add base64url encoding to util (RFC7515)

author: Schanzenbach, Martin <mschanzenbach@posteo.de> 2020-02-06 22:34:11 +0100
committer: Schanzenbach, Martin <mschanzenbach@posteo.de> 2020-02-09 20:38:11 +0100
commit: d06446f143610790d9a0530d524d8e9db2a03b8c (patch)
tree: d42cdc3c342922b56a41487d5ed49fc1c981066a /src/reclaim/oidc_helper.c
parent: a80090ffcc10a2a2c188313e997d16802f2777f1 (diff)
download: gnunet-d06446f143610790d9a0530d524d8e9db2a03b8c.tar.gz
gnunet-d06446f143610790d9a0530d524d8e9db2a03b8c.zip
1 files changed, 9 insertions, 140 deletions
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index 487aa5695..92b4b69cc 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -287,10 +287,10 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
  json_decref (body);
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"ID-Token: %s\n", body_str);
-  GNUNET_STRINGS_base64_encode (header, strlen (header), &header_base64);
+  GNUNET_STRINGS_base64url_encode (header, strlen (header), &header_base64);
  fix_base64 (header_base64);
-  GNUNET_STRINGS_base64_encode (body_str, strlen (body_str), &body_base64);
+  GNUNET_STRINGS_base64url_encode (body_str, strlen (body_str), &body_base64);
  fix_base64 (body_base64);
  GNUNET_free (subject);
@@ -306,9 +306,9 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
                          signature_target,
                          strlen (signature_target),
                          &signature);
-  GNUNET_STRINGS_base64_encode ((const char *) &signature,
+  GNUNET_STRINGS_base64url_encode ((const char *) &signature,
-                                sizeof(struct GNUNET_HashCode),
+                                   sizeof(struct GNUNET_HashCode),
-                                &signature_base64);
+                                   &signature_base64);
  fix_base64 (signature_base64);
  GNUNET_asprintf (&result,
@@ -333,138 +333,6 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
 }
-/* Converts a hex character to its integer value */
-static char
-from_hex (char ch)
-{
-  return isdigit (ch) ? ch - '0' : tolower (ch) - 'a' + 10;
-}
-/* Converts an integer value to its hex character*/
-static char
-to_hex (char code)
-{
-  static char hex[] = "0123456789abcdef";
-  return hex[code & 15];
-}
-/* Returns a url-encoded version of str */
-/* IMPORTANT: be sure to free() the returned string after use */
-static char *
-url_encode (const char *str)
-{
-  char *pstr = (char *) str;
-  char *buf = GNUNET_malloc (strlen (str) * 3 + 1);
-  char *pbuf = buf;
-  while (*pstr)
-  {
-    if (isalnum (*pstr) || (*pstr == '-') || (*pstr == '_') || (*pstr == '.') ||
-        (*pstr == '~') )
-      *pbuf++ = *pstr;
-    else if (*pstr == ' ')
-      *pbuf++ = '+';
-    else
-    {
-      *pbuf++ = '%';
-      *pbuf++ = to_hex (*pstr >> 4);
-      *pbuf++ = to_hex (*pstr & 15);
-    }
-    pstr++;
-  }
-  *pbuf = '\0';
-  return buf;
-}
-/* Returns a url-decoded version of str */
-/* IMPORTANT: be sure to free() the returned string after use */
-static char *
-url_decode (const char *str)
-{
-  char *pstr = (char *) str;
-  char *buf = GNUNET_malloc (strlen (str) + 1);
-  char *pbuf = buf;
-  while (*pstr)
-  {
-    if (*pstr == '%')
-    {
-      if (pstr[1] && pstr[2])
-      {
-        *pbuf++ = from_hex (pstr[1]) << 4 | from_hex (pstr[2]);
-        pstr += 2;
-      }
-    }
-    else if (*pstr == '+')
-    {
-      *pbuf++ = ' ';
-    }
-    else
-    {
-      *pbuf++ = *pstr;
-    }
-    pstr++;
-  }
-  *pbuf = '\0';
-  return buf;
-}
-/**
- * Returns base64 encoded string urlencoded
- *
- * @param string the string to encode
- * @return base64 encoded string
- */
-static char *
-base64_and_urlencode (const char *data, size_t data_size)
-{
-  char *enc;
-  char *urlenc;
-  GNUNET_STRINGS_base64_encode (data, data_size, &enc);
-  urlenc = url_encode (enc);
-  GNUNET_free (enc);
-  return urlenc;
-}
-/**
- * Returns base64 encoded string urlencoded
- *
- * @param string the string to encode
- * @return base64 encoded string
- */
-static char *
-base64url_encode (const char *data, size_t data_size)
-{
-  char *enc;
-  size_t pos;
-  GNUNET_STRINGS_base64_encode (data, data_size, &enc);
-  // Replace with correct characters for base64url
-  pos = 0;
-  while ('\0' != enc[pos])
-  {
-    if ('+' == enc[pos])
-      enc[pos] = '-';
-    if ('/' == enc[pos])
-      enc[pos] = '_';
-    if ('=' == enc[pos])
-    {
-      enc[pos] = '\0';
-      break;
-    }
-    pos++;
-  }
-  return enc;
-}
 static void
 derive_aes_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key,
                struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
@@ -693,7 +561,7 @@ OIDC_build_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
    GNUNET_free (code_payload);
    return NULL;
  }
-  code_str = base64_and_urlencode (code_payload, code_payload_len);
+  GNUNET_STRINGS_base64url_encode (code_payload, code_payload_len, &code_str);
  GNUNET_free (code_payload);
  return code_str;
 }
@@ -742,7 +610,8 @@ OIDC_parse_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *ecdsa_priv,
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Trying to decode `%s'\n", code);
  code_payload = NULL;
  code_payload_len =
-    GNUNET_STRINGS_base64_decode (code, strlen (code), (void **) &code_payload);
+    GNUNET_STRINGS_base64url_decode (code, strlen (code),
+                                     (void **) &code_payload);
  if (code_payload_len < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
      + sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)
      + sizeof(struct OIDC_Parameters)
@@ -789,7 +658,7 @@ OIDC_parse_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *ecdsa_priv,
                         code_verifier,
                         strlen (code_verifier));
    // encode code verifier
-    expected_code_challenge = base64url_encode (code_verifier_hash, 256 / 8);
+    GNUNET_STRINGS_base64url_encode (code_verifier_hash, 256 / 8, &expected_code_challenge);
    code_challenge = (char *) &params[1];
    GNUNET_free (code_verifier_hash);
    if ((strlen (expected_code_challenge) != code_challenge_len) ||
author	Schanzenbach, Martin <mschanzenbach@posteo.de>	2020-02-06 22:34:11 +0100
committer	Schanzenbach, Martin <mschanzenbach@posteo.de>	2020-02-09 20:38:11 +0100
commit	d06446f143610790d9a0530d524d8e9db2a03b8c (patch)
tree	d42cdc3c342922b56a41487d5ed49fc1c981066a /src/reclaim/oidc_helper.c
parent	a80090ffcc10a2a2c188313e997d16802f2777f1 (diff)
download	gnunet-d06446f143610790d9a0530d524d8e9db2a03b8c.tar.gz gnunet-d06446f143610790d9a0530d524d8e9db2a03b8c.zip

diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c index 487aa5695..92b4b69cc 100644 --- a/src/reclaim/oidc_helper.c +++ b/src/reclaim/oidc_helper.c
@@ -287,10 +287,10 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
287	json_decref (body);	287	json_decref (body);
288	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"ID-Token: %s\n", body_str);	288	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"ID-Token: %s\n", body_str);
289		289
290	GNUNET_STRINGS_base64_encode (header, strlen (header), &header_base64);	290	GNUNET_STRINGS_base64url_encode (header, strlen (header), &header_base64);
291	fix_base64 (header_base64);	291	fix_base64 (header_base64);
292		292
293	GNUNET_STRINGS_base64_encode (body_str, strlen (body_str), &body_base64);	293	GNUNET_STRINGS_base64url_encode (body_str, strlen (body_str), &body_base64);
294	fix_base64 (body_base64);	294	fix_base64 (body_base64);
295		295
296	GNUNET_free (subject);	296	GNUNET_free (subject);
@@ -306,9 +306,9 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
306	signature_target,	306	signature_target,
307	strlen (signature_target),	307	strlen (signature_target),
308	&signature);	308	&signature);
309	GNUNET_STRINGS_base64_encode ((const char *) &signature,	309	GNUNET_STRINGS_base64url_encode ((const char *) &signature,
310	sizeof(struct GNUNET_HashCode),	310	sizeof(struct GNUNET_HashCode),
311	&signature_base64);	311	&signature_base64);
312	fix_base64 (signature_base64);	312	fix_base64 (signature_base64);
313		313
314	GNUNET_asprintf (&result,	314	GNUNET_asprintf (&result,
@@ -333,138 +333,6 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
333	}	333	}
334		334
335		335
336	/* Converts a hex character to its integer value */
337	static char
338	from_hex (char ch)
339	{
340	return isdigit (ch) ? ch - '0' : tolower (ch) - 'a' + 10;
341	}
342
343
344	/* Converts an integer value to its hex character*/
345	static char
346	to_hex (char code)
347	{
348	static char hex[] = "0123456789abcdef";
349
350	return hex[code & 15];
351	}
352
353
354	/* Returns a url-encoded version of str */
355	/* IMPORTANT: be sure to free() the returned string after use */
356	static char *
357	url_encode (const char *str)
358	{
359	char pstr = (char ) str;
360	char buf = GNUNET_malloc (strlen (str) 3 + 1);
361	char *pbuf = buf;
362
363	while (*pstr)
364	{
365	if (isalnum (pstr) \|\| (pstr == '-') \|\| (pstr == '_') \|\| (pstr == '.') \|\|
366	(*pstr == '~') )
367	pbuf++ = pstr;
368	else if (*pstr == ' ')
369	*pbuf++ = '+';
370	else
371	{
372	*pbuf++ = '%';
373	pbuf++ = to_hex (pstr >> 4);
374	pbuf++ = to_hex (pstr & 15);
375	}
376	pstr++;
377	}
378	*pbuf = '\0';
379	return buf;
380	}
381
382
383	/* Returns a url-decoded version of str */
384	/* IMPORTANT: be sure to free() the returned string after use */
385	static char *
386	url_decode (const char *str)
387	{
388	char pstr = (char ) str;
389	char *buf = GNUNET_malloc (strlen (str) + 1);
390	char *pbuf = buf;
391
392	while (*pstr)
393	{
394	if (*pstr == '%')
395	{
396	if (pstr[1] && pstr[2])
397	{
398	*pbuf++ = from_hex (pstr[1]) << 4 \| from_hex (pstr[2]);
399	pstr += 2;
400	}
401	}
402	else if (*pstr == '+')
403	{
404	*pbuf++ = ' ';
405	}
406	else
407	{
408	pbuf++ = pstr;
409	}
410	pstr++;
411	}
412	*pbuf = '\0';
413	return buf;
414	}
415
416
417	/**
418	* Returns base64 encoded string urlencoded
419	*
420	* @param string the string to encode
421	* @return base64 encoded string
422	*/
423	static char *
424	base64_and_urlencode (const char *data, size_t data_size)
425	{
426	char *enc;
427	char *urlenc;
428
429	GNUNET_STRINGS_base64_encode (data, data_size, &enc);
430	urlenc = url_encode (enc);
431	GNUNET_free (enc);
432	return urlenc;
433	}
434
435
436	/**
437	* Returns base64 encoded string urlencoded
438	*
439	* @param string the string to encode
440	* @return base64 encoded string
441	*/
442	static char *
443	base64url_encode (const char *data, size_t data_size)
444	{
445	char *enc;
446	size_t pos;
447
448	GNUNET_STRINGS_base64_encode (data, data_size, &enc);
449	// Replace with correct characters for base64url
450	pos = 0;
451	while ('\0' != enc[pos])
452	{
453	if ('+' == enc[pos])
454	enc[pos] = '-';
455	if ('/' == enc[pos])
456	enc[pos] = '_';
457	if ('=' == enc[pos])
458	{
459	enc[pos] = '\0';
460	break;
461	}
462	pos++;
463	}
464	return enc;
465	}
466
467
468	static void	336	static void
469	derive_aes_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key,	337	derive_aes_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key,
470	struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,	338	struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
@@ -693,7 +561,7 @@ OIDC_build_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
693	GNUNET_free (code_payload);	561	GNUNET_free (code_payload);
694	return NULL;	562	return NULL;
695	}	563	}
696	code_str = base64_and_urlencode (code_payload, code_payload_len);	564	GNUNET_STRINGS_base64url_encode (code_payload, code_payload_len, &code_str);
697	GNUNET_free (code_payload);	565	GNUNET_free (code_payload);
698	return code_str;	566	return code_str;
699	}	567	}
@@ -742,7 +610,8 @@ OIDC_parse_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *ecdsa_priv,
742	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Trying to decode `%s'\n", code);	610	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Trying to decode `%s'\n", code);
743	code_payload = NULL;	611	code_payload = NULL;
744	code_payload_len =	612	code_payload_len =
745	GNUNET_STRINGS_base64_decode (code, strlen (code), (void **) &code_payload);	613	GNUNET_STRINGS_base64url_decode (code, strlen (code),
		614	(void **) &code_payload);
746	if (code_payload_len < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)	615	if (code_payload_len < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
747	+ sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)	616	+ sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)
748	+ sizeof(struct OIDC_Parameters)	617	+ sizeof(struct OIDC_Parameters)
@@ -789,7 +658,7 @@ OIDC_parse_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *ecdsa_priv,
789	code_verifier,	658	code_verifier,
790	strlen (code_verifier));	659	strlen (code_verifier));
791	// encode code verifier	660	// encode code verifier
792	expected_code_challenge = base64url_encode (code_verifier_hash, 256 / 8);	661	GNUNET_STRINGS_base64url_encode (code_verifier_hash, 256 / 8, &expected_code_challenge);
793	code_challenge = (char *) &params[1];	662	code_challenge = (char *) &params[1];
794	GNUNET_free (code_verifier_hash);	663	GNUNET_free (code_verifier_hash);
795	if ((strlen (expected_code_challenge) != code_challenge_len) \|\|	664	if ((strlen (expected_code_challenge) != code_challenge_len) \|\|