[Help-gnutls] Re: Using gnutls_srp_base64_decode to decode something encoded with SSL's EVP_Encode*

Simon Josefsson simon at josefsson.org
Tue Feb 12 11:35:46 CET 2008 

Robert Hogan <lists at roberthogan.net> writes:

> [originally sent to gnutls-dev in error, please ignore the post there]
>
> Hi there,
>
> I have the following string, which has been encoded by openssl's EVP_Encode* 
> function:
>
> 8lsjlBTuh2bbNTARRgB6WnmgCm0
>
> I want to decode it with a gnutls function, so I'm guessing 
> gnutls_srp_base64_decode is the one I need. (I've tried 
> gnutls_pem_base64_decode with no luck)
>
> I can decode a result with it, however it is not the same result as if I had 
> used EVP_decode*.
>
> (Unlike with EVP_Decode I have to give it the unadorned string; EVP_Decode 
> requires '8lsjlBTuh2bbNTARRgB6WnmgCm0=\n\0'. Adding the =, newline and null 
> causes gnutls_srp_base64_decode to return nothing.)
>
> Are the two incompatible? I would have though base64 was just base64!

Alas, base64 is not always "just base64".  SRP uses its own base64
variant, so the encoding are not compatible.  I've tried to improve the
documentation with the patch below, so that others doesn't run into this
problem in the future.  Comments welcome.

The gnutls_pem_base64_decode function is also not right, it assume the
data is PEM encoded.

Right now I don't think there are any raw base64 decoding functions in
gnutls, and frankly I'm not sure GnuTLS is a good place for such code.
I happen to maintain a gnulib module for base64 encoding, please check
it out:

http://www.gnu.org/software/gnulib/
http://git.sv.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/base64.c;hb=HEAD
http://git.sv.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/base64.h;hb=HEAD

What were you going to use the base64 functions for?

/Simon

diff --git a/lib/auth_srp_sb64.c b/lib/auth_srp_sb64.c
index c3d5ccd..57dd521 100644
--- a/lib/auth_srp_sb64.c
+++ b/lib/auth_srp_sb64.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2001, 2002, 2003, 2004, 2005 Free Software Foundation
+ * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2008 Free Software Foundation
  *
  * Author: Nikos Mavrogiannopoulos
  *
@@ -309,15 +309,21 @@ _gnutls_sbase64_decode (uint8_t * data, size_t idata_size, uint8_t ** result)
 }
 
 /**
-  * gnutls_srp_base64_encode - This function will convert raw data to base64 encoded
+  * gnutls_srp_base64_encode - Encode raw data using SRP-Base64
   * @data: contain the raw data
   * @result: the place where base64 data will be copied
   * @result_size: holds the size of the result
   *
-  * This function will convert the given data to printable data, using the base64 
-  * encoding, as used in the libsrp. This is the encoding used in SRP password files.
-  * If the provided buffer is not long enough GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
-  * 
+  * This function will convert the given data to printable data, using
+  * the base64 encoding, as used in the libsrp.  This is the encoding
+  * used in SRP password files.  If the provided buffer is not long
+  * enough GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
+  *
+  * Warning!  This base64 encoding is not the "standard" encoding, so
+  * do not use it for non-SRP purposes.
+  *
+  * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
+  * long enough, or 0 on success.
   **/
 int
 gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result,
@@ -347,16 +353,21 @@ gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result,
 }
 
 /**
-  * gnutls_srp_base64_encode_alloc - This function will convert raw data to Base64 encoded
+  * gnutls_srp_base64_encode_alloc - encode raw data using SRP-Base64
   * @data: contains the raw data
   * @result: will hold the newly allocated encoded data
   *
-  * This function will convert the given data to printable data, using the base64 
-  * encoding. This is the encoding used in SRP password files. This function will
-  * allocate the required memory to hold the encoded data.
+  * This function will convert the given data to printable data, using
+  * the base64 encoding.  This is the encoding used in SRP password
+  * files.  This function will allocate the required memory to hold
+  * the encoded data.
   *
   * You should use gnutls_free() to free the returned data.
-  * 
+  *
+  * Warning!  This base64 encoding is not the "standard" encoding, so
+  * do not use it for non-SRP purposes.
+  *
+  * Returns: 0 on success, or an error code.
   **/
 int
 gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data,
@@ -384,18 +395,21 @@ gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data,
 }
 
 /**
-  * gnutls_srp_base64_decode - This function will decode base64 encoded data
+  * gnutls_srp_base64_decode - decode SRP-base64 encoded data
   * @b64_data: contain the encoded data
   * @result: the place where decoded data will be copied
   * @result_size: holds the size of the result
   *
-  * This function will decode the given encoded data, using the base64 encoding
-  * found in libsrp.
+  * This function will decode the given encoded data, using the base64
+  * encoding found in libsrp.
   *
   * Note that b64_data should be null terminated.
-  * 
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not long enough,
-  * or 0 on success.
+  *
+  * Warning!  This base64 encoding is not the "standard" encoding, so
+  * do not use it for non-SRP purposes.
+  *
+  * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
+  * long enough, or 0 on success.
   **/
 int
 gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result,
@@ -425,16 +439,20 @@ gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result,
 }
 
 /**
-  * gnutls_srp_base64_decode_alloc - This function will decode base64 encoded data
+  * gnutls_srp_base64_decode_alloc - decode SRP-base64 encoded data
   * @b64_data: contains the encoded data
   * @result: the place where decoded data lie
   *
   * This function will decode the given encoded data. The decoded data
-  * will be allocated, and stored into result.
-  * It will decode using the base64 algorithm found in libsrp.
+  * will be allocated, and stored into result.  It will decode using
+  * the base64 algorithm as used in libsrp.
   *
   * You should use gnutls_free() to free the returned data.
-  * 
+  *
+  * Warning!  This base64 encoding is not the "standard" encoding, so
+  * do not use it for non-SRP purposes.
+  *
+  * Returns: 0 on success, or an error code.
   **/
 int
 gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data,

More information about the Gnutls-help mailing list