/**
* Parses Basic Authorization request header.
*
* @param[in] connp
* @param[in] auth_header
*/
int htp_parse_authorization_basic(htp_connp_t *connp, htp_header_t *auth_header) {
unsigned char *data = bstr_ptr(auth_header->value);
size_t len = bstr_len(auth_header->value);
size_t pos = 5;
// Ignore whitespace
while ((pos < len) && (isspace((int) data[pos]))) pos++;
if (pos == len) return HTP_ERROR;
// Decode base64-encoded data
bstr *decoded = htp_base64_decode_mem(data + pos, len - pos);
if (decoded == NULL) return HTP_ERROR;
// Now extract the username and password
int i = bstr_index_of_c(decoded, ":");
if (i == -1) {
bstr_free(decoded);
return HTP_ERROR;
}
connp->in_tx->request_auth_username = bstr_dup_ex(decoded, 0, i);
if (connp->in_tx->request_auth_username == NULL) {
bstr_free(decoded);
return HTP_ERROR;
}
connp->in_tx->request_auth_password = bstr_dup_ex(decoded, i + 1, bstr_len(decoded) - i - 1);
if (connp->in_tx->request_auth_password) {
bstr_free(decoded);
bstr_free(connp->in_tx->request_auth_username);
return HTP_ERROR;
}
bstr_free(decoded);
return HTP_OK;
}
/**
* Base64-decode input, given as bstring.
*
* @param[in] input
* @return new base64-decoded bstring
*/
bstr *htp_base64_decode_bstr(bstr *input) {
return htp_base64_decode_mem(bstr_ptr(input), bstr_len(input));
}
TEST(Base64, Decode) {
const char *input ="dGhpcyBpcyBhIHRlc3QuLg==";
bstr *out = htp_base64_decode_mem(input, strlen(input));
EXPECT_EQ(0, bstr_cmp_c(out, "this is a test.."));
bstr_free(out);
}
