|
DeterministicESPAsyncWebServer v6.27.1
Zero-allocation, bounded-execution async HTTP server for ESP32
|
Base64 encoder/decoder implementation. More...
Go to the source code of this file.
Functions | |
| void | base64_encode (const uint8_t *src, size_t src_len, char *dst) |
Encode src_len bytes of src as Base64. | |
| size_t | base64_decode (const char *src, uint8_t *dst, size_t dst_cap) |
| Decode a null-terminated Base64 string. | |
| size_t | base64url_encode (const uint8_t *src, size_t src_len, char *dst) |
Encode src_len bytes as base64url (RFC 4648 section 5): '-' / '_' in place of '+' / '/', and no '=' padding. | |
| size_t | base64url_decode (const char *src, size_t src_len, uint8_t *dst, size_t dst_cap) |
Decode src_len characters of base64url (RFC 4648 section 5, '-'/'_' alphabet; an '=' ends the input). | |
Base64 encoder/decoder implementation.
Encode is a single portable software codec (RFC 4648) on every target: it is byte-identical to mbedTLS's but ~20x faster on the ESP32-S3 (docs/FEATURE_PERFORMANCE.md section 2), and it only ever encodes public data here (the SHA-1 in the WebSocket accept), so a data-dependent table lookup is fine.
Decode is split by target. It is the only path that touches a secret (the Basic-auth credentials it decodes, RFC 7617), so on the ESP32 it delegates to mbedTLS's constant-time base64 decoder (mbedtls_ct_base64_dec_value, which evaluates every alphabet range with branchless masks so the timing / cache pattern does not leak the bytes). On the native test target it uses the portable software decoder. mbedTLS decode is ~8x slower but runs once per authenticated request, not in a byte loop. (JWT / OIDC use base64url below, which has always been the software codec.)
Definition in file base64.cpp.
| void base64_encode | ( | const uint8_t * | src, |
| size_t | src_len, | ||
| char * | dst | ||
| ) |
Encode src_len bytes of src as Base64.
Writes a null-terminated string into dst. dst must be at least ((src_len + 2) / 3) * 4 + 1 bytes.
| src | Input bytes. |
| src_len | Number of input bytes. |
| dst | Output buffer (null-terminated Base64 string). |
Definition at line 26 of file base64.cpp.
Referenced by base64url_encode().
| size_t base64_decode | ( | const char * | src, |
| uint8_t * | dst, | ||
| size_t | dst_cap | ||
| ) |
Decode a null-terminated Base64 string.
Writes decoded bytes into dst, never writing more than dst_cap bytes. Returns the number of decoded bytes, or 0 on invalid input or if the decoded output would exceed dst_cap (the write is bounded - no overflow). The caller must leave room for any terminator it adds afterward (pass a capacity one less than the buffer size if it will null-terminate at the returned length).
| src | Null-terminated Base64 input string. |
| dst | Output byte buffer. |
| dst_cap | Capacity of dst in bytes. |
dst, or 0 on error / overflow. Definition at line 65 of file base64.cpp.
| size_t base64url_encode | ( | const uint8_t * | src, |
| size_t | src_len, | ||
| char * | dst | ||
| ) |
Encode src_len bytes as base64url (RFC 4648 section 5): '-' / '_' in place of '+' / '/', and no '=' padding.
Writes a null-terminated string into dst, which must hold at least ((src_len + 2) / 3) * 4 + 1 bytes (the same as base64_encode; the URL form is never longer).
Definition at line 163 of file base64.cpp.
References base64_encode().
| size_t base64url_decode | ( | const char * | src, |
| size_t | src_len, | ||
| uint8_t * | dst, | ||
| size_t | dst_cap | ||
| ) |
Decode src_len characters of base64url (RFC 4648 section 5, '-'/'_' alphabet; an '=' ends the input).
Strict: the standard '+'/'/' characters are rejected so a JWS/JWT segment is decoded as base64url only (RFC 7515), never as a mixed alphabet. Streaming decoder - no padding or buffer length restriction. Writes at most dst_cap bytes; returns the number written, or 0 on an invalid character or if the output would exceed dst_cap (the write is bounded - no overflow).
Definition at line 200 of file base64.cpp.