Offer OpenSSL base64 #89
Comments
|
The challenge with the OpenSSL API is that it only supports base64 not base64url |
std::unique_ptr<BIO, decltype(&BIO_free_all)> b64(BIO_new(BIO_f_base64()), BIO_free_all);
BIO_set_flags(b64.get(), BIO_FLAGS_BASE64_NO_NL);
if (!b64)
{
throw std::runtime_error("BIO_new failed");
}
std::unique_ptr<BIO, decltype(&BIO_free_all)> inputBio(BIO_new_mem_buf((void*)rawResponse.data(), -1), BIO_free_all);
if (!inputBio)
{
throw std::runtime_error("Unable to access the CA cert buffer");
}
//https://github.com/facebook/proxygen/blob/6654e0df0c342649c03a45142ad555993877813d/proxygen/lib/utils/Base64.cpp
inputBio.reset(BIO_push(b64.release(), inputBio.release()));
BIO_set_flags(inputBio.get(), BIO_FLAGS_BASE64_NO_NL);
BIO_read(inputBio.get(), (char*)decodedCA.data(), (int)rawResponse.length());EVP looks nicer ! |
prince-chrismc
added a commit
that referenced
this issue
Jul 27, 2020
trying out the EVP_ interface from #89
prince-chrismc
added a commit
that referenced
this issue
Sep 18, 2021
* Update coverage.yml * adding a fuzz test * adding more fuzzing TBA how to handle input requirement of decode * base64 encoding input to avoid "obvious" exceptions trying out the EVP_ interface from #89 * fixing decode fuzz * accepting exceptions are normal After comparing with https://github.com/nlohmann/json/blob/v3.9.0/test/src/fuzzer-parse_json.cpp I must agree data can be random so it should be accepted * decoding twice should produce the same result again based on https://github.com/nlohmann/json/blob/v3.9.0/test/src/fuzzer-parse_json.cpp * fixing token decode fuzzer * adding corpus for fuzz tests + adding them to ci * removing numbers with more meaning descriptions * Update BaseEncodeFuzz.cpp * Update coverage.yml * Update coverage.yml * shrink interations * cleaning cmake * Update and rename coverage.yml to jwt.yml * Update lint.yml * Update jwt.yml * Update jwt.yml
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We relly on openssl pretty heavily already, so why not use its base64 support instead of the one I originaly wrote myself.
I originaly refused to use it, because it seems hard/complicated to use and I already had a header only implementation in a personal project which I just had to drop in.
However I recently found out there seems to be a way easier approach to use it now:
https://stackoverflow.com/a/60580965/7992576
Might be worth checking out.
The text was updated successfully, but these errors were encountered: