1*6777b538SAndroid Build Coastguard Worker // Copyright 2020 The Chromium Authors
2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file.
4*6777b538SAndroid Build Coastguard Worker
5*6777b538SAndroid Build Coastguard Worker #include "net/ssl/cert_compression.h"
6*6777b538SAndroid Build Coastguard Worker
7*6777b538SAndroid Build Coastguard Worker #include <cstdint>
8*6777b538SAndroid Build Coastguard Worker
9*6777b538SAndroid Build Coastguard Worker #include "third_party/boringssl/src/include/openssl/ssl.h"
10*6777b538SAndroid Build Coastguard Worker
11*6777b538SAndroid Build Coastguard Worker #if !defined(NET_DISABLE_BROTLI)
12*6777b538SAndroid Build Coastguard Worker #include "third_party/brotli/include/brotli/decode.h"
13*6777b538SAndroid Build Coastguard Worker #endif
14*6777b538SAndroid Build Coastguard Worker
15*6777b538SAndroid Build Coastguard Worker namespace net {
16*6777b538SAndroid Build Coastguard Worker namespace {
17*6777b538SAndroid Build Coastguard Worker
18*6777b538SAndroid Build Coastguard Worker #if !defined(NET_DISABLE_BROTLI)
DecompressBrotliCert(SSL * ssl,CRYPTO_BUFFER ** out,size_t uncompressed_len,const uint8_t * in,size_t in_len)19*6777b538SAndroid Build Coastguard Worker int DecompressBrotliCert(SSL* ssl,
20*6777b538SAndroid Build Coastguard Worker CRYPTO_BUFFER** out,
21*6777b538SAndroid Build Coastguard Worker size_t uncompressed_len,
22*6777b538SAndroid Build Coastguard Worker const uint8_t* in,
23*6777b538SAndroid Build Coastguard Worker size_t in_len) {
24*6777b538SAndroid Build Coastguard Worker uint8_t* data;
25*6777b538SAndroid Build Coastguard Worker bssl::UniquePtr<CRYPTO_BUFFER> decompressed(
26*6777b538SAndroid Build Coastguard Worker CRYPTO_BUFFER_alloc(&data, uncompressed_len));
27*6777b538SAndroid Build Coastguard Worker if (!decompressed) {
28*6777b538SAndroid Build Coastguard Worker return 0;
29*6777b538SAndroid Build Coastguard Worker }
30*6777b538SAndroid Build Coastguard Worker
31*6777b538SAndroid Build Coastguard Worker size_t output_size = uncompressed_len;
32*6777b538SAndroid Build Coastguard Worker if (BrotliDecoderDecompress(in_len, in, &output_size, data) !=
33*6777b538SAndroid Build Coastguard Worker BROTLI_DECODER_RESULT_SUCCESS ||
34*6777b538SAndroid Build Coastguard Worker output_size != uncompressed_len) {
35*6777b538SAndroid Build Coastguard Worker return 0;
36*6777b538SAndroid Build Coastguard Worker }
37*6777b538SAndroid Build Coastguard Worker
38*6777b538SAndroid Build Coastguard Worker *out = decompressed.release();
39*6777b538SAndroid Build Coastguard Worker return 1;
40*6777b538SAndroid Build Coastguard Worker }
41*6777b538SAndroid Build Coastguard Worker #endif
42*6777b538SAndroid Build Coastguard Worker
43*6777b538SAndroid Build Coastguard Worker } // namespace
44*6777b538SAndroid Build Coastguard Worker
ConfigureCertificateCompression(SSL_CTX * ctx)45*6777b538SAndroid Build Coastguard Worker void ConfigureCertificateCompression(SSL_CTX* ctx) {
46*6777b538SAndroid Build Coastguard Worker #if !defined(NET_DISABLE_BROTLI)
47*6777b538SAndroid Build Coastguard Worker SSL_CTX_add_cert_compression_alg(ctx, TLSEXT_cert_compression_brotli,
48*6777b538SAndroid Build Coastguard Worker nullptr /* compression not supported */,
49*6777b538SAndroid Build Coastguard Worker DecompressBrotliCert);
50*6777b538SAndroid Build Coastguard Worker #endif
51*6777b538SAndroid Build Coastguard Worker
52*6777b538SAndroid Build Coastguard Worker // Avoid "unused argument" errors in case no algorithms are supported.
53*6777b538SAndroid Build Coastguard Worker (void)(ctx);
54*6777b538SAndroid Build Coastguard Worker }
55*6777b538SAndroid Build Coastguard Worker
56*6777b538SAndroid Build Coastguard Worker } // namespace net
57