static void print_dh_info (gnutls_session_t session, const char *str, int print) { printf ("- %sDiffie-Hellman parameters\n", str); printf (" - Using prime: %d bits\n", gnutls_dh_get_prime_bits (session)); printf (" - Secret key: %d bits\n", gnutls_dh_get_secret_bits (session)); printf (" - Peer's public key: %d bits\n", gnutls_dh_get_peers_public_bits (session)); if (print) { int ret; gnutls_datum_t raw_gen = { NULL, 0 }; gnutls_datum_t raw_prime = { NULL, 0 }; gnutls_dh_params_t dh_params = NULL; unsigned char *params_data = NULL; size_t params_data_size = 0; ret = gnutls_dh_get_group (session, &raw_gen, &raw_prime); if (ret) { fprintf (stderr, "gnutls_dh_get_group %d\n", ret); goto out; } ret = gnutls_dh_params_init (&dh_params); if (ret) { fprintf (stderr, "gnutls_dh_params_init %d\n", ret); goto out; } ret = gnutls_dh_params_import_raw (dh_params, &raw_prime, &raw_gen); if (ret) { fprintf (stderr, "gnutls_dh_params_import_raw %d\n", ret); goto out; } ret = gnutls_dh_params_export_pkcs3 (dh_params, GNUTLS_X509_FMT_PEM, params_data, ¶ms_data_size); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) { fprintf (stderr, "gnutls_dh_params_export_pkcs3 %d\n", ret); goto out; } params_data = gnutls_malloc (params_data_size); if (!params_data) { fprintf (stderr, "gnutls_malloc %d\n", ret); goto out; } ret = gnutls_dh_params_export_pkcs3 (dh_params, GNUTLS_X509_FMT_PEM, params_data, ¶ms_data_size); if (ret) { fprintf (stderr, "gnutls_dh_params_export_pkcs3-2 %d\n", ret); goto out; } printf (" - PKCS#3 format:\n\n%.*s\n", (int) params_data_size, params_data); out: gnutls_free (params_data); gnutls_free (raw_prime.data); gnutls_free (raw_gen.data); gnutls_dh_params_deinit (dh_params); } }
unsigned int session::get_dh_secret_bits () const { return RETWRAP (gnutls_dh_get_secret_bits (s)); }