From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 29 Sep 2023 16:06:49 +0000 (+0200)
Subject: lib: provide and use Curl_hexencode
X-Git-Tag: curl-8_4_0~70
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=91878ebecadd438031ccd49ab37c752220544425;p=thirdparty%2Fcurl.git

lib: provide and use Curl_hexencode

Generates a lower case ASCII hex output from a binary input.

Closes #11990
---

diff --git a/lib/escape.c b/lib/escape.c
index 0f35bed0af..5af00c3514 100644
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -206,3 +206,29 @@ void curl_free(void *p)
 {
   free(p);
 }
+
+/*
+ * Curl_hexencode()
+ *
+ * Converts binary input to lowercase hex-encoded ASCII output.
+ * Null-terminated.
+ */
+void Curl_hexencode(const unsigned char *src, size_t len, /* input length */
+                    unsigned char *out, size_t olen) /* output buffer size */
+{
+  const char *hex = "0123456789abcdef";
+  DEBUGASSERT(src && len && (olen >= 3));
+  if(src && len && (olen >= 3)) {
+    while(len-- && (olen >= 3)) {
+      /* clang-tidy warns on this line without this comment: */
+      /* NOLINTNEXTLINE(clang-analyzer-core.UndefinedBinaryOperatorResult) */
+      *out++ = hex[(*src & 0xF0)>>4];
+      *out++ = hex[*src & 0x0F];
+      ++src;
+      olen -= 2;
+    }
+    *out = 0;
+  }
+  else if(olen)
+    *out = 0;
+}
diff --git a/lib/escape.h b/lib/escape.h
index caa4aa5331..690e417879 100644
--- a/lib/escape.h
+++ b/lib/escape.h
@@ -38,4 +38,7 @@ CURLcode Curl_urldecode(const char *string, size_t length,
                         char **ostring, size_t *olen,
                         enum urlreject ctrl);
 
+void Curl_hexencode(const unsigned char *src, size_t len, /* input length */
+                    unsigned char *out, size_t olen); /* output buffer size */
+
 #endif /* HEADER_CURL_ESCAPE_H */
diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c
index 25c16a2b76..901c22fbbf 100644
--- a/lib/http_aws_sigv4.c
+++ b/lib/http_aws_sigv4.c
@@ -34,6 +34,7 @@
 #include "transfer.h"
 #include "parsedate.h"
 #include "sendf.h"
+#include "escape.h"
 
 #include <time.h>
 
@@ -63,11 +64,8 @@
 
 static void sha256_to_hex(char *dst, unsigned char *sha)
 {
-  int i;
-
-  for(i = 0; i < SHA256_DIGEST_LENGTH; ++i) {
-    msnprintf(dst + (i * 2), SHA256_HEX_LENGTH - (i * 2), "%02x", sha[i]);
-  }
+  Curl_hexencode(sha, SHA256_DIGEST_LENGTH,
+                 (unsigned char *)dst, SHA256_HEX_LENGTH);
 }
 
 static char *find_date_hdr(struct Curl_easy *data, const char *sig_hdr)
diff --git a/lib/rand.c b/lib/rand.c
index 3aaf5239ab..6bd96136f1 100644
--- a/lib/rand.c
+++ b/lib/rand.c
@@ -43,6 +43,7 @@ uint32_t arc4random(void);
 #include "sendf.h"
 #include "timeval.h"
 #include "rand.h"
+#include "escape.h"
 
 /* The last 3 #include files should be in this order */
 #include "curl_printf.h"
@@ -231,9 +232,7 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
                        size_t num)
 {
   CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
-  const char *hex = "0123456789abcdef";
   unsigned char buffer[128];
-  unsigned char *bufp = buffer;
   DEBUGASSERT(num > 1);
 
 #ifdef __clang_analyzer__
@@ -252,16 +251,7 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
   if(result)
     return result;
 
-  while(num) {
-    /* clang-tidy warns on this line without this comment: */
-    /* NOLINTNEXTLINE(clang-analyzer-core.UndefinedBinaryOperatorResult) */
-    *rnd++ = hex[(*bufp & 0xF0)>>4];
-    *rnd++ = hex[*bufp & 0x0F];
-    bufp++;
-    num -= 2;
-  }
-  *rnd = 0;
-
+  Curl_hexencode(buffer, num/2, rnd, num + 1);
   return result;
 }