The documentation of base64_decode_update says
@var{dst} should point to an area of size at least BASE64_DECODE_LENGTH(@var{src_length}). The amount of data generated is returned in *@var{dst_length}.
(and similarly for base16_decode_update).
This is rather inconvenient when decoding a base64 blob which is expected to be of a fix size. E.g., base64 encoding of 32 octets is 44 characters (including padding), but BASE64_DECODE_LENGTH(44) is 33, so to decode using a single call to base16_decode_update according to the docs, one would need to allocate an extra byte. And more than one extra if input may contain white space in addition to the 44 base64 characters.
Suggestion: Make dst_length an input parameter as well (similar to, e.g., the rsa_decrypt functions). If decoding would produce more bytes than there is space for, decoding fails. This way, if you expect a fix size or a fix maximum size, you need only allocate that and pass to base64_decode_update. And if you allocate according to BASE64_DECODE_LENGTH, then decoding will never fail due to missing output space.
If we do this for nettle-4, then old code needs to be adjusted, not just recompiled. Unadjusted code will suffer random failures (from passing an uninitialized dst_length), but if it follows the docs on allocation of the dst area, there won't be any dangerous memory overwrites.
Alternatively, one could introduce a new name for the new behavior.
Opinions?
Regards, /Niels
Niels Möller nisse@lysator.liu.se writes:
The documentation of base64_decode_update says
@var{dst} should point to an area of size at least BASE64_DECODE_LENGTH(@var{src_length}). The amount of data generated is returned in *@var{dst_length}.
(and similarly for base16_decode_update).
[...]
Suggestion: Make dst_length an input parameter as well (similar to, e.g., the rsa_decrypt functions). If decoding would produce more bytes than there is space for, decoding fails.
I think I'd like to do this change. It seems to be a rather important usecase to decode base64 input where the binary data is of known size, e.g., an ed25519 key or signature. Question is if it's to much breakage to change the semantics of existing functions, rather than inventing new names.
A related question: What about the nettle_armor interface, can that be deleted? It is defined in nettle-meta.h, with function types defined in nettle-types.h (with comment claiming that they are experimental). They're not mentioned in the manual, and I find no usage in codesearch.debian.net (only matches I can find are commented out mention of symbols in https://sources.debian.org/src/box64/0.3.4+dfsg-1/src/wrapped/wrappedlibnett...).
Regards, /Niels
Niels Möller nisse@lysator.liu.se writes:
Suggestion: Make dst_length an input parameter as well (similar to, e.g., the rsa_decrypt functions). If decoding would produce more bytes than there is space for, decoding fails.
I think I'd like to do this change. It seems to be a rather important usecase to decode base64 input where the binary data is of known size, e.g., an ed25519 key or signature. Question is if it's to much breakage to change the semantics of existing functions, rather than inventing new names.
I've pushed changes like this to the branch https://git.lysator.liu.se/nettle/nettle/-/tree/base16-base64-decode-api.
Any opinions on the api change? It's not ideal with an input/output size argument, but it's not that uncommon, and it is consistent with nettle's rsa_decrypt.
A related question: What about the nettle_armor interface, can that be deleted? It is defined in nettle-meta.h, with function types defined in nettle-types.h (with comment claiming that they are experimental).
Now deleted. I also deleted the unused base64_encode_group (was previously used by the now deleted openpgp code).
Regards, /Niels
Niels Möller nisse@lysator.liu.se writes:
Niels Möller nisse@lysator.liu.se writes:
Suggestion: Make dst_length an input parameter as well (similar to, e.g., the rsa_decrypt functions). If decoding would produce more bytes than there is space for, decoding fails.
Now pushed to the master branch.
Regards, /Niels
nettle-bugs@lists.lysator.liu.se
-
Niels Möller