Truce's Webserver V3 B64 decode isn't working

[0xBRIANSMITH]

So in Truce's webserver you can have secure pages that are accessed via entering a username/password. It wasn't working so after some debugging I got the following lines:

FOR AUTH GOT: YWRtaW46cGFzc3dvcmQ=
B64 DECODE: BENJOQBTTXPSE

where

      %auth = getWord($_SERVER["HTTP_AUTHORIZATION"],1);
      echo("FOR AUTH GOT: " @ %auth);
      %auth = base64Decode(%auth);
      echo("B64 DECODE: " @ %auth);

in webclient::finish.
Though inputting YWRtaW46cGFzc3dvcmQ= into an online B64 decoder, I get

So what do I do?

[Ad Bot]

[Lugnut]

Try encoding data maybe. See what happens then.

[0xBRIANSMITH]

Try encoding data maybe. See what happens then.

idk if this is what you meant but instead of decoding the %auth im gonna encode the %line and compare.
I'll report results asap.

[0xBRIANSMITH]

nope
encoding it doesn't turn out correct.

[Lugnut]

see if
base64decode(base64decode(%line)) $= %line
if this works, . . .
i dunno what it tells us

it is almost certainly an implementation error

probably one that happened when truce added the cool new stuff the last time around

[0xBRIANSMITH]

see if
base64decode(base64decode(%line)) $= %line
if this works, . . .
i dunno what it tells us

it is almost certainly an implementation error

probably one that happened when truce added the cool new stuff the last time around

hopefully he sees this thread and can provide a fix because im stumped.

[Lugnut]

could you post the encoding function here plz

i don't want to look it up

[0xBRIANSMITH]

function base64Encode(%str)
{
   %len = strLen(%str);
   
   for(%i = 0; %i < %len; %i++)
   {
      %chr   = getSubStr(%str,%i,1);
      %ascii = strPos($Basetype[256],%chr) + 32;
      %bin   = convertBase(%ascii,$Basetype[10],$Basetype[2]);
      %bin   = padBase(%bin,$Basetype[2],8);
      %all   = %all @ %bin;
   }
   
   %len = strLen(%all);
   
   for(%i = 0; %i < %len; %i += 6)
   {
      %pack = getSubStr(%all,%i,6);
      
      while(strLen(%pack) < 6)
         %pack = %pack @ "0";
      
      %dec = convertBase(%pack,$Basetype[2],$Basetype[10]);
      %new = %new @ getSubStr($Basetype[64],%dec,1);
   }
   
   while(strLen(%new) % 4 > 0)
      %new = %new @ "=";
   
   return %new;
}

function base64Encode_Nulls(%str)
{
   %len = getWordCount(%str);
   
   for(%i = 0; %i < %len; %i++)
   {
      %dec = getWord(%str,%i);
      %bin = convertBase(%dec,$Basetype[10],$Basetype[2]);
      %bin = padBase(%bin,$Basetype[2],8);
      %all = %all @ %bin;
   }
   
   %len = strLen(%all);
   
   for(%i = 0; %i < %len; %i += 6)
   {
      %pack = getSubStr(%all,%i,6);
      
      while(strLen(%pack) < 6)
         %pack = %pack @ "0";
      
      %dec = convertBase(%pack,$Basetype[2],$Basetype[10]);
      %new = %new @ getSubStr($Basetype[64],%dec,1);
   }
   
   while(strLen(%new) % 4 > 0)
      %new = %new @ "=";
   
   return %new;
}

function base64Decode(%str)
{
   while(getSubStr(%str,strLen(%str) - 1,1) $= "=")
      %str = getSubStr(%str,0,strLen(%str) - 1);
   
   %len = strLen(%str);
   
   for(%i = 0; %i < %len; %i++)
   {
      %chr = getSubStr(%str,%i,1);
      %pos = strPos($Basetype[64],%chr);
      %bin = convertBase(%pos,$Basetype[10],$Basetype[2]);
      %bin = padBase(%bin,$Basetype[2],6);
      %all = %all @ %bin;
   }
   
   while(strLen(%all) % 8 > 0)
      %all = getSubStr(%all,0,strLen(%all) - 1);
   
   %len = strLen(%all);
   
   for(%i = 0; %i < %len; %i += 8)
   {
      %bin = getSubStr(%all,%i,8);
      %dec = convertBase(%bin,$Basetype[2],$Basetype[10]) - 32;
      %chr = getSubStr($Basetype[256],%dec,1);
      
      %new = %new @ %chr;
   }
   
   return %new;
}

nulls is for strings with nulls (?)

[Lugnut]

nulls is for strings with nulls (?)

yes, to allow proper websocket implementation. i'll read this and hope i get it

[0xBRIANSMITH]

so did anyone figure something out?

[Greek2me]

That makes it seem like the base64 functions are not the problem.

How is $_SERVER["HTTP_AUTHORIZATION"] defined?

[0xBRIANSMITH]

That makes it seem like the base64 functions are not the problem.

they definitely are because decoding the string externally provides the correct result, but via TS it provides gibberish.