1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

use brotli::enc::encode::BrotliEncoderInitParams;
use ffi;
use libc::c_int;
use std::{io::Read, slice};

/// A certificate compression algorithm.
#[repr(u16)]
#[derive(Debug, Copy, Clone, PartialEq, Eq)]
pub enum CertCompressionAlgorithm {
    Brotli = ffi::TLSEXT_cert_compression_brotli as _,
    Zlib = ffi::TLSEXT_cert_compression_zlib as _,
}

impl CertCompressionAlgorithm {
    pub fn compression_fn(&self) -> ffi::ssl_cert_compression_func_t {
        match &self {
            Self::Brotli => Some(brotli_compressor),
            Self::Zlib => Some(zlib_compressor),
        }
    }

    pub fn decompression_fn(&self) -> ffi::ssl_cert_decompression_func_t {
        match &self {
            Self::Brotli => Some(brotli_decompressor),
            Self::Zlib => Some(zlib_decompressor),
        }
    }
}

unsafe extern "C" fn brotli_compressor(
    _ssl: *mut ffi::SSL,
    out: *mut ffi::CBB,
    in_: *const u8,
    in_len: usize,
) -> c_int {
    let mut uncompressed = slice::from_raw_parts(in_, in_len);
    let mut compressed: Vec<u8> = Vec::new();

    let params = BrotliEncoderInitParams();

    if let Err(_) = brotli::BrotliCompress(&mut uncompressed, &mut compressed, &params) {
        return 0;
    }

    ffi::CBB_add_bytes(out, compressed.as_ptr(), compressed.len())
}

unsafe extern "C" fn zlib_compressor(
    _ssl: *mut ffi::SSL,
    out: *mut ffi::CBB,
    in_: *const u8,
    in_len: usize,
) -> c_int {
    let mut uncompressed = slice::from_raw_parts(in_, in_len);
    let mut compressed: Vec<u8> = Vec::new();

    let params = flate2::Compression::default();

    let mut encoder = flate2::bufread::ZlibEncoder::new(&mut uncompressed, params);
    if let Err(_) = encoder.read_to_end(&mut compressed) {
        return 0;
    }

    ffi::CBB_add_bytes(out, compressed.as_ptr(), compressed.len())
}

unsafe extern "C" fn brotli_decompressor(
    _ssl: *mut ffi::SSL,
    out: *mut *mut ffi::CRYPTO_BUFFER,
    uncompressed_len: usize,
    in_: *const u8,
    in_len: usize,
) -> c_int {
    let mut compressed = slice::from_raw_parts(in_, in_len);
    let mut uncompressed: Vec<u8> = Vec::with_capacity(uncompressed_len);

    if let Err(_) = brotli::BrotliDecompress(&mut compressed, &mut uncompressed) {
        return 0;
    }

    if uncompressed.len() != uncompressed_len {
        return 0;
    }

    let buffer = ffi::CRYPTO_BUFFER_new(
        uncompressed.as_ptr(),
        uncompressed_len,
        std::ptr::null_mut(),
    );

    *out = buffer;

    return 1;
}

unsafe extern "C" fn zlib_decompressor(
    _ssl: *mut ffi::SSL,
    out: *mut *mut ffi::CRYPTO_BUFFER,
    uncompressed_len: usize,
    in_: *const u8,
    in_len: usize,
) -> c_int {
    let mut compressed = slice::from_raw_parts(in_, in_len);
    let mut uncompressed: Vec<u8> = Vec::with_capacity(uncompressed_len);

    let mut decoder = flate2::bufread::ZlibDecoder::new(&mut compressed);
    if let Err(_) = decoder.read_to_end(&mut uncompressed) {
        return 0;
    }

    if uncompressed.len() != uncompressed_len {
        return 0;
    }

    let buffer = ffi::CRYPTO_BUFFER_new(
        uncompressed.as_ptr(),
        uncompressed_len,
        std::ptr::null_mut(),
    );

    *out = buffer;

    return 1;
}