diff options
Diffstat (limited to 'src/tls.cc')
-rw-r--r-- | src/tls.cc | 56 |
1 files changed, 56 insertions, 0 deletions
@@ -32,6 +32,11 @@ #include <openssl/crypto.h> #include <openssl/conf.h> +#ifdef HAVE_LIBBROTLI +# include <brotli/encode.h> +# include <brotli/decode.h> +#endif // HAVE_LIBBROTLI + #include "ssl_compat.h" namespace nghttp2 { @@ -120,6 +125,57 @@ int ssl_ctx_set_proto_versions(SSL_CTX *ssl_ctx, int min, int max) { return 0; } +#if defined(NGHTTP2_OPENSSL_IS_BORINGSSL) && defined(HAVE_LIBBROTLI) +int cert_compress(SSL *ssl, CBB *out, const uint8_t *in, size_t in_len) { + uint8_t *dest; + + auto compressed_size = BrotliEncoderMaxCompressedSize(in_len); + if (compressed_size == 0) { + return 0; + } + + if (!CBB_reserve(out, &dest, compressed_size)) { + return 0; + } + + if (BrotliEncoderCompress(BROTLI_MAX_QUALITY, BROTLI_DEFAULT_WINDOW, + BROTLI_MODE_GENERIC, in_len, in, &compressed_size, + dest) != BROTLI_TRUE) { + return 0; + } + + if (!CBB_did_write(out, compressed_size)) { + return 0; + } + + return 1; +} + +int cert_decompress(SSL *ssl, CRYPTO_BUFFER **out, size_t uncompressed_len, + const uint8_t *in, size_t in_len) { + uint8_t *dest; + auto buf = CRYPTO_BUFFER_alloc(&dest, uncompressed_len); + auto len = uncompressed_len; + + if (BrotliDecoderDecompress(in_len, in, &len, dest) != + BROTLI_DECODER_RESULT_SUCCESS) { + CRYPTO_BUFFER_free(buf); + + return 0; + } + + if (uncompressed_len != len) { + CRYPTO_BUFFER_free(buf); + + return 0; + } + + *out = buf; + + return 1; +} +#endif // NGHTTP2_OPENSSL_IS_BORINGSSL && HAVE_LIBBROTLI + } // namespace tls } // namespace nghttp2 |