64 decodes the result.
*
* Must free() returned value (allocated inside base64() function)
* @param[in] in Pointer to the buffer to decrpyt. Must contain a
* NULL-terminated string.
* @param[in] inlen Length of the buffer to decrypt, excluding the
* terminating NULL character.
*/
char *cipher_aes_b64_hmac_decrypt(const unsigned char *in, int inlen, int *out_msg_len,
const uint8_t *secret)
{
@@ -273,7 +283,13 @@ char *cipher_aes_b64_hmac_decrypt(const unsigned char *in, int inlen, int *out_m
return decrypted;
}

// Must free() returned value
/**
* Must free() returned value.
* @param[in] in Pointer to the buffer to decrpyt. Must contain a
* NULL-terminated string.
* @param[in] inlen Length of the buffer to decrypt, excluding the
* terminating NULL character.
*/
char *cipher_aes_b64_decrypt(const unsigned char *in, int inlen, int *outlen,
const uint8_t *key)
{
@@ -478,6 +478,9 @@ static void api_reset_device(void)
}


/**
* @return Buffer containing the read value. Guaranteed to be nonnull.
*/
static const char *api_read_value(int cmd)
{
static char value[HID_REPORT_SIZE];
@@ -40,7 +40,6 @@
#include "random.h"
#include "base64.h"
#include "base58.h"
#include "base64.h"
#include "pbkdf2.h"
#include "flags.h"
#include "flash.h"

0 comments on commit a9e41d6

Please sign in to comment.