if (info->seed_size > 0) {
gnutls_keygen_data_st data;
- gnutls_datum_t hexseed, seed;
- hexseed.data = (void*)info->seed;
- hexseed.size = info->seed_size;
-
- ret = gnutls_hex_decode2(&hexseed, &seed);
- if (ret < 0) {
- fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret));
- exit(1);
- }
-
- if (seed.size < 32) {
- fprintf(stderr, "For DH parameter generation a 32-byte seed value or larger is expected (have: %d); use -d 2 for more information.\n", (int)seed.size);
+ if (info->seed_size < 32) {
+ fprintf(stderr, "For DH parameter generation a 32-byte seed value or larger is expected (have: %d); use -d 2 for more information.\n", (int)info->seed_size);
exit(1);
}
data.type = GNUTLS_KEYGEN_SEED;
- data.data = seed.data;
- data.size = seed.size;
+ data.data = (void*)info->seed;
+ data.size = info->seed_size;
ret = gnutls_x509_privkey_generate2(pkey, GNUTLS_PK_DSA, bits, GNUTLS_PRIVKEY_FLAG_PROVABLE, &data, 1);
- gnutls_free(seed.data);
} else {
ret = gnutls_x509_privkey_generate(pkey, GNUTLS_PK_DSA, bits, GNUTLS_PRIVKEY_FLAG_PROVABLE);
}
return 0;
}
+
+void decode_seed(gnutls_datum_t *seed, const char *hex, unsigned hex_size)
+{
+ int ret;
+ size_t seed_size;
+
+ seed->size = hex_size;
+ seed->data = malloc(hex_size);
+
+ if (seed->data == NULL) {
+ fprintf(stderr, "memory error\n");
+ exit(1);
+ }
+
+ seed_size = hex_size;
+ ret = gnutls_hex2bin(hex, hex_size, seed->data, &seed_size);
+ if (ret < 0) {
+ fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret));
+ exit(1);
+ }
+ seed->size = seed_size;
+
+ return;
+}
if (cinfo->seed_size > 0) {
gnutls_keygen_data_st data;
- gnutls_datum_t hexseed, seed;
-
- hexseed.data = (void*)cinfo->seed;
- hexseed.size = cinfo->seed_size;
-
- ret = gnutls_hex_decode2(&hexseed, &seed);
- if (ret < 0) {
- fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret));
- exit(1);
- }
data.type = GNUTLS_KEYGEN_SEED;
- data.data = seed.data;
- data.size = seed.size;
+ data.data = (void*)cinfo->seed;
+ data.size = cinfo->seed_size;
if (key_type == GNUTLS_PK_RSA) {
- if ((bits == 3072 && seed.size != 32) || (bits == 2048 && seed.size != 28)) {
- fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)seed.size);
+ if ((bits == 3072 && cinfo->seed_size != 32) || (bits == 2048 && cinfo->seed_size != 28)) {
+ fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size);
}
} else if (key_type == GNUTLS_PK_DSA) {
- if (seed.size != 65) {
- fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)seed.size);
+ if (cinfo->seed_size != 65) {
+ fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size);
}
}
pkey = load_private_key(1, cinfo);
- if (HAVE_OPT(SEED)) {
- char seed[256];
- size_t seed_size = sizeof(seed);
- ret = gnutls_hex2bin(OPT_ARG(SEED), strlen(OPT_ARG(SEED)), seed, &seed_size);
- if (ret < 0) {
- fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret));
- exit(1);
- }
- ret = gnutls_privkey_verify_seed(pkey, 0, seed, seed_size);
+ if (cinfo->seed_size > 0) {
+ ret = gnutls_privkey_verify_seed(pkey, 0, cinfo->seed, cinfo->seed_size);
} else {
ret = gnutls_privkey_verify_seed(pkey, 0, NULL, 0);
}
cinfo.verbose = 1;
if (HAVE_OPT(SEED)) {
- cinfo.seed = OPT_ARG(SEED);
- cinfo.seed_size = strlen(OPT_ARG(SEED));
+ gnutls_datum_t seed;
+ decode_seed(&seed, OPT_ARG(SEED), strlen(OPT_ARG(SEED)));
+
+ cinfo.seed = seed.data;
+ cinfo.seed_size = seed.size;
}
cinfo.batch = batch;
projects / thirdparty / gnutls.git / commitdiff
