DeterministicESPAsyncWebServer v6.27.1
Zero-allocation, bounded-execution async HTTP server for ESP32
Loading...
Searching...
No Matches
base64.h
Go to the documentation of this file.
1// Copyright (C) 2026 Douglas Quigg (dstroy0) <dquigg123@gmail.com>
2// SPDX-License-Identifier: AGPL-3.0-or-later
3
4/**
5 * @file base64.h
6 * @brief Base64 encoder/decoder.
7 *
8 * Used to encode the SHA-1 digest in the WebSocket handshake response
9 * (RFC 6455 §4.2.2) and to decode Basic Auth credentials (RFC 7617).
10 *
11 * **Encode** is a portable software codec on every target (fast; it only handles
12 * the public WebSocket-accept digest). **Decode** touches the secret Basic-auth
13 * credentials, so on the ESP32 it uses mbedTLS's constant-time decoder (side-channel
14 * hardened) and on the native test target the portable software decoder. See
15 * base64.cpp and docs/FEATURE_PERFORMANCE.md section 2.
16 *
17 * @author Douglas Quigg (dstroy0)
18 * @date 2026
19 */
20
21#ifndef DETERMINISTICESPASYNCWEBSERVER_BASE64_H
22#define DETERMINISTICESPASYNCWEBSERVER_BASE64_H
23
24#include <stddef.h>
25#include <stdint.h>
26
27/**
28 * @brief Encode @p src_len bytes of @p src as Base64.
29 *
30 * Writes a null-terminated string into @p dst. @p dst must be at least
31 * `((src_len + 2) / 3) * 4 + 1` bytes.
32 *
33 * @param src Input bytes.
34 * @param src_len Number of input bytes.
35 * @param dst Output buffer (null-terminated Base64 string).
36 */
37void base64_encode(const uint8_t *src, size_t src_len, char *dst);
38
39/**
40 * @brief Decode a null-terminated Base64 string.
41 *
42 * Writes decoded bytes into @p dst, never writing more than @p dst_cap bytes.
43 * Returns the number of decoded bytes, or 0 on invalid input or if the decoded
44 * output would exceed @p dst_cap (the write is bounded - no overflow). The
45 * caller must leave room for any terminator it adds afterward (pass a capacity
46 * one less than the buffer size if it will null-terminate at the returned
47 * length).
48 *
49 * @param src Null-terminated Base64 input string.
50 * @param dst Output byte buffer.
51 * @param dst_cap Capacity of @p dst in bytes.
52 * @return Number of bytes written to @p dst, or 0 on error / overflow.
53 */
54size_t base64_decode(const char *src, uint8_t *dst, size_t dst_cap);
55
56/**
57 * @brief Encode @p src_len bytes as base64url (RFC 4648 section 5): '-' / '_' in
58 * place of '+' / '/', and no '=' padding.
59 *
60 * Writes a null-terminated string into @p dst, which must hold at least
61 * `((src_len + 2) / 3) * 4 + 1` bytes (the same as base64_encode; the URL form is
62 * never longer). @return the number of characters written.
63 */
64size_t base64url_encode(const uint8_t *src, size_t src_len, char *dst);
65
66/**
67 * @brief Decode @p src_len characters of base64url (RFC 4648 section 5, '-'/'_'
68 * alphabet; an '=' ends the input).
69 *
70 * Strict: the standard '+'/'/' characters are rejected so a JWS/JWT segment is
71 * decoded as base64url only (RFC 7515), never as a mixed alphabet. Streaming
72 * decoder - no padding or buffer length restriction. Writes at most @p dst_cap
73 * bytes; returns the number written, or 0 on an invalid character or if the
74 * output would exceed @p dst_cap (the write is bounded - no overflow).
75 */
76size_t base64url_decode(const char *src, size_t src_len, uint8_t *dst, size_t dst_cap);
77
78#endif
void base64_encode(const uint8_t *src, size_t src_len, char *dst)
Encode src_len bytes of src as Base64.
Definition base64.cpp:26
size_t base64url_decode(const char *src, size_t src_len, uint8_t *dst, size_t dst_cap)
Decode src_len characters of base64url (RFC 4648 section 5, '-'/'_' alphabet; an '=' ends the input).
Definition base64.cpp:200
size_t base64_decode(const char *src, uint8_t *dst, size_t dst_cap)
Decode a null-terminated Base64 string.
Definition base64.cpp:65
size_t base64url_encode(const uint8_t *src, size_t src_len, char *dst)
Encode src_len bytes as base64url (RFC 4648 section 5): '-' / '_' in place of '+' / '/',...
Definition base64.cpp:163