Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 1 | #pragma once |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 2 | |
Ed Tanous | 3ccb3ad | 2023-01-13 17:40:03 -0800 | [diff] [blame] | 3 | #include "bmcweb_config.h" |
| 4 | |
Ed Tanous | 6dbe9be | 2024-04-14 10:24:20 -0700 | [diff] [blame] | 5 | extern "C" |
| 6 | { |
Ed Tanous | 51dae67 | 2018-09-05 16:07:32 -0700 | [diff] [blame] | 7 | #include <openssl/crypto.h> |
Ed Tanous | 6dbe9be | 2024-04-14 10:24:20 -0700 | [diff] [blame] | 8 | } |
Ed Tanous | 51dae67 | 2018-09-05 16:07:32 -0700 | [diff] [blame] | 9 | |
Ed Tanous | c867a83 | 2022-03-10 14:17:00 -0800 | [diff] [blame] | 10 | #include <boost/callable_traits.hpp> |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 11 | #include <boost/url/parse.hpp> |
Ed Tanous | eae855c | 2021-10-26 11:26:02 -0700 | [diff] [blame] | 12 | #include <boost/url/url.hpp> |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 13 | #include <boost/url/url_view.hpp> |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 14 | #include <boost/url/url_view_base.hpp> |
Ed Tanous | 71f2db7 | 2022-05-25 12:28:09 -0700 | [diff] [blame] | 15 | #include <nlohmann/json.hpp> |
Nan Zhou | 1d8782e | 2021-11-29 22:23:18 -0800 | [diff] [blame] | 16 | |
Ed Tanous | 9ea15c3 | 2022-01-04 14:18:22 -0800 | [diff] [blame] | 17 | #include <array> |
Ed Tanous | 74849be | 2021-02-05 09:47:47 -0800 | [diff] [blame] | 18 | #include <chrono> |
Ed Tanous | c715ec2 | 2022-03-10 15:38:01 -0800 | [diff] [blame] | 19 | #include <cstddef> |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 20 | #include <cstdint> |
Ed Tanous | 9ea15c3 | 2022-01-04 14:18:22 -0800 | [diff] [blame] | 21 | #include <ctime> |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 22 | #include <functional> |
Ed Tanous | 9896eae | 2022-07-23 15:07:33 -0700 | [diff] [blame] | 23 | #include <iomanip> |
Ed Tanous | 9ea15c3 | 2022-01-04 14:18:22 -0800 | [diff] [blame] | 24 | #include <limits> |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 25 | #include <stdexcept> |
| 26 | #include <string> |
Ed Tanous | 9ea15c3 | 2022-01-04 14:18:22 -0800 | [diff] [blame] | 27 | #include <string_view> |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 28 | #include <tuple> |
Ed Tanous | 9ea15c3 | 2022-01-04 14:18:22 -0800 | [diff] [blame] | 29 | #include <type_traits> |
| 30 | #include <utility> |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 31 | #include <variant> |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 32 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 33 | namespace crow |
| 34 | { |
Ed Tanous | 47488a9 | 2023-06-26 18:19:33 -0700 | [diff] [blame] | 35 | namespace utility |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 36 | { |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 37 | |
Ed Tanous | 9de65b3 | 2024-03-27 13:34:40 -0700 | [diff] [blame] | 38 | constexpr uint64_t getParameterTag(std::string_view url) |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 39 | { |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 40 | uint64_t tagValue = 0; |
| 41 | size_t urlSegmentIndex = std::string_view::npos; |
Ed Tanous | b00dcc2 | 2021-02-23 12:52:50 -0800 | [diff] [blame] | 42 | |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 43 | for (size_t urlIndex = 0; urlIndex < url.size(); urlIndex++) |
| 44 | { |
| 45 | char character = url[urlIndex]; |
| 46 | if (character == '<') |
| 47 | { |
| 48 | if (urlSegmentIndex != std::string_view::npos) |
| 49 | { |
| 50 | return 0; |
| 51 | } |
| 52 | urlSegmentIndex = urlIndex; |
| 53 | } |
| 54 | if (character == '>') |
| 55 | { |
| 56 | if (urlSegmentIndex == std::string_view::npos) |
| 57 | { |
| 58 | return 0; |
| 59 | } |
Patrick Williams | 89492a1 | 2023-05-10 07:51:34 -0500 | [diff] [blame] | 60 | std::string_view tag = url.substr(urlSegmentIndex, |
| 61 | urlIndex + 1 - urlSegmentIndex); |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 62 | |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 63 | if (tag == "<str>" || tag == "<string>") |
| 64 | { |
Ed Tanous | d9e89df | 2024-03-27 14:08:59 -0700 | [diff] [blame] | 65 | tagValue++; |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 66 | } |
| 67 | if (tag == "<path>") |
| 68 | { |
Ed Tanous | d9e89df | 2024-03-27 14:08:59 -0700 | [diff] [blame] | 69 | tagValue++; |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 70 | } |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 71 | urlSegmentIndex = std::string_view::npos; |
| 72 | } |
| 73 | } |
| 74 | if (urlSegmentIndex != std::string_view::npos) |
Ed Tanous | 988403c | 2020-08-24 11:29:49 -0700 | [diff] [blame] | 75 | { |
| 76 | return 0; |
| 77 | } |
Ed Tanous | 1c30e50 | 2022-03-08 18:02:24 -0800 | [diff] [blame] | 78 | return tagValue; |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 79 | } |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 80 | |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 81 | class Base64Encoder |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 82 | { |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 83 | char overflow1 = '\0'; |
| 84 | char overflow2 = '\0'; |
| 85 | uint8_t overflowCount = 0; |
| 86 | |
| 87 | constexpr static std::array<char, 64> key = { |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 88 | 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', |
| 89 | 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', |
| 90 | 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', |
| 91 | 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', |
| 92 | '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'}; |
| 93 | |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 94 | // Takes 3 ascii chars, and encodes them as 4 base64 chars |
| 95 | static void encodeTriple(char first, char second, char third, |
| 96 | std::string& output) |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 97 | { |
Ed Tanous | 543f440 | 2022-01-06 13:12:53 -0800 | [diff] [blame] | 98 | size_t keyIndex = 0; |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 99 | |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 100 | keyIndex = static_cast<size_t>(first & 0xFC) >> 2; |
| 101 | output += key[keyIndex]; |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 102 | |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 103 | keyIndex = static_cast<size_t>(first & 0x03) << 4; |
| 104 | keyIndex += static_cast<size_t>(second & 0xF0) >> 4; |
| 105 | output += key[keyIndex]; |
| 106 | |
| 107 | keyIndex = static_cast<size_t>(second & 0x0F) << 2; |
| 108 | keyIndex += static_cast<size_t>(third & 0xC0) >> 6; |
| 109 | output += key[keyIndex]; |
| 110 | |
| 111 | keyIndex = static_cast<size_t>(third & 0x3F); |
| 112 | output += key[keyIndex]; |
| 113 | } |
| 114 | |
| 115 | public: |
| 116 | // Accepts a partial string to encode, and writes the encoded characters to |
| 117 | // the output stream. requires subsequently calling finalize to complete |
| 118 | // stream. |
| 119 | void encode(std::string_view data, std::string& output) |
| 120 | { |
| 121 | // Encode the last round of overflow chars first |
| 122 | if (overflowCount == 2) |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 123 | { |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 124 | if (!data.empty()) |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 125 | { |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 126 | encodeTriple(overflow1, overflow2, data[0], output); |
| 127 | overflowCount = 0; |
| 128 | data.remove_prefix(1); |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 129 | } |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 130 | } |
| 131 | else if (overflowCount == 1) |
| 132 | { |
| 133 | if (data.size() >= 2) |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 134 | { |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 135 | encodeTriple(overflow1, data[0], data[1], output); |
| 136 | overflowCount = 0; |
| 137 | data.remove_prefix(2); |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 138 | } |
| 139 | } |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 140 | |
| 141 | while (data.size() >= 3) |
| 142 | { |
| 143 | encodeTriple(data[0], data[1], data[2], output); |
| 144 | data.remove_prefix(3); |
| 145 | } |
| 146 | |
| 147 | if (!data.empty() && overflowCount == 0) |
| 148 | { |
| 149 | overflow1 = data[0]; |
| 150 | overflowCount++; |
| 151 | data.remove_prefix(1); |
| 152 | } |
| 153 | |
| 154 | if (!data.empty() && overflowCount == 1) |
| 155 | { |
| 156 | overflow2 = data[0]; |
| 157 | overflowCount++; |
| 158 | data.remove_prefix(1); |
| 159 | } |
| 160 | } |
| 161 | |
| 162 | // Completes a base64 output, by writing any MOD(3) characters to the |
| 163 | // output, as well as any required trailing = |
| 164 | void finalize(std::string& output) |
| 165 | { |
| 166 | if (overflowCount == 0) |
| 167 | { |
| 168 | return; |
| 169 | } |
| 170 | size_t keyIndex = static_cast<size_t>(overflow1 & 0xFC) >> 2; |
| 171 | output += key[keyIndex]; |
| 172 | |
| 173 | keyIndex = static_cast<size_t>(overflow1 & 0x03) << 4; |
| 174 | if (overflowCount == 2) |
| 175 | { |
| 176 | keyIndex += static_cast<size_t>(overflow2 & 0xF0) >> 4; |
| 177 | output += key[keyIndex]; |
| 178 | keyIndex = static_cast<size_t>(overflow2 & 0x0F) << 2; |
| 179 | output += key[keyIndex]; |
| 180 | } |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 181 | else |
| 182 | { |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 183 | output += key[keyIndex]; |
| 184 | output += '='; |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 185 | } |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 186 | output += '='; |
| 187 | overflowCount = 0; |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 188 | } |
| 189 | |
Ed Tanous | ee192c0 | 2023-12-13 10:49:58 -0800 | [diff] [blame] | 190 | // Returns the required output buffer in characters for an input of size |
| 191 | // inputSize |
| 192 | static size_t constexpr encodedSize(size_t inputSize) |
| 193 | { |
| 194 | // Base64 encodes 3 character blocks as 4 character blocks |
| 195 | // With a possibility of 2 trailing = characters |
| 196 | return (inputSize + 2) / 3 * 4; |
| 197 | } |
| 198 | }; |
| 199 | |
| 200 | inline std::string base64encode(std::string_view data) |
| 201 | { |
| 202 | // Encodes a 3 character stream into a 4 character stream |
| 203 | std::string out; |
| 204 | Base64Encoder base64; |
| 205 | out.reserve(Base64Encoder::encodedSize(data.size())); |
| 206 | base64.encode(data, out); |
| 207 | base64.finalize(out); |
| 208 | return out; |
Adriana Kobylak | d830ff5 | 2021-01-27 14:15:27 -0600 | [diff] [blame] | 209 | } |
| 210 | |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 211 | // TODO this is temporary and should be deleted once base64 is refactored out of |
| 212 | // crow |
Ed Tanous | 26ccae3 | 2023-02-16 10:28:44 -0800 | [diff] [blame] | 213 | inline bool base64Decode(std::string_view input, std::string& output) |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 214 | { |
Ed Tanous | 271584a | 2019-07-09 16:24:22 -0700 | [diff] [blame] | 215 | static const char nop = static_cast<char>(-1); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 216 | // See note on encoding_data[] in above function |
Jonathan Doman | 5beaf84 | 2020-08-14 11:23:33 -0700 | [diff] [blame] | 217 | static const std::array<char, 256> decodingData = { |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 218 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 219 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 220 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 221 | nop, 62, nop, nop, nop, 63, 52, 53, 54, 55, 56, 57, 58, 59, |
| 222 | 60, 61, nop, nop, nop, nop, nop, nop, nop, 0, 1, 2, 3, 4, |
| 223 | 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, |
| 224 | 19, 20, 21, 22, 23, 24, 25, nop, nop, nop, nop, nop, nop, 26, |
| 225 | 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, |
| 226 | 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, nop, nop, nop, |
| 227 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 228 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 229 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 230 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 231 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 232 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 233 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 234 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 235 | nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, nop, |
| 236 | nop, nop, nop, nop}; |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 237 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 238 | size_t inputLength = input.size(); |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 239 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 240 | // allocate space for output string |
| 241 | output.clear(); |
| 242 | output.reserve(((inputLength + 2) / 3) * 4); |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 243 | |
Jonathan Doman | 5beaf84 | 2020-08-14 11:23:33 -0700 | [diff] [blame] | 244 | auto getCodeValue = [](char c) { |
| 245 | auto code = static_cast<unsigned char>(c); |
| 246 | // Ensure we cannot index outside the bounds of the decoding array |
| 247 | static_assert(std::numeric_limits<decltype(code)>::max() < |
| 248 | decodingData.size()); |
| 249 | return decodingData[code]; |
| 250 | }; |
| 251 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 252 | // for each 4-bytes sequence from the input, extract 4 6-bits sequences by |
Gunnar Mills | caa3ce3 | 2020-07-08 14:46:53 -0500 | [diff] [blame] | 253 | // dropping first two bits |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 254 | // and regenerate into 3 8-bits sequences |
James Feist | 5a80664 | 2020-07-31 16:40:33 +0000 | [diff] [blame] | 255 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 256 | for (size_t i = 0; i < inputLength; i++) |
| 257 | { |
Ed Tanous | 543f440 | 2022-01-06 13:12:53 -0800 | [diff] [blame] | 258 | char base64code0 = 0; |
| 259 | char base64code1 = 0; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 260 | char base64code2 = 0; // initialized to 0 to suppress warnings |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 261 | |
Jonathan Doman | 5beaf84 | 2020-08-14 11:23:33 -0700 | [diff] [blame] | 262 | base64code0 = getCodeValue(input[i]); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 263 | if (base64code0 == nop) |
| 264 | { // non base64 character |
| 265 | return false; |
| 266 | } |
| 267 | if (!(++i < inputLength)) |
| 268 | { // we need at least two input bytes for first |
| 269 | // byte output |
| 270 | return false; |
| 271 | } |
Jonathan Doman | 5beaf84 | 2020-08-14 11:23:33 -0700 | [diff] [blame] | 272 | base64code1 = getCodeValue(input[i]); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 273 | if (base64code1 == nop) |
| 274 | { // non base64 character |
| 275 | return false; |
| 276 | } |
| 277 | output += |
| 278 | static_cast<char>((base64code0 << 2) | ((base64code1 >> 4) & 0x3)); |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 279 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 280 | if (++i < inputLength) |
| 281 | { |
| 282 | char c = input[i]; |
| 283 | if (c == '=') |
| 284 | { // padding , end of input |
| 285 | return (base64code1 & 0x0f) == 0; |
| 286 | } |
Jonathan Doman | 5beaf84 | 2020-08-14 11:23:33 -0700 | [diff] [blame] | 287 | base64code2 = getCodeValue(input[i]); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 288 | if (base64code2 == nop) |
| 289 | { // non base64 character |
| 290 | return false; |
| 291 | } |
| 292 | output += static_cast<char>(((base64code1 << 4) & 0xf0) | |
| 293 | ((base64code2 >> 2) & 0x0f)); |
| 294 | } |
| 295 | |
| 296 | if (++i < inputLength) |
| 297 | { |
| 298 | char c = input[i]; |
| 299 | if (c == '=') |
| 300 | { // padding , end of input |
| 301 | return (base64code2 & 0x03) == 0; |
| 302 | } |
Ed Tanous | f8fe53e | 2022-06-30 15:55:45 -0700 | [diff] [blame] | 303 | char base64code3 = getCodeValue(input[i]); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 304 | if (base64code3 == nop) |
| 305 | { // non base64 character |
| 306 | return false; |
| 307 | } |
| 308 | output += |
| 309 | static_cast<char>((((base64code2 << 6) & 0xc0) | base64code3)); |
| 310 | } |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 311 | } |
| 312 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 313 | return true; |
Borawski.Lukasz | 9d8fd30 | 2018-01-05 14:56:09 +0100 | [diff] [blame] | 314 | } |
| 315 | |
Ed Tanous | 26ccae3 | 2023-02-16 10:28:44 -0800 | [diff] [blame] | 316 | inline bool constantTimeStringCompare(std::string_view a, std::string_view b) |
Ed Tanous | 51dae67 | 2018-09-05 16:07:32 -0700 | [diff] [blame] | 317 | { |
| 318 | // Important note, this function is ONLY constant time if the two input |
| 319 | // sizes are the same |
| 320 | if (a.size() != b.size()) |
| 321 | { |
| 322 | return false; |
| 323 | } |
| 324 | return CRYPTO_memcmp(a.data(), b.data(), a.size()) == 0; |
| 325 | } |
| 326 | |
| 327 | struct ConstantTimeCompare |
| 328 | { |
Ed Tanous | 26ccae3 | 2023-02-16 10:28:44 -0800 | [diff] [blame] | 329 | bool operator()(std::string_view a, std::string_view b) const |
Ed Tanous | 51dae67 | 2018-09-05 16:07:32 -0700 | [diff] [blame] | 330 | { |
| 331 | return constantTimeStringCompare(a, b); |
| 332 | } |
| 333 | }; |
| 334 | |
Ed Tanous | eae855c | 2021-10-26 11:26:02 -0700 | [diff] [blame] | 335 | namespace details |
| 336 | { |
| 337 | inline boost::urls::url |
Willy Tu | c6bcedc | 2022-09-27 05:36:59 +0000 | [diff] [blame] | 338 | appendUrlPieces(boost::urls::url& url, |
| 339 | const std::initializer_list<std::string_view> args) |
Ed Tanous | eae855c | 2021-10-26 11:26:02 -0700 | [diff] [blame] | 340 | { |
Ed Tanous | 26ccae3 | 2023-02-16 10:28:44 -0800 | [diff] [blame] | 341 | for (std::string_view arg : args) |
Ed Tanous | eae855c | 2021-10-26 11:26:02 -0700 | [diff] [blame] | 342 | { |
| 343 | url.segments().push_back(arg); |
| 344 | } |
| 345 | return url; |
| 346 | } |
Willy Tu | c6bcedc | 2022-09-27 05:36:59 +0000 | [diff] [blame] | 347 | |
Ed Tanous | eae855c | 2021-10-26 11:26:02 -0700 | [diff] [blame] | 348 | } // namespace details |
| 349 | |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 350 | class OrMorePaths |
| 351 | {}; |
| 352 | |
Ed Tanous | eae855c | 2021-10-26 11:26:02 -0700 | [diff] [blame] | 353 | template <typename... AV> |
Willy Tu | c6bcedc | 2022-09-27 05:36:59 +0000 | [diff] [blame] | 354 | inline void appendUrlPieces(boost::urls::url& url, const AV... args) |
| 355 | { |
| 356 | details::appendUrlPieces(url, {args...}); |
| 357 | } |
| 358 | |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 359 | namespace details |
| 360 | { |
| 361 | |
| 362 | // std::reference_wrapper<std::string> - extracts segment to variable |
| 363 | // std::string_view - checks if segment is equal to variable |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 364 | using UrlSegment = std::variant<std::reference_wrapper<std::string>, |
| 365 | std::string_view, OrMorePaths>; |
| 366 | |
| 367 | enum class UrlParseResult |
| 368 | { |
| 369 | Continue, |
| 370 | Fail, |
| 371 | Done, |
| 372 | }; |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 373 | |
| 374 | class UrlSegmentMatcherVisitor |
| 375 | { |
| 376 | public: |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 377 | UrlParseResult operator()(std::string& output) |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 378 | { |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 379 | output = segment; |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 380 | return UrlParseResult::Continue; |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 381 | } |
| 382 | |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 383 | UrlParseResult operator()(std::string_view expected) |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 384 | { |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 385 | if (segment == expected) |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 386 | { |
| 387 | return UrlParseResult::Continue; |
| 388 | } |
| 389 | return UrlParseResult::Fail; |
| 390 | } |
| 391 | |
| 392 | UrlParseResult operator()(OrMorePaths /*unused*/) |
| 393 | { |
| 394 | return UrlParseResult::Done; |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 395 | } |
| 396 | |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 397 | explicit UrlSegmentMatcherVisitor(std::string_view segmentIn) : |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 398 | segment(segmentIn) |
| 399 | {} |
| 400 | |
| 401 | private: |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 402 | std::string_view segment; |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 403 | }; |
| 404 | |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 405 | inline bool readUrlSegments(const boost::urls::url_view_base& url, |
Ed Tanous | 5be2b14 | 2024-03-27 15:27:04 -0700 | [diff] [blame] | 406 | std::initializer_list<UrlSegment> segments) |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 407 | { |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 408 | const boost::urls::segments_view& urlSegments = url.segments(); |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 409 | |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 410 | if (!urlSegments.is_absolute()) |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 411 | { |
| 412 | return false; |
| 413 | } |
| 414 | |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 415 | boost::urls::segments_view::const_iterator it = urlSegments.begin(); |
| 416 | boost::urls::segments_view::const_iterator end = urlSegments.end(); |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 417 | |
| 418 | for (const auto& segment : segments) |
| 419 | { |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 420 | if (it == end) |
| 421 | { |
| 422 | // If the request ends with an "any" path, this was successful |
| 423 | return std::holds_alternative<OrMorePaths>(segment); |
| 424 | } |
| 425 | UrlParseResult res = std::visit(UrlSegmentMatcherVisitor(*it), segment); |
| 426 | if (res == UrlParseResult::Done) |
| 427 | { |
| 428 | return true; |
| 429 | } |
| 430 | if (res == UrlParseResult::Fail) |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 431 | { |
| 432 | return false; |
| 433 | } |
| 434 | it++; |
| 435 | } |
Carson Labrado | 4c30e22 | 2022-06-24 22:16:00 +0000 | [diff] [blame] | 436 | |
| 437 | // There will be an empty segment at the end if the URI ends with a "/" |
| 438 | // e.g. /redfish/v1/Chassis/ |
| 439 | if ((it != end) && urlSegments.back().empty()) |
| 440 | { |
| 441 | it++; |
| 442 | } |
Ed Tanous | 7f8d8fa | 2022-08-19 07:00:38 -0700 | [diff] [blame] | 443 | return it == end; |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 444 | } |
| 445 | |
| 446 | } // namespace details |
| 447 | |
| 448 | template <typename... Args> |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 449 | inline bool readUrlSegments(const boost::urls::url_view_base& url, |
| 450 | Args&&... args) |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 451 | { |
Ed Tanous | 39662a3 | 2023-02-06 15:09:46 -0800 | [diff] [blame] | 452 | return details::readUrlSegments(url, {std::forward<Args>(args)...}); |
Szymon Dompke | ca1600c | 2022-03-03 14:42:52 +0100 | [diff] [blame] | 453 | } |
| 454 | |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 455 | inline boost::urls::url |
| 456 | replaceUrlSegment(const boost::urls::url_view_base& urlView, |
| 457 | const uint replaceLoc, std::string_view newSegment) |
Carson Labrado | 1c0bb5c | 2022-05-18 00:12:52 +0000 | [diff] [blame] | 458 | { |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 459 | const boost::urls::segments_view& urlSegments = urlView.segments(); |
Carson Labrado | 1c0bb5c | 2022-05-18 00:12:52 +0000 | [diff] [blame] | 460 | boost::urls::url url("/"); |
| 461 | |
| 462 | if (!urlSegments.is_absolute()) |
| 463 | { |
| 464 | return url; |
| 465 | } |
| 466 | |
| 467 | boost::urls::segments_view::iterator it = urlSegments.begin(); |
| 468 | boost::urls::segments_view::iterator end = urlSegments.end(); |
| 469 | |
| 470 | for (uint idx = 0; it != end; it++, idx++) |
| 471 | { |
| 472 | if (idx == replaceLoc) |
| 473 | { |
| 474 | url.segments().push_back(newSegment); |
| 475 | } |
| 476 | else |
| 477 | { |
| 478 | url.segments().push_back(*it); |
| 479 | } |
| 480 | } |
| 481 | |
| 482 | return url; |
| 483 | } |
| 484 | |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 485 | inline void setProtocolDefaults(boost::urls::url& url, |
| 486 | std::string_view protocol) |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 487 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 488 | if (url.has_scheme()) |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 489 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 490 | return; |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 491 | } |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 492 | if (protocol == "Redfish" || protocol.empty()) |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 493 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 494 | if (url.port_number() == 443) |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 495 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 496 | url.set_scheme("https"); |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 497 | } |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 498 | if (url.port_number() == 80) |
| 499 | { |
Ed Tanous | 25b54db | 2024-04-17 15:40:31 -0700 | [diff] [blame^] | 500 | if constexpr (BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION) |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 501 | { |
| 502 | url.set_scheme("http"); |
| 503 | } |
| 504 | } |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 505 | } |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 506 | else if (protocol == "SNMPv2c") |
Chicago Duan | 3d30708 | 2020-11-26 14:12:12 +0800 | [diff] [blame] | 507 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 508 | url.set_scheme("snmp"); |
Chicago Duan | 3d30708 | 2020-11-26 14:12:12 +0800 | [diff] [blame] | 509 | } |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 510 | } |
| 511 | |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 512 | inline void setPortDefaults(boost::urls::url& url) |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 513 | { |
| 514 | uint16_t port = url.port_number(); |
| 515 | if (port != 0) |
| 516 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 517 | return; |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 518 | } |
| 519 | |
| 520 | // If the user hasn't explicitly stated a port, pick one explicitly for them |
| 521 | // based on the protocol defaults |
| 522 | if (url.scheme() == "http") |
| 523 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 524 | url.set_port_number(80); |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 525 | } |
| 526 | if (url.scheme() == "https") |
| 527 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 528 | url.set_port_number(443); |
Ed Tanous | eb1c47d | 2022-02-09 11:47:27 -0800 | [diff] [blame] | 529 | } |
Chicago Duan | 3d30708 | 2020-11-26 14:12:12 +0800 | [diff] [blame] | 530 | if (url.scheme() == "snmp") |
| 531 | { |
Ed Tanous | a716aa7 | 2023-08-01 11:35:53 -0700 | [diff] [blame] | 532 | url.set_port_number(162); |
Chicago Duan | 3d30708 | 2020-11-26 14:12:12 +0800 | [diff] [blame] | 533 | } |
Ed Tanous | 11baefe | 2022-02-09 12:14:12 -0800 | [diff] [blame] | 534 | } |
| 535 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 536 | } // namespace utility |
| 537 | } // namespace crow |
Ed Tanous | 71f2db7 | 2022-05-25 12:28:09 -0700 | [diff] [blame] | 538 | |
| 539 | namespace nlohmann |
| 540 | { |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 541 | template <std::derived_from<boost::urls::url_view_base> URL> |
| 542 | struct adl_serializer<URL> |
Ed Tanous | 71f2db7 | 2022-05-25 12:28:09 -0700 | [diff] [blame] | 543 | { |
| 544 | // NOLINTNEXTLINE(readability-identifier-naming) |
Ed Tanous | 4a7fbef | 2024-04-06 16:03:49 -0700 | [diff] [blame] | 545 | static void to_json(json& j, const URL& url) |
Ed Tanous | 71f2db7 | 2022-05-25 12:28:09 -0700 | [diff] [blame] | 546 | { |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 547 | j = url.buffer(); |
Ed Tanous | 71f2db7 | 2022-05-25 12:28:09 -0700 | [diff] [blame] | 548 | } |
| 549 | }; |
| 550 | } // namespace nlohmann |