On Tuesday 12 February 2008 10:35:46 Simon Josefsson wrote: > Alas, base64 is not always "just base64". SRP uses its own base64 > variant, so the encoding are not compatible. I've tried to improve the > documentation with the patch below, so that others doesn't run into this > problem in the future. Comments welcome. >
Perhaps a patch for the man pages as well? > The gnutls_pem_base64_decode function is also not right, it assume the > data is PEM encoded. > > Right now I don't think there are any raw base64 decoding functions in > gnutls, and frankly I'm not sure GnuTLS is a good place for such code. > I happen to maintain a gnulib module for base64 encoding, please check > it out: > It may not be right in principle but it would certainly be useful from an openSSL compatibility perspective. > http://www.gnu.org/software/gnulib/ > http://git.sv.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/base64.c;hb=HEAD > http://git.sv.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/base64.h;hb=HEAD > I ended up using a couple of snippets from the public domain code in libb64. This is because I just want to avoid the licensing issues with openSSL for packaging my project, and public domain code does the job equally well as gnutls. > What were you going to use the base64 functions for? > For my project TorK ( a controller for Tor). Tor encodes 'router digests' in base64 and uses openSSL's EVP_Encode* to do the encoding. I just needed something equivalent that wasn't openSSL based. Thanks for settling this one for me! > /Simon > > diff --git a/lib/auth_srp_sb64.c b/lib/auth_srp_sb64.c > index c3d5ccd..57dd521 100644 > --- a/lib/auth_srp_sb64.c > +++ b/lib/auth_srp_sb64.c > @@ -1,5 +1,5 @@ > /* > - * Copyright (C) 2001, 2002, 2003, 2004, 2005 Free Software Foundation > + * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2008 Free Software > Foundation * > * Author: Nikos Mavrogiannopoulos > * > @@ -309,15 +309,21 @@ _gnutls_sbase64_decode (uint8_t * data, size_t > idata_size, uint8_t ** result) } > > /** > - * gnutls_srp_base64_encode - This function will convert raw data to > base64 encoded + * gnutls_srp_base64_encode - Encode raw data using > SRP-Base64 > * @data: contain the raw data > * @result: the place where base64 data will be copied > * @result_size: holds the size of the result > * > - * This function will convert the given data to printable data, using the > base64 - * encoding, as used in the libsrp. This is the encoding used in > SRP password files. - * If the provided buffer is not long enough > GNUTLS_E_SHORT_MEMORY_BUFFER is returned. - * > + * This function will convert the given data to printable data, using > + * the base64 encoding, as used in the libsrp. This is the encoding > + * used in SRP password files. If the provided buffer is not long > + * enough GNUTLS_E_SHORT_MEMORY_BUFFER is returned. > + * > + * Warning! This base64 encoding is not the "standard" encoding, so > + * do not use it for non-SRP purposes. > + * > + * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not > + * long enough, or 0 on success. > **/ > int > gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result, > @@ -347,16 +353,21 @@ gnutls_srp_base64_encode (const gnutls_datum_t * > data, char *result, } > > /** > - * gnutls_srp_base64_encode_alloc - This function will convert raw data > to Base64 encoded + * gnutls_srp_base64_encode_alloc - encode raw data > using SRP-Base64 * @data: contains the raw data > * @result: will hold the newly allocated encoded data > * > - * This function will convert the given data to printable data, using the > base64 - * encoding. This is the encoding used in SRP password files. This > function will - * allocate the required memory to hold the encoded data. > + * This function will convert the given data to printable data, using > + * the base64 encoding. This is the encoding used in SRP password > + * files. This function will allocate the required memory to hold > + * the encoded data. > * > * You should use gnutls_free() to free the returned data. > - * > + * > + * Warning! This base64 encoding is not the "standard" encoding, so > + * do not use it for non-SRP purposes. > + * > + * Returns: 0 on success, or an error code. > **/ > int > gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data, > @@ -384,18 +395,21 @@ gnutls_srp_base64_encode_alloc (const gnutls_datum_t > * data, } > > /** > - * gnutls_srp_base64_decode - This function will decode base64 encoded > data + * gnutls_srp_base64_decode - decode SRP-base64 encoded data > * @b64_data: contain the encoded data > * @result: the place where decoded data will be copied > * @result_size: holds the size of the result > * > - * This function will decode the given encoded data, using the base64 > encoding - * found in libsrp. > + * This function will decode the given encoded data, using the base64 > + * encoding found in libsrp. > * > * Note that b64_data should be null terminated. > - * > - * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not long > enough, - * or 0 on success. > + * > + * Warning! This base64 encoding is not the "standard" encoding, so > + * do not use it for non-SRP purposes. > + * > + * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not > + * long enough, or 0 on success. > **/ > int > gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result, > @@ -425,16 +439,20 @@ gnutls_srp_base64_decode (const gnutls_datum_t * > b64_data, char *result, } > > /** > - * gnutls_srp_base64_decode_alloc - This function will decode base64 > encoded data + * gnutls_srp_base64_decode_alloc - decode SRP-base64 > encoded data * @b64_data: contains the encoded data > * @result: the place where decoded data lie > * > * This function will decode the given encoded data. The decoded data > - * will be allocated, and stored into result. > - * It will decode using the base64 algorithm found in libsrp. > + * will be allocated, and stored into result. It will decode using > + * the base64 algorithm as used in libsrp. > * > * You should use gnutls_free() to free the returned data. > - * > + * > + * Warning! This base64 encoding is not the "standard" encoding, so > + * do not use it for non-SRP purposes. > + * > + * Returns: 0 on success, or an error code. > **/ > int > gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data,
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
