Fix base32 implementation; make base32 implementation follow standard; add more tests for base32

svn:r1574

4 files changed, 16 insertions, 9 deletions

diff --git a/doc/rend-spec.txt b/doc/rend-spec.txt
index d968510ae8..1299201cb4 100644
--- a/doc/rend-spec.txt
+++ b/doc/rend-spec.txt
@@ -183,10 +183,8 @@ Tor Rendezvous Spec
          1. Let H = H(PK).
          2. Let H' = the first 80 bits of H, considering each octet from
             most significant bit to least significant bit.
-         2. Generate a 16-character encoding of H', taking H' 5 bits at
-            a time, and mapping each 5-bit value to a character as follows:
-               0..25 map to the characters 'a'...'z', respectively.
-              26..31 map to the characters '0'...'5', respectively.
+         2. Generate a 16-character encoding of H', using base32 as defined
+            in RFC 3548.
 
    (We only use 80 bits instead of the 160 bits from SHA1 because we don't
    need to worry about man-in-the-middle attacks, and because it will make
diff --git a/src/common/crypto.c b/src/common/crypto.c
index a6e57129d9..278fe1dedd 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1188,6 +1188,9 @@ base64_decode(char *dest, int destlen, const char *src, int srclen)
   return ret;
 }
 
+/* Implement base32 encoding as in rfc3548.  Limitation: Requires that
+ * srclen is a multiple of 5.
+ */
 int
 base32_encode(char *dest, int destlen, const char *src, int srclen)
 {
@@ -1197,14 +1200,14 @@ base32_encode(char *dest, int destlen, const char *src, int srclen)
   if ((nbits%5) != 0)
     /* We need an even multiple of 5 bits. */
     return -1;
-  if ((nbits/5)+1 < destlen)
+  if ((nbits/5)+1 > destlen)
     /* Not enough space. */
     return -1;
 
   for (i=0,bit=0; bit < nbits; ++i, bit+=5) {
     /* set v to the 16-bit value starting at src[bits/8], 0-padded. */
-    v = ((unsigned char)src[bit/8]) << 8;
-    if (bit+5<nbits) v += src[(bit/8)+1];
+    v = ((uint8_t)src[bit/8]) << 8;
+    if (bit+5<nbits) v += (uint8_t)src[(bit/8)+1];
     /* set u to the 5-bit value at the bit'th bit of src. */
     u = (v >> (11-(bit%8))) & 0x1F;
     dest[i] = BASE32_CHARS[u];
diff --git a/src/common/crypto.h b/src/common/crypto.h
index d9da82a05f..f3bd0e6a8e 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -78,7 +78,7 @@ int crypto_pk_check_fingerprint_syntax(const char *s);
 
 int base64_encode(char *dest, int destlen, const char *src, int srclen);
 int base64_decode(char *dest, int destlen, const char *src, int srclen);
-#define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz012345"
+#define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz234567"
 int base32_encode(char *dest, int destlen, const char *src, int srclen);
 
 /* Key negotiation */
diff --git a/src/or/test.c b/src/or/test.c
index e81835f06f..7c21901198 100644
--- a/src/or/test.c
+++ b/src/or/test.c
@@ -446,7 +446,13 @@ test_crypto()
    * By 5s: [00110 10101 10001 10110 10000 11100 10011 10011]
    */
   i = base32_encode(data2, 9, data1, 5);
-  test_streq(data2, "gvrwq2tt");
+  test_streq(data2, "gvrwq4tt");
+
+  strcpy(data1, "\xFF\xF5\x6D\x44\xAE\x0D\x5C\xC9\x62\xC4");
+  printf("-------\n");
+  i = base32_encode(data2, 30, data1, 10);
+  test_eq(i,0);
+  test_streq(data2, "772w2rfobvomsywe");
 
   free(data1);
   free(data2);