2 * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009,
3 * 2010 Free Software Foundation, Inc.
5 * This file is part of GNUTLS.
7 * GNUTLS is free software: you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * GNUTLS is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see
19 * <http://www.gnu.org/licenses/>.
30 #include <gnutls/gnutls.h>
32 /* Generates Diffie-Hellman parameters (a prime and a generator
33 * of the group). Exports them in PKCS #3 format. Used by certtool.
38 extern unsigned char buffer
[];
39 extern const int buffer_size
;
41 static int cparams
= 0;
43 int generate_prime (int bits
, int how
);
45 /* If how is zero then the included parameters are used.
48 generate_prime (int bits
, int how
)
52 gnutls_dh_params_t dh_params
;
55 gnutls_dh_params_init (&dh_params
);
57 fprintf (stderr
, "Generating DH parameters...");
61 ret
= gnutls_dh_params_generate2 (dh_params
, bits
);
64 fprintf (stderr
, "Error generating parameters: %s\n",
65 gnutls_strerror (ret
));
69 ret
= gnutls_dh_params_export_raw (dh_params
, &p
, &g
, NULL
);
72 fprintf (stderr
, "Error exporting parameters: %s\n",
73 gnutls_strerror (ret
));
82 p
= gnutls_srp_1024_group_prime
;
83 g
= gnutls_srp_1024_group_generator
;
85 else if (bits
<= 1536)
87 p
= gnutls_srp_1536_group_prime
;
88 g
= gnutls_srp_1536_group_generator
;
92 p
= gnutls_srp_2048_group_prime
;
93 g
= gnutls_srp_2048_group_generator
;
96 ret
= gnutls_dh_params_import_raw (dh_params
, &p
, &g
);
99 fprintf (stderr
, "Error exporting parameters: %s\n",
100 gnutls_strerror (ret
));
104 fprintf (stderr
, "Parameters unavailable as SRP disabled.\n");
111 fprintf (outfile
, "/* generator */\n");
112 fprintf (outfile
, "\nconst uint8 g[%d] = { ", g
.size
);
114 for (i
= 0; i
< g
.size
; i
++)
117 fprintf (outfile
, "\n\t");
118 fprintf (outfile
, "0x%.2x", g
.data
[i
]);
120 fprintf (outfile
, ", ");
123 fprintf (outfile
, "\n};\n\n");
127 fprintf (outfile
, "\nGenerator: ");
129 for (i
= 0; i
< g
.size
; i
++)
131 if (i
!= 0 && i
% 12 == 0)
132 fprintf (outfile
, "\n\t");
133 else if (i
!= 0 && i
!= g
.size
)
134 fprintf (outfile
, ":");
136 fprintf (outfile
, "%.2x", g
.data
[i
]);
139 fprintf (outfile
, "\n\n");
146 fprintf (outfile
, "/* prime - %d bits */\n", p
.size
* 8);
147 fprintf (outfile
, "\nconst uint8 prime[%d] = { ", p
.size
);
149 for (i
= 0; i
< p
.size
; i
++)
152 fprintf (outfile
, "\n\t");
153 fprintf (outfile
, "0x%.2x", p
.data
[i
]);
155 fprintf (outfile
, ", ");
158 fprintf (outfile
, "\n};\n");
162 fprintf (outfile
, "Prime: ");
164 for (i
= 0; i
< p
.size
; i
++)
166 if (i
!= 0 && i
% 12 == 0)
167 fprintf (outfile
, "\n\t");
168 else if (i
!= 0 && i
!= p
.size
)
169 fprintf (outfile
, ":");
170 fprintf (outfile
, "%.2x", p
.data
[i
]);
173 fprintf (outfile
, "\n\n");
178 { /* generate a PKCS#3 structure */
180 size_t len
= buffer_size
;
182 ret
= gnutls_dh_params_export_pkcs3 (dh_params
, GNUTLS_X509_FMT_PEM
,
187 fprintf (outfile
, "\n%s", buffer
);
191 fprintf (stderr
, "Error: %s\n", gnutls_strerror (ret
));