Comments (5)
marshallpierce
commented on May 30, 2024
Padding is optional and has no semantic meaning.
from rust-base64.
AljoschaMeyer
commented on May 30, 2024
The rfc is pretty vague on this.
https://tools.ietf.org/html/rfc4648#section-3.2
Implementations MUST include appropriate pad characters at the end of encoded data unless the specification referring to this document explicitly states otherwise.
https://tools.ietf.org/html/rfc4648#page-6
Since all base 64 input is an integral number of octets, only the following cases can arise: [..]
https://tools.ietf.org/html/rfc4648#section-3.3
If more than the allowed number of pad characters is found at the end of the string (e.g., a base 64 string terminated with "==="), the excess pad characters MAY also be ignored.
In particular the section on canonicity fails to mention this issue at all, which is somewhat disappointing.
The crate parses b"AAAA" into [0, 0, 0], but rejects b"AAAA=" - so it appears to do some checks on padding =s - it just happens to accept AA, AA= and AA== (but not AA===). So what is the exact API of this crate regarding trailing padding? Does it accept any number of padding =s up to the maximum amount that could be produced by the regular encoding algorithm?
I guess a workaround would be pretty easy here (decode, check length of encoded data, check that the canonical amount of padding was available in the encoding), so probably no need to add an option for this in this crate.
from rust-base64.
marshallpierce
commented on May 30, 2024
Does it accept any number of padding =s up to the maximum amount that could be produced by the regular encoding algorithm?
Yep. It detects that AAAA= is an impossible length (can't have |input| % 4 == 1 or == 5). It has to pay attention to the length at least somewhat because it needs to detect how much of the input it could conceivably do with the fastest type of decoding. Having just 1 padding char when there should be 2 is a bit of an odd case -- it really doesn't do any harm (no padding is ever needed, after all -- IMO it was a mistake to include it in the spec), and it won't cause padding to spill into blocks where it shouldn't exist, so it won't trip anything up. In general I'm pretty vigorously pro-strictness when it comes to parsing, but given that padding is completely useless to begin with, I'm not sure I want to fight the battle of making sure everyone's base64 has correct padding 🤷
from rust-base64.
AljoschaMeyer
commented on May 30, 2024
Yup, that sounds reasonable. I'm stuck with a legacy system that has to enforce canonicity, but let's hope not many other people will ever have to deal with this... Canonicity can be enforced by checking that |input| % 4 == 0 I think, so that's something that can be easily done outside this crate.
from rust-base64.
marshallpierce
commented on May 30, 2024
Yep, if you're requiring padding, then it should always be 0.
from rust-base64.
Related Issues (20)
- Restore base64::{encode, decode} functions HOT 11
- Thank you
- How do I change the padding character? HOT 1
- Using this crate easier HOT 2
- DecoderReader accepts incorrect input HOT 2
- Design choices HOT 5
- How come I can't decode this string? HOT 1
- `DecoderReader` probably should accept `BufRead` instead of `Read` HOT 1
- make Alphabet::from_str_unchecked public HOT 3
- Replacement for base64::decode()? HOT 12
- How to generate the base64 format like openssl command HOT 3
- `DecoderReader` does not respect `with_decode_allow_trailing_bits` HOT 4
- how to encode image bytes to string? HOT 1
- GeneralPurpose engine should implement Clone and Debug HOT 6
- Make `Alphabet::from_str_unchecked` `pub const unsafe` HOT 5
- Calling `EncoderStringWriter::write` successively does not equal `EncoderStringWriter::write_all` HOT 2
- Make `encoded_len` const HOT 3
- Add encode_vec() HOT 4
- Question: best way to access inner field values HOT 5
- SIMD support? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-base64.