Botan 3.3.0
Crypto and TLS for C&
pem.cpp
Go to the documentation of this file.
1/*
2* PEM Encoding/Decoding
3* (C) 1999-2007 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/pem.h>
9
10#include <botan/base64.h>
11#include <botan/data_src.h>
12#include <botan/exceptn.h>
13#include <botan/internal/fmt.h>
14
15namespace Botan::PEM_Code {
16
17namespace {
18
19std::string linewrap(size_t width, std::string_view in) {
20 std::string out;
21 for(size_t i = 0; i != in.size(); ++i) {
22 if(i > 0 && i % width == 0) {
23 out.push_back('\n');
24 }
25 out.push_back(in[i]);
26 }
27 if(!out.empty() && out[out.size() - 1] != '\n') {
28 out.push_back('\n');
29 }
30
31 return out;
32}
33
34} // namespace
35
36/*
37* PEM encode BER/DER-encoded objects
38*/
39std::string encode(const uint8_t der[], size_t length, std::string_view label, size_t width) {
40 const std::string PEM_HEADER = fmt("-----BEGIN {}-----\n", label);
41 const std::string PEM_TRAILER = fmt("-----END {}-----\n", label);
42
43 return (PEM_HEADER + linewrap(width, base64_encode(der, length)) + PEM_TRAILER);
44}
45
46/*
47* Decode PEM down to raw BER/DER
48*/
49secure_vector<uint8_t> decode_check_label(DataSource& source, std::string_view label_want) {
50 std::string label_got;
51 secure_vector<uint8_t> ber = decode(source, label_got);
52 if(label_got != label_want) {
53 throw Decoding_Error(fmt("PEM: Label mismatch, wanted '{}' got '{}'", label_want, label_got));
54 }
55
56 return ber;
57}
58
59/*
60* Decode PEM down to raw BER/DER
61*/
62secure_vector<uint8_t> decode(DataSource& source, std::string& label) {
63 const size_t RANDOM_CHAR_LIMIT = 8;
64
65 label.clear();
66
67 const std::string PEM_HEADER1 = "-----BEGIN ";
68 const std::string PEM_HEADER2 = "-----";
69 size_t position = 0;
70
71 while(position != PEM_HEADER1.length()) {
72 uint8_t b;
73 if(!source.read_byte(b)) {
74 throw Decoding_Error("PEM: No PEM header found");
75 }
76 if(static_cast<char>(b) == PEM_HEADER1[position]) {
77 ++position;
78 } else if(position >= RANDOM_CHAR_LIMIT) {
79 throw Decoding_Error("PEM: Malformed PEM header");
80 } else {
81 position = 0;
82 }
83 }
84 position = 0;
85 while(position != PEM_HEADER2.length()) {
86 uint8_t b;
87 if(!source.read_byte(b)) {
88 throw Decoding_Error("PEM: No PEM header found");
89 }
90 if(static_cast<char>(b) == PEM_HEADER2[position]) {
91 ++position;
92 } else if(position) {
93 throw Decoding_Error("PEM: Malformed PEM header");
94 }
95
96 if(position == 0) {
97 label += static_cast<char>(b);
98 }
99 }
100
101 std::vector<char> b64;
102
103 const std::string PEM_TRAILER = fmt("-----END {}-----", label);
104 position = 0;
105 while(position != PEM_TRAILER.length()) {
106 uint8_t b;
107 if(!source.read_byte(b)) {
108 throw Decoding_Error("PEM: No PEM trailer found");
109 }
110 if(static_cast<char>(b) == PEM_TRAILER[position]) {
111 ++position;
112 } else if(position) {
113 throw Decoding_Error("PEM: Malformed PEM trailer");
114 }
115
116 if(position == 0) {
117 b64.push_back(b);
118 }
119 }
120
121 return base64_decode(b64.data(), b64.size());
122}
123
124secure_vector<uint8_t> decode_check_label(std::string_view pem, std::string_view label_want) {
125 DataSource_Memory src(pem);
126 return decode_check_label(src, label_want);
127}
128
129secure_vector<uint8_t> decode(std::string_view pem, std::string& label) {
130 DataSource_Memory src(pem);
131 return decode(src, label);
132}
133
134/*
135* Search for a PEM signature
136*/
137bool matches(DataSource& source, std::string_view extra, size_t search_range) {
138 const std::string PEM_HEADER = fmt("-----BEGIN {}", extra);
139
140 secure_vector<uint8_t> search_buf(search_range);
141 const size_t got = source.peek(search_buf.data(), search_buf.size(), 0);
142
143 if(got < PEM_HEADER.length()) {
144 return false;
145 }
146
147 size_t index = 0;
148
149 for(size_t j = 0; j != got; ++j) {
150 if(static_cast<char>(search_buf[j]) == PEM_HEADER[index]) {
151 ++index;
152 } else {
153 index = 0;
154 }
155
156 if(index == PEM_HEADER.size()) {
157 return true;
158 }
159 }
160
161 return false;
162}
163
164} // namespace Botan::PEM_Code
size_t read_byte(uint8_t &out)
Definition data_src.cpp:26
virtual size_t peek(uint8_t out[], size_t length, size_t peek_offset) const =0
std::string encode(const uint8_t der[], size_t length, std::string_view label, size_t width)
Definition pem.cpp:39
secure_vector< uint8_t > decode_check_label(DataSource &source, std::string_view label_want)
Definition pem.cpp:49
bool matches(DataSource &source, std::string_view extra, size_t search_range)
Definition pem.cpp:137
secure_vector< uint8_t > decode(DataSource &source, std::string &label)
Definition pem.cpp:62
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53
size_t base64_encode(char out[], const uint8_t in[], size_t input_length, size_t &input_consumed, bool final_inputs)
Definition base64.cpp:146
size_t base64_decode(uint8_t out[], const char in[], size_t input_length, size_t &input_consumed, bool final_inputs, bool ignore_ws)
Definition base64.cpp:154
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61