summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/util/nssb64e.c
blob: 18b01ddacb7526b5324c33b4320c2f0fbb7c99de (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*
 * Base64 encoding (binary to ascii).
 */

#include "nssb64.h"
#include "nspr.h"
#include "secitem.h"
#include "secerr.h"

/*
 * XXX See the big comment at the top of nssb64d.c about moving the
 * bulk of this code over into NSPR (the PL part).  It all applies
 * here but I didn't want to duplicate it, to avoid divergence problems.
 */

/*
 **************************************************************
 * XXX Beginning of base64 encoding code to be moved into NSPR.
 */

struct PLBase64EncodeStateStr {
    unsigned chunks;
    unsigned saved;
    unsigned char buf[3];
};

/*
 * This typedef would belong in the NSPR header file (i.e. plbase64.h).
 */
typedef struct PLBase64EncoderStr PLBase64Encoder;

/*
 * The following implementation of base64 encoding was based on code
 * found in libmime (specifically, in mimeenc.c).  It has been adapted to
 * use PR types and naming as well as to provide other necessary semantics
 * (like buffer-in/buffer-out in addition to "streaming" without undue
 * performance hit of extra copying if you made the buffer versions
 * use the output_fn).  It also incorporates some aspects of the current
 * NSPR base64 encoding code.  As such, you may find similarities to
 * both of those implementations.  I tried to use names that reflected
 * the original code when possible.  For this reason you may find some
 * inconsistencies -- libmime used lots of "in" and "out" whereas the
 * NSPR version uses "src" and "dest"; sometimes I changed one to the other
 * and sometimes I left them when I thought the subroutines were at least
 * self-consistent.
 */

PR_BEGIN_EXTERN_C

/*
 * Opaque object used by the encoder to store state.
 */
struct PLBase64EncoderStr {
    /*
     * The one or two bytes pending.  (We need 3 to create a "token",
     * and hold the leftovers here.  in_buffer_count is *only* ever
     * 0, 1, or 2.
     */
    unsigned char in_buffer[2];
    int in_buffer_count;

    /*
     * If the caller wants linebreaks added, line_length specifies
     * where they come out.  It must be a multiple of 4; if the caller
     * provides one that isn't, we round it down to the nearest
     * multiple of 4.
     *
     * The value of current_column counts how many characters have been
     * added since the last linebreaks (or since the beginning, on the
     * first line).  It is also always a multiple of 4; it is unused when
     * line_length is 0.
     */
    PRUint32 line_length;
    PRUint32 current_column;

    /*
     * Where to write the encoded data (used when streaming, not when
     * doing all in-memory (buffer) operations).
     *
     * Note that this definition is chosen to be compatible with PR_Write.
     */
    PRInt32 (*output_fn)(void *output_arg, const char *buf, PRInt32 size);
    void *output_arg;

    /*
     * Where the encoded output goes -- either temporarily (in the streaming
     * case, staged here before it goes to the output function) or what will
     * be the entire buffered result for users of the buffer version.
     */
    char *output_buffer;
    PRUint32 output_buflen; /* the total length of allocated buffer */
    PRUint32 output_length; /* the length that is currently populated */
};

PR_END_EXTERN_C

/*
 * Table to convert a binary value to its corresponding ascii "code".
 */
static unsigned char base64_valuetocode[64] =
    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

#define B64_PAD '='
#define B64_CR '\r'
#define B64_LF '\n'

static PRStatus
pl_base64_encode_buffer(PLBase64Encoder *data, const unsigned char *in,
                        PRUint32 size)
{
    const unsigned char *end = in + size;
    char *out = data->output_buffer + data->output_length;
    unsigned int i = data->in_buffer_count;
    PRUint32 n = 0;
    int off;
    PRUint32 output_threshold;

    /* If this input buffer is too small, wait until next time. */
    if (size < (3 - i)) {
        data->in_buffer[i++] = in[0];
        if (size > 1)
            data->in_buffer[i++] = in[1];
        PR_ASSERT(i < 3);
        data->in_buffer_count = i;
        return PR_SUCCESS;
    }

    /* If there are bytes that were put back last time, take them now. */
    if (i > 0) {
        n = data->in_buffer[0];
        if (i > 1)
            n = (n << 8) | data->in_buffer[1];
        data->in_buffer_count = 0;
    }

    /* If our total is not a multiple of three, put one or two bytes back. */
    off = (size + i) % 3;
    if (off > 0) {
        size -= off;
        data->in_buffer[0] = in[size];
        if (off > 1)
            data->in_buffer[1] = in[size + 1];
        data->in_buffer_count = off;
        end -= off;
    }

    output_threshold = data->output_buflen - 3;

    /*
     * Populate the output buffer with base64 data, one line (or buffer)
     * at a time.
     */
    while (in < end) {
        int j, k;

        while (i < 3) {
            n = (n << 8) | *in++;
            i++;
        }
        i = 0;

        if (data->line_length > 0) {
            if (data->current_column >= data->line_length) {
                data->current_column = 0;
                *out++ = B64_CR;
                *out++ = B64_LF;
                data->output_length += 2;
            }
            data->current_column += 4; /* the bytes we are about to add */
        }

        for (j = 18; j >= 0; j -= 6) {
            k = (n >> j) & 0x3F;
            *out++ = base64_valuetocode[k];
        }
        n = 0;
        data->output_length += 4;

        if (data->output_length >= output_threshold) {
            PR_ASSERT(data->output_length <= data->output_buflen);
            if (data->output_fn != NULL) {
                PRInt32 output_result;

                output_result = data->output_fn(data->output_arg,
                                                data->output_buffer,
                                                (PRInt32)data->output_length);
                if (output_result < 0)
                    return PR_FAILURE;

                out = data->output_buffer;
                data->output_length = 0;
            } else {
                /*
                 * Check that we are about to exit the loop.  (Since we
                 * are over the threshold, there isn't enough room in the
                 * output buffer for another trip around.)
                 */
                PR_ASSERT(in == end);
                if (in < end) {
                    PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
                    return PR_FAILURE;
                }
            }
        }
    }

    return PR_SUCCESS;
}

static PRStatus
pl_base64_encode_flush(PLBase64Encoder *data)
{
    int i = data->in_buffer_count;

    if (i == 0 && data->output_length == 0)
        return PR_SUCCESS;

    if (i > 0) {
        char *out = data->output_buffer + data->output_length;
        PRUint32 n;
        int j, k;

        n = ((PRUint32)data->in_buffer[0]) << 16;
        if (i > 1)
            n |= ((PRUint32)data->in_buffer[1] << 8);

        data->in_buffer_count = 0;

        if (data->line_length > 0) {
            if (data->current_column >= data->line_length) {
                data->current_column = 0;
                *out++ = B64_CR;
                *out++ = B64_LF;
                data->output_length += 2;
            }
        }

        /*
         * This will fill in more than we really have data for, but the
         * valid parts will end up in the correct position and the extras
         * will be over-written with pad characters below.
         */
        for (j = 18; j >= 0; j -= 6) {
            k = (n >> j) & 0x3F;
            *out++ = base64_valuetocode[k];
        }

        /* Pad with equal-signs. */
        if (i == 1)
            out[-2] = B64_PAD;
        out[-1] = B64_PAD;

        data->output_length += 4;
    }

    if (data->output_fn != NULL) {
        PRInt32 output_result;

        output_result = data->output_fn(data->output_arg, data->output_buffer,
                                        (PRInt32)data->output_length);
        data->output_length = 0;

        if (output_result < 0)
            return PR_FAILURE;
    }

    return PR_SUCCESS;
}

/*
 * The maximum space needed to hold the output of the encoder given input
 * data of length "size", and allowing for CRLF added at least every
 * line_length bytes (we will add it at nearest lower multiple of 4).
 * There is no trailing CRLF.
 */
static PRUint32
PL_Base64MaxEncodedLength(PRUint32 size, PRUint32 line_length)
{
    PRUint32 tokens, tokens_per_line, full_lines, line_break_chars, remainder;

    /* This is the maximum length we support. */
    if (size > 0x3fffffff) {
        return 0;
    }

    tokens = (size + 2) / 3;

    if (line_length == 0) {
        return tokens * 4;
    }

    if (line_length < 4) { /* too small! */
        line_length = 4;
    }

    tokens_per_line = line_length / 4;
    full_lines = tokens / tokens_per_line;
    remainder = (tokens - (full_lines * tokens_per_line)) * 4;
    line_break_chars = full_lines * 2;
    if (remainder == 0) {
        line_break_chars -= 2;
    }

    return (full_lines * tokens_per_line * 4) + line_break_chars + remainder;
}

/*
 * A distinct internal creation function for the buffer version to use.
 * (It does not want to specify an output_fn, and we want the normal
 * Create function to require that.)  All common initialization of the
 * encoding context should be done *here*.
 *
 * Save "line_length", rounded down to nearest multiple of 4 (if not
 * already even multiple).  Allocate output_buffer, if not provided --
 * based on given size if specified, otherwise based on line_length.
 */
static PLBase64Encoder *
pl_base64_create_encoder(PRUint32 line_length, char *output_buffer,
                         PRUint32 output_buflen)
{
    PLBase64Encoder *data;
    PRUint32 line_tokens;

    data = PR_NEWZAP(PLBase64Encoder);
    if (data == NULL)
        return NULL;

    if (line_length > 0 && line_length < 4) /* too small! */
        line_length = 4;

    line_tokens = line_length / 4;
    data->line_length = line_tokens * 4;

    if (output_buffer == NULL) {
        if (output_buflen == 0) {
            if (data->line_length > 0) /* need to include room for CRLF */
                output_buflen = data->line_length + 2;
            else
                output_buflen = 64; /* XXX what is a good size? */
        }

        output_buffer = (char *)PR_Malloc(output_buflen);
        if (output_buffer == NULL) {
            PR_Free(data);
            return NULL;
        }
    }

    data->output_buffer = output_buffer;
    data->output_buflen = output_buflen;
    return data;
}

/*
 * Function to start a base64 encoding context.
 * An "output_fn" is required; the "output_arg" parameter to that is optional.
 * If linebreaks in the encoded output are desired, "line_length" specifies
 * where to place them -- it will be rounded down to the nearest multiple of 4
 * (if it is not already an even multiple of 4).  If it is zero, no linebreaks
 * will be added.  (FYI, a linebreak is CRLF -- two characters.)
 */
static PLBase64Encoder *
PL_CreateBase64Encoder(PRInt32 (*output_fn)(void *, const char *, PRInt32),
                       void *output_arg, PRUint32 line_length)
{
    PLBase64Encoder *data;

    if (output_fn == NULL) {
        PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
        return NULL;
    }

    data = pl_base64_create_encoder(line_length, NULL, 0);
    if (data == NULL)
        return NULL;

    data->output_fn = output_fn;
    data->output_arg = output_arg;

    return data;
}

/*
 * Push data through the encoder, causing the output_fn (provided to Create)
 * to be called with the encoded data.
 */
static PRStatus
PL_UpdateBase64Encoder(PLBase64Encoder *data, const unsigned char *buffer,
                       PRUint32 size)
{
    /* XXX Should we do argument checking only in debug build? */
    if (data == NULL || buffer == NULL || size == 0) {
        PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
        return PR_FAILURE;
    }

    return pl_base64_encode_buffer(data, buffer, size);
}

/*
 * When you're done encoding, call this to free the data.  If "abort_p"
 * is false, then calling this may cause the output_fn to be called
 * one last time (as the last buffered data is flushed out).
 */
static PRStatus
PL_DestroyBase64Encoder(PLBase64Encoder *data, PRBool abort_p)
{
    PRStatus status = PR_SUCCESS;

    /* XXX Should we do argument checking only in debug build? */
    if (data == NULL) {
        PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
        return PR_FAILURE;
    }

    /* Flush out the last few buffered characters. */
    if (!abort_p)
        status = pl_base64_encode_flush(data);

    if (data->output_buffer != NULL)
        PR_Free(data->output_buffer);
    PR_Free(data);

    return status;
}

/*
 * Perform base64 encoding from an input buffer to an output buffer.
 * The output buffer can be provided (as "dest"); you can also pass in
 * a NULL and this function will allocate a buffer large enough for you,
 * and return it.  If you do provide the output buffer, you must also
 * provide the maximum length of that buffer (as "maxdestlen").
 * The actual encoded length of output will be returned to you in
 * "output_destlen".
 *
 * If linebreaks in the encoded output are desired, "line_length" specifies
 * where to place them -- it will be rounded down to the nearest multiple of 4
 * (if it is not already an even multiple of 4).  If it is zero, no linebreaks
 * will be added.  (FYI, a linebreak is CRLF -- two characters.)
 *
 * Return value is NULL on error, the output buffer (allocated or provided)
 * otherwise.
 */
static char *
PL_Base64EncodeBuffer(const unsigned char *src, PRUint32 srclen,
                      PRUint32 line_length, char *dest, PRUint32 maxdestlen,
                      PRUint32 *output_destlen)
{
    PRUint32 need_length;
    PLBase64Encoder *data = NULL;
    PRStatus status;

    PR_ASSERT(srclen > 0);
    if (srclen == 0) {
        return dest;
    }

    /*
     * How much space could we possibly need for encoding this input?
     */
    need_length = PL_Base64MaxEncodedLength(srclen, line_length);
    if (need_length == 0) {
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return NULL;
    }

    /*
     * Make sure we have at least that much, if output buffer provided.
     */
    if (dest != NULL) {
        PR_ASSERT(maxdestlen >= need_length);
        if (maxdestlen < need_length) {
            PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
            return NULL;
        }
    } else {
        maxdestlen = need_length;
    }

    data = pl_base64_create_encoder(line_length, dest, maxdestlen);
    if (data == NULL)
        return NULL;

    status = pl_base64_encode_buffer(data, src, srclen);

    /*
     * We do not wait for Destroy to flush, because Destroy will also
     * get rid of our encoder context, which we need to look at first!
     */
    if (status == PR_SUCCESS)
        status = pl_base64_encode_flush(data);

    if (status != PR_SUCCESS) {
        (void)PL_DestroyBase64Encoder(data, PR_TRUE);
        return NULL;
    }

    dest = data->output_buffer;

    /* Must clear this or Destroy will free it. */
    data->output_buffer = NULL;

    *output_destlen = data->output_length;
    status = PL_DestroyBase64Encoder(data, PR_FALSE);
    if (status == PR_FAILURE) {
        PR_Free(dest);
        return NULL;
    }

    return dest;
}

/*
 * XXX End of base64 encoding code to be moved into NSPR.
 ********************************************************
 */

/*
 * This is the beginning of the NSS cover functions.  These will
 * provide the interface we want to expose as NSS-ish.  For example,
 * they will operate on our Items, do any special handling or checking
 * we want to do, etc.
 */

PR_BEGIN_EXTERN_C

/*
 * A boring cover structure for now.  Perhaps someday it will include
 * some more interesting fields.
 */
struct NSSBase64EncoderStr {
    PLBase64Encoder *pl_data;
};

PR_END_EXTERN_C

/*
 * Function to start a base64 encoding context.
 */
NSSBase64Encoder *
NSSBase64Encoder_Create(PRInt32 (*output_fn)(void *, const char *, PRInt32),
                        void *output_arg)
{
    PLBase64Encoder *pl_data;
    NSSBase64Encoder *nss_data;

    nss_data = PORT_ZNew(NSSBase64Encoder);
    if (nss_data == NULL)
        return NULL;

    pl_data = PL_CreateBase64Encoder(output_fn, output_arg, 64);
    if (pl_data == NULL) {
        PORT_Free(nss_data);
        return NULL;
    }

    nss_data->pl_data = pl_data;
    return nss_data;
}

/*
 * Push data through the encoder, causing the output_fn (provided to Create)
 * to be called with the encoded data.
 */
SECStatus
NSSBase64Encoder_Update(NSSBase64Encoder *data, const unsigned char *buffer,
                        PRUint32 size)
{
    PRStatus pr_status;

    /* XXX Should we do argument checking only in debug build? */
    if (data == NULL) {
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return SECFailure;
    }

    pr_status = PL_UpdateBase64Encoder(data->pl_data, buffer, size);
    if (pr_status == PR_FAILURE)
        return SECFailure;

    return SECSuccess;
}

/*
 * When you're done encoding, call this to free the data.  If "abort_p"
 * is false, then calling this may cause the output_fn to be called
 * one last time (as the last buffered data is flushed out).
 */
SECStatus
NSSBase64Encoder_Destroy(NSSBase64Encoder *data, PRBool abort_p)
{
    PRStatus pr_status;

    /* XXX Should we do argument checking only in debug build? */
    if (data == NULL) {
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return SECFailure;
    }

    pr_status = PL_DestroyBase64Encoder(data->pl_data, abort_p);

    PORT_Free(data);

    if (pr_status == PR_FAILURE)
        return SECFailure;

    return SECSuccess;
}

/*
 * Perform base64 encoding of binary data "inItem" to an ascii string.
 * The output buffer may be provided (as "outStrOpt"); you can also pass
 * in a NULL and the buffer will be allocated for you.  The result will
 * be null-terminated, and if the buffer is provided, "maxOutLen" must
 * specify the maximum length of the buffer and will be checked to
 * supply sufficient space space for the encoded result.  (If "outStrOpt"
 * is NULL, "maxOutLen" is ignored.)
 *
 * If "outStrOpt" is NULL, allocation will happen out of the passed-in
 * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
 * will be used.
 *
 * Return value is NULL on error, the output buffer (allocated or provided)
 * otherwise.
 */
char *
NSSBase64_EncodeItem(PLArenaPool *arenaOpt, char *outStrOpt,
                     unsigned int maxOutLen, SECItem *inItem)
{
    char *out_string = outStrOpt;
    PRUint32 max_out_len;
    PRUint32 out_len = 0;
    void *mark = NULL;
    char *dummy;

    PORT_Assert(inItem != NULL && inItem->data != NULL && inItem->len != 0);
    if (inItem == NULL || inItem->data == NULL || inItem->len == 0) {
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return NULL;
    }

    max_out_len = PL_Base64MaxEncodedLength(inItem->len, 64);
    if (max_out_len == 0) {
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return NULL;
    }

    if (arenaOpt != NULL)
        mark = PORT_ArenaMark(arenaOpt);

    if (out_string == NULL) {
        if (arenaOpt != NULL)
            out_string = PORT_ArenaAlloc(arenaOpt, max_out_len + 1);
        else
            out_string = PORT_Alloc(max_out_len + 1);

        if (out_string == NULL) {
            if (arenaOpt != NULL)
                PORT_ArenaRelease(arenaOpt, mark);
            return NULL;
        }
    } else {
        if ((max_out_len + 1) > maxOutLen) {
            PORT_SetError(SEC_ERROR_OUTPUT_LEN);
            return NULL;
        }
        max_out_len = maxOutLen;
    }

    dummy = PL_Base64EncodeBuffer(inItem->data, inItem->len, 64,
                                  out_string, max_out_len, &out_len);
    if (dummy == NULL) {
        if (arenaOpt != NULL) {
            PORT_ArenaRelease(arenaOpt, mark);
        } else {
            PORT_Free(out_string);
        }
        return NULL;
    }

    if (arenaOpt != NULL)
        PORT_ArenaUnmark(arenaOpt, mark);

    out_string[out_len] = '\0';
    return out_string;
}

/*
 * XXX Everything below is deprecated.  If you add new stuff, put it
 * *above*, not below.
 */

/*
 * XXX The following "BTOA" functions are provided for backward compatibility
 * with current code.  They should be considered strongly deprecated.
 * When we can convert all our code over to using the new NSSBase64Encoder_
 * functions defined above, we should get rid of these altogether.  (Remove
 * protoypes from base64.h as well -- actually, remove that file completely).
 * If someone thinks either of these functions provides such a very useful
 * interface (though, as shown, the same functionality can already be
 * obtained by calling NSSBase64_EncodeItem directly), fine -- but then
 * that API should be provided with a nice new NSSFoo name and using
 * appropriate types, etc.
 */

#include "base64.h"

/*
** Return an PORT_Alloc'd ascii string which is the base64 encoded
** version of the input string.
*/
char *
BTOA_DataToAscii(const unsigned char *data, unsigned int len)
{
    SECItem binary_item;

    binary_item.data = (unsigned char *)data;
    binary_item.len = len;

    return NSSBase64_EncodeItem(NULL, NULL, 0, &binary_item);
}

/*
** Convert from binary encoding of an item to ascii.
*/
char *
BTOA_ConvertItemToAscii(SECItem *binary_item)
{
    return NSSBase64_EncodeItem(NULL, NULL, 0, binary_item);
}