File CVE-2021-24115.patch of Package Botan.17748
diff --git a/src/lib/codec/base32/base32.cpp b/src/lib/codec/base32/base32.cpp
index fc9883c86..224dae991 100644
--- a/src/lib/codec/base32/base32.cpp
+++ b/src/lib/codec/base32/base32.cpp
@@ -1,7 +1,7 @@
/*
* Base32 Encoding and Decoding
* (C) 2018 Erwan Chaussy
-* (C) 2018 Jack Lloyd
+* (C) 2018,2020 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -9,6 +9,7 @@
#include <botan/base32.h>
#include <botan/internal/codec_base.h>
#include <botan/internal/rounding.h>
+#include <botan/internal/ct_utils.h>
namespace Botan {
@@ -58,45 +59,11 @@ class Base32 final
return (round_up(input_length, m_encoding_bytes_out) * m_encoding_bytes_in) / m_encoding_bytes_out;
}
- static void encode(char out[8], const uint8_t in[5]) noexcept
- {
- out[0] = Base32::m_bin_to_base32[(in[0] & 0xF8) >> 3];
- out[1] = Base32::m_bin_to_base32[((in[0] & 0x07) << 2) | (in[1] >> 6)];
- out[2] = Base32::m_bin_to_base32[((in[1] & 0x3E) >> 1)];
- out[3] = Base32::m_bin_to_base32[((in[1] & 0x01) << 4) | (in[2] >> 4)];
- out[4] = Base32::m_bin_to_base32[((in[2] & 0x0F) << 1) | (in[3] >> 7)];
- out[5] = Base32::m_bin_to_base32[((in[3] & 0x7C) >> 2)];
- out[6] = Base32::m_bin_to_base32[((in[3] & 0x03) << 3) | (in[4] >> 5)];
- out[7] = Base32::m_bin_to_base32[in[4] & 0x1F];
- }
+ static void encode(char out[8], const uint8_t in[5]) noexcept;
- static inline uint8_t lookup_binary_value(char input) noexcept
- {
- return Base32::m_base32_to_bin[static_cast<uint8_t>(input)];
- }
+ static uint8_t lookup_binary_value(char input) noexcept;
- static inline bool check_bad_char(uint8_t bin, char input, bool ignore_ws)
- {
- if(bin <= 0x1F)
- {
- return true;
- }
- else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
- {
- std::string bad_char(1, input);
- if(bad_char == "\t")
- { bad_char = "\\t"; }
- else if(bad_char == "\n")
- { bad_char = "\\n"; }
- else if(bad_char == "\r")
- { bad_char = "\\r"; }
-
- throw Invalid_Argument(
- std::string("base32_decode: invalid base32 character '") +
- bad_char + "'");
- }
- return false;
- }
+ static bool check_bad_char(uint8_t bin, char input, bool ignore_ws);
static void decode(uint8_t* out_ptr, const uint8_t decode_buf[8])
{
@@ -116,55 +83,97 @@ class Base32 final
static const size_t m_encoding_bits = 5;
static const size_t m_remaining_bits_before_padding = 6;
-
static const size_t m_encoding_bytes_in = 5;
static const size_t m_encoding_bytes_out = 8;
+ };
+namespace {
- static const uint8_t m_bin_to_base32[32];
- static const uint8_t m_base32_to_bin[256];
- };
+char lookup_base32_char(uint8_t x)
+ {
+ BOTAN_DEBUG_ASSERT(x < 32);
+
+ const auto in_AZ = CT::Mask<uint8_t>::is_lt(x, 26);
+
+ const char c_AZ = 'A' + x;
+ const char c_27 = '2' + (x - 26);
+
+ return in_AZ.select(c_AZ, c_27);
+ }
+
+}
-const uint8_t Base32::m_bin_to_base32[32] =
+//static
+void Base32::encode(char out[8], const uint8_t in[5]) noexcept
{
- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
- '2', '3', '4', '5', '6', '7'
- };
+ const uint8_t b0 = (in[0] & 0xF8) >> 3;
+ const uint8_t b1 = ((in[0] & 0x07) << 2) | (in[1] >> 6);
+ const uint8_t b2 = ((in[1] & 0x3E) >> 1);
+ const uint8_t b3 = ((in[1] & 0x01) << 4) | (in[2] >> 4);
+ const uint8_t b4 = ((in[2] & 0x0F) << 1) | (in[3] >> 7);
+ const uint8_t b5 = ((in[3] & 0x7C) >> 2);
+ const uint8_t b6 = ((in[3] & 0x03) << 3) | (in[4] >> 5);
+ const uint8_t b7 = in[4] & 0x1F;
+
+ out[0] = lookup_base32_char(b0);
+ out[1] = lookup_base32_char(b1);
+ out[2] = lookup_base32_char(b2);
+ out[3] = lookup_base32_char(b3);
+ out[4] = lookup_base32_char(b4);
+ out[5] = lookup_base32_char(b5);
+ out[6] = lookup_base32_char(b6);
+ out[7] = lookup_base32_char(b7);
+ }
-/*
-* base32 Decoder Lookup Table
-* Warning: assumes ASCII encodings
-*/
-const uint8_t Base32::m_base32_to_bin[256] =
+//static
+uint8_t Base32::lookup_binary_value(char input) noexcept
{
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
- 0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
- 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
- 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
- 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
- };
+ const uint8_t c = static_cast<uint8_t>(input);
+
+ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('Z'));
+ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('2'), uint8_t('7'));
+
+ const auto is_equal = CT::Mask<uint8_t>::is_equal(c, uint8_t('='));
+ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, {
+ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r')
+ });
+
+ const uint8_t c_upper = c - uint8_t('A');
+ const uint8_t c_decim = c - uint8_t('2') + 26;
+
+ uint8_t ret = 0xFF; // default value
+
+ ret = is_alpha_upper.select(c_upper, ret);
+ ret = is_decimal.select(c_decim, ret);
+ ret = is_equal.select(0x81, ret);
+ ret = is_whitespace.select(0x80, ret);
+
+ return ret;
+ }
+
+//static
+bool Base32::check_bad_char(uint8_t bin, char input, bool ignore_ws)
+ {
+ if(bin <= 0x1F)
+ {
+ return true;
+ }
+ else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
+ {
+ std::string bad_char(1, input);
+ if(bad_char == "\t")
+ { bad_char = "\\t"; }
+ else if(bad_char == "\n")
+ { bad_char = "\\n"; }
+ else if(bad_char == "\r")
+ { bad_char = "\\r"; }
+
+ throw Invalid_Argument(
+ std::string("base32_decode: invalid base32 character '") +
+ bad_char + "'");
+ }
+ return false;
+ }
}
diff --git a/src/lib/codec/base58/base58.cpp b/src/lib/codec/base58/base58.cpp
index 5aa9441d3..a6d509012 100644
--- a/src/lib/codec/base58/base58.cpp
+++ b/src/lib/codec/base58/base58.cpp
@@ -1,5 +1,5 @@
/*
-* (C) 2018 Jack Lloyd
+* (C) 2018,2020 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -9,6 +9,7 @@
#include <botan/bigint.h>
#include <botan/divide.h>
#include <botan/loadstor.h>
+#include <botan/internal/ct_utils.h>
#include <botan/hash.h>
namespace Botan {
@@ -30,73 +31,52 @@ uint32_t sha256_d_checksum(const uint8_t input[], size_t input_length)
return load_be<uint32_t>(checksum.data(), 0);
}
-class Character_Table
+char lookup_base58_char(uint8_t x)
{
- public:
- // This must be a literal constant
- Character_Table(const char* alphabet) :
- m_alphabet(alphabet)
- {
- const size_t alpha_len = std::strlen(alphabet);
-
- // 128 or up would flow into 0x80 invalid bit
- if(alpha_len == 0 || alpha_len >= 128)
- throw Invalid_Argument("Bad Character_Table string");
-
- m_alphabet_len = static_cast<uint8_t>(alpha_len);
-
- set_mem(m_tab, 256, 0x80);
-
- for(size_t i = 0; m_alphabet[i]; ++i)
- {
- const uint8_t b = static_cast<uint8_t>(m_alphabet[i]);
- BOTAN_ASSERT(m_tab[b] == 0x80, "No duplicate chars");
- m_tab[b] = static_cast<uint8_t>(i);
- }
- }
-
- uint8_t radix() const { return m_alphabet_len; }
-
- char operator[](size_t i) const
- {
- BOTAN_ASSERT(i < m_alphabet_len, "Character in range");
- return m_alphabet[i];
- }
-
- uint8_t code_for(char c) const
- {
- return m_tab[static_cast<uint8_t>(c)];
- }
-
- private:
- const char* m_alphabet;
- uint8_t m_alphabet_len;
- uint8_t m_tab[256];
- };
-
-static const Character_Table& BASE58_ALPHA()
- {
- static const Character_Table base58_alpha("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
- return base58_alpha;
+ // "123456789 ABCDEFGH JKLMN PQRSTUVWXYZ abcdefghijk mnopqrstuvwxyz"
+ BOTAN_DEBUG_ASSERT(x < 58);
+
+ const auto is_dec_19 = CT::Mask<uint8_t>::is_lte(x, 8);
+ const auto is_alpha_AH = CT::Mask<uint8_t>::is_within_range(x, 9, 16);
+ const auto is_alpha_JN = CT::Mask<uint8_t>::is_within_range(x, 17, 21);
+ const auto is_alpha_PZ = CT::Mask<uint8_t>::is_within_range(x, 22, 32);
+ const auto is_alpha_ak = CT::Mask<uint8_t>::is_within_range(x, 33, 43);
+ // otherwise in 'm'-'z'
+
+ const char c_19 = '1' + x;
+ const char c_AH = 'A' + (x - 9);
+ const char c_JN = 'J' + (x - 17);
+ const char c_PZ = 'P' + (x - 22);
+ const char c_ak = 'a' + (x - 33);
+ const char c_mz = 'm' + (x - 44);
+
+ char ret = c_mz;
+ ret = is_dec_19.select(c_19, ret);
+ ret = is_alpha_AH.select(c_AH, ret);
+ ret = is_alpha_JN.select(c_JN, ret);
+ ret = is_alpha_PZ.select(c_PZ, ret);
+ ret = is_alpha_ak.select(c_ak, ret);
+
+ return ret;
}
std::string base58_encode(BigInt v, size_t leading_zeros)
{
- const auto base58 = BASE58_ALPHA();
+ const uint8_t radix = 58;
std::string result;
BigInt q;
- uint8_t r;
while(v.is_nonzero())
{
- ct_divide_u8(v, base58.radix(), q, r);
- result.push_back(base58[r]);
+ uint8_t r;
+ ct_divide_u8(v, radix, q, r);
+ result.push_back(lookup_base58_char(r));
v.swap(q);
}
for(size_t i = 0; i != leading_zeros; ++i)
- result.push_back(base58[0]);
+ result.push_back('1'); // 'zero' byte
return std::string(result.rbegin(), result.rend());
}
@@ -112,6 +92,39 @@ size_t count_leading_zeros(const T input[], size_t input_length, Z zero)
return leading_zeros;
}
+uint8_t base58_value_of(char input)
+ {
+ // "123456789 ABCDEFGH JKLMN PQRSTUVWXYZ abcdefghijk mnopqrstuvwxyz"
+
+ const uint8_t c = static_cast<uint8_t>(input);
+
+ const auto is_dec_19 = CT::Mask<uint8_t>::is_within_range(c, uint8_t('1'), uint8_t('9'));
+ const auto is_alpha_AH = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('H'));
+ const auto is_alpha_JN = CT::Mask<uint8_t>::is_within_range(c, uint8_t('J'), uint8_t('N'));
+ const auto is_alpha_PZ = CT::Mask<uint8_t>::is_within_range(c, uint8_t('P'), uint8_t('Z'));
+
+ const auto is_alpha_ak = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('k'));
+ const auto is_alpha_mz = CT::Mask<uint8_t>::is_within_range(c, uint8_t('m'), uint8_t('z'));
+
+ const uint8_t c_dec_19 = c - uint8_t('1');
+ const uint8_t c_AH = c - uint8_t('A') + 9;
+ const uint8_t c_JN = c - uint8_t('J') + 17;
+ const uint8_t c_PZ = c - uint8_t('P') + 22;
+
+ const uint8_t c_ak = c - uint8_t('a') + 33;
+ const uint8_t c_mz = c - uint8_t('m') + 44;
+
+ uint8_t ret = 0xFF; // default value
+
+ ret = is_dec_19.select(c_dec_19, ret);
+ ret = is_alpha_AH.select(c_AH, ret);
+ ret = is_alpha_JN.select(c_JN, ret);
+ ret = is_alpha_PZ.select(c_PZ, ret);
+ ret = is_alpha_ak.select(c_ak, ret);
+ ret = is_alpha_mz.select(c_mz, ret);
+ return ret;
+ }
+
}
std::string base58_encode(const uint8_t input[], size_t input_length)
@@ -130,9 +143,7 @@ std::string base58_check_encode(const uint8_t input[], size_t input_length)
std::vector<uint8_t> base58_decode(const char input[], size_t input_length)
{
- const auto base58 = BASE58_ALPHA();
-
- const size_t leading_zeros = count_leading_zeros(input, input_length, base58[0]);
+ const size_t leading_zeros = count_leading_zeros(input, input_length, '1');
BigInt v;
@@ -143,12 +154,12 @@ std::vector<uint8_t> base58_decode(const char input[], size_t input_length)
if(c == ' ' || c == '\n')
continue;
- const size_t idx = base58.code_for(c);
+ const uint8_t idx = base58_value_of(c);
- if(idx == 0x80)
+ if(idx == 0xFF)
throw Decoding_Error("Invalid base58");
- v *= base58.radix();
+ v *= 58;
v += idx;
}
diff --git a/src/lib/codec/base64/base64.cpp b/src/lib/codec/base64/base64.cpp
index b4f78bca0..93675f0e3 100644
--- a/src/lib/codec/base64/base64.cpp
+++ b/src/lib/codec/base64/base64.cpp
@@ -1,6 +1,6 @@
/*
* Base64 Encoding and Decoding
-* (C) 2010,2015 Jack Lloyd
+* (C) 2010,2015,2020 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -9,6 +9,7 @@
#include <botan/internal/codec_base.h>
#include <botan/exceptn.h>
#include <botan/internal/rounding.h>
+#include <botan/internal/ct_utils.h>
namespace Botan {
@@ -58,41 +59,11 @@ class Base64 final
return (round_up(input_length, m_encoding_bytes_out) * m_encoding_bytes_in) / m_encoding_bytes_out;
}
- static void encode(char out[8], const uint8_t in[5]) noexcept
- {
- out[0] = Base64::m_bin_to_base64[(in[0] & 0xFC) >> 2];
- out[1] = Base64::m_bin_to_base64[((in[0] & 0x03) << 4) | (in[1] >> 4)];
- out[2] = Base64::m_bin_to_base64[((in[1] & 0x0F) << 2) | (in[2] >> 6)];
- out[3] = Base64::m_bin_to_base64[in[2] & 0x3F];
- }
+ static void encode(char out[8], const uint8_t in[5]) noexcept;
- static inline uint8_t lookup_binary_value(char input) noexcept
- {
- return Base64::m_base64_to_bin[static_cast<uint8_t>(input)];
- }
+ static uint8_t lookup_binary_value(char input) noexcept;
- static inline bool check_bad_char(uint8_t bin, char input, bool ignore_ws)
- {
- if(bin <= 0x3F)
- {
- return true;
- }
- else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
- {
- std::string bad_char(1, input);
- if(bad_char == "\t")
- { bad_char = "\\t"; }
- else if(bad_char == "\n")
- { bad_char = "\\n"; }
- else if(bad_char == "\r")
- { bad_char = "\\r"; }
-
- throw Invalid_Argument(
- std::string("base64_decode: invalid base64 character '") +
- bad_char + "'");
- }
- return false;
- }
+ static bool check_bad_char(uint8_t bin, char input, bool ignore_ws);
static void decode(uint8_t* out_ptr, const uint8_t decode_buf[4])
{
@@ -110,57 +81,105 @@ class Base64 final
static const size_t m_encoding_bits = 6;
static const size_t m_remaining_bits_before_padding = 8;
-
static const size_t m_encoding_bytes_in = 3;
static const size_t m_encoding_bytes_out = 4;
+ };
+char lookup_base64_char(uint8_t x)
+ {
+ BOTAN_DEBUG_ASSERT(x < 64);
+
+ const auto in_az = CT::Mask<uint8_t>::is_within_range(x, 26, 51);
+ const auto in_09 = CT::Mask<uint8_t>::is_within_range(x, 52, 61);
+ const auto eq_plus = CT::Mask<uint8_t>::is_equal(x, 62);
+ const auto eq_slash = CT::Mask<uint8_t>::is_equal(x, 63);
+
+ const char c_AZ = 'A' + x;
+ const char c_az = 'a' + (x - 26);
+ const char c_09 = '0' + (x - 2*26);
+ const char c_plus = '+';
+ const char c_slash = '/';
+
+ char ret = c_AZ;
+ ret = in_az.select(c_az, ret);
+ ret = in_09.select(c_09, ret);
+ ret = eq_plus.select(c_plus, ret);
+ ret = eq_slash.select(c_slash, ret);
+
+ return ret;
+ }
- static const uint8_t m_bin_to_base64[64];
- static const uint8_t m_base64_to_bin[256];
- };
+//static
+void Base64::encode(char out[8], const uint8_t in[5]) noexcept
+ {
+ const uint8_t b0 = (in[0] & 0xFC) >> 2;
+ const uint8_t b1 = ((in[0] & 0x03) << 4) | (in[1] >> 4);
+ const uint8_t b2 = ((in[1] & 0x0F) << 2) | (in[2] >> 6);
+ const uint8_t b3 = in[2] & 0x3F;
+ out[0] = lookup_base64_char(b0);
+ out[1] = lookup_base64_char(b1);
+ out[2] = lookup_base64_char(b2);
+ out[3] = lookup_base64_char(b3);
+ }
-const uint8_t Base64::m_bin_to_base64[64] =
+//static
+uint8_t Base64::lookup_binary_value(char input) noexcept
{
- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
- };
+ const uint8_t c = static_cast<uint8_t>(input);
-/*
-* base64 Decoder Lookup Table
-* Warning: assumes ASCII encodings
-*/
-const uint8_t Base64::m_base64_to_bin[256] =
+ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('Z'));
+ const auto is_alpha_lower = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('z'));
+ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('0'), uint8_t('9'));
+
+ const auto is_plus = CT::Mask<uint8_t>::is_equal(c, uint8_t('+'));
+ const auto is_slash = CT::Mask<uint8_t>::is_equal(c, uint8_t('/'));
+ const auto is_equal = CT::Mask<uint8_t>::is_equal(c, uint8_t('='));
+
+ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, {
+ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r')
+ });
+
+ const uint8_t c_upper = c - uint8_t('A');
+ const uint8_t c_lower = c - uint8_t('a') + 26;
+ const uint8_t c_decim = c - uint8_t('0') + 2*26;
+
+ uint8_t ret = 0xFF; // default value
+
+ ret = is_alpha_upper.select(c_upper, ret);
+ ret = is_alpha_lower.select(c_lower, ret);
+ ret = is_decimal.select(c_decim, ret);
+ ret = is_plus.select(62, ret);
+ ret = is_slash.select(63, ret);
+ ret = is_equal.select(0x81, ret);
+ ret = is_whitespace.select(0x80, ret);
+
+ return ret;
+ }
+
+//static
+bool Base64::check_bad_char(uint8_t bin, char input, bool ignore_ws)
{
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
- 0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35,
- 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF,
- 0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
- 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
- 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
- 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x1A, 0x1B, 0x1C,
- 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
- 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
- };
+ if(bin <= 0x3F)
+ {
+ return true;
+ }
+ else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
+ {
+ std::string bad_char(1, input);
+ if(bad_char == "\t")
+ { bad_char = "\\t"; }
+ else if(bad_char == "\n")
+ { bad_char = "\\n"; }
+ else if(bad_char == "\r")
+ { bad_char = "\\r"; }
+
+ throw Invalid_Argument(
+ std::string("base64_decode: invalid base64 character '") +
+ bad_char + "'");
+ }
+ return false;
+ }
+
}
size_t base64_encode(char out[],
diff --git a/src/lib/codec/hex/hex.cpp b/src/lib/codec/hex/hex.cpp
index 6bbd7c28e..1ae21f398 100644
--- a/src/lib/codec/hex/hex.cpp
+++ b/src/lib/codec/hex/hex.cpp
@@ -1,6 +1,6 @@
/*
* Hex Encoding and Decoding
-* (C) 2010 Jack Lloyd
+* (C) 2010,2020 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -8,29 +8,38 @@
#include <botan/hex.h>
#include <botan/mem_ops.h>
#include <botan/exceptn.h>
+#include <botan/internal/ct_utils.h>
namespace Botan {
+namespace {
+
+char hex_encode_nibble(uint8_t n, bool uppercase)
+ {
+ BOTAN_DEBUG_ASSERT(n <= 15);
+
+ const auto in_09 = CT::Mask<uint8_t>::is_lt(n, 10);
+
+ const char c_09 = n + '0';
+ const char c_af = n + (uppercase ? 'A' : 'a') - 10;
+
+ return in_09.select(c_09, c_af);
+ }
+
+}
+
void hex_encode(char output[],
const uint8_t input[],
size_t input_length,
bool uppercase)
{
- static const uint8_t BIN_TO_HEX_UPPER[16] = {
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
- 'A', 'B', 'C', 'D', 'E', 'F' };
-
- static const uint8_t BIN_TO_HEX_LOWER[16] = {
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
- 'a', 'b', 'c', 'd', 'e', 'f' };
-
- const uint8_t* tbl = uppercase ? BIN_TO_HEX_UPPER : BIN_TO_HEX_LOWER;
-
for(size_t i = 0; i != input_length; ++i)
{
- uint8_t x = input[i];
- output[2*i ] = tbl[(x >> 4) & 0x0F];
- output[2*i+1] = tbl[(x ) & 0x0F];
+ const uint8_t n0 = (input[i] >> 4) & 0xF;
+ const uint8_t n1 = (input[i] ) & 0xF;
+
+ output[2*i ] = hex_encode_nibble(n0, uppercase);
+ output[2*i+1] = hex_encode_nibble(n1, uppercase);
}
}
@@ -46,49 +55,43 @@ std::string hex_encode(const uint8_t input[],
return output;
}
+namespace {
+
+uint8_t hex_char_to_bin(char input)
+ {
+ const uint8_t c = static_cast<uint8_t>(input);
+
+ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('F'));
+ const auto is_alpha_lower = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('f'));
+ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('0'), uint8_t('9'));
+
+ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, {
+ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r')
+ });
+
+ const uint8_t c_upper = c - uint8_t('A') + 10;
+ const uint8_t c_lower = c - uint8_t('a') + 10;
+ const uint8_t c_decim = c - uint8_t('0');
+
+ uint8_t ret = 0xFF; // default value
+
+ ret = is_alpha_upper.select(c_upper, ret);
+ ret = is_alpha_lower.select(c_lower, ret);
+ ret = is_decimal.select(c_decim, ret);
+ ret = is_whitespace.select(0x80, ret);
+
+ return ret;
+ }
+
+}
+
+
size_t hex_decode(uint8_t output[],
const char input[],
size_t input_length,
size_t& input_consumed,
bool ignore_ws)
{
- /*
- * Mapping of hex characters to either their binary equivalent
- * or to an error code.
- * If valid hex (0-9 A-F a-f), the value.
- * If whitespace, then 0x80
- * Otherwise 0xFF
- * Warning: this table assumes ASCII character encodings
- */
-
- static const uint8_t HEX_TO_BIN[256] = {
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
- 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01,
- 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
- 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
-
uint8_t* out_ptr = output;
bool top_nibble = true;
@@ -96,7 +99,7 @@ size_t hex_decode(uint8_t output[],
for(size_t i = 0; i != input_length; ++i)
{
- const uint8_t bin = HEX_TO_BIN[static_cast<uint8_t>(input[i])];
+ const uint8_t bin = hex_char_to_bin(input[i]);
if(bin >= 0x10)
{
diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h
index 17737a97c..f2e745293 100644
--- a/src/lib/utils/ct_utils.h
+++ b/src/lib/utils/ct_utils.h
@@ -183,6 +183,30 @@ class Mask
return ~Mask<T>::is_lt(x, y);
}
+ static Mask<T> is_within_range(T v, T l, T u)
+ {
+ //return Mask<T>::is_gte(v, l) & Mask<T>::is_lte(v, u);
+
+ const T v_lt_l = v^((v^l) | ((v-l)^v));
+ const T v_gt_u = u^((u^v) | ((u-v)^u));
+ const T either = v_lt_l | v_gt_u;
+ return ~Mask<T>(expand_top_bit(either));
+ }
+
+ static Mask<T> is_any_of(T v, std::initializer_list<T> accepted)
+ {
+ T accept = 0;
+
+ for(auto a: accepted)
+ {
+ const T diff = a ^ v;
+ const T eq_zero = ~diff & (diff - 1);
+ accept |= eq_zero;
+ }
+
+ return Mask<T>(expand_top_bit(accept));
+ }
+
/**
* AND-combine two masks
*/
