TclTLS: Hex Artifact Content

Artifact a7290cba5ee4ae372e875763c27ff8ec8d14cd79:

Executable file gen_dh_params — part of check-in [3d5e70d1d5] at 2016-12-01 21:36:04 on branch tls-1-7 — Updated to generate DH parameters more dynamically (user: rkeene, size: 2595) [annotate] [blame] [check-ins using]
0000: 23 21 20 2f 75 73 72 2f 62 69 6e 2f 65 6e 76 20  #! /usr/bin/env 
0010: 62 61 73 68 0a 0a 62 69 74 73 3d 27 32 30 34 38  bash..bits='2048
0020: 27 0a 0a 66 75 6e 63 74 69 6f 6e 20 6f 70 65 6e  '..function open
0030: 73 73 6c 5f 64 68 70 61 72 61 6d 28 29 20 7b 0a  ssl_dhparam() {.
0040: 09 6c 6f 63 61 6c 20 6f 75 74 70 75 74 0a 0a 09  .local output...
0050: 69 66 20 5b 20 2d 78 20 22 24 28 77 68 69 63 68  if [ -x "$(which
0060: 20 6f 70 65 6e 73 73 6c 20 32 3e 2f 64 65 76 2f   openssl 2>/dev/
0070: 6e 75 6c 6c 29 22 20 5d 3b 20 74 68 65 6e 0a 09  null)" ]; then..
0080: 09 6f 75 74 70 75 74 3d 22 24 28 73 65 74 20 2d  .output="$(set -
0090: 6f 20 70 69 70 65 66 61 69 6c 3b 20 6f 70 65 6e  o pipefail; open
00a0: 73 73 6c 20 64 68 70 61 72 61 6d 20 2d 43 20 22  ssl dhparam -C "
00b0: 24 40 22 20 32 3e 2f 64 65 76 2f 6e 75 6c 6c 20  $@" 2>/dev/null 
00c0: 7c 20 73 65 64 20 27 2f 5e 2d 2d 2d 2d 2d 42 45  | sed '/^-----BE
00d0: 47 49 4e 20 44 48 20 50 41 52 41 4d 45 54 45 52  GIN DH PARAMETER
00e0: 53 2d 2d 2d 2d 2d 24 2f 2c 2f 5e 2d 2d 2d 2d 2d  S-----$/,/^-----
00f0: 45 4e 44 20 44 48 20 50 41 52 41 4d 45 54 45 52  END DH PARAMETER
0100: 53 2d 2d 2d 2d 2d 24 2f 20 64 3b 2f 5e 23 2f 20  S-----$/ d;/^#/ 
0110: 64 27 29 22 20 7c 7c 20 72 65 74 75 72 6e 20 31  d')" || return 1
0120: 0a 0a 09 09 65 63 68 6f 20 22 24 7b 6f 75 74 70  ....echo "${outp
0130: 75 74 7d 22 0a 0a 09 09 72 65 74 75 72 6e 20 30  ut}"....return 0
0140: 0a 09 66 69 0a 0a 09 72 65 74 75 72 6e 20 31 0a  ..fi...return 1.
0150: 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 67 65 6e 5f  }..function gen_
0160: 64 68 5f 70 61 72 61 6d 73 5f 6f 70 65 6e 73 73  dh_params_openss
0170: 6c 28 29 20 7b 0a 09 6f 70 65 6e 73 73 6c 5f 64  l() {..openssl_d
0180: 68 70 61 72 61 6d 20 22 24 7b 62 69 74 73 7d 22  hparam "${bits}"
0190: 20 3c 20 2f 64 65 76 2f 6e 75 6c 6c 20 7c 7c 20   < /dev/null || 
01a0: 72 65 74 75 72 6e 20 31 0a 09 72 65 74 75 72 6e  return 1..return
01b0: 20 30 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 67   0.}..function g
01c0: 65 6e 5f 64 68 5f 70 61 72 61 6d 73 5f 72 65 6d  en_dh_params_rem
01d0: 6f 74 65 28 29 20 7b 0a 09 6c 6f 63 61 6c 20 69  ote() {..local i
01e0: 6e 70 75 74 20 6f 75 74 70 75 74 20 75 72 6c 0a  nput output url.
01f0: 0a 09 75 72 6c 3d 22 68 74 74 70 73 3a 2f 2f 32  ..url="https://2
0200: 74 6f 6e 2e 63 6f 6d 2e 61 75 2f 64 68 70 61 72  ton.com.au/dhpar
0210: 61 6d 2f 24 7b 62 69 74 73 7d 22 0a 0a 09 69 6e  am/${bits}"...in
0220: 70 75 74 3d 22 24 28 63 75 72 6c 20 22 24 7b 75  put="$(curl "${u
0230: 72 6c 7d 22 29 22 20 7c 7c 20 5c 0a 09 09 69 6e  rl}")" || \...in
0240: 70 75 74 3d 22 24 28 77 67 65 74 20 2d 4f 20 2d  put="$(wget -O -
0250: 20 2d 6f 20 2f 64 65 76 2f 6e 75 6c 6c 20 22 24   -o /dev/null "$
0260: 7b 75 72 6c 7d 22 29 22 20 7c 7c 20 72 65 74 75  {url}")" || retu
0270: 72 6e 20 31 0a 0a 09 69 66 20 6f 75 74 70 75 74  rn 1...if output
0280: 3d 22 24 28 65 63 68 6f 20 22 24 7b 69 6e 70 75  ="$(echo "${inpu
0290: 74 7d 22 20 7c 20 6f 70 65 6e 73 73 6c 5f 64 68  t}" | openssl_dh
02a0: 70 61 72 61 6d 29 22 3b 20 74 68 65 6e 0a 09 09  param)"; then...
02b0: 65 63 68 6f 20 22 24 7b 6f 75 74 70 75 74 7d 22  echo "${output}"
02c0: 0a 0a 09 09 72 65 74 75 72 6e 20 30 0a 09 66 69  ....return 0..fi
02d0: 0a 0a 09 72 65 74 75 72 6e 20 31 0a 7d 0a 0a 66  ...return 1.}..f
02e0: 75 6e 63 74 69 6f 6e 20 67 65 6e 5f 64 68 5f 70  unction gen_dh_p
02f0: 61 72 61 6d 73 5f 66 61 6c 6c 62 61 63 6b 28 29  arams_fallback()
0300: 20 7b 0a 09 63 61 74 20 3c 3c 20 5c 5f 45 4f 46   {..cat << \_EOF
0310: 5f 0a 44 48 20 2a 67 65 74 5f 64 68 32 30 34 38  _.DH *get_dh2048
0320: 28 29 0a 09 7b 0a 09 73 74 61 74 69 63 20 75 6e  ()..{..static un
0330: 73 69 67 6e 65 64 20 63 68 61 72 20 64 68 32 30  signed char dh20
0340: 34 38 5f 70 5b 5d 3d 7b 0a 09 09 30 78 43 31 2c  48_p[]={...0xC1,
0350: 30 78 35 31 2c 30 78 35 38 2c 30 78 36 39 2c 30  0x51,0x58,0x69,0
0360: 78 46 42 2c 30 78 45 38 2c 30 78 36 43 2c 30 78  xFB,0xE8,0x6C,0x
0370: 34 37 2c 30 78 32 42 2c 30 78 38 36 2c 30 78 36  47,0x2B,0x86,0x6
0380: 31 2c 30 78 34 46 2c 0a 09 09 30 78 32 30 2c 30  1,0x4F,...0x20,0
0390: 78 32 45 2c 30 78 44 33 2c 30 78 46 43 2c 30 78  x2E,0xD3,0xFC,0x
03a0: 31 39 2c 30 78 45 45 2c 30 78 42 38 2c 30 78 46  19,0xEE,0xB8,0xF
03b0: 33 2c 30 78 33 35 2c 30 78 37 44 2c 30 78 42 41  3,0x35,0x7D,0xBA
03c0: 2c 30 78 38 36 2c 0a 09 09 30 78 32 41 2c 30 78  ,0x86,...0x2A,0x
03d0: 43 33 2c 30 78 43 38 2c 30 78 36 45 2c 30 78 46  C3,0xC8,0x6E,0xF
03e0: 34 2c 30 78 39 39 2c 30 78 37 35 2c 30 78 36 35  4,0x99,0x75,0x65
03f0: 2c 30 78 44 33 2c 30 78 37 41 2c 30 78 39 45 2c  ,0xD3,0x7A,0x9E,
0400: 30 78 44 46 2c 0a 09 09 30 78 44 34 2c 30 78 31  0xDF,...0xD4,0x1
0410: 46 2c 30 78 38 38 2c 30 78 45 33 2c 30 78 31 37  F,0x88,0xE3,0x17
0420: 2c 30 78 46 43 2c 30 78 41 31 2c 30 78 45 44 2c  ,0xFC,0xA1,0xED,
0430: 30 78 41 32 2c 30 78 42 36 2c 30 78 37 37 2c 30  0xA2,0xB6,0x77,0
0440: 78 38 34 2c 0a 09 09 30 78 41 41 2c 30 78 30 38  x84,...0xAA,0x08
0450: 2c 30 78 46 32 2c 30 78 39 37 2c 30 78 35 39 2c  ,0xF2,0x97,0x59,
0460: 30 78 37 41 2c 30 78 41 30 2c 30 78 30 33 2c 30  0x7A,0xA0,0x03,0
0470: 78 30 44 2c 30 78 33 45 2c 30 78 37 45 2c 30 78  x0D,0x3E,0x7E,0x
0480: 36 44 2c 0a 09 09 30 78 36 35 2c 30 78 36 41 2c  6D,...0x65,0x6A,
0490: 30 78 41 34 2c 30 78 45 41 2c 30 78 35 34 2c 30  0xA4,0xEA,0x54,0
04a0: 78 41 39 2c 30 78 35 32 2c 30 78 35 46 2c 30 78  xA9,0x52,0x5F,0x
04b0: 36 33 2c 30 78 42 34 2c 30 78 42 43 2c 30 78 39  63,0xB4,0xBC,0x9
04c0: 38 2c 0a 09 09 30 78 34 45 2c 30 78 46 36 2c 30  8,...0x4E,0xF6,0
04d0: 78 45 31 2c 30 78 41 34 2c 30 78 45 45 2c 30 78  xE1,0xA4,0xEE,0x
04e0: 31 36 2c 30 78 30 41 2c 30 78 42 30 2c 30 78 30  16,0x0A,0xB0,0x0
04f0: 31 2c 30 78 42 44 2c 30 78 39 46 2c 30 78 41 31  1,0xBD,0x9F,0xA1
0500: 2c 0a 09 09 30 78 45 38 2c 30 78 32 33 2c 30 78  ,...0xE8,0x23,0x
0510: 32 39 2c 30 78 35 36 2c 30 78 34 30 2c 30 78 39  29,0x56,0x40,0x9
0520: 35 2c 30 78 31 33 2c 30 78 45 42 2c 30 78 43 42  5,0x13,0xEB,0xCB
0530: 2c 30 78 44 35 2c 30 78 46 43 2c 30 78 37 36 2c  ,0xD5,0xFC,0x76,
0540: 0a 09 09 30 78 31 41 2c 30 78 34 31 2c 30 78 32  ...0x1A,0x41,0x2
0550: 36 2c 30 78 43 45 2c 30 78 32 30 2c 30 78 45 42  6,0xCE,0x20,0xEB
0560: 2c 30 78 33 30 2c 30 78 31 30 2c 30 78 31 37 2c  ,0x30,0x10,0x17,
0570: 30 78 30 37 2c 30 78 45 31 2c 30 78 38 43 2c 0a  0x07,0xE1,0x8C,.
0580: 09 09 30 78 41 43 2c 30 78 35 37 2c 30 78 33 37  ..0xAC,0x57,0x37
0590: 2c 30 78 38 42 2c 30 78 45 38 2c 30 78 30 31 2c  ,0x8B,0xE8,0x01,
05a0: 30 78 44 45 2c 30 78 41 39 2c 30 78 45 46 2c 30  0xDE,0xA9,0xEF,0
05b0: 78 41 34 2c 30 78 43 32 2c 30 78 41 34 2c 0a 09  xA4,0xC2,0xA4,..
05c0: 09 30 78 36 45 2c 30 78 34 38 2c 30 78 32 35 2c  .0x6E,0x48,0x25,
05d0: 30 78 31 31 2c 30 78 33 33 2c 30 78 31 31 2c 30  0x11,0x33,0x11,0
05e0: 78 44 34 2c 30 78 35 32 2c 30 78 37 39 2c 30 78  xD4,0x52,0x79,0x
05f0: 38 37 2c 30 78 39 46 2c 30 78 37 35 2c 0a 09 09  87,0x9F,0x75,...
0600: 30 78 36 31 2c 30 78 46 37 2c 30 78 39 43 2c 30  0x61,0xF7,0x9C,0
0610: 78 37 44 2c 30 78 33 36 2c 30 78 34 31 2c 30 78  x7D,0x36,0x41,0x
0620: 43 42 2c 30 78 45 43 2c 30 78 38 46 2c 30 78 45  CB,0xEC,0x8F,0xE
0630: 41 2c 30 78 34 41 2c 30 78 34 37 2c 0a 09 09 30  A,0x4A,0x47,...0
0640: 78 36 41 2c 30 78 33 36 2c 30 78 33 37 2c 30 78  x6A,0x36,0x37,0x
0650: 37 35 2c 30 78 42 39 2c 30 78 38 45 2c 30 78 46  75,0xB9,0x8E,0xF
0660: 35 2c 30 78 35 46 2c 30 78 36 37 2c 30 78 43 46  5,0x5F,0x67,0xCF
0670: 2c 30 78 31 46 2c 30 78 44 38 2c 0a 09 09 30 78  ,0x1F,0xD8,...0x
0680: 43 41 2c 30 78 37 30 2c 30 78 34 32 2c 30 78 43  CA,0x70,0x42,0xC
0690: 37 2c 30 78 41 32 2c 30 78 45 44 2c 30 78 30 46  7,0xA2,0xED,0x0F
06a0: 2c 30 78 37 44 2c 30 78 42 45 2c 30 78 34 33 2c  ,0x7D,0xBE,0x43,
06b0: 30 78 30 38 2c 30 78 32 38 2c 0a 09 09 30 78 36  0x08,0x28,...0x6
06c0: 36 2c 30 78 33 44 2c 30 78 44 44 2c 30 78 38 37  6,0x3D,0xDD,0x87
06d0: 2c 30 78 30 44 2c 30 78 36 31 2c 30 78 36 45 2c  ,0x0D,0x61,0x6E,
06e0: 30 78 44 30 2c 30 78 45 37 2c 30 78 34 39 2c 30  0xD0,0xE7,0x49,0
06f0: 78 44 31 2c 30 78 37 30 2c 0a 09 09 30 78 41 39  xD1,0x70,...0xA9
0700: 2c 30 78 34 44 2c 30 78 44 35 2c 30 78 46 44 2c  ,0x4D,0xD5,0xFD,
0710: 30 78 45 44 2c 30 78 46 32 2c 30 78 36 44 2c 30  0xED,0xF2,0x6D,0
0720: 78 33 32 2c 30 78 31 37 2c 30 78 39 37 2c 30 78  x32,0x17,0x97,0x
0730: 35 42 2c 30 78 30 36 2c 0a 09 09 30 78 36 30 2c  5B,0x06,...0x60,
0740: 30 78 39 43 2c 30 78 35 46 2c 30 78 41 33 2c 30  0x9C,0x5F,0xA3,0
0750: 78 35 44 2c 30 78 33 34 2c 30 78 31 34 2c 30 78  x5D,0x34,0x14,0x
0760: 37 45 2c 30 78 36 33 2c 30 78 35 34 2c 30 78 45  7E,0x63,0x54,0xE
0770: 34 2c 30 78 37 45 2c 0a 09 09 30 78 30 39 2c 30  4,0x7E,...0x09,0
0780: 78 38 46 2c 30 78 42 42 2c 30 78 38 45 2c 30 78  x8F,0xBB,0x8E,0x
0790: 41 30 2c 30 78 44 30 2c 30 78 39 36 2c 30 78 41  A0,0xD0,0x96,0xA
07a0: 43 2c 30 78 33 30 2c 30 78 32 30 2c 30 78 33 39  C,0x30,0x20,0x39
07b0: 2c 30 78 33 42 2c 0a 09 09 30 78 38 43 2c 30 78  ,0x3B,...0x8C,0x
07c0: 39 32 2c 30 78 36 35 2c 30 78 33 37 2c 30 78 30  92,0x65,0x37,0x0
07d0: 41 2c 30 78 38 46 2c 30 78 45 43 2c 30 78 37 32  A,0x8F,0xEC,0x72
07e0: 2c 30 78 38 42 2c 30 78 36 31 2c 30 78 37 44 2c  ,0x8B,0x61,0x7D,
07f0: 30 78 36 32 2c 0a 09 09 30 78 32 34 2c 30 78 35  0x62,...0x24,0x5
0800: 34 2c 30 78 45 39 2c 30 78 31 44 2c 30 78 30 31  4,0xE9,0x1D,0x01
0810: 2c 30 78 36 38 2c 30 78 38 39 2c 30 78 43 34 2c  ,0x68,0x89,0xC4,
0820: 30 78 37 42 2c 30 78 33 43 2c 30 78 34 38 2c 30  0x7B,0x3C,0x48,0
0830: 78 36 32 2c 0a 09 09 30 78 39 42 2c 30 78 38 33  x62,...0x9B,0x83
0840: 2c 30 78 31 31 2c 30 78 33 41 2c 30 78 30 42 2c  ,0x11,0x3A,0x0B,
0850: 30 78 30 44 2c 30 78 45 46 2c 30 78 35 41 2c 30  0x0D,0xEF,0x5A,0
0860: 78 45 34 2c 30 78 37 41 2c 30 78 41 30 2c 30 78  xE4,0x7A,0xA0,0x
0870: 36 39 2c 0a 09 09 30 78 46 34 2c 30 78 35 34 2c  69,...0xF4,0x54,
0880: 30 78 42 35 2c 30 78 35 42 2c 0a 09 09 7d 3b 0a  0xB5,0x5B,...};.
0890: 09 73 74 61 74 69 63 20 75 6e 73 69 67 6e 65 64  .static unsigned
08a0: 20 63 68 61 72 20 64 68 32 30 34 38 5f 67 5b 5d   char dh2048_g[]
08b0: 3d 7b 0a 09 09 30 78 30 32 2c 0a 09 09 7d 3b 0a  ={...0x02,...};.
08c0: 09 44 48 20 2a 64 68 3b 0a 0a 09 69 66 20 28 28  .DH *dh;...if ((
08d0: 64 68 3d 44 48 5f 6e 65 77 28 29 29 20 3d 3d 20  dh=DH_new()) == 
08e0: 4e 55 4c 4c 29 20 72 65 74 75 72 6e 28 4e 55 4c  NULL) return(NUL
08f0: 4c 29 3b 0a 09 64 68 2d 3e 70 3d 42 4e 5f 62 69  L);..dh->p=BN_bi
0900: 6e 32 62 6e 28 64 68 32 30 34 38 5f 70 2c 73 69  n2bn(dh2048_p,si
0910: 7a 65 6f 66 28 64 68 32 30 34 38 5f 70 29 2c 4e  zeof(dh2048_p),N
0920: 55 4c 4c 29 3b 0a 09 64 68 2d 3e 67 3d 42 4e 5f  ULL);..dh->g=BN_
0930: 62 69 6e 32 62 6e 28 64 68 32 30 34 38 5f 67 2c  bin2bn(dh2048_g,
0940: 73 69 7a 65 6f 66 28 64 68 32 30 34 38 5f 67 29  sizeof(dh2048_g)
0950: 2c 4e 55 4c 4c 29 3b 0a 09 69 66 20 28 28 64 68  ,NULL);..if ((dh
0960: 2d 3e 70 20 3d 3d 20 4e 55 4c 4c 29 20 7c 7c 20  ->p == NULL) || 
0970: 28 64 68 2d 3e 67 20 3d 3d 20 4e 55 4c 4c 29 29  (dh->g == NULL))
0980: 0a 09 09 7b 20 44 48 5f 66 72 65 65 28 64 68 29  ...{ DH_free(dh)
0990: 3b 20 72 65 74 75 72 6e 28 4e 55 4c 4c 29 3b 20  ; return(NULL); 
09a0: 7d 0a 09 72 65 74 75 72 6e 28 64 68 29 3b 0a 09  }..return(dh);..
09b0: 7d 0a 5f 45 4f 46 5f 0a 7d 0a 0a 67 65 6e 5f 64  }._EOF_.}..gen_d
09c0: 68 5f 70 61 72 61 6d 73 5f 6f 70 65 6e 73 73 6c  h_params_openssl
09d0: 20 26 26 20 65 78 69 74 20 30 0a 67 65 6e 5f 64   && exit 0.gen_d
09e0: 68 5f 70 61 72 61 6d 73 5f 72 65 6d 6f 74 65 20  h_params_remote 
09f0: 26 26 20 65 78 69 74 20 30 0a 67 65 6e 5f 64 68  && exit 0.gen_dh
0a00: 5f 70 61 72 61 6d 73 5f 66 61 6c 6c 62 61 63 6b  _params_fallback
0a10: 20 26 26 20 65 78 69 74 20 30 0a 0a 65 78 69 74   && exit 0..exit
0a20: 20 31 0a                                          1.