diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 486b6a6b08..2e8e105b78 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -74,6 +74,8 @@ int main( void ) #include "mbedtls/psa_util.h" #endif +#include + #include #include #include @@ -1016,45 +1018,6 @@ int idle( mbedtls_net_context *fd, return( 0 ); } -/* Unhexify `hex` into `dst`. `dst` must have - * size at least `strlen( hex ) / 2`. */ -int unhexify( char const *hex, unsigned char *dst ) -{ - unsigned char c; - size_t j; - size_t len = strlen( hex ); - - if( len % 2 != 0 ) - return( -1 ); - - for( j = 0; j < len; j += 2 ) - { - c = hex[j]; - if( c >= '0' && c <= '9' ) - c -= '0'; - else if( c >= 'a' && c <= 'f' ) - c -= 'a' - 10; - else if( c >= 'A' && c <= 'F' ) - c -= 'A' - 10; - else - return( -1 ); - dst[ j / 2 ] = c << 4; - - c = hex[j + 1]; - if( c >= '0' && c <= '9' ) - c -= '0'; - else if( c >= 'a' && c <= 'f' ) - c -= 'a' - 10; - else if( c >= 'A' && c <= 'F' ) - c -= 'A' - 10; - else - return( -1 ); - dst[ j / 2 ] |= c; - } - - return( 0 ); -} - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) int report_cid_usage( mbedtls_ssl_context *ssl, const char *additional_description ) @@ -1785,16 +1748,10 @@ int main( int argc, char *argv[] ) */ if( strlen( opt.psk ) ) { - psk_len = strlen( opt.psk ) / 2; - if( psk_len > sizeof( psk ) ) + if( mbedtls_test_unhexify( psk, sizeof( psk ), + opt.psk, &psk_len ) != 0 ) { - mbedtls_printf( "pre-shared key too long\n" ); - goto exit; - } - - if( unhexify( opt.psk, psk ) != 0 ) - { - mbedtls_printf( "pre-shared key not valid hex\n" ); + mbedtls_printf( "pre-shared key not valid\n" ); goto exit; } } @@ -1896,16 +1853,10 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - cid_len = strlen( opt.cid_val ) / 2; - if( cid_len > sizeof( cid ) ) + if( mbedtls_test_unhexify( cid, sizeof( cid ), + opt.cid_val, &cid_len ) != 0 ) { - mbedtls_printf( "CID too long\n" ); - goto exit; - } - - if( unhexify( opt.cid_val, cid ) != 0 ) - { - mbedtls_printf( "CID not valid hex\n" ); + mbedtls_printf( "CID not valid\n" ); goto exit; } @@ -1916,16 +1867,10 @@ int main( int argc, char *argv[] ) if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO ) opt.cid_val_renego = opt.cid_val; - cid_renego_len = strlen( opt.cid_val_renego ) / 2; - if( cid_renego_len > sizeof( cid_renego ) ) + if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ), + opt.cid_val_renego, &cid_renego_len ) != 0 ) { - mbedtls_printf( "CID too long\n" ); - goto exit; - } - - if( unhexify( opt.cid_val_renego, cid_renego ) != 0 ) - { - mbedtls_printf( "CID not valid hex\n" ); + mbedtls_printf( "CID not valid\n" ); goto exit; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 3fd065ef07..15346070cd 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -70,6 +70,8 @@ int main( void ) #include "mbedtls/psa_util.h" #endif +#include + #include #include #include @@ -1202,52 +1204,6 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl, #endif /* SNI_OPTION */ -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) || \ - defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - -#define HEX2NUM( c ) \ - do \ - { \ - if( (c) >= '0' && (c) <= '9' ) \ - (c) -= '0'; \ - else if( (c) >= 'a' && (c) <= 'f' ) \ - (c) -= 'a' - 10; \ - else if( (c) >= 'A' && (c) <= 'F' ) \ - (c) -= 'A' - 10; \ - else \ - return( -1 ); \ - } while( 0 ) - -/* - * Convert a hex string to bytes. - * Return 0 on success, -1 on error. - */ -int unhexify( unsigned char *output, const char *input, size_t *olen ) -{ - unsigned char c; - size_t j; - - *olen = strlen( input ); - if( *olen % 2 != 0 || *olen / 2 > MBEDTLS_PSK_MAX_LEN ) - return( -1 ); - *olen /= 2; - - for( j = 0; j < *olen * 2; j += 2 ) - { - c = input[j]; - HEX2NUM( c ); - output[ j / 2 ] = c << 4; - - c = input[j + 1]; - HEX2NUM( c ); - output[ j / 2 ] |= c; - } - - return( 0 ); -} - -#endif - #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) typedef struct _psk_entry psk_entry; @@ -1319,7 +1275,8 @@ psk_entry *psk_parse( char *psk_string ) GET_ITEM( new->name ); GET_ITEM( key_hex ); - if( unhexify( new->key, key_hex, &new->key_len ) != 0 ) + if( mbedtls_test_unhexify( new->key, MBEDTLS_PSK_MAX_LEN, + key_hex, &new->key_len ) != 0 ) goto error; new->next = cur; @@ -2632,7 +2589,8 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( unhexify( cid, opt.cid_val, &cid_len ) != 0 ) + if( mbedtls_test_unhexify( cid, sizeof( cid ), + opt.cid_val, &cid_len ) != 0 ) { mbedtls_printf( "CID not valid hex\n" ); goto exit; @@ -2645,7 +2603,8 @@ int main( int argc, char *argv[] ) if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO ) opt.cid_val_renego = opt.cid_val; - if( unhexify( cid_renego, opt.cid_val_renego, &cid_renego_len ) != 0 ) + if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ), + opt.cid_val_renego, &cid_renego_len ) != 0 ) { mbedtls_printf( "CID not valid hex\n" ); goto exit; @@ -2656,7 +2615,8 @@ int main( int argc, char *argv[] ) /* * Unhexify the pre-shared key and parse the list if any given */ - if( unhexify( psk, opt.psk, &psk_len ) != 0 ) + if( mbedtls_test_unhexify( psk, sizeof( psk ), + opt.psk, &psk_len ) != 0 ) { mbedtls_printf( "pre-shared key not valid hex\n" ); goto exit;