Skip to content

Commit 0bc27ef

Browse files
fhesselfhessel
committed
Replace custom base64 encoder with mbedtls base64 encoder
1 parent 4a5e358 commit 0bc27ef

File tree

5 files changed

+27
-78
lines changed

5 files changed

+27
-78
lines changed

src/HTTPConnection.cpp

Lines changed: 22 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,7 @@
11
#include "HTTPConnection.hpp"
2-
#include "Websocket.hpp"
3-
#include <hwcrypto/sha.h>
42

53
namespace httpsserver {
64

7-
85
HTTPConnection::HTTPConnection(ResourceResolver * resResolver):
96
_resResolver(resResolver) {
107
_socket = -1;
@@ -584,12 +581,29 @@ bool HTTPConnection::checkWebsocket() {
584581

585582
std::string HTTPConnection::websocketKeyResponseHash(std::string key) {
586583
std::string newKey = key + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
587-
uint8_t shaData[20];
584+
uint8_t shaData[HTTPS_SHA1_LENGTH];
588585
esp_sha(SHA1, (uint8_t*)newKey.data(), newKey.length(), shaData);
589-
//GeneralUtils::hexDump(shaData, 20);
590-
std::string retStr;
591-
base64Encode(std::string((char*)shaData, sizeof(shaData)), &retStr);
592-
return retStr;
586+
587+
// Get output size required for base64 representation
588+
size_t b64BufferSize = 0;
589+
mbedtls_base64_encode(nullptr, 0, &b64BufferSize, (const unsigned char*)shaData, HTTPS_SHA1_LENGTH);
590+
591+
// Do the real encoding
592+
unsigned char bufferOut[b64BufferSize];
593+
size_t bytesEncoded = 0;
594+
int res = mbedtls_base64_encode(
595+
bufferOut,
596+
b64BufferSize,
597+
&bytesEncoded,
598+
(const unsigned char*)shaData,
599+
HTTPS_SHA1_LENGTH
600+
);
601+
602+
// Check result and return the encoded string
603+
if (res != 0) {
604+
return std::string();
605+
}
606+
return std::string((char*)bufferOut, bytesEncoded);
593607
} // WebsocketKeyResponseHash
594608

595609
} /* namespace httpsserver */

src/HTTPConnection.hpp

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@
44
#include <Arduino.h>
55

66
#include <string>
7+
#include <mbedtls/base64.h>
8+
#include <hwcrypto/sha.h>
79
#include <functional>
810

911
// Required for sockets

src/HTTPSServerConstants.hpp

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,4 +33,7 @@
3333
// (time for the client to return notify close flag) - without it, truncation attacks might be possible
3434
#define HTTPS_SHUTDOWN_TIMEOUT 5000
3535

36+
// Length of a SHA1 hash
37+
#define HTTPS_SHA1_LENGTH 20
38+
3639
#endif /* SRC_HTTPSSERVERCONSTANTS_HPP_ */

src/util.cpp

Lines changed: 0 additions & 65 deletions
Original file line numberDiff line numberDiff line change
@@ -47,69 +47,4 @@ std::string intToString(int i) {
4747
return std::string(c);
4848
}
4949

50-
static const char kBase64Alphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
51-
"abcdefghijklmnopqrstuvwxyz"
52-
"0123456789+/";
53-
54-
int base64EncodedLength(size_t length) {
55-
return (length + 2 - ((length + 2) % 3)) / 3 * 4;
56-
} // base64EncodedLength
57-
58-
int base64EncodedLength(const std::string &in) {
59-
return base64EncodedLength(in.length());
60-
} // base64EncodedLength
61-
62-
void a3_to_a4(unsigned char * a4, unsigned char * a3) {
63-
a4[0] = (a3[0] & 0xfc) >> 2;
64-
a4[1] = ((a3[0] & 0x03) << 4) + ((a3[1] & 0xf0) >> 4);
65-
a4[2] = ((a3[1] & 0x0f) << 2) + ((a3[2] & 0xc0) >> 6);
66-
a4[3] = (a3[2] & 0x3f);
67-
} // a3_to_a4
68-
69-
/**
70-
* Encode a string into base 64.
71-
*/
72-
bool base64Encode(const std::string &in, std::string *out) {
73-
int i = 0, j = 0;
74-
size_t enc_len = 0;
75-
unsigned char a3[3];
76-
unsigned char a4[4];
77-
78-
out->resize(base64EncodedLength(in));
79-
80-
int input_len = in.size();
81-
std::string::const_iterator input = in.begin();
82-
83-
while (input_len--) {
84-
a3[i++] = *(input++);
85-
if (i == 3) {
86-
a3_to_a4(a4, a3);
87-
88-
for (i = 0; i < 4; i++) {
89-
(*out)[enc_len++] = kBase64Alphabet[a4[i]];
90-
}
91-
92-
i = 0;
93-
}
94-
}
95-
96-
if (i) {
97-
for (j = i; j < 3; j++) {
98-
a3[j] = '\0';
99-
}
100-
101-
a3_to_a4(a4, a3);
102-
103-
for (j = 0; j < i + 1; j++) {
104-
(*out)[enc_len++] = kBase64Alphabet[a4[j]];
105-
}
106-
107-
while ((i++ < 3)) {
108-
(*out)[enc_len++] = '=';
109-
}
110-
}
111-
112-
return (enc_len == out->size());
113-
} // base64Encode
114-
11550
}

src/util.hpp

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,6 @@ int parseInt(std::string s);
1212

1313
std::string intToString(int i);
1414

15-
int base64EncodedLength(size_t length);
16-
int base64EncodedLength(const std::string &in);
17-
void a3_to_a4(unsigned char * a4, unsigned char * a3);
18-
bool base64Encode(const std::string& in, std::string* out);
19-
2015
}
2116

2217
#endif /* SRC_UTIL_HPP_ */

0 commit comments

Comments
 (0)