From 2ce951c559f61bdae2a424e378e40bfd6fc815ec Mon Sep 17 00:00:00 2001
From: Tilman Sauerbeck <tilman@code-monkey.de>
Date: Thu, 28 Dec 2017 11:27:08 +0100
Subject: [PATCH] Rework SSLi_hash2hex() and SSLi_hex2hash().

This replaces the stdio-based implementation (printf(), scanf())
with a hand-written one. This should be worthwhile even if it's
unlikely that these functions show up in any profile.
---
 src/ssl.h | 37 +++++++++++++++++++++++++++----------
 1 file changed, 27 insertions(+), 10 deletions(-)

diff --git a/src/ssl.h b/src/ssl.h
index ab02a2d..3c59f44 100644
--- a/src/ssl.h
+++ b/src/ssl.h
@@ -36,7 +36,6 @@
 #include "types.h"
 
 #include <inttypes.h>
-#include <stdio.h>
 #include <string.h>
 
 #if defined(USE_POLARSSL)
@@ -163,22 +162,40 @@ void SSLi_free(SSL_handle_t *ssl);
 
 static inline void SSLi_hash2hex(uint8_t *hash, char *out)
 {
+	const char hexdigits[] = "0123456789abcdef";
 	int i, offset = 0;
-	for (i = 0; i < 20; i++)
-		offset += sprintf(out + offset, "%02x", hash[i]);
+	for (i = 0; i < 20; i++) {
+		out[offset++] = hexdigits[hash[i] >> 4];
+		out[offset++] = hexdigits[hash[i] & 0x0f];
+	}
+
+	out[offset] = '\0';
+}
+
+static inline uint8_t nibble(char c)
+{
+	if (c >= '0' && c <= '9')
+		return c - '0';
+
+	/* Force lower case so we don't need to check
+	 * for upper case characters.
+	 */
+	c |= 32;
+
+	return c - 'a' + 10;
 }
 
 static inline void SSLi_hex2hash(char *in, uint8_t *hash)
 {
-	int i;
-	char byte[3];
-	int scanned;
+	int i, offset = 0;
 
-	byte[2] = '\0';
 	for (i = 0; i < 20; i++) {
-		memcpy(byte, &in[i * 2], 2);
-		sscanf(byte, "%02x", &scanned);
-		hash[i] = scanned;
+		uint8_t upper, lower;
+
+		upper = nibble(in[offset++]);
+		lower = nibble(in[offset++]);
+
+		hash[i] = (upper << 4) | lower;
 	}
 }
 #endif
-- 
2.30.2