diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp
index 0d535b864032..4131e4714d83 100644
--- a/extensions/auth/nsHttpNegotiateAuth.cpp
+++ b/extensions/auth/nsHttpNegotiateAuth.cpp
@@ -32,6 +32,7 @@
 #include "nsNetCID.h"
 #include "plbase64.h"
 #include "plstr.h"
+#include "mozilla/Base64.h"
 #include "mozilla/Logging.h"
 #include "mozilla/Tokenizer.h"
 #include "mozilla/UniquePtr.h"
@@ -49,6 +50,8 @@
 #include "nsUnicharUtils.h"
 #include "mozilla/net/HttpAuthUtils.h"
 
+using mozilla::Base64Decode;
+
 //-----------------------------------------------------------------------------
 
 static const char kNegotiate[] = "Negotiate";
@@ -535,17 +538,14 @@ nsHttpNegotiateAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChanne
         while (challenge[len - 1] == '=')
             len--;
 
-        inTokenLen = (len * 3)/4;
-        inToken = malloc(inTokenLen);
-        if (!inToken)
-            return (NS_ERROR_OUT_OF_MEMORY);
-
         //
         // Decode the response that followed the "Negotiate" token
         //
-        if (PL_Base64Decode(challenge, len, (char *) inToken) == nullptr) {
-            free(inToken);
-            return(NS_ERROR_UNEXPECTED);
+        nsresult rv =
+            Base64Decode(challenge, len, (char**)&inToken, &inTokenLen);
+
+        if (NS_FAILED(rv)) {
+            return rv;
         }
     }
     else {