summaryrefslogtreecommitdiffhomepage
path: root/src/nxt_string.c
diff options
context:
space:
mode:
authorValentin Bartenev <vbart@nginx.com>2021-10-26 15:43:44 +0300
committerValentin Bartenev <vbart@nginx.com>2021-10-26 15:43:44 +0300
commit7bf6253941d3b61e5eb3339fb5f68c84e9e68795 (patch)
treeff59b7a2c74d939c7eb3e08ef65246238bcb90d1 /src/nxt_string.c
parent7503cc96df4f8c5637ac90dcf6095d93fd03296f (diff)
downloadunit-7bf6253941d3b61e5eb3339fb5f68c84e9e68795.tar.gz
unit-7bf6253941d3b61e5eb3339fb5f68c84e9e68795.tar.bz2
Custom implementation of Base64 decoding function.
Compared to the previous implementation based on OpenSSL, the new implementation has these advantages: 1. Strict and reliable detection of invalid strings, including strings with less than 4 bytes of garbage at the end; 2. Allows to use Base64 strings without '=' padding.
Diffstat (limited to 'src/nxt_string.c')
-rw-r--r--src/nxt_string.c97
1 files changed, 97 insertions, 0 deletions
diff --git a/src/nxt_string.c b/src/nxt_string.c
index ab568990..b7aef79e 100644
--- a/src/nxt_string.c
+++ b/src/nxt_string.c
@@ -745,3 +745,100 @@ nxt_is_complex_uri_encoded(u_char *src, size_t length)
return 1;
}
+
+
+ssize_t
+nxt_base64_decode(u_char *dst, u_char *src, size_t length)
+{
+ u_char *end, *p;
+ size_t pad;
+ uint8_t v1, v2, v3, v4;
+
+ static const uint8_t decode[] = {
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 62, 77, 77, 77, 63,
+ 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 77, 77, 77, 77, 77, 77,
+ 77, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
+ 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 77, 77, 77, 77, 77,
+ 77, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
+ 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 77, 77, 77, 77, 77,
+
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77,
+ 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77, 77
+ };
+
+ end = src + length;
+ pad = (4 - (length % 4)) % 4;
+
+ if (dst == NULL) {
+ if (pad > 2) {
+ return NXT_ERROR;
+ }
+
+ while (src < end) {
+ if (decode[*src] != 77) {
+ src++;
+ continue;
+ }
+
+ if (pad == 0) {
+ pad = end - src;
+
+ if ((pad == 1 || (pad == 2 && src[1] == '=')) && src[0] == '=')
+ {
+ break;
+ }
+ }
+
+ return NXT_ERROR;
+ }
+
+ return (length + 3) / 4 * 3 - pad;
+ }
+
+ nxt_assert(length != 0);
+
+ if (pad == 0) {
+ pad = (end[-1] == '=') + (end[-2] == '=');
+ end -= (pad + 3) & 4;
+
+ } else {
+ end -= 4 - pad;
+ }
+
+ p = dst;
+
+ while (src < end) {
+ v1 = decode[src[0]];
+ v2 = decode[src[1]];
+ v3 = decode[src[2]];
+ v4 = decode[src[3]];
+
+ *p++ = (v1 << 2 | v2 >> 4);
+ *p++ = (v2 << 4 | v3 >> 2);
+ *p++ = (v3 << 6 | v4);
+
+ src += 4;
+ }
+
+ if (pad > 0) {
+ v1 = decode[src[0]];
+ v2 = decode[src[1]];
+
+ *p++ = (v1 << 2 | v2 >> 4);
+
+ if (pad == 1) {
+ v3 = decode[src[2]];
+ *p++ = (v2 << 4 | v3 >> 2);
+ }
+ }
+
+ return (p - dst);
+}