"""RFC 3548: Base16, Base32, Base64 Data Encodings"""
# Modified 04-Oct-1995 by Jack Jansen to use binascii module
# Modified 30-Dec-2003 by Barry Warsaw to add full RFC 3548 support
# Legacy interface exports traditional RFC 1521 Base64 encodings
'encode', 'decode', 'encodestring', 'decodestring',
# Generalized interface for other encodings
'b64encode', 'b64decode', 'b32encode', 'b32decode',
'b16encode', 'b16decode',
# Standard Base64 encoding
'standard_b64encode', 'standard_b64decode',
# Some common Base64 alternatives. As referenced by RFC 3458, see thread
# http://zgp.org/pipermail/p2p-hackers/2001-September/000316.html
'urlsafe_b64encode', 'urlsafe_b64decode',
_translation
= [chr(_x
) for _x
in range(256)]
def _translate(s
, altchars
):
translation
= _translation
[:]
for k
, v
in altchars
.items():
return s
.translate(''.join(translation
))
# Base64 encoding/decoding uses binascii
def b64encode(s
, altchars
=None):
"""Encode a string using Base64.
s is the string to encode. Optional altchars must be a string of at least
length 2 (additional characters are ignored) which specifies an
alternative alphabet for the '+' and '/' characters. This allows an
application to e.g. generate url or filesystem safe Base64 strings.
The encoded string is returned.
# Strip off the trailing newline
encoded
= binascii
.b2a_base64(s
)[:-1]
return _translate(encoded
, {'+': altchars
[0], '/': altchars
[1]})
def b64decode(s
, altchars
=None):
"""Decode a Base64 encoded string.
s is the string to decode. Optional altchars must be a string of at least
length 2 (additional characters are ignored) which specifies the
alternative alphabet used instead of the '+' and '/' characters.
The decoded string is returned. A TypeError is raised if s were
incorrectly padded or if there are non-alphabet characters present in the
s
= _translate(s
, {altchars
[0]: '+', altchars
[1]: '/'})
return binascii
.a2b_base64(s
)
except binascii
.Error
, msg
:
# Transform this exception for consistency
def standard_b64encode(s
):
"""Encode a string using the standard Base64 alphabet.
s is the string to encode. The encoded string is returned.
def standard_b64decode(s
):
"""Decode a string encoded with the standard Base64 alphabet.
s is the string to decode. The decoded string is returned. A TypeError
is raised if the string is incorrectly padded or if there are non-alphabet
characters present in the string.
def urlsafe_b64encode(s
):
"""Encode a string using a url-safe Base64 alphabet.
s is the string to encode. The encoded string is returned. The alphabet
uses '-' instead of '+' and '_' instead of '/'.
return b64encode(s
, '-_')
def urlsafe_b64decode(s
):
"""Decode a string encoded with the standard Base64 alphabet.
s is the string to decode. The decoded string is returned. A TypeError
is raised if the string is incorrectly padded or if there are non-alphabet
characters present in the string.
The alphabet uses '-' instead of '+' and '_' instead of '/'.
return b64decode(s
, '-_')
# Base32 encoding/decoding must be done in Python
0: 'A', 9: 'J', 18: 'S', 27: '3',
1: 'B', 10: 'K', 19: 'T', 28: '4',
2: 'C', 11: 'L', 20: 'U', 29: '5',
3: 'D', 12: 'M', 21: 'V', 30: '6',
4: 'E', 13: 'N', 22: 'W', 31: '7',
5: 'F', 14: 'O', 23: 'X',
6: 'G', 15: 'P', 24: 'Y',
7: 'H', 16: 'Q', 25: 'Z',
8: 'I', 17: 'R', 26: '2',
_b32tab
= [v
for v
in _b32alphabet
.values()]
_b32rev
= dict([(v
, long(k
)) for k
, v
in _b32alphabet
.items()])
"""Encode a string using Base32.
s is the string to encode. The encoded string is returned.
quanta
, leftover
= divmod(len(s
), 5)
# Pad the last quantum with zero bits if necessary
s
+= ('\0' * (5 - leftover
))
# c1 and c2 are 16 bits wide, c3 is 8 bits wide. The intent of this
# code is to process the 40 bits in units of 5 bits. So we take the 1
# leftover bit of c1 and tack it onto c2. Then we take the 2 leftover
# bits of c2 and tack them onto c3. The shifts and masks are intended
# to give us values of exactly 5 bits in width.
c1
, c2
, c3
= struct
.unpack('!HHB', s
[i
*5:(i
+1)*5])
c2
+= (c1
& 1) << 16 # 17 bits wide
c3
+= (c2
& 3) << 8 # 10 bits wide
parts
.extend([_b32tab
[c1
>> 11], # bits 1 - 5
_b32tab
[(c1
>> 6) & 0x1f], # bits 6 - 10
_b32tab
[(c1
>> 1) & 0x1f], # bits 11 - 15
_b32tab
[c2
>> 12], # bits 16 - 20 (1 - 5)
_b32tab
[(c2
>> 7) & 0x1f], # bits 21 - 25 (6 - 10)
_b32tab
[(c2
>> 2) & 0x1f], # bits 26 - 30 (11 - 15)
_b32tab
[c3
>> 5], # bits 31 - 35 (1 - 5)
_b32tab
[c3
& 0x1f], # bits 36 - 40 (1 - 5)
encoded
= EMPTYSTRING
.join(parts
)
# Adjust for any leftover partial quanta
return encoded
[:-6] + '======'
return encoded
[:-4] + '===='
return encoded
[:-3] + '==='
return encoded
[:-1] + '='
def b32decode(s
, casefold
=False, map01
=None):
"""Decode a Base32 encoded string.
s is the string to decode. Optional casefold is a flag specifying whether
a lowercase alphabet is acceptable as input. For security purposes, the
RFC 3548 allows for optional mapping of the digit 0 (zero) to the letter O
(oh), and for optional mapping of the digit 1 (one) to either the letter I
(eye) or letter L (el). The optional argument map01 when not None,
specifies which letter the digit 1 should be mapped to (when map01 is not
None, the digit 0 is always mapped to the letter O). For security
purposes the default is None, so that 0 and 1 are not allowed in the
The decoded string is returned. A TypeError is raised if s were
incorrectly padded or if there are non-alphabet characters present in the
quanta
, leftover
= divmod(len(s
), 8)
raise TypeError('Incorrect padding')
# Handle section 2.4 zero and one mapping. The flag map01 will be either
# False, or the character to map the digit 1 (one) to. It should be
# either L (el) or I (eye).
s
= _translate(s
, {'0': 'O', '1': map01
})
# Strip off pad characters from the right. We need to count the pad
# characters because this will tell us how many null bytes to remove from
# the end of the decoded string.
mo
= re
.search('(?P<pad>[=]*)$', s
)
padchars
= len(mo
.group('pad'))
# Now decode the full quanta
raise TypeError('Non-base32 digit found')
acc
+= _b32rev
[c
] << shift
parts
.append(binascii
.unhexlify('%010x' % acc
))
# Process the last, partial quanta
last
= binascii
.unhexlify('%010x' % acc
)
last
= '' # No characters
raise TypeError('Incorrect padding')
return EMPTYSTRING
.join(parts
)
# RFC 3548, Base 16 Alphabet specifies uppercase, but hexlify() returns
# lowercase. The RFC also recommends against accepting input case
"""Encode a string using Base16.
s is the string to encode. The encoded string is returned.
return binascii
.hexlify(s
).upper()
def b16decode(s
, casefold
=False):
"""Decode a Base16 encoded string.
s is the string to decode. Optional casefold is a flag specifying whether
a lowercase alphabet is acceptable as input. For security purposes, the
The decoded string is returned. A TypeError is raised if s were
incorrectly padded or if there are non-alphabet characters present in the
if re
.search('[^0-9A-F]', s
):
raise TypeError('Non-base16 digit found')
return binascii
.unhexlify(s
)
# Legacy interface. This code could be cleaned up since I don't believe
# binascii has any line length limitations. It just doesn't seem worth it
MAXLINESIZE
= 76 # Excluding the CRLF
MAXBINSIZE
= (MAXLINESIZE
//4)*3
def encode(input, output
):
s
= input.read(MAXBINSIZE
)
while len(s
) < MAXBINSIZE
:
ns
= input.read(MAXBINSIZE
-len(s
))
line
= binascii
.b2a_base64(s
)
def decode(input, output
):
s
= binascii
.a2b_base64(line
)
for i
in range(0, len(s
), MAXBINSIZE
):
chunk
= s
[i
: i
+ MAXBINSIZE
]
pieces
.append(binascii
.b2a_base64(chunk
))
return binascii
.a2b_base64(s
)
opts
, args
= getopt
.getopt(sys
.argv
[1:], 'deut')
except getopt
.error
, msg
:
print """usage: %s [-d|-e|-u|-t] [file|-]
-t: encode and decode string 'Aladdin:open sesame'"""%sys
.argv
[0]
if o
== '-e': func
= encode
if o
== '-d': func
= decode
if o
== '-u': func
= decode
if o
== '-t': test1(); return
if args
and args
[0] != '-':
func(open(args
[0], 'rb'), sys
.stdout
)
func(sys
.stdin
, sys
.stdout
)
s0
= "Aladdin:open sesame"
if __name__
== '__main__':