[squid-dev] [PATCH] Base64 crypto replacement
Amos Jeffries
squid3 at treenet.co.nz
Mon Jan 5 09:58:25 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 4/01/2015 6:27 a.m., Markus Moeller wrote:
> Hi Amos,
>
> The problem is that the wrong input size is used for the decoding.
>
> base64_decode_update(&ctx, &dstLen,
> static_cast<uint8_t*>(input_token.value), input_token.length,
> b64Token)
>
> You need to use strlen(b64Token) not input_token.length.
>
> What I wonder is why dstLen is different to input_token.length (
> at least in my tests dstLen was 2 smaller than input_token.length)
>
> Shouldn't input_token.length =
> BASE64_DECODE_LENGTH(strlen(buf+3)); be the same as dstLen (I
> haven't yet time to analyse the code) ?
BASE64_DECODE_LENGTH is documented as the upper limit on decoded size.
The actual output can be smaller. I suspect that happens in the cases
of terminator '=' bytes which decode as 0-length symbols, or when the
final 4 bytes of b64Token decode to 1 rather than 2 bytes.
Applied the parameter change to trunk in rev.13819.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUqmBAAAoJELJo5wb/XPRjyfcIAMW0lz+aErdTBaOB12wSwi1/
QR4va71YVfU2tFGqtN8S+tvgrhETMNTIa4Gn7ychV+VxAvmkTauK0U+/udoks8SP
P9jidISFH2AHWSY69RD05/iVZ1YPhaYlTJJk2OFSnsncbtwNrXziNwndIsbinsey
lZpE9JLLRRjuJt7vr0GoaXzqaB7RgvT+T+bgG27oLB6gNGUdCB3gL76P7lMKzqgk
4NGUeorXCpU4d3Xmgq2STfTx1YyEPjB0eSB1nQ21wfANXeluiwh9d7tlsSFklKxr
D+YfetMd4XxoRBsOkPMsFsscH8JAThY7dabJJe8szr22YdxMd677f96Kp2TCurI=
=VuDY
-----END PGP SIGNATURE-----
More information about the squid-dev
mailing list