Skip to content

Rewrite base64 code.#1209

Closed
agl wants to merge 1 commit intoopenssl:masterfrom
agl:base64rewrite
Closed

Rewrite base64 code.#1209
agl wants to merge 1 commit intoopenssl:masterfrom
agl:base64rewrite

Conversation

@agl
Copy link
Contributor

@agl agl commented Jun 13, 2016

While Emilia's reworking in 3cdd1e9 certainly helped, the code for
decoding, at least, was still a little complex for something that really
shouldn't be.

This change achieves some of its reduction in complexity by dropping
support for '-' in base64 data. Previously, this acted like a comment
marker (see below). We have deployed this change at Google and have not
found any ill effects: this appears to be completely unused in reality.

This is a “port” of BoringSSL's base64 code to OpenSSL. The stdint.h
types have been changed to C89 types, the code has been reformatted and
variable declarations have been changed to C89 style.

Here's an example of a PEM blob that was previously accepted but would
be rejected with this change:

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC+qeXl4ZUfQZFmcGAPwdt7Mza4NQ6mJHehc4V/hVYc6eepvL/5
uyyflzuhVy5ufctdi92FlXcIct5nNPdqK0PPdWH5Uzw0t/OjI5y/SJh8ur20krqw
j/N1IOs63AcGLIVSkwx89iQbxj+2tV+YxFpGunUYyR/bJJWczuDMA/CujQIDAQAB
AoGBAKA6IRRdzbbVoD5JI8E6NZtEP7DwDZ57uPk6Hq86u1JTEzcmguJ4dJitPBRr
Mn7yQgwcNQ5EvCKifdqXvXBAaZuiiPFuCS/gfUw04jVHXWvG8ZvBQC3dutUYnFW7
hdun8QU/Z6a1BethvESi1J1vgY2+XC4cBIvbutTc9HhMhbQ1AkEA8YTKGsVEYoKE
d7sSx4qjeN4bgzeVgIwRt01wJ1EJN62LhwO+pYSXvTt14aHxiascejJqUhtuWvzR
nuwydqiDpwJBAMoYgUoWdgW4O/C5ZXjiSia54jzrt7upxSq88njTRo/MCQfuJVbc
3GUD+15V0zNhx9D7lcI+1uxhfcD7jWbJEqsCQBrE/SG6e7nvfX9H3O0BEN10wNfq
cUeuPshybNvuv3bMZYqxf5AZAjiXPpmjuYHo1V8191Lid3jeTN2wkGdWhkECQQCI
Rj3oV3z+Hl1M1bc27GBT/MQxkEE0qiXpy780+kJ6dHsifdNv3z4+X5EA656e5zB2
Gy/A697BRnwlxXpz9OJBAkAUe7Ap0yU8aO6g5g+gsH+18bF0MftWh81VLOo09rRp
SOHxNGGJLE5As5XkCGUZVIass1r8Q4N22Wip0QzeSWDi
-
-          .   *   ..  . *  *
-        *  * @()Ooc()*   o  .
-            (Q@*0CG*O()  ___
-           |\_________/|/ _ \
-           |  |  |  |  | / | |
-           |  |  |  |  | | | |
-           |  |  |  |  | | | |
-           |  |  |  |  | | | |
-           |  |  |  |  | | | |
-           |  |  |  |  | \_| |
-           |  |  |  |  |\___/
-           |\_|__|__|_/|
-            \_________/
-
-----END RSA PRIVATE KEY-----

Rewrite base64 code.
cb82dfa 
While Emilia's reworking in 3cdd1e9 certainly helped, the code for
decoding, at least, was still a little complex for something that really
shouldn't be.

This change achieves some of its reduction in complexity by dropping
support for '-' in base64 data. Previously, this acted like a comment
marker (see below). We have deployed this change at Google and have not
found any ill effects: this appears to be completely unused in reality.

This is a “port” of BoringSSL's base64 code to OpenSSL. The stdint.h
types have been changed to C89 types, the code has been reformatted and
variable declarations have been changed to C89 style.

Here's an example of a PEM blob that was previously accepted but would
be rejected with this change:

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC+qeXl4ZUfQZFmcGAPwdt7Mza4NQ6mJHehc4V/hVYc6eepvL/5
uyyflzuhVy5ufctdi92FlXcIct5nNPdqK0PPdWH5Uzw0t/OjI5y/SJh8ur20krqw
j/N1IOs63AcGLIVSkwx89iQbxj+2tV+YxFpGunUYyR/bJJWczuDMA/CujQIDAQAB
AoGBAKA6IRRdzbbVoD5JI8E6NZtEP7DwDZ57uPk6Hq86u1JTEzcmguJ4dJitPBRr
Mn7yQgwcNQ5EvCKifdqXvXBAaZuiiPFuCS/gfUw04jVHXWvG8ZvBQC3dutUYnFW7
hdun8QU/Z6a1BethvESi1J1vgY2+XC4cBIvbutTc9HhMhbQ1AkEA8YTKGsVEYoKE
d7sSx4qjeN4bgzeVgIwRt01wJ1EJN62LhwO+pYSXvTt14aHxiascejJqUhtuWvzR
nuwydqiDpwJBAMoYgUoWdgW4O/C5ZXjiSia54jzrt7upxSq88njTRo/MCQfuJVbc
3GUD+15V0zNhx9D7lcI+1uxhfcD7jWbJEqsCQBrE/SG6e7nvfX9H3O0BEN10wNfq
cUeuPshybNvuv3bMZYqxf5AZAjiXPpmjuYHo1V8191Lid3jeTN2wkGdWhkECQQCI
Rj3oV3z+Hl1M1bc27GBT/MQxkEE0qiXpy780+kJ6dHsifdNv3z4+X5EA656e5zB2
Gy/A697BRnwlxXpz9OJBAkAUe7Ap0yU8aO6g5g+gsH+18bF0MftWh81VLOo09rRp
SOHxNGGJLE5As5XkCGUZVIass1r8Q4N22Wip0QzeSWDi
-
-          .   *   ..  . *  *
-        *  * @()Ooc()*   o  .
-            (Q@*0CG*O()  ___
-           |\_________/|/ _ \
-           |  |  |  |  | / | |
-           |  |  |  |  | | | |
-           |  |  |  |  | | | |
-           |  |  |  |  | | | |
-           |  |  |  |  | | | |
-           |  |  |  |  | \_| |
-           |  |  |  |  |\___/
-           |\_|__|__|_/|
-            \_________/
-
-----END RSA PRIVATE KEY-----
@mattcaswell mattcaswell added this to the Post 1.1.0 milestone Jun 14, 2016
@richsalz
Copy link
Contributor

richsalz commented Jun 14, 2016

It’s worth keeping the current code just so the beer stein works. :)

@agl
Copy link
Contributor Author

agl commented Jun 15, 2016

Dr Henson points that that asn1parse depends on the base64 BIO handling PEM blobs and thus this change either needs to continue supporting '-' in base64 data (hopefully not) or needs to teach the base64 BIO about doing so.

@vszakats
Copy link
Contributor

vszakats commented Aug 4, 2016

Related issue with asn1parse and handling base64 PEM blobs: #1381 (comment)

@FdaSilvaYY FdaSilvaYY mentioned this pull request Oct 13, 2016
Closed
@kaduk kaduk mentioned this pull request Feb 27, 2017
Closed
1 task
@mattcaswell mattcaswell modified the milestones: Post 1.1.0, Post 1.1.1 Jan 24, 2018
@t8m
Copy link
Member

t8m commented May 3, 2021

This has bitrot too much so it is not going to be merged in this form.

@t8m t8m closed this May 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@agl @richsalz @vszakats @t8m @mattcaswell @mspncp