static void
print_dh_info (gnutls_session_t session, const char *str, int print)
{
printf ("- %sDiffie-Hellman parameters\n", str);
printf (" - Using prime: %d bits\n",
gnutls_dh_get_prime_bits (session));
printf (" - Secret key: %d bits\n",
gnutls_dh_get_secret_bits (session));
printf (" - Peer's public key: %d bits\n",
gnutls_dh_get_peers_public_bits (session));
if (print)
{
int ret;
gnutls_datum_t raw_gen = { NULL, 0 };
gnutls_datum_t raw_prime = { NULL, 0 };
gnutls_dh_params_t dh_params = NULL;
unsigned char *params_data = NULL;
size_t params_data_size = 0;
ret = gnutls_dh_get_group (session, &raw_gen, &raw_prime);
if (ret)
{
fprintf (stderr, "gnutls_dh_get_group %d\n", ret);
goto out;
}
ret = gnutls_dh_params_init (&dh_params);
if (ret)
{
fprintf (stderr, "gnutls_dh_params_init %d\n", ret);
goto out;
}
ret =
gnutls_dh_params_import_raw (dh_params, &raw_prime,
&raw_gen);
if (ret)
{
fprintf (stderr, "gnutls_dh_params_import_raw %d\n", ret);
goto out;
}
ret = gnutls_dh_params_export_pkcs3 (dh_params,
GNUTLS_X509_FMT_PEM,
params_data,
¶ms_data_size);
if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
{
fprintf (stderr, "gnutls_dh_params_export_pkcs3 %d\n",
ret);
goto out;
}
params_data = gnutls_malloc (params_data_size);
if (!params_data)
{
fprintf (stderr, "gnutls_malloc %d\n", ret);
goto out;
}
ret = gnutls_dh_params_export_pkcs3 (dh_params,
GNUTLS_X509_FMT_PEM,
params_data,
¶ms_data_size);
if (ret)
{
fprintf (stderr, "gnutls_dh_params_export_pkcs3-2 %d\n",
ret);
goto out;
}
printf (" - PKCS#3 format:\n\n%.*s\n", (int) params_data_size,
params_data);
out:
gnutls_free (params_data);
gnutls_free (raw_prime.data);
gnutls_free (raw_gen.data);
gnutls_dh_params_deinit (dh_params);
}
}
unsigned int session::get_dh_secret_bits () const
{
return RETWRAP (gnutls_dh_get_secret_bits (s));
}
