Rework SSLi_hash2hex() and SSLi_hex2hash().

[umurmur.git] / src / ssl.h

diff --git a/src/ssl.h b/src/ssl.h
index 9d72fe4e2d67f00f87e979894ba4e8b84aecc841..3c59f440b109611174571e07e6f178781bd92b8d 100644 (file)
--- a/src/ssl.h
+++ b/src/ssl.h
@@ -36,7 +36,6 @@
 #include "types.h"
 
 #include <inttypes.h>
-#include <stdio.h>
 #include <string.h>
 
 #if defined(USE_POLARSSL)
@@ -88,15 +87,49 @@ int urandom_bytes(void *ctx, unsigned char *dest, size_t len);
 
 typedef        ssl_context SSL_handle_t;
 
+#elif defined(USE_MBEDTLS)
+#include <mbedtls/version.h>
+
+#if !defined(MBEDTLS_VERSION_MAJOR) || (MBEDTLS_VERSION_MAJOR < 2)
+#error mbedTLS version 2.0.0 or greater is required!
+#endif
+
+#include <mbedtls/ssl.h>
+#if (MBEDTLS_VERSION_MINOR > 3)
+#include <mbedtls/net_sockets.h>
+#else
+#include <mbedtls/net.h>
+#endif
+
+#if defined(USE_MBEDTLS_HAVEGE)
+#include <mbedtls/havege.h>
+    #define HAVEGE_RAND (havege_random)
+    #define RAND_bytes(_dst_, _size_) do { \
+        mbedtls_havege_random(&hs, _dst_, _size_); \
+    } while (0)
+#else
+#define RAND_bytes(_dst_, _size_) do { urandom_bytes(NULL, _dst_, _size_); } while (0)
+int urandom_bytes(void *ctx, unsigned char *dest, size_t len);
+#endif
+
+#define SSLI_ERROR_WANT_READ -0x0F300 /* mbedTLS v0.x.x uses -0x0f00 -> --0x0f90, v1.x.x uses -0x7080 -> -0x7e80 */
+#define SSLI_ERROR_WANT_WRITE -0x0F310
+
+#define SSLI_ERROR_ZERO_RETURN 0
+#define SSLI_ERROR_CONNRESET MBEDTLS_ERR_NET_CONN_RESET
+#define SSLI_ERROR_SYSCALL MBEDTLS_ERR_NET_RECV_FAILED
+
+typedef        mbedtls_ssl_context SSL_handle_t;
+
 #elif defined(USE_GNUTLS)
 
 #include <gnutls/gnutls.h>
 
 #define SSLI_ERROR_WANT_READ GNUTLS_E_AGAIN
 #define SSLI_ERROR_WANT_WRITE GNUTLS_E_AGAIN
-#define SSLI_ERROR_ZERO_RETURN 6 // taken from the openssl compat. layer
+#define SSLI_ERROR_ZERO_RETURN GNUTLS_E_PREMATURE_TERMINATION
 #define SSLI_ERROR_CONNRESET GNUTLS_E_PREMATURE_TERMINATION
-#define SSLI_ERROR_SYSCALL 5
+#define SSLI_ERROR_SYSCALL GNUTLS_E_PREMATURE_TERMINATION
 
 typedef gnutls_session_t SSL_handle_t;
 
@@ -129,22 +162,40 @@ void SSLi_free(SSL_handle_t *ssl);
 
 static inline void SSLi_hash2hex(uint8_t *hash, char *out)
 {
+       const char hexdigits[] = "0123456789abcdef";
        int i, offset = 0;
-       for (i = 0; i < 20; i++)
-               offset += sprintf(out + offset, "%02x", hash[i]);
+       for (i = 0; i < 20; i++) {
+               out[offset++] = hexdigits[hash[i] >> 4];
+               out[offset++] = hexdigits[hash[i] & 0x0f];
+       }
+
+       out[offset] = '\0';
+}
+
+static inline uint8_t nibble(char c)
+{
+       if (c >= '0' && c <= '9')
+               return c - '0';
+
+       /* Force lower case so we don't need to check
+        * for upper case characters.
+        */
+       c |= 32;
+
+       return c - 'a' + 10;
 }
 
 static inline void SSLi_hex2hash(char *in, uint8_t *hash)
 {
-       int i;
-       char byte[3];
-       int scanned;
+       int i, offset = 0;
 
-       byte[2] = '\0';
        for (i = 0; i < 20; i++) {
-               memcpy(byte, &in[i * 2], 2);
-               sscanf(byte, "%02x", &scanned);
-               hash[i] = scanned;
+               uint8_t upper, lower;
+
+               upper = nibble(in[offset++]);
+               lower = nibble(in[offset++]);
+
+               hash[i] = (upper << 4) | lower;
        }
 }
 #endif