Cryptography Reference
In-Depth Information
{
fprintf( stderr, “invalid character for base64 encoding: %c\n”,
input[ i ] );
return -1;
}
}
*output++ = unbase64[ input[ 0 ] ] << 2 |
( unbase64[ input[ 1 ] ] & 0x30 ) >> 4;
out_len++;
if ( input[ 2 ] != '=' )
{
*output++ = ( unbase64[ input[ 1 ] ] & 0x0F ) << 4 |
( unbase64[ input[ 2 ] ] & 0x3C ) >> 2;
out_len++;
}
if ( input[ 3 ] != '=' )
{
*output++ = ( unbase64[ input[ 2 ] ] & 0x03 ) << 6 |
unbase64[ input[ 3 ] ];
out_len++;
}
input += 4;
}
while ( len -= 4 );
return out_len;
}
Notice that
unbase64
was declared as a static array. Technically you could have
computed this from
base64
, but because this never changes, it makes sense to
compute this once and hardcode it into the source. The -1 entries are non-base64
characters. If you encounter one in the decoding input, halt.
What does all of this Base64 stuff have to do with proxy authorization? Well,
BASIC
authorization has the client pass a username and a password to the proxy
to identify itself. In a minor nod to security, HTTP requires that this username
and password be Base64 encoded before being transmitted. This provides some
safeguard (but not much) against accidental password leakage. Of course, even a
lazy attacker with access to a packet sniffer could easily Base64 decode the proxy
authorization line. In fact, the open-source Wireshark packet sniffer decodes it
for you! Still, it's required by the specifi cation, so you have to support it.
To support proxy authorization, add the following to
http_get
as shown in
Listing 1-16.
Listing 1-16:
“http.c” http_get (with proxy support) (continued)
sprintf( get_command, “Host: %s\r\n”, host );
if ( send( connection, get_command, strlen( get_command ), 0 ) == -1 )
{
Search WWH ::
Custom Search