/*
 * Copyright (c) 1997-2000  The Stanford SRP Authentication Project
 * All Rights Reserved.
 *
 * Permission is hereby granted, free of charge, to any person obtaining
 * a copy of this software and associated documentation files (the
 * "Software"), to deal in the Software without restriction, including
 * without limitation the rights to use, copy, modify, merge, publish,
 * distribute, sublicense, and/or sell copies of the Software, and to
 * permit persons to whom the Software is furnished to do so, subject to
 * the following conditions:
 *
 * The above copyright notice and this permission notice shall be
 * included in all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 *
 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
 * In addition, the following conditions apply:
 *
 * 1. Any software that incorporates the SRP authentication technology
 *    must display the following acknowlegment:
 *    "This product uses the 'Secure Remote Password' cryptographic
 *     authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
 *
 * 2. Any software that incorporates all or part of the SRP distribution
 *    itself must also display the following acknowledgment:
 *    "This product includes software developed by Tom Wu and Eugene
 *     Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
 *
 * 3. Redistributions in source or binary form must retain an intact copy
 *    of this copyright notice and list of conditions.
 */

#include <unistd.h>     /* close getlogin */
#include <stdlib.h>     /* atexit exit */
#include <stdio.h>
#include <string.h>

#include "t_pwd.h"

#define MIN_BASIS_BITS 512
#define BASIS_BITS 2048

extern int  optind;
extern char *optarg;

extern int errno;

char *progName;

int  debug   = 0;
int  verbose = 0;
int  composite = 0;

int main(argc, argv)
     int argc;
     char *argv[];
{
  char *chp;
  char *configFile = NULL;
  char cbuf[256];
  char b64buf[MAXB64PARAMLEN];
  int c, ch, i, lastidx, keylen, yesno, fsize, status, nparams;
  FILE *efp;

  struct t_preconf * tpc;
  struct t_conf tcs;
  struct t_conf * tc = &tcs;
  struct t_confent * tcent;

  progName = *argv;
  if ((chp = strrchr(progName, '/')) != (char *) 0) progName = chp + 1;

  while ((ch = getopt(argc, argv, "dv2c:")) != EOF)
    switch(ch) {
    case 'c':
      configFile = optarg;
      break;
    case 'v':
      verbose++;
      break;
    case 'd':
      debug++;
      break;
    case '2':
      composite++;
      break;
    default:
      fprintf(stderr, "usage: %s [-dv2] [-c configfile]\n", progName);
      exit(1);
    }

  argc -= optind;
  argv += optind;

  lastidx = 0;
  keylen = 0;

  tcent = t_newconfent(tc);

  printf("\nThis program will generate a set of parameters for the EPS\n");
  printf("password file.  The size of these parameters, measured in bits,\n");
  printf("determines the level of security offered by SRP, and is related\n");
  printf("to the security of similarly-sized RSA or Diffie-Hellman keys.\n");
  printf("Choosing a predefined field is generally preferable to generating\n");
  printf("a new field because clients can avoid costly parameter verification.\n");
  printf("Either way, the values generated by this program are public and\n");
  printf("can even shared between systems.\n");

  printf("\nEnter the new field size, in bits.  Suggested sizes:\n\n");
  printf(" 512 (fast, minimally secure)\n");
  printf(" 768 (moderate security)\n");
  printf("1024 (most popular default)\n");
  printf("1536 (additional security, possibly slow)\n");
  printf("2048 (maximum supported security level)\n");
  printf("\nField size (%d to %d): ", MIN_BASIS_BITS, BASIS_BITS);

  fgets(cbuf, sizeof(cbuf), stdin);
  fsize = atoi(cbuf);
  if(fsize < MIN_BASIS_BITS || fsize > BASIS_BITS) {
    fprintf(stderr, "%s: field size must be between %d and %d\n",
	    progName, MIN_BASIS_BITS, BASIS_BITS);
    exit(1);
  }

  if(fsize <= keylen)
    fprintf(stderr, "Warning: new field size is not larger than old field size\n");

  printf("\nInitializing random number generator...");
  fflush(stdout);
  t_initrand();

  if(composite)
    printf("done.\n\nGenerating a %d-bit composite with safe prime factors.  This may take a while.\n", fsize);
  else
    printf("done.\n\nGenerating a %d-bit safe prime.  This may take a while.\n", fsize);

  while((tcent = (composite ? t_makeconfent_c(tc, fsize) :
			      t_makeconfent(tc, fsize))) == NULL)
    printf("Parameter generation failed, retrying...\n");
  tcent->index = lastidx + 1;

  printf("\nParameters successfully generated.\n");
  printf("N = [%s]\n", t_tob64(b64buf,
			       tcent->modulus.data, tcent->modulus.len));
  printf("g = [%s]\n", t_tob64(b64buf,
			       tcent->generator.data, tcent->generator.len));
  printf("\nYou must update the pre_params array in t_getconf.c\n");
}