001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     * 
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     * 
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    
018    package org.apache.commons.codec.binary;
019    
020    import java.math.BigInteger;
021    
022    /**
023     * Provides Base64 encoding and decoding as defined by <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>.
024     * 
025     * <p>
026     * This class implements section <cite>6.8. Base64 Content-Transfer-Encoding</cite> from RFC 2045 <cite>Multipurpose
027     * Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies</cite> by Freed and Borenstein.
028     * </p>
029     * <p>
030     * The class can be parameterized in the following manner with various constructors:
031     * <ul>
032     * <li>URL-safe mode: Default off.</li>
033     * <li>Line length: Default 76. Line length that aren't multiples of 4 will still essentially end up being multiples of
034     * 4 in the encoded data.
035     * <li>Line separator: Default is CRLF ("\r\n")</li>
036     * </ul>
037     * </p>
038     * <p>
039     * Since this class operates directly on byte streams, and not character streams, it is hard-coded to only encode/decode
040     * character encodings which are compatible with the lower 127 ASCII chart (ISO-8859-1, Windows-1252, UTF-8, etc).
041     * </p>
042     * <p>
043     * This class is not thread-safe. Each thread should use its own instance.
044     * </p>
045     * 
046     * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>
047     * @author Apache Software Foundation
048     * @since 1.0
049     * @version $Revision: 1080712 $
050     */
051    public class Base64 extends BaseNCodec {
052    
053        /**
054         * BASE32 characters are 6 bits in length. 
055         * They are formed by taking a block of 3 octets to form a 24-bit string, 
056         * which is converted into 4 BASE64 characters.
057         */
058        private static final int BITS_PER_ENCODED_BYTE = 6;
059        private static final int BYTES_PER_UNENCODED_BLOCK = 3;
060        private static final int BYTES_PER_ENCODED_BLOCK = 4;
061    
062        /**
063         * Chunk separator per RFC 2045 section 2.1.
064         *
065         * <p>
066         * N.B. The next major release may break compatibility and make this field private.
067         * </p>
068         * 
069         * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045 section 2.1</a>
070         */
071        static final byte[] CHUNK_SEPARATOR = {'\r', '\n'};
072    
073        /**
074         * This array is a lookup table that translates 6-bit positive integer index values into their "Base64 Alphabet"
075         * equivalents as specified in Table 1 of RFC 2045.
076         * 
077         * Thanks to "commons" project in ws.apache.org for this code.
078         * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
079         */
080        private static final byte[] STANDARD_ENCODE_TABLE = {
081                'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
082                'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
083                'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
084                'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
085                '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
086        };
087    
088        /**
089         * This is a copy of the STANDARD_ENCODE_TABLE above, but with + and /
090         * changed to - and _ to make the encoded Base64 results more URL-SAFE.
091         * This table is only used when the Base64's mode is set to URL-SAFE.
092         */    
093        private static final byte[] URL_SAFE_ENCODE_TABLE = {
094                'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
095                'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
096                'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
097                'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
098                '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_'
099        };
100    
101        /**
102         * This array is a lookup table that translates Unicode characters drawn from the "Base64 Alphabet" (as specified in
103         * Table 1 of RFC 2045) into their 6-bit positive integer equivalents. Characters that are not in the Base64
104         * alphabet but fall within the bounds of the array are translated to -1.
105         * 
106         * Note: '+' and '-' both decode to 62. '/' and '_' both decode to 63. This means decoder seamlessly handles both
107         * URL_SAFE and STANDARD base64. (The encoder, on the other hand, needs to know ahead of time what to emit).
108         * 
109         * Thanks to "commons" project in ws.apache.org for this code.
110         * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
111         */
112        private static final byte[] DECODE_TABLE = {
113                -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
114                -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
115                -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, 52, 53, 54,
116                55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, -1, 0, 1, 2, 3, 4,
117                5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
118                24, 25, -1, -1, -1, -1, 63, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34,
119                35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51
120        };
121    
122        /**
123         * Base64 uses 6-bit fields. 
124         */
125        /** Mask used to extract 6 bits, used when encoding */
126        private static final int MASK_6BITS = 0x3f;
127    
128        // The static final fields above are used for the original static byte[] methods on Base64.
129        // The private member fields below are used with the new streaming approach, which requires
130        // some state be preserved between calls of encode() and decode().
131    
132        /**
133         * Encode table to use: either STANDARD or URL_SAFE. Note: the DECODE_TABLE above remains static because it is able
134         * to decode both STANDARD and URL_SAFE streams, but the encodeTable must be a member variable so we can switch
135         * between the two modes.
136         */
137        private final byte[] encodeTable;
138    
139        // Only one decode table currently; keep for consistency with Base32 code
140        private final byte[] decodeTable = DECODE_TABLE;
141    
142        /**
143         * Line separator for encoding. Not used when decoding. Only used if lineLength > 0.
144         */
145        private final byte[] lineSeparator;
146    
147        /**
148         * Convenience variable to help us determine when our buffer is going to run out of room and needs resizing.
149         * <code>decodeSize = 3 + lineSeparator.length;</code>
150         */
151        private final int decodeSize;
152    
153        /**
154         * Convenience variable to help us determine when our buffer is going to run out of room and needs resizing.
155         * <code>encodeSize = 4 + lineSeparator.length;</code>
156         */
157        private final int encodeSize;
158    
159        /**
160         * Place holder for the bytes we're dealing with for our based logic. 
161         * Bitwise operations store and extract the encoding or decoding from this variable.
162         */
163        private int bitWorkArea;
164    
165        /**
166         * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
167         * <p>
168         * When encoding the line length is 0 (no chunking), and the encoding table is STANDARD_ENCODE_TABLE.
169         * </p>
170         * 
171         * <p>
172         * When decoding all variants are supported.
173         * </p>
174         */
175        public Base64() {
176            this(0);
177        }
178    
179        /**
180         * Creates a Base64 codec used for decoding (all modes) and encoding in the given URL-safe mode.
181         * <p>
182         * When encoding the line length is 76, the line separator is CRLF, and the encoding table is STANDARD_ENCODE_TABLE.
183         * </p>
184         * 
185         * <p>
186         * When decoding all variants are supported.
187         * </p>
188         * 
189         * @param urlSafe
190         *            if <code>true</code>, URL-safe encoding is used. In most cases this should be set to
191         *            <code>false</code>.
192         * @since 1.4
193         */
194        public Base64(boolean urlSafe) {
195            this(MIME_CHUNK_SIZE, CHUNK_SEPARATOR, urlSafe);
196        }
197    
198        /**
199         * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
200         * <p>
201         * When encoding the line length is given in the constructor, the line separator is CRLF, and the encoding table is
202         * STANDARD_ENCODE_TABLE.
203         * </p>
204         * <p>
205         * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
206         * </p>
207         * <p>
208         * When decoding all variants are supported.
209         * </p>
210         * 
211         * @param lineLength
212         *            Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
213         *            If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
214         * @since 1.4
215         */
216        public Base64(int lineLength) {
217            this(lineLength, CHUNK_SEPARATOR);
218        }
219    
220        /**
221         * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
222         * <p>
223         * When encoding the line length and line separator are given in the constructor, and the encoding table is
224         * STANDARD_ENCODE_TABLE.
225         * </p>
226         * <p>
227         * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
228         * </p>
229         * <p>
230         * When decoding all variants are supported.
231         * </p>
232         * 
233         * @param lineLength
234         *            Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
235         *            If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
236         * @param lineSeparator
237         *            Each line of encoded data will end with this sequence of bytes.
238         * @throws IllegalArgumentException
239         *             Thrown when the provided lineSeparator included some base64 characters.
240         * @since 1.4
241         */
242        public Base64(int lineLength, byte[] lineSeparator) {
243            this(lineLength, lineSeparator, false);
244        }
245    
246        /**
247         * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
248         * <p>
249         * When encoding the line length and line separator are given in the constructor, and the encoding table is
250         * STANDARD_ENCODE_TABLE.
251         * </p>
252         * <p>
253         * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
254         * </p>
255         * <p>
256         * When decoding all variants are supported.
257         * </p>
258         * 
259         * @param lineLength
260         *            Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
261         *            If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
262         * @param lineSeparator
263         *            Each line of encoded data will end with this sequence of bytes.
264         * @param urlSafe
265         *            Instead of emitting '+' and '/' we emit '-' and '_' respectively. urlSafe is only applied to encode
266         *            operations. Decoding seamlessly handles both modes.
267         * @throws IllegalArgumentException
268         *             The provided lineSeparator included some base64 characters. That's not going to work!
269         * @since 1.4
270         */
271        public Base64(int lineLength, byte[] lineSeparator, boolean urlSafe) {
272            super(BYTES_PER_UNENCODED_BLOCK, BYTES_PER_ENCODED_BLOCK, 
273                    lineLength,
274                    lineSeparator == null ? 0 : lineSeparator.length);
275            // TODO could be simplified if there is no requirement to reject invalid line sep when length <=0
276            // @see test case Base64Test.testConstructors() 
277            if (lineSeparator != null) {
278                if (containsAlphabetOrPad(lineSeparator)) {
279                    String sep = StringUtils.newStringUtf8(lineSeparator);
280                    throw new IllegalArgumentException("lineSeparator must not contain base64 characters: [" + sep + "]");
281                }            
282                if (lineLength > 0){ // null line-sep forces no chunking rather than throwing IAE
283                    this.encodeSize = BYTES_PER_ENCODED_BLOCK + lineSeparator.length;
284                    this.lineSeparator = new byte[lineSeparator.length];
285                    System.arraycopy(lineSeparator, 0, this.lineSeparator, 0, lineSeparator.length);
286                } else {
287                    this.encodeSize = BYTES_PER_ENCODED_BLOCK;
288                    this.lineSeparator = null;
289                }
290            } else {
291                this.encodeSize = BYTES_PER_ENCODED_BLOCK;
292                this.lineSeparator = null;
293            }
294            this.decodeSize = this.encodeSize - 1;
295            this.encodeTable = urlSafe ? URL_SAFE_ENCODE_TABLE : STANDARD_ENCODE_TABLE;
296        }
297    
298        /**
299         * Returns our current encode mode. True if we're URL-SAFE, false otherwise.
300         * 
301         * @return true if we're in URL-SAFE mode, false otherwise.
302         * @since 1.4
303         */
304        public boolean isUrlSafe() {
305            return this.encodeTable == URL_SAFE_ENCODE_TABLE;
306        }
307    
308        /**
309         * <p>
310         * Encodes all of the provided data, starting at inPos, for inAvail bytes. Must be called at least twice: once with
311         * the data to encode, and once with inAvail set to "-1" to alert encoder that EOF has been reached, so flush last
312         * remaining bytes (if not multiple of 3).
313         * </p>
314         * <p>
315         * Thanks to "commons" project in ws.apache.org for the bitwise operations, and general approach.
316         * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
317         * </p>
318         * 
319         * @param in
320         *            byte[] array of binary data to base64 encode.
321         * @param inPos
322         *            Position to start reading data from.
323         * @param inAvail
324         *            Amount of bytes available from input for encoding.
325         */
326        void encode(byte[] in, int inPos, int inAvail) {
327            if (eof) {
328                return;
329            }
330            // inAvail < 0 is how we're informed of EOF in the underlying data we're
331            // encoding.
332            if (inAvail < 0) {
333                eof = true;
334                if (0 == modulus && lineLength == 0) {
335                    return; // no leftovers to process and not using chunking
336                }
337                ensureBufferSize(encodeSize);
338                int savedPos = pos;
339                switch (modulus) { // 0-2
340                    case 1 : // 8 bits = 6 + 2
341                        buffer[pos++] = encodeTable[(bitWorkArea >> 2) & MASK_6BITS]; // top 6 bits
342                        buffer[pos++] = encodeTable[(bitWorkArea << 4) & MASK_6BITS]; // remaining 2 
343                        // URL-SAFE skips the padding to further reduce size.
344                        if (encodeTable == STANDARD_ENCODE_TABLE) {
345                            buffer[pos++] = PAD;
346                            buffer[pos++] = PAD;
347                        }
348                        break;
349    
350                    case 2 : // 16 bits = 6 + 6 + 4
351                        buffer[pos++] = encodeTable[(bitWorkArea >> 10) & MASK_6BITS];
352                        buffer[pos++] = encodeTable[(bitWorkArea >> 4) & MASK_6BITS];
353                        buffer[pos++] = encodeTable[(bitWorkArea << 2) & MASK_6BITS];
354                        // URL-SAFE skips the padding to further reduce size.
355                        if (encodeTable == STANDARD_ENCODE_TABLE) {
356                            buffer[pos++] = PAD;
357                        }
358                        break;
359                }
360                currentLinePos += pos - savedPos; // keep track of current line position
361                // if currentPos == 0 we are at the start of a line, so don't add CRLF
362                if (lineLength > 0 && currentLinePos > 0) { 
363                    System.arraycopy(lineSeparator, 0, buffer, pos, lineSeparator.length);
364                    pos += lineSeparator.length;
365                }
366            } else {
367                for (int i = 0; i < inAvail; i++) {
368                    ensureBufferSize(encodeSize);
369                    modulus = (modulus+1) % BYTES_PER_UNENCODED_BLOCK;
370                    int b = in[inPos++];
371                    if (b < 0) {
372                        b += 256;
373                    }
374                    bitWorkArea = (bitWorkArea << 8) + b; //  BITS_PER_BYTE
375                    if (0 == modulus) { // 3 bytes = 24 bits = 4 * 6 bits to extract
376                        buffer[pos++] = encodeTable[(bitWorkArea >> 18) & MASK_6BITS];
377                        buffer[pos++] = encodeTable[(bitWorkArea >> 12) & MASK_6BITS];
378                        buffer[pos++] = encodeTable[(bitWorkArea >> 6) & MASK_6BITS];
379                        buffer[pos++] = encodeTable[bitWorkArea & MASK_6BITS];
380                        currentLinePos += BYTES_PER_ENCODED_BLOCK;
381                        if (lineLength > 0 && lineLength <= currentLinePos) {
382                            System.arraycopy(lineSeparator, 0, buffer, pos, lineSeparator.length);
383                            pos += lineSeparator.length;
384                            currentLinePos = 0;
385                        }
386                    }
387                }
388            }
389        }
390    
391        /**
392         * <p>
393         * Decodes all of the provided data, starting at inPos, for inAvail bytes. Should be called at least twice: once
394         * with the data to decode, and once with inAvail set to "-1" to alert decoder that EOF has been reached. The "-1"
395         * call is not necessary when decoding, but it doesn't hurt, either.
396         * </p>
397         * <p>
398         * Ignores all non-base64 characters. This is how chunked (e.g. 76 character) data is handled, since CR and LF are
399         * silently ignored, but has implications for other bytes, too. This method subscribes to the garbage-in,
400         * garbage-out philosophy: it will not check the provided data for validity.
401         * </p>
402         * <p>
403         * Thanks to "commons" project in ws.apache.org for the bitwise operations, and general approach.
404         * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
405         * </p>
406         * 
407         * @param in
408         *            byte[] array of ascii data to base64 decode.
409         * @param inPos
410         *            Position to start reading data from.
411         * @param inAvail
412         *            Amount of bytes available from input for encoding.
413         */
414        void decode(byte[] in, int inPos, int inAvail) {
415            if (eof) {
416                return;
417            }
418            if (inAvail < 0) {
419                eof = true;
420            }
421            for (int i = 0; i < inAvail; i++) {
422                ensureBufferSize(decodeSize);
423                byte b = in[inPos++];
424                if (b == PAD) {
425                    // We're done.
426                    eof = true;
427                    break;
428                } else {
429                    if (b >= 0 && b < DECODE_TABLE.length) {
430                        int result = DECODE_TABLE[b];
431                        if (result >= 0) {
432                            modulus = (modulus+1) % BYTES_PER_ENCODED_BLOCK;
433                            bitWorkArea = (bitWorkArea << BITS_PER_ENCODED_BYTE) + result;
434                            if (modulus == 0) {
435                                buffer[pos++] = (byte) ((bitWorkArea >> 16) & MASK_8BITS);
436                                buffer[pos++] = (byte) ((bitWorkArea >> 8) & MASK_8BITS);
437                                buffer[pos++] = (byte) (bitWorkArea & MASK_8BITS);
438                            }
439                        }
440                    }
441                }
442            }
443    
444            // Two forms of EOF as far as base64 decoder is concerned: actual
445            // EOF (-1) and first time '=' character is encountered in stream.
446            // This approach makes the '=' padding characters completely optional.
447            if (eof && modulus != 0) {
448                ensureBufferSize(decodeSize);
449                
450                // We have some spare bits remaining
451                // Output all whole multiples of 8 bits and ignore the rest
452                switch (modulus) {
453               //   case 1: // 6 bits - ignore entirely
454               //       break;
455                    case 2 : // 12 bits = 8 + 4
456                        bitWorkArea = bitWorkArea >> 4; // dump the extra 4 bits
457                        buffer[pos++] = (byte) ((bitWorkArea) & MASK_8BITS);
458                        break;
459                    case 3 : // 18 bits = 8 + 8 + 2
460                        bitWorkArea = bitWorkArea >> 2; // dump 2 bits
461                        buffer[pos++] = (byte) ((bitWorkArea >> 8) & MASK_8BITS);
462                        buffer[pos++] = (byte) ((bitWorkArea) & MASK_8BITS);
463                        break;
464                }
465            }
466        }
467    
468        /**
469         * Returns whether or not the <code>octet</code> is in the base 64 alphabet.
470         * 
471         * @param octet
472         *            The value to test
473         * @return <code>true</code> if the value is defined in the the base 64 alphabet, <code>false</code> otherwise.
474         * @since 1.4
475         */
476        public static boolean isBase64(byte octet) {
477            return octet == PAD_DEFAULT || (octet >= 0 && octet < DECODE_TABLE.length && DECODE_TABLE[octet] != -1);
478        }
479    
480        /**
481         * Tests a given String to see if it contains only valid characters within the Base64 alphabet. Currently the
482         * method treats whitespace as valid.
483         * 
484         * @param base64
485         *            String to test
486         * @return <code>true</code> if all characters in the String are valid characters in the Base64 alphabet or if
487         *         the String is empty; <code>false</code>, otherwise
488         *  @since 1.5
489         */
490        public static boolean isBase64(String base64) {
491            return isBase64(StringUtils.getBytesUtf8(base64));
492        }
493    
494        /**
495         * Tests a given byte array to see if it contains only valid characters within the Base64 alphabet. Currently the
496         * method treats whitespace as valid.
497         * 
498         * @param arrayOctet
499         *            byte array to test
500         * @return <code>true</code> if all bytes are valid characters in the Base64 alphabet or if the byte array is empty;
501         *         <code>false</code>, otherwise
502         * @deprecated 1.5 Use {@link #isBase64(byte[])}, will be removed in 2.0.
503         */
504        public static boolean isArrayByteBase64(byte[] arrayOctet) {
505            return isBase64(arrayOctet);
506        }
507        
508        /**
509         * Tests a given byte array to see if it contains only valid characters within the Base64 alphabet. Currently the
510         * method treats whitespace as valid.
511         * 
512         * @param arrayOctet
513         *            byte array to test
514         * @return <code>true</code> if all bytes are valid characters in the Base64 alphabet or if the byte array is empty;
515         *         <code>false</code>, otherwise
516         * @since 1.5
517         */    
518        public static boolean isBase64(byte[] arrayOctet) {
519            for (int i = 0; i < arrayOctet.length; i++) {
520                if (!isBase64(arrayOctet[i]) && !isWhiteSpace(arrayOctet[i])) {
521                    return false;
522                }
523            }
524            return true;
525        }
526        
527        /**
528         * Encodes binary data using the base64 algorithm but does not chunk the output.
529         * 
530         * @param binaryData
531         *            binary data to encode
532         * @return byte[] containing Base64 characters in their UTF-8 representation.
533         */
534        public static byte[] encodeBase64(byte[] binaryData) {
535            return encodeBase64(binaryData, false);
536        }
537    
538        /**
539         * Encodes binary data using the base64 algorithm but does not chunk the output.
540         *
541         * NOTE:  We changed the behaviour of this method from multi-line chunking (commons-codec-1.4) to
542         * single-line non-chunking (commons-codec-1.5). 
543         * 
544         * @param binaryData
545         *            binary data to encode
546         * @return String containing Base64 characters.
547         * @since 1.4 (NOTE:  1.4 chunked the output, whereas 1.5 does not).
548         */    
549        public static String encodeBase64String(byte[] binaryData) {
550            return StringUtils.newStringUtf8(encodeBase64(binaryData, false));
551        }
552        
553        /**
554         * Encodes binary data using a URL-safe variation of the base64 algorithm but does not chunk the output. The
555         * url-safe variation emits - and _ instead of + and / characters.
556         * 
557         * @param binaryData
558         *            binary data to encode
559         * @return byte[] containing Base64 characters in their UTF-8 representation.
560         * @since 1.4
561         */
562        public static byte[] encodeBase64URLSafe(byte[] binaryData) {
563            return encodeBase64(binaryData, false, true);
564        }
565    
566        /**
567         * Encodes binary data using a URL-safe variation of the base64 algorithm but does not chunk the output. The
568         * url-safe variation emits - and _ instead of + and / characters.
569         *
570         * @param binaryData
571         *            binary data to encode
572         * @return String containing Base64 characters
573         * @since 1.4
574         */    
575        public static String encodeBase64URLSafeString(byte[] binaryData) {
576            return StringUtils.newStringUtf8(encodeBase64(binaryData, false, true));
577        }    
578    
579        /**
580         * Encodes binary data using the base64 algorithm and chunks the encoded output into 76 character blocks
581         * 
582         * @param binaryData
583         *            binary data to encode
584         * @return Base64 characters chunked in 76 character blocks
585         */
586        public static byte[] encodeBase64Chunked(byte[] binaryData) {
587            return encodeBase64(binaryData, true);
588        }
589    
590        /**
591         * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
592         * 
593         * @param binaryData
594         *            Array containing binary data to encode.
595         * @param isChunked
596         *            if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
597         * @return Base64-encoded data.
598         * @throws IllegalArgumentException
599         *             Thrown when the input array needs an output array bigger than {@link Integer#MAX_VALUE}
600         */
601        public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) {
602            return encodeBase64(binaryData, isChunked, false);
603        }
604    
605        /**
606         * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
607         * 
608         * @param binaryData
609         *            Array containing binary data to encode.
610         * @param isChunked
611         *            if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
612         * @param urlSafe
613         *            if <code>true</code> this encoder will emit - and _ instead of the usual + and / characters.
614         * @return Base64-encoded data.
615         * @throws IllegalArgumentException
616         *             Thrown when the input array needs an output array bigger than {@link Integer#MAX_VALUE}
617         * @since 1.4
618         */
619        public static byte[] encodeBase64(byte[] binaryData, boolean isChunked, boolean urlSafe) {
620            return encodeBase64(binaryData, isChunked, urlSafe, Integer.MAX_VALUE);
621        }
622    
623        /**
624         * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
625         * 
626         * @param binaryData
627         *            Array containing binary data to encode.
628         * @param isChunked
629         *            if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
630         * @param urlSafe
631         *            if <code>true</code> this encoder will emit - and _ instead of the usual + and / characters.
632         * @param maxResultSize
633         *            The maximum result size to accept.
634         * @return Base64-encoded data.
635         * @throws IllegalArgumentException
636         *             Thrown when the input array needs an output array bigger than maxResultSize
637         * @since 1.4
638         */
639        public static byte[] encodeBase64(byte[] binaryData, boolean isChunked, boolean urlSafe, int maxResultSize) {
640            if (binaryData == null || binaryData.length == 0) {
641                return binaryData;
642            }
643    
644            // Create this so can use the super-class method
645            // Also ensures that the same roundings are performed by the ctor and the code
646            Base64 b64 = isChunked ? new Base64(urlSafe) : new Base64(0, CHUNK_SEPARATOR, urlSafe);
647            long len = b64.getEncodedLength(binaryData);
648            if (len > maxResultSize) {
649                throw new IllegalArgumentException("Input array too big, the output array would be bigger (" +
650                    len +
651                    ") than the specified maximum size of " +
652                    maxResultSize);
653            }
654                    
655            return b64.encode(binaryData);
656        }
657    
658        /**
659         * Decodes a Base64 String into octets
660         *
661         * @param base64String
662         *            String containing Base64 data
663         * @return Array containing decoded data.
664         * @since 1.4
665         */
666        public static byte[] decodeBase64(String base64String) {
667            return new Base64().decode(base64String);
668        }
669    
670        /**
671         * Decodes Base64 data into octets
672         * 
673         * @param base64Data
674         *            Byte array containing Base64 data
675         * @return Array containing decoded data.
676         */
677        public static byte[] decodeBase64(byte[] base64Data) {
678            return new Base64().decode(base64Data);
679        }
680    
681        // Implementation of the Encoder Interface
682    
683        // Implementation of integer encoding used for crypto
684        /**
685         * Decodes a byte64-encoded integer according to crypto standards such as W3C's XML-Signature
686         * 
687         * @param pArray
688         *            a byte array containing base64 character data
689         * @return A BigInteger
690         * @since 1.4
691         */
692        public static BigInteger decodeInteger(byte[] pArray) {
693            return new BigInteger(1, decodeBase64(pArray));
694        }
695    
696        /**
697         * Encodes to a byte64-encoded integer according to crypto standards such as W3C's XML-Signature
698         * 
699         * @param bigInt
700         *            a BigInteger
701         * @return A byte array containing base64 character data
702         * @throws NullPointerException
703         *             if null is passed in
704         * @since 1.4
705         */
706        public static byte[] encodeInteger(BigInteger bigInt) {
707            if (bigInt == null) {
708                throw new NullPointerException("encodeInteger called with null parameter");
709            }
710            return encodeBase64(toIntegerBytes(bigInt), false);
711        }
712    
713        /**
714         * Returns a byte-array representation of a <code>BigInteger</code> without sign bit.
715         * 
716         * @param bigInt
717         *            <code>BigInteger</code> to be converted
718         * @return a byte array representation of the BigInteger parameter
719         */
720        static byte[] toIntegerBytes(BigInteger bigInt) {
721            int bitlen = bigInt.bitLength();
722            // round bitlen
723            bitlen = ((bitlen + 7) >> 3) << 3;
724            byte[] bigBytes = bigInt.toByteArray();
725    
726            if (((bigInt.bitLength() % 8) != 0) && (((bigInt.bitLength() / 8) + 1) == (bitlen / 8))) {
727                return bigBytes;
728            }
729            // set up params for copying everything but sign bit
730            int startSrc = 0;
731            int len = bigBytes.length;
732    
733            // if bigInt is exactly byte-aligned, just skip signbit in copy
734            if ((bigInt.bitLength() % 8) == 0) {
735                startSrc = 1;
736                len--;
737            }
738            int startDst = bitlen / 8 - len; // to pad w/ nulls as per spec
739            byte[] resizedBytes = new byte[bitlen / 8];
740            System.arraycopy(bigBytes, startSrc, resizedBytes, startDst, len);
741            return resizedBytes;
742        }
743    
744        /**
745         * Returns whether or not the <code>octet</code> is in the Base32 alphabet.
746         * 
747         * @param octet
748         *            The value to test
749         * @return <code>true</code> if the value is defined in the the Base32 alphabet <code>false</code> otherwise.
750         */
751        protected boolean isInAlphabet(byte octet) {
752            return octet >= 0 && octet < decodeTable.length && decodeTable[octet] != -1;
753        }
754    
755    }