xkit 1.0.1

A xkit
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126

use boring_sys as ffi;
use std::{io::Read, slice};

/// A certificate compression algorithm.
#[repr(u16)]
#[derive(Debug, Copy, Clone, PartialEq, Eq)]
pub enum CertCompressionAlgorithm {
    Brotli = ffi::TLSEXT_cert_compression_brotli as _,
    Zlib = ffi::TLSEXT_cert_compression_zlib as _,
}

impl CertCompressionAlgorithm {
    pub fn compression_fn(&self) -> ffi::ssl_cert_compression_func_t {
        match &self {
            Self::Brotli => Some(brotli_compressor),
            Self::Zlib => Some(zlib_compressor),
        }
    }

    pub fn decompression_fn(&self) -> ffi::ssl_cert_decompression_func_t {
        match &self {
            Self::Brotli => Some(brotli_decompressor),
            Self::Zlib => Some(zlib_decompressor),
        }
    }
}

extern "C" fn brotli_compressor(
    _ssl: *mut ffi::SSL,
    buffer: *mut ffi::CBB,
    in_: *const u8,
    in_len: usize,
) -> ::std::os::raw::c_int {
    let mut uncompressed = unsafe { slice::from_raw_parts(in_, in_len) };
    let mut compressed: Vec<u8> = Vec::new();

    let params = brotli_crate::enc::encode::BrotliEncoderInitParams();

    if let Err(e) = brotli_crate::BrotliCompress(&mut uncompressed, &mut compressed, &params) {
        log::debug!("brotli compression error: {:?}", e);
        return 0;
    }

    unsafe { boring_sys::CBB_add_bytes(buffer, compressed.as_ptr(), compressed.len()) }
}

extern "C" fn zlib_compressor(
    _ssl: *mut ffi::SSL,
    out: *mut ffi::CBB,
    in_: *const u8,
    in_len: usize,
) -> ::std::os::raw::c_int {
    let mut uncompressed = unsafe { slice::from_raw_parts(in_, in_len) };
    let mut compressed: Vec<u8> = Vec::new();

    let params = flate2::Compression::default();

    let mut encoder = flate2::bufread::ZlibEncoder::new(&mut uncompressed, params);
    if let Err(e) = encoder.read_to_end(&mut compressed) {
        log::debug!("zlib compression error: {:?}", e);
        return 0;
    }

    unsafe { boring_sys::CBB_add_bytes(out, compressed.as_ptr(), compressed.len()) }
}

extern "C" fn brotli_decompressor(
    _ssl: *mut ffi::SSL,
    buffer: *mut *mut ffi::CRYPTO_BUFFER,
    uncompressed_len: usize,
    in_: *const u8,
    in_len: usize,
) -> ::std::os::raw::c_int {
    let mut compressed = unsafe { slice::from_raw_parts(in_, in_len) };
    let mut uncompressed: Vec<u8> = Vec::with_capacity(uncompressed_len);

    if let Err(e) = brotli_crate::BrotliDecompress(&mut compressed, &mut uncompressed) {
        log::debug!("brotli decompression error: {:?}", e);
        return 0;
    }

    if uncompressed.len() != uncompressed_len {
        return 0;
    }

    unsafe {
        *buffer = ffi::CRYPTO_BUFFER_new(
            uncompressed.as_ptr(),
            uncompressed_len,
            std::ptr::null_mut(),
        )
    }

    1
}

extern "C" fn zlib_decompressor(
    _ssl: *mut ffi::SSL,
    buffer: *mut *mut ffi::CRYPTO_BUFFER,
    uncompressed_len: usize,
    in_: *const u8,
    in_len: usize,
) -> ::std::os::raw::c_int {
    let mut compressed = unsafe { slice::from_raw_parts(in_, in_len) };
    let mut uncompressed: Vec<u8> = Vec::with_capacity(uncompressed_len);

    let mut decoder = flate2::bufread::ZlibDecoder::new(&mut compressed);
    if let Err(e) = decoder.read_to_end(&mut uncompressed) {
        log::debug!("zlib decompression error: {:?}", e);
        return 0;
    }

    if uncompressed.len() != uncompressed_len {
        return 0;
    }

    unsafe {
        *buffer = ffi::CRYPTO_BUFFER_new(
            uncompressed.as_ptr(),
            uncompressed_len,
            std::ptr::null_mut(),
        )
    }

    1
}