Botan 3.9.0
Crypto and TLS for C&
pem.cpp
Go to the documentation of this file.
1/*
2* PEM Encoding/Decoding
3* (C) 1999-2007 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/pem.h>
9
10#include <botan/base64.h>
11#include <botan/data_src.h>
12#include <botan/exceptn.h>
13#include <botan/internal/fmt.h>
14
15namespace Botan::PEM_Code {
16
17namespace {
18
19std::string linewrap(size_t width, std::string_view in) {
20 std::string out;
21 for(size_t i = 0; i != in.size(); ++i) {
22 if(i > 0 && i % width == 0) {
23 out.push_back('\n');
24 }
25 out.push_back(in[i]);
26 }
27 if(!out.empty() && out[out.size() - 1] != '\n') {
28 out.push_back('\n');
29 }
30
31 return out;
32}
33
34} // namespace
35
36/*
37* PEM encode BER/DER-encoded objects
38*/
39std::string encode(const uint8_t der[], size_t length, std::string_view label, size_t width) {
40 const std::string PEM_HEADER = fmt("-----BEGIN {}-----\n", label);
41 const std::string PEM_TRAILER = fmt("-----END {}-----\n", label);
42
43 return (PEM_HEADER + linewrap(width, base64_encode(der, length)) + PEM_TRAILER);
44}
45
46/*
47* Decode PEM down to raw BER/DER
48*/
49secure_vector<uint8_t> decode_check_label(DataSource& source, std::string_view label_want) {
50 std::string label_got;
51 secure_vector<uint8_t> ber = decode(source, label_got);
52 if(label_got != label_want) {
53 throw Decoding_Error(fmt("PEM: Label mismatch, wanted '{}' got '{}'", label_want, label_got));
54 }
55
56 return ber;
57}
58
59/*
60* Decode PEM down to raw BER/DER
61*/
62secure_vector<uint8_t> decode(DataSource& source, std::string& label) {
63 const size_t RANDOM_CHAR_LIMIT = 8;
64
65 label.clear();
66
67 const std::string PEM_HEADER1 = "-----BEGIN ";
68 const std::string PEM_HEADER2 = "-----";
69 size_t position = 0;
70
71 while(position != PEM_HEADER1.length()) {
72 auto b = source.read_byte();
73
74 if(!b) {
75 throw Decoding_Error("PEM: No PEM header found");
76 }
77 if(static_cast<char>(*b) == PEM_HEADER1[position]) {
78 ++position;
79 } else if(position >= RANDOM_CHAR_LIMIT) {
80 throw Decoding_Error("PEM: Malformed PEM header");
81 } else {
82 position = 0;
83 }
84 }
85 position = 0;
86 while(position != PEM_HEADER2.length()) {
87 auto b = source.read_byte();
88
89 if(!b) {
90 throw Decoding_Error("PEM: No PEM header found");
91 }
92 if(static_cast<char>(*b) == PEM_HEADER2[position]) {
93 ++position;
94 } else if(position > 0) {
95 throw Decoding_Error("PEM: Malformed PEM header");
96 }
97
98 if(position == 0) {
99 label += static_cast<char>(*b);
100 }
101 }
102
103 std::vector<char> b64;
104
105 const std::string PEM_TRAILER = fmt("-----END {}-----", label);
106 position = 0;
107 while(position != PEM_TRAILER.length()) {
108 auto b = source.read_byte();
109
110 if(!b) {
111 throw Decoding_Error("PEM: No PEM trailer found");
112 }
113 if(static_cast<char>(*b) == PEM_TRAILER[position]) {
114 ++position;
115 } else if(position > 0) {
116 throw Decoding_Error("PEM: Malformed PEM trailer");
117 }
118
119 if(position == 0) {
120 b64.push_back(*b);
121 }
122 }
123
124 return base64_decode(b64.data(), b64.size());
125}
126
127secure_vector<uint8_t> decode_check_label(std::string_view pem, std::string_view label_want) {
128 DataSource_Memory src(pem);
129 return decode_check_label(src, label_want);
130}
131
132secure_vector<uint8_t> decode(std::string_view pem, std::string& label) {
133 DataSource_Memory src(pem);
134 return decode(src, label);
135}
136
137/*
138* Search for a PEM signature
139*/
140bool matches(DataSource& source, std::string_view extra, size_t search_range) {
141 const std::string PEM_HEADER = fmt("-----BEGIN {}", extra);
142
143 secure_vector<uint8_t> search_buf(search_range);
144 const size_t got = source.peek(search_buf.data(), search_buf.size(), 0);
145
146 if(got < PEM_HEADER.length()) {
147 return false;
148 }
149
150 size_t index = 0;
151
152 for(size_t j = 0; j != got; ++j) {
153 if(static_cast<char>(search_buf[j]) == PEM_HEADER[index]) {
154 ++index;
155 } else {
156 index = 0;
157 }
158
159 if(index == PEM_HEADER.size()) {
160 return true;
161 }
162 }
163
164 return false;
165}
166
167} // namespace Botan::PEM_Code
size_t read_byte(uint8_t &out)
Definition data_src.cpp:27
virtual size_t peek(uint8_t out[], size_t length, size_t peek_offset) const =0
std::string encode(const uint8_t der[], size_t length, std::string_view label, size_t width)
Definition pem.cpp:39
secure_vector< uint8_t > decode_check_label(DataSource &source, std::string_view label_want)
Definition pem.cpp:49
bool matches(DataSource &source, std::string_view extra, size_t search_range)
Definition pem.cpp:140
secure_vector< uint8_t > decode(DataSource &source, std::string &label)
Definition pem.cpp:62
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53
size_t base64_encode(char out[], const uint8_t in[], size_t input_length, size_t &input_consumed, bool final_inputs)
Definition base64.cpp:160
size_t base64_decode(uint8_t out[], const char in[], size_t input_length, size_t &input_consumed, bool final_inputs, bool ignore_ws)
Definition base64.cpp:168
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69