Base64

From OpenSSLWiki
Jump to navigationJump to search

Encode binary information 8 bits into ASCII.

This is PEM base encode, it exists other base64 encoding scheme like this used by crypt.

Algorithm[edit]

3 x 8 bits binary are concatenated to form a 24bits word that is split in 4 x 6bits each being translating into an ascii value using a character ordered in following list :

ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/ 
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
0000000000111111111122222222223333333333444444444455555555556666
0123456789012345678901234567890123456789012345678901234567890123

[what makes 26 * 2 + 10 + 2 = 64 values]

Since it encodes by group of 3 bytes, when last group of 3 bytes miss one byte then = is used, when it miss 2 bytes then == is used for padding.

Openssl command[edit]

base64 or -enc base64 can be used to decode lines see Command_Line_Utilities

EVP API[edit]

crypto/evp/encode.c crypto/evp/bio_b64.C

If you need to encode a block of data, use the EVP_EncodeBlock function, example:

unsigned char sourceData[16] = {0x30,0x82,0x07,0x39,0x30,0x82,0x05,0x21,0xA0,0x03,0x02,0x01,0x02,0x02,0x04,0x00};
char encodedData[100];
EVP_EncodeBlock((unsigned char *)encodedData, sourceData, 16);
printf(encodedData);

WARNINGS[edit]

other unsupported base64 scheme[edit]

Warning crypt() password encryption function uses another base64 scheme which is not the openssl base64 one. :

./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
0000000000111111111122222222223333333333444444444455555555556666
0123456789012345678901234567890123456789012345678901234567890123

base64 uses PEM 80 characters per line[edit]

Base64 itself does not impose a line split, but openssl uses it in PEM context hence enforce that base64 content is splitted by lines with a maximum of 80 characters.

With C code it is possible to ask to disregard lines breaks : BIO_set_flags(d,BIO_FLAGS_BASE64_NO_NL);