Lackmann1994
diff --git a/‎src/HTTPConnection.cpp
Lines changed: 22 additions & 8 deletions b/‎src/HTTPConnection.cpp
Lines changed: 22 additions & 8 deletions
diff --git a/‎src/HTTPConnection.hpp
Lines changed: 2 additions & 0 deletions b/‎src/HTTPConnection.hpp
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/HTTPSServerConstants.hpp
Lines changed: 3 additions & 0 deletions b/‎src/HTTPSServerConstants.hpp
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/util.cpp
Lines changed: 0 additions & 65 deletions b/‎src/util.cpp
Lines changed: 0 additions & 65 deletions
diff --git a/‎src/util.hpp
Lines changed: 0 additions & 5 deletions b/‎src/util.hpp
Lines changed: 0 additions & 5 deletions
@@ -1,10 +1,7 @@
 #include "HTTPConnection.hpp"
-#include "Websocket.hpp"
-#include <hwcrypto/sha.h>
 
 namespace httpsserver {
 
-
 HTTPConnection::HTTPConnection(ResourceResolver * resResolver):
 	_resResolver(resResolver) {
 	_socket = -1;
@@ -584,12 +581,29 @@ bool HTTPConnection::checkWebsocket() {
 
 std::string HTTPConnection::websocketKeyResponseHash(std::string key) {
 	std::string newKey = key + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
-	uint8_t shaData[20];
+	uint8_t shaData[HTTPS_SHA1_LENGTH];
 	esp_sha(SHA1, (uint8_t*)newKey.data(), newKey.length(), shaData);
-	//GeneralUtils::hexDump(shaData, 20);
-	std::string retStr;
-	base64Encode(std::string((char*)shaData, sizeof(shaData)), &retStr);
-	return retStr;
+
+	// Get output size required for base64 representation
+	size_t b64BufferSize = 0;
+	mbedtls_base64_encode(nullptr, 0, &b64BufferSize, (const unsigned char*)shaData, HTTPS_SHA1_LENGTH);
+
+	// Do the real encoding
+	unsigned char bufferOut[b64BufferSize];
+	size_t bytesEncoded = 0;
+	int res = mbedtls_base64_encode(
+		bufferOut,
+		b64BufferSize,
+		&bytesEncoded,
+		(const unsigned char*)shaData,
+		HTTPS_SHA1_LENGTH
+	);
+	
+	// Check result and return the encoded string
+	if (res != 0) {
+		return std::string();
+	}
+	return std::string((char*)bufferOut, bytesEncoded);
 } // WebsocketKeyResponseHash
 
 } /* namespace httpsserver */
@@ -4,6 +4,8 @@
 #include <Arduino.h>
 
 #include <string>
+#include <mbedtls/base64.h>
+#include <hwcrypto/sha.h>
 #include <functional>
 
 // Required for sockets
 
@@ -33,4 +33,7 @@
 // (time for the client to return notify close flag) - without it, truncation attacks might be possible
 #define HTTPS_SHUTDOWN_TIMEOUT                 5000
 
+// Length of a SHA1 hash
+#define HTTPS_SHA1_LENGTH                      20
+
 #endif /* SRC_HTTPSSERVERCONSTANTS_HPP_ */
@@ -47,69 +47,4 @@ std::string intToString(int i) {
 	return std::string(c);
 }
 
-static const char kBase64Alphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-    "abcdefghijklmnopqrstuvwxyz"
-    "0123456789+/";
-
-int base64EncodedLength(size_t length) {
-	return (length + 2 - ((length + 2) % 3)) / 3 * 4;
-} // base64EncodedLength
-
-int base64EncodedLength(const std::string &in) {
-	return base64EncodedLength(in.length());
-} // base64EncodedLength
-
-void a3_to_a4(unsigned char * a4, unsigned char * a3) {
-	a4[0] = (a3[0] & 0xfc) >> 2;
-	a4[1] = ((a3[0] & 0x03) << 4) + ((a3[1] & 0xf0) >> 4);
-	a4[2] = ((a3[1] & 0x0f) << 2) + ((a3[2] & 0xc0) >> 6);
-	a4[3] = (a3[2] & 0x3f);
-} // a3_to_a4
-
-/**
- * Encode a string into base 64.
- */
-bool base64Encode(const std::string &in, std::string *out) {
-	int i = 0, j = 0;
-	size_t enc_len = 0;
-	unsigned char a3[3];
-	unsigned char a4[4];
-
-	out->resize(base64EncodedLength(in));
-
-	int input_len = in.size();
-	std::string::const_iterator input = in.begin();
-
-	while (input_len--) {
-		a3[i++] = *(input++);
-		if (i == 3) {
-			a3_to_a4(a4, a3);
-
-			for (i = 0; i < 4; i++) {
-				(*out)[enc_len++] = kBase64Alphabet[a4[i]];
-			}
-
-			i = 0;
-		}
-	}
-
-	if (i) {
-		for (j = i; j < 3; j++) {
-			a3[j] = '\0';
-		}
-
-		a3_to_a4(a4, a3);
-
-		for (j = 0; j < i + 1; j++) {
-			(*out)[enc_len++] = kBase64Alphabet[a4[j]];
-		}
-
-		while ((i++ < 3)) {
-			(*out)[enc_len++] = '=';
-		}
-	}
-
-	return (enc_len == out->size());
-} // base64Encode
-
 }
@@ -12,11 +12,6 @@ int parseInt(std::string s);
 
 std::string intToString(int i);
 
-int base64EncodedLength(size_t length);
-int base64EncodedLength(const std::string &in);
-void a3_to_a4(unsigned char * a4, unsigned char * a3);
-bool base64Encode(const std::string& in, std::string* out);
-
 }
 
 #endif /* SRC_UTIL_HPP_ */
Original file line number	Diff line number	Diff line change
`@@ -12,11 +12,6 @@ int parseInt(std::string s);`
`12`	`12`
`13`	`13`	`std::string intToString(int i);`
`14`	`14`
`15`		`-int base64EncodedLength(size_t length);`
`16`		`-int base64EncodedLength(const std::string &in);`
`17`		`-void a3_to_a4(unsigned char * a4, unsigned char * a3);`
`18`		`-bool base64Encode(const std::string& in, std::string* out);`
`19`		`-`
`20`	`15`	`}`
`21`	`16`
`22`	`17`	`#endif /* SRC_UTIL_HPP_ */`