The test now works.
[gnutls.git] / src / prime.c
blobf38d0aaf1aa6ddff60dec2f333a9b559b74e3a89
1 /*
2 * Copyright (C) 2004,2005,2007 Free Software Foundation
3 * Copyright (C) 2001,2002,2003 Nikos Mavrogiannopoulos
5 * This file is part of GNUTLS.
7 * GNUTLS is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * GNUTLS is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include <config.h>
23 #ifdef ENABLE_PKI
25 #include <stdio.h>
26 #include <string.h>
27 #include <stdlib.h>
28 #include <unistd.h>
29 #include <gnutls/gnutls.h>
31 /* Generates Diffie Hellman parameters (a prime and a generator
32 * of the group). Exports them in PKCS #3 format. Used by certtool.
35 extern FILE *outfile;
36 extern FILE *infile;
37 extern unsigned char buffer[];
38 extern const int buffer_size;
40 static int cparams = 0;
42 /* If how is zero then the included parameters are used.
44 int
45 generate_prime (int bits, int how)
47 unsigned int i;
48 int ret;
49 gnutls_dh_params_t dh_params;
50 gnutls_datum_t p, g;
52 gnutls_dh_params_init (&dh_params);
54 fprintf (stderr, "Generating DH parameters...");
56 if (how != 0)
58 ret = gnutls_dh_params_generate2 (dh_params, bits);
59 if (ret < 0)
61 fprintf (stderr, "Error generating parameters: %s\n",
62 gnutls_strerror (ret));
63 exit (1);
66 ret = gnutls_dh_params_export_raw (dh_params, &p, &g, NULL);
67 if (ret < 0)
69 fprintf (stderr, "Error exporting parameters: %s\n",
70 gnutls_strerror (ret));
71 exit (1);
74 else
76 #ifdef ENABLE_SRP
77 if (bits <= 1024)
79 p = gnutls_srp_1024_group_prime;
80 g = gnutls_srp_1024_group_generator;
82 else if (bits <= 1536)
84 p = gnutls_srp_1536_group_prime;
85 g = gnutls_srp_1536_group_generator;
87 else
89 p = gnutls_srp_2048_group_prime;
90 g = gnutls_srp_2048_group_generator;
93 ret = gnutls_dh_params_import_raw (dh_params, &p, &g);
94 if (ret < 0)
96 fprintf (stderr, "Error exporting parameters: %s\n",
97 gnutls_strerror (ret));
98 exit (1);
100 #else
101 fprintf (stderr, "Parameters unavailable as SRP disabled.\n");
102 #endif
105 if (cparams)
108 fprintf (outfile, "/* generator */\n");
109 fprintf (outfile, "\nconst uint8 g[%d] = { ", g.size);
111 for (i = 0; i < g.size; i++)
113 if (i % 7 == 0)
114 fprintf (outfile, "\n\t");
115 fprintf (outfile, "0x%.2x", g.data[i]);
116 if (i != g.size - 1)
117 fprintf (outfile, ", ");
120 fprintf (outfile, "\n};\n\n");
122 else
124 fprintf (outfile, "\nGenerator: ");
126 for (i = 0; i < g.size; i++)
128 if (i != 0 && i % 12 == 0)
129 fprintf (outfile, "\n\t");
130 else if (i != 0 && i != g.size)
131 fprintf (outfile, ":");
133 fprintf (outfile, "%.2x", g.data[i]);
136 fprintf (outfile, "\n\n");
139 /* print prime */
141 if (cparams)
143 fprintf (outfile, "/* prime - %d bits */\n", p.size * 8);
144 fprintf (outfile, "\nconst uint8 prime[%d] = { ", p.size);
146 for (i = 0; i < p.size; i++)
148 if (i % 7 == 0)
149 fprintf (outfile, "\n\t");
150 fprintf (outfile, "0x%.2x", p.data[i]);
151 if (i != p.size - 1)
152 fprintf (outfile, ", ");
155 fprintf (outfile, "\n};\n");
157 else
159 fprintf (outfile, "Prime: ");
161 for (i = 0; i < p.size; i++)
163 if (i != 0 && i % 12 == 0)
164 fprintf (outfile, "\n\t");
165 else if (i != 0 && i != p.size)
166 fprintf (outfile, ":");
167 fprintf (outfile, "%.2x", p.data[i]);
170 fprintf (outfile, "\n\n");
174 if (!cparams)
175 { /* generate a PKCS#3 structure */
177 int ret;
178 size_t len = buffer_size;
180 ret = gnutls_dh_params_export_pkcs3 (dh_params, GNUTLS_X509_FMT_PEM,
181 buffer, &len);
183 if (ret == 0)
185 fprintf (outfile, "\n%s", buffer);
187 else
189 fprintf (stderr, "Error: %s\n", gnutls_strerror (ret));
194 return 0;
197 #endif