Update dh_genprime program

- default size 2048 bits
- make size a command-line argument
- remove warning about using own params

programs/pkey/dh_genprime.c

@@ -33,24 +33,6 @@
 #define mbedtls_printf     printf
 #endif
 
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_GENPRIME)
-#include "mbedtls/bignum.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-/*
- * Note: G = 4 is always a quadratic residue mod P,
- * so it is a generator of order Q (with P = 2*Q+1).
- */
-#define DH_P_SIZE 1024
-#define GENERATOR "4"
-
 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||   \
     !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) ||     \
     !defined(MBEDTLS_GENPRIME)
@@ -62,7 +44,28 @@ int main( void )
     return( 0 );
 }
 #else
-int main( void )
+
+#include "mbedtls/bignum.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#define USAGE \
+    "\n usage: dh_genprime param=<>...\n"                                   \
+    "\n acceprable parameters:\n"                                           \
+    "    bits=%%d           default: 2048\n"
+
+#define DFL_BITS    2048
+
+/*
+ * Note: G = 4 is always a quadratic residue mod P,
+ * so it is a generator of order Q (with P = 2*Q+1).
+ */
+#define GENERATOR "4"
+
+int main( int argc, char **argv )
 {
     int ret = 1;
     mbedtls_mpi G, P, Q;
@@ -70,24 +73,44 @@ int main( void )
     mbedtls_ctr_drbg_context ctr_drbg;
     const char *pers = "dh_genprime";
     FILE *fout;
+    int nbits = DFL_BITS;
+    int i;
+    char *p, *q;
 
     mbedtls_mpi_init( &G ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
     mbedtls_ctr_drbg_init( &ctr_drbg );
     mbedtls_entropy_init( &entropy );
 
+    if( argc == 0 )
+    {
+    usage:
+        mbedtls_printf( USAGE );
+        return( 1 );
+    }
+
+    for( i = 1; i < argc; i++ )
+    {
+        p = argv[i];
+        if( ( q = strchr( p, '=' ) ) == NULL )
+            goto usage;
+        *q++ = '\0';
+
+        if( strcmp( p, "bits" ) == 0 )
+        {
+            nbits = atoi( q );
+            if( nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS )
+                goto usage;
+        }
+        else
+            goto usage;
+    }
+
     if( ( ret = mbedtls_mpi_read_string( &G, 10, GENERATOR ) ) != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_mpi_read_string returned %d\n", ret );
         goto exit;
     }
 
-    mbedtls_printf( "\nWARNING: You should not generate and use your own DHM primes\n" );
-    mbedtls_printf( "         unless you are very certain of what you are doing!\n" );
-    mbedtls_printf( "         Failing to follow this instruction may result in\n" );
-    mbedtls_printf( "         weak security for your connections! Use the\n" );
-    mbedtls_printf( "         predefined DHM parameters from dhm.h instead!\n\n" );
-    mbedtls_printf( "============================================================\n\n" );
-
     mbedtls_printf( "  ! Generating large primes may take minutes!\n" );
 
     mbedtls_printf( "\n  . Seeding the random number generator..." );
@@ -107,7 +130,7 @@ int main( void )
     /*
      * This can take a long time...
      */
-    if( ( ret = mbedtls_mpi_gen_prime( &P, DH_P_SIZE, 1,
+    if( ( ret = mbedtls_mpi_gen_prime( &P, nbits, 1,
                                mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_mpi_gen_prime returned %d\n\n", ret );