b64_decode_cacerts: accept non-wrapped input #114
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
`BIO_f_base64` either requires wrapped base64 with a short initial line, or when `BIO_FLAGS_BASE64_NO_NL` is set, all data must be on a single line (with or without trailing newline character). See `BIO_f_base64(3ossl)` for more details. RFC 8951 (an update to RFC 7030) clarifies that senders are not required to insert white space (such as LF) in base64-encoded payloads. Therefore libest must handle wrapped or unwrapped base64 with lines of any length. This leaves two options: 1. set `BIO_FLAGS_BASE64_NO_NL` and unwrap the input lines 2. leave the flag unset but split long lines and ensure the input ends with a newline. Option 1 is simpler so that's what this commit implements. Signed-off-by: Fraser Tweedale <[email protected]>
frasertweedale
force-pushed
the
fix/b64-handle-unwrapped
branch
from
da64fef
to
5d03478
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
BIO_f_base64either requires wrapped base64 with a shortinitial line, or when
BIO_FLAGS_BASE64_NO_NLis set, all datamust be on a single line (with or without trailing newline
character). See
BIO_f_base64(3ossl)for more details.RFC 8951 (an update to RFC 7030) clarifies that senders are
not required to insert white space (such as LF) in
base64-encoded payloads. Therefore libest must handle
wrapped or unwrapped base64 with lines of any length.
This leaves two options:
set
BIO_FLAGS_BASE64_NO_NLand unwrap the input linesleave the flag unset but split long lines and ensure the
input ends with a newline.
Option 1 is simpler so that's what this commit implements.