/* generate an ed25519 key pair.
* returns 0 on success
*/
int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key)
{
byte az[ED25519_PRV_KEY_SIZE];
int ret;
ge_p3 A;
if (rng == NULL || key == NULL)
return BAD_FUNC_ARG;
/* ed25519 has 32 byte key sizes */
if (keySz != ED25519_KEY_SIZE)
return BAD_FUNC_ARG;
ret = wc_RNG_GenerateBlock(rng, key->k, ED25519_KEY_SIZE);
if (ret != 0)
return ret;
ret = wc_Sha512Hash(key->k, ED25519_KEY_SIZE, az);
if (ret != 0) {
ForceZero(key->k, ED25519_KEY_SIZE);
return ret;
}
/* apply clamp */
az[0] &= 248;
az[31] &= 63; /* same than az[31] &= 127 because of az[31] |= 64 */
az[31] |= 64;
ge_scalarmult_base(&A, az);
ge_p3_tobytes(key->p, &A);
/* put public key after private key, on the same buffer */
XMEMMOVE(key->k + ED25519_KEY_SIZE, key->p, ED25519_PUB_KEY_SIZE);
return ret;
}
struct section_problem_data *
super_html_create_problem(
struct sid_state *sstate,
int prob_id)
{
if (prob_id >= sstate->prob_a) {
int new_prob_a = sstate->prob_a;
struct section_problem_data **new_probs;
int *new_flags;
if (!new_prob_a) new_prob_a = 16;
while (prob_id >= new_prob_a) new_prob_a *= 2;
XCALLOC(new_probs, new_prob_a);
XCALLOC(new_flags, new_prob_a);
if (sstate->prob_a) {
XMEMMOVE(new_probs, sstate->probs, sstate->prob_a);
XMEMMOVE(new_flags, sstate->prob_flags, sstate->prob_a);
}
xfree(sstate->probs);
xfree(sstate->prob_flags);
sstate->probs = new_probs;
sstate->prob_flags = new_flags;
sstate->prob_a = new_prob_a;
}
if (sstate->probs[prob_id])
return NULL;
struct section_problem_data *prob = prepare_alloc_problem();
prepare_problem_init_func(&prob->g);
sstate->cfg = param_merge(&prob->g, sstate->cfg);
sstate->probs[prob_id] = prob;
prob->id = prob_id;
sstate->prob_flags[prob_id] = 0;
return prob;
}
/* Client attempts to read data from server. */
static int recv_client(WOLFSSL* ssl, char* buff, int sz, void* ctx)
{
if (client_buffer_sz > 0) {
if (sz > client_buffer_sz)
sz = client_buffer_sz;
XMEMCPY(buff, client_buffer, sz);
if (sz < client_buffer_sz) {
XMEMMOVE(client_buffer, client_buffer + sz, client_buffer_sz - sz);
}
client_buffer_sz -= sz;
}
else
sz = WOLFSSL_CBIO_ERR_WANT_READ;
return sz;
}
/* Server attempts to read data from client. */
static int recv_server(WOLFSSL* ssl, char* buff, int sz, void* ctx)
{
if (server_buffer_sz > 0) {
if (sz > server_buffer_sz)
sz = server_buffer_sz;
XMEMCPY(buff, server_buffer, sz);
if (sz < server_buffer_sz) {
XMEMMOVE(server_buffer, server_buffer + sz, server_buffer_sz - sz);
}
server_buffer_sz -= sz;
}
else
sz = WOLFSSL_CBIO_ERR_WANT_READ;
return sz;
}
/* return: >0 OCSP Response Size
* -1 error */
static int process_http_response(int sfd, byte** respBuf,
byte* httpBuf, int httpBufSz)
{
int result;
int len = 0;
char *start, *end;
byte *recvBuf = NULL;
int recvBufSz = 0;
enum phr_state { phr_init, phr_http_start, phr_have_length,
phr_have_type, phr_wait_end, phr_http_end
} state = phr_init;
start = end = NULL;
do {
if (end == NULL) {
result = (int)recv(sfd, (char*)httpBuf+len, httpBufSz-len-1, 0);
if (result > 0) {
len += result;
start = (char*)httpBuf;
start[len] = 0;
}
else {
CYASSL_MSG("process_http_response recv http from peer failed");
return -1;
}
}
end = XSTRSTR(start, "\r\n");
if (end == NULL) {
if (len != 0)
XMEMMOVE(httpBuf, start, len);
start = end = NULL;
}
else if (end == start) {
if (state == phr_wait_end) {
state = phr_http_end;
len -= 2;
start += 2;
}
else {
CYASSL_MSG("process_http_response header ended early");
return -1;
}
}
else {
*end = 0;
len -= (int)(end - start) + 2;
/* adjust len to remove the first line including the /r/n */
if (XSTRNCASECMP(start, "HTTP/1", 6) == 0) {
start += 9;
if (XSTRNCASECMP(start, "200 OK", 6) != 0 ||
state != phr_init) {
CYASSL_MSG("process_http_response not OK");
return -1;
}
state = phr_http_start;
}
else if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) {
start += 13;
while (*start == ' ' && *start != '\0') start++;
if (XSTRNCASECMP(start, "application/ocsp-response", 25) != 0) {
CYASSL_MSG("process_http_response not ocsp-response");
return -1;
}
if (state == phr_http_start) state = phr_have_type;
else if (state == phr_have_length) state = phr_wait_end;
else {
CYASSL_MSG("process_http_response type invalid state");
return -1;
}
}
else if (XSTRNCASECMP(start, "Content-Length:", 15) == 0) {
start += 15;
while (*start == ' ' && *start != '\0') start++;
recvBufSz = atoi(start);
if (state == phr_http_start) state = phr_have_length;
else if (state == phr_have_type) state = phr_wait_end;
else {
CYASSL_MSG("process_http_response length invalid state");
return -1;
}
}
start = end + 2;
}
} while (state != phr_http_end);
recvBuf = (byte*)XMALLOC(recvBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
if (recvBuf == NULL) {
CYASSL_MSG("process_http_response couldn't create response buffer");
return -1;
}
/* copy the remainder of the httpBuf into the respBuf */
if (len != 0)
XMEMCPY(recvBuf, start, len);
/* receive the OCSP response data */
do {
result = (int)recv(sfd, (char*)recvBuf+len, recvBufSz-len, 0);
if (result > 0)
len += result;
else {
CYASSL_MSG("process_http_response recv ocsp from peer failed");
return -1;
}
} while (len != recvBufSz);
*respBuf = recvBuf;
return recvBufSz;
}
