JWT: Normalize base64 data before decoding

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/pakfire/jwt.c b/src/pakfire/jwt.c
index 21444ddd8f6355adbfd33aa22fbec27af5666acf..20fa9fb68680c8668f9f4b984bea47dd05dc0c63 100644 (file)
--- a/src/pakfire/jwt.c
+++ b/src/pakfire/jwt.c
@@ -63,6 +63,7 @@ static int pakfire_jwt_find_payload(const char* token, const char** payload, siz
 }
 
 static int pakfire_jwt_decode_payload(char** payload, size_t* length, const char* token) {
+       char* normalized = NULL;
        const char* p = NULL;
        size_t l = 0;
        int r;
@@ -70,10 +71,21 @@ static int pakfire_jwt_decode_payload(char** payload, size_t* length, const char
        // Find the payload
        r = pakfire_jwt_find_payload(token, &p, &l);
        if (r < 0)
-               return r;
+               goto ERROR;
+
+       // Normalize to standard base64
+       r = pakfire_b64normalize(&normalized, p, l);
+       if (r < 0)
+               goto ERROR;
 
        // Decode the payload
-       return pakfire_b64decode((unsigned char**)payload, length, p, l);
+       r = pakfire_b64decode((unsigned char**)payload, length, normalized, -1);
+
+ERROR:
+       if (normalized)
+               free(normalized);
+
+       return r;
 }
 
 int pakfire_jwt_payload(struct pakfire_ctx* ctx, const char* token, struct json_object** payload) {