/*
   SSHSecure - a program to harden OpenSSH from defaults
   Copyright (C) 2020  Brent Saner

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program.  If not, see <https://www.gnu.org/licenses/>.
*/

package dh

/*
	OpenSSH does prime generation and primality checking a *little* weird.

	The seemingly go-to package for DH parameter generation in Golang, github.com/Luzifer/go-dhparam,
	does implement safety checking in a way I believe to be safe (with the huge caveat that I am nowhere
	near a professional, expert, guru, etc. in mathematics, cryptography, or the like).

	However, it is incompatible with OpenSSH's methodology for DH parameter generation.

	1.) First, primes are generated via the Sieve of Eratosthenes.
		a.) They must also be Sophie Germain primes (where p is selected prime, 2p+1 is also prime).
	2.) Then they are filtered via Probabilistic Miller-Rabin primality tests (on both q and p, where q is (p-1)/2).
	3.) OpenSSH fully supports generators of 2, 3, and 5 whereas go-dhparam only fully supports 2 and 5.

	And that's why I'm a sad panda and porting moduli.c to native Golang.
*/