[Help-gnutls] Re: Using gnutls_srp_base64_decode to decode something encoded with SSL's EVP_Encode*

Robert Hogan lists at roberthogan.net
Tue Feb 12 21:59:47 CET 2008


On Tuesday 12 February 2008 10:35:46 Simon Josefsson wrote:
> Alas, base64 is not always "just base64".  SRP uses its own base64
> variant, so the encoding are not compatible.  I've tried to improve the
> documentation with the patch below, so that others doesn't run into this
> problem in the future.  Comments welcome.
>

Perhaps a patch for the man pages as well?

> The gnutls_pem_base64_decode function is also not right, it assume the
> data is PEM encoded.
>
> Right now I don't think there are any raw base64 decoding functions in
> gnutls, and frankly I'm not sure GnuTLS is a good place for such code.
> I happen to maintain a gnulib module for base64 encoding, please check
> it out:
>

It may not be right in principle but it would certainly be useful from an 
openSSL compatibility perspective.

> http://www.gnu.org/software/gnulib/
> http://git.sv.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/base64.c;hb=HEAD
> http://git.sv.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/base64.h;hb=HEAD
>

I ended up using a couple of snippets from the public domain code in libb64. 
This is because I just want to avoid the licensing issues with openSSL for 
packaging my project, and public domain code does the job equally well as 
gnutls.

> What were you going to use the base64 functions for?
>

For my project TorK ( a controller for Tor). Tor encodes 'router digests' in 
base64 and uses openSSL's EVP_Encode* to do the encoding. I just needed 
something equivalent that wasn't openSSL based.

Thanks for settling this one for me!

> /Simon
>
> diff --git a/lib/auth_srp_sb64.c b/lib/auth_srp_sb64.c
> index c3d5ccd..57dd521 100644
> --- a/lib/auth_srp_sb64.c
> +++ b/lib/auth_srp_sb64.c
> @@ -1,5 +1,5 @@
>  /*
> - * Copyright (C) 2001, 2002, 2003, 2004, 2005 Free Software Foundation
> + * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2008 Free Software
> Foundation *
>   * Author: Nikos Mavrogiannopoulos
>   *
> @@ -309,15 +309,21 @@ _gnutls_sbase64_decode (uint8_t * data, size_t
> idata_size, uint8_t ** result) }
>
>  /**
> -  * gnutls_srp_base64_encode - This function will convert raw data to
> base64 encoded +  * gnutls_srp_base64_encode - Encode raw data using
> SRP-Base64
>    * @data: contain the raw data
>    * @result: the place where base64 data will be copied
>    * @result_size: holds the size of the result
>    *
> -  * This function will convert the given data to printable data, using the
> base64 -  * encoding, as used in the libsrp. This is the encoding used in
> SRP password files. -  * If the provided buffer is not long enough
> GNUTLS_E_SHORT_MEMORY_BUFFER is returned. -  *
> +  * This function will convert the given data to printable data, using
> +  * the base64 encoding, as used in the libsrp.  This is the encoding
> +  * used in SRP password files.  If the provided buffer is not long
> +  * enough GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
> +  *
> +  * Warning!  This base64 encoding is not the "standard" encoding, so
> +  * do not use it for non-SRP purposes.
> +  *
> +  * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
> +  * long enough, or 0 on success.
>    **/
>  int
>  gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result,
> @@ -347,16 +353,21 @@ gnutls_srp_base64_encode (const gnutls_datum_t *
> data, char *result, }
>
>  /**
> -  * gnutls_srp_base64_encode_alloc - This function will convert raw data
> to Base64 encoded +  * gnutls_srp_base64_encode_alloc - encode raw data
> using SRP-Base64 * @data: contains the raw data
>    * @result: will hold the newly allocated encoded data
>    *
> -  * This function will convert the given data to printable data, using the
> base64 -  * encoding. This is the encoding used in SRP password files. This
> function will -  * allocate the required memory to hold the encoded data.
> +  * This function will convert the given data to printable data, using
> +  * the base64 encoding.  This is the encoding used in SRP password
> +  * files.  This function will allocate the required memory to hold
> +  * the encoded data.
>    *
>    * You should use gnutls_free() to free the returned data.
> -  *
> +  *
> +  * Warning!  This base64 encoding is not the "standard" encoding, so
> +  * do not use it for non-SRP purposes.
> +  *
> +  * Returns: 0 on success, or an error code.
>    **/
>  int
>  gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data,
> @@ -384,18 +395,21 @@ gnutls_srp_base64_encode_alloc (const gnutls_datum_t
> * data, }
>
>  /**
> -  * gnutls_srp_base64_decode - This function will decode base64 encoded
> data +  * gnutls_srp_base64_decode - decode SRP-base64 encoded data
>    * @b64_data: contain the encoded data
>    * @result: the place where decoded data will be copied
>    * @result_size: holds the size of the result
>    *
> -  * This function will decode the given encoded data, using the base64
> encoding -  * found in libsrp.
> +  * This function will decode the given encoded data, using the base64
> +  * encoding found in libsrp.
>    *
>    * Note that b64_data should be null terminated.
> -  *
> -  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not long
> enough, -  * or 0 on success.
> +  *
> +  * Warning!  This base64 encoding is not the "standard" encoding, so
> +  * do not use it for non-SRP purposes.
> +  *
> +  * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
> +  * long enough, or 0 on success.
>    **/
>  int
>  gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result,
> @@ -425,16 +439,20 @@ gnutls_srp_base64_decode (const gnutls_datum_t *
> b64_data, char *result, }
>
>  /**
> -  * gnutls_srp_base64_decode_alloc - This function will decode base64
> encoded data +  * gnutls_srp_base64_decode_alloc - decode SRP-base64
> encoded data * @b64_data: contains the encoded data
>    * @result: the place where decoded data lie
>    *
>    * This function will decode the given encoded data. The decoded data
> -  * will be allocated, and stored into result.
> -  * It will decode using the base64 algorithm found in libsrp.
> +  * will be allocated, and stored into result.  It will decode using
> +  * the base64 algorithm as used in libsrp.
>    *
>    * You should use gnutls_free() to free the returned data.
> -  *
> +  *
> +  * Warning!  This base64 encoding is not the "standard" encoding, so
> +  * do not use it for non-SRP purposes.
> +  *
> +  * Returns: 0 on success, or an error code.
>    **/
>  int
>  gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data,


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20080212/e08666ee/attachment.pgp>


More information about the Gnutls-help mailing list