Xuyi Wang / wolfcrypt

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   OS

src/dh.c@1:e4ea39eba2fb, 2019-11-25 (annotated)

Committer:
sPymbed
Date:
Mon Nov 25 14:23:49 2019 +0000
Revision:
1:e4ea39eba2fb
Parent:
0:1387ff3eed4a 
improved

Who changed what in which revision?

UserRevisionLine numberNew contents of line
sPymbed 0:1387ff3eed4a 1 /* dh.c
sPymbed 0:1387ff3eed4a 2 *
sPymbed 0:1387ff3eed4a 3 * Copyright (C) 2006-2017 wolfSSL Inc.
sPymbed 0:1387ff3eed4a 4 *
sPymbed 0:1387ff3eed4a 5 * This file is part of wolfSSL.
sPymbed 0:1387ff3eed4a 6 *
sPymbed 0:1387ff3eed4a 7 * wolfSSL is free software; you can redistribute it and/or modify
sPymbed 0:1387ff3eed4a 8 * it under the terms of the GNU General Public License as published by
sPymbed 0:1387ff3eed4a 9 * the Free Software Foundation; either version 2 of the License, or
sPymbed 0:1387ff3eed4a 10 * (at your option) any later version.
sPymbed 0:1387ff3eed4a 11 *
sPymbed 0:1387ff3eed4a 12 * wolfSSL is distributed in the hope that it will be useful,
sPymbed 0:1387ff3eed4a 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
sPymbed 0:1387ff3eed4a 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
sPymbed 0:1387ff3eed4a 15 * GNU General Public License for more details.
sPymbed 0:1387ff3eed4a 16 *
sPymbed 0:1387ff3eed4a 17 * You should have received a copy of the GNU General Public License
sPymbed 0:1387ff3eed4a 18 * along with this program; if not, write to the Free Software
sPymbed 0:1387ff3eed4a 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
sPymbed 0:1387ff3eed4a 20 */
sPymbed 0:1387ff3eed4a 21
sPymbed 0:1387ff3eed4a 22
sPymbed 0:1387ff3eed4a 23 #ifdef HAVE_CONFIG_H
sPymbed 0:1387ff3eed4a 24 #include <config.h>
sPymbed 0:1387ff3eed4a 25 #endif
sPymbed 0:1387ff3eed4a 26
sPymbed 0:1387ff3eed4a 27 #include <wolfcrypt/settings.h>
sPymbed 0:1387ff3eed4a 28
sPymbed 0:1387ff3eed4a 29 #ifndef NO_DH
sPymbed 0:1387ff3eed4a 30
sPymbed 0:1387ff3eed4a 31 #if defined(HAVE_FIPS) && \
sPymbed 0:1387ff3eed4a 32 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
sPymbed 0:1387ff3eed4a 33
sPymbed 0:1387ff3eed4a 34 /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
sPymbed 0:1387ff3eed4a 35 #define FIPS_NO_WRAPPERS
sPymbed 0:1387ff3eed4a 36
sPymbed 0:1387ff3eed4a 37 #ifdef USE_WINDOWS_API
sPymbed 0:1387ff3eed4a 38 #pragma code_seg(".fipsA$m")
sPymbed 0:1387ff3eed4a 39 #pragma const_seg(".fipsB$m")
sPymbed 0:1387ff3eed4a 40 #endif
sPymbed 0:1387ff3eed4a 41 #endif
sPymbed 0:1387ff3eed4a 42
sPymbed 0:1387ff3eed4a 43 #include <wolfcrypt/dh.h>
sPymbed 0:1387ff3eed4a 44 #include <wolfcrypt/error-crypt.h>
sPymbed 0:1387ff3eed4a 45 #include <wolfcrypt/logging.h>
sPymbed 0:1387ff3eed4a 46
sPymbed 0:1387ff3eed4a 47 #ifdef WOLFSSL_HAVE_SP_DH
sPymbed 0:1387ff3eed4a 48 #include <wolfcrypt/sp.h>
sPymbed 0:1387ff3eed4a 49 #endif
sPymbed 0:1387ff3eed4a 50
sPymbed 0:1387ff3eed4a 51 #ifdef NO_INLINE
sPymbed 0:1387ff3eed4a 52 #include <wolfcrypt/misc.h>
sPymbed 0:1387ff3eed4a 53 #else
sPymbed 0:1387ff3eed4a 54 #define WOLFSSL_MISC_INCLUDED
sPymbed 0:1387ff3eed4a 55 #include <wolfcrypt/src/misc.c>
sPymbed 0:1387ff3eed4a 56 #endif
sPymbed 0:1387ff3eed4a 57
sPymbed 0:1387ff3eed4a 58
sPymbed 0:1387ff3eed4a 59 #if !defined(USER_MATH_LIB) && !defined(WOLFSSL_DH_CONST)
sPymbed 0:1387ff3eed4a 60 #include <math.h>
sPymbed 0:1387ff3eed4a 61 #define XPOW(x,y) pow((x),(y))
sPymbed 0:1387ff3eed4a 62 #define XLOG(x) log((x))
sPymbed 0:1387ff3eed4a 63 #else
sPymbed 0:1387ff3eed4a 64 /* user's own math lib */
sPymbed 0:1387ff3eed4a 65 #endif
sPymbed 0:1387ff3eed4a 66
sPymbed 0:1387ff3eed4a 67 #ifdef HAVE_FFDHE_2048
sPymbed 0:1387ff3eed4a 68 static const byte dh_ffdhe2048_p[] = {
sPymbed 0:1387ff3eed4a 69 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 70 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
sPymbed 0:1387ff3eed4a 71 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
sPymbed 0:1387ff3eed4a 72 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
sPymbed 0:1387ff3eed4a 73 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
sPymbed 0:1387ff3eed4a 74 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
sPymbed 0:1387ff3eed4a 75 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
sPymbed 0:1387ff3eed4a 76 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
sPymbed 0:1387ff3eed4a 77 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
sPymbed 0:1387ff3eed4a 78 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
sPymbed 0:1387ff3eed4a 79 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
sPymbed 0:1387ff3eed4a 80 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
sPymbed 0:1387ff3eed4a 81 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
sPymbed 0:1387ff3eed4a 82 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
sPymbed 0:1387ff3eed4a 83 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
sPymbed 0:1387ff3eed4a 84 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
sPymbed 0:1387ff3eed4a 85 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
sPymbed 0:1387ff3eed4a 86 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
sPymbed 0:1387ff3eed4a 87 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
sPymbed 0:1387ff3eed4a 88 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
sPymbed 0:1387ff3eed4a 89 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
sPymbed 0:1387ff3eed4a 90 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
sPymbed 0:1387ff3eed4a 91 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
sPymbed 0:1387ff3eed4a 92 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
sPymbed 0:1387ff3eed4a 93 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
sPymbed 0:1387ff3eed4a 94 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
sPymbed 0:1387ff3eed4a 95 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
sPymbed 0:1387ff3eed4a 96 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
sPymbed 0:1387ff3eed4a 97 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
sPymbed 0:1387ff3eed4a 98 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
sPymbed 0:1387ff3eed4a 99 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97,
sPymbed 0:1387ff3eed4a 100 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 101 };
sPymbed 0:1387ff3eed4a 102 static const byte dh_ffdhe2048_g[] = { 0x02 };
sPymbed 0:1387ff3eed4a 103 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 104 static const byte dh_ffdhe2048_q[] = {
sPymbed 0:1387ff3eed4a 105 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 106 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
sPymbed 0:1387ff3eed4a 107 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
sPymbed 0:1387ff3eed4a 108 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
sPymbed 0:1387ff3eed4a 109 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
sPymbed 0:1387ff3eed4a 110 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
sPymbed 0:1387ff3eed4a 111 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
sPymbed 0:1387ff3eed4a 112 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
sPymbed 0:1387ff3eed4a 113 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
sPymbed 0:1387ff3eed4a 114 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
sPymbed 0:1387ff3eed4a 115 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
sPymbed 0:1387ff3eed4a 116 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
sPymbed 0:1387ff3eed4a 117 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
sPymbed 0:1387ff3eed4a 118 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
sPymbed 0:1387ff3eed4a 119 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
sPymbed 0:1387ff3eed4a 120 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
sPymbed 0:1387ff3eed4a 121 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
sPymbed 0:1387ff3eed4a 122 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
sPymbed 0:1387ff3eed4a 123 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
sPymbed 0:1387ff3eed4a 124 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
sPymbed 0:1387ff3eed4a 125 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
sPymbed 0:1387ff3eed4a 126 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
sPymbed 0:1387ff3eed4a 127 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
sPymbed 0:1387ff3eed4a 128 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
sPymbed 0:1387ff3eed4a 129 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
sPymbed 0:1387ff3eed4a 130 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
sPymbed 0:1387ff3eed4a 131 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
sPymbed 0:1387ff3eed4a 132 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
sPymbed 0:1387ff3eed4a 133 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
sPymbed 0:1387ff3eed4a 134 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
sPymbed 0:1387ff3eed4a 135 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x94, 0x2E, 0x4B,
sPymbed 0:1387ff3eed4a 136 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 137 };
sPymbed 0:1387ff3eed4a 138 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 139
sPymbed 0:1387ff3eed4a 140 const DhParams* wc_Dh_ffdhe2048_Get(void)
sPymbed 0:1387ff3eed4a 141 {
sPymbed 0:1387ff3eed4a 142 static const DhParams ffdhe2048 = {
sPymbed 0:1387ff3eed4a 143 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 144 dh_ffdhe2048_q, sizeof(dh_ffdhe2048_q),
sPymbed 0:1387ff3eed4a 145 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 146 dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p),
sPymbed 0:1387ff3eed4a 147 dh_ffdhe2048_g, sizeof(dh_ffdhe2048_g)
sPymbed 0:1387ff3eed4a 148 };
sPymbed 0:1387ff3eed4a 149 return &ffdhe2048;
sPymbed 0:1387ff3eed4a 150 }
sPymbed 0:1387ff3eed4a 151 #endif
sPymbed 0:1387ff3eed4a 152
sPymbed 0:1387ff3eed4a 153 #ifdef HAVE_FFDHE_3072
sPymbed 0:1387ff3eed4a 154 static const byte dh_ffdhe3072_p[] = {
sPymbed 0:1387ff3eed4a 155 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 156 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
sPymbed 0:1387ff3eed4a 157 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
sPymbed 0:1387ff3eed4a 158 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
sPymbed 0:1387ff3eed4a 159 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
sPymbed 0:1387ff3eed4a 160 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
sPymbed 0:1387ff3eed4a 161 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
sPymbed 0:1387ff3eed4a 162 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
sPymbed 0:1387ff3eed4a 163 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
sPymbed 0:1387ff3eed4a 164 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
sPymbed 0:1387ff3eed4a 165 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
sPymbed 0:1387ff3eed4a 166 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
sPymbed 0:1387ff3eed4a 167 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
sPymbed 0:1387ff3eed4a 168 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
sPymbed 0:1387ff3eed4a 169 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
sPymbed 0:1387ff3eed4a 170 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
sPymbed 0:1387ff3eed4a 171 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
sPymbed 0:1387ff3eed4a 172 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
sPymbed 0:1387ff3eed4a 173 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
sPymbed 0:1387ff3eed4a 174 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
sPymbed 0:1387ff3eed4a 175 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
sPymbed 0:1387ff3eed4a 176 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
sPymbed 0:1387ff3eed4a 177 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
sPymbed 0:1387ff3eed4a 178 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
sPymbed 0:1387ff3eed4a 179 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
sPymbed 0:1387ff3eed4a 180 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
sPymbed 0:1387ff3eed4a 181 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
sPymbed 0:1387ff3eed4a 182 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
sPymbed 0:1387ff3eed4a 183 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
sPymbed 0:1387ff3eed4a 184 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
sPymbed 0:1387ff3eed4a 185 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
sPymbed 0:1387ff3eed4a 186 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
sPymbed 0:1387ff3eed4a 187 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
sPymbed 0:1387ff3eed4a 188 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
sPymbed 0:1387ff3eed4a 189 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
sPymbed 0:1387ff3eed4a 190 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
sPymbed 0:1387ff3eed4a 191 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
sPymbed 0:1387ff3eed4a 192 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
sPymbed 0:1387ff3eed4a 193 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
sPymbed 0:1387ff3eed4a 194 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
sPymbed 0:1387ff3eed4a 195 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
sPymbed 0:1387ff3eed4a 196 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
sPymbed 0:1387ff3eed4a 197 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
sPymbed 0:1387ff3eed4a 198 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
sPymbed 0:1387ff3eed4a 199 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
sPymbed 0:1387ff3eed4a 200 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
sPymbed 0:1387ff3eed4a 201 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37,
sPymbed 0:1387ff3eed4a 202 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 203 };
sPymbed 0:1387ff3eed4a 204 static const byte dh_ffdhe3072_g[] = { 0x02 };
sPymbed 0:1387ff3eed4a 205 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 206 static const byte dh_ffdhe3072_q[] = {
sPymbed 0:1387ff3eed4a 207 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 208 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
sPymbed 0:1387ff3eed4a 209 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
sPymbed 0:1387ff3eed4a 210 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
sPymbed 0:1387ff3eed4a 211 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
sPymbed 0:1387ff3eed4a 212 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
sPymbed 0:1387ff3eed4a 213 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
sPymbed 0:1387ff3eed4a 214 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
sPymbed 0:1387ff3eed4a 215 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
sPymbed 0:1387ff3eed4a 216 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
sPymbed 0:1387ff3eed4a 217 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
sPymbed 0:1387ff3eed4a 218 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
sPymbed 0:1387ff3eed4a 219 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
sPymbed 0:1387ff3eed4a 220 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
sPymbed 0:1387ff3eed4a 221 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
sPymbed 0:1387ff3eed4a 222 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
sPymbed 0:1387ff3eed4a 223 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
sPymbed 0:1387ff3eed4a 224 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
sPymbed 0:1387ff3eed4a 225 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
sPymbed 0:1387ff3eed4a 226 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
sPymbed 0:1387ff3eed4a 227 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
sPymbed 0:1387ff3eed4a 228 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
sPymbed 0:1387ff3eed4a 229 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
sPymbed 0:1387ff3eed4a 230 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
sPymbed 0:1387ff3eed4a 231 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
sPymbed 0:1387ff3eed4a 232 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
sPymbed 0:1387ff3eed4a 233 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
sPymbed 0:1387ff3eed4a 234 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
sPymbed 0:1387ff3eed4a 235 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
sPymbed 0:1387ff3eed4a 236 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
sPymbed 0:1387ff3eed4a 237 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
sPymbed 0:1387ff3eed4a 238 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
sPymbed 0:1387ff3eed4a 239 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
sPymbed 0:1387ff3eed4a 240 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
sPymbed 0:1387ff3eed4a 241 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
sPymbed 0:1387ff3eed4a 242 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
sPymbed 0:1387ff3eed4a 243 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
sPymbed 0:1387ff3eed4a 244 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
sPymbed 0:1387ff3eed4a 245 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
sPymbed 0:1387ff3eed4a 246 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
sPymbed 0:1387ff3eed4a 247 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
sPymbed 0:1387ff3eed4a 248 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
sPymbed 0:1387ff3eed4a 249 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
sPymbed 0:1387ff3eed4a 250 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
sPymbed 0:1387ff3eed4a 251 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
sPymbed 0:1387ff3eed4a 252 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
sPymbed 0:1387ff3eed4a 253 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x63, 0x17, 0x1B,
sPymbed 0:1387ff3eed4a 254 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 255 };
sPymbed 0:1387ff3eed4a 256 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 257
sPymbed 0:1387ff3eed4a 258 const DhParams* wc_Dh_ffdhe3072_Get(void)
sPymbed 0:1387ff3eed4a 259 {
sPymbed 0:1387ff3eed4a 260 static const DhParams ffdhe3072 = {
sPymbed 0:1387ff3eed4a 261 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 262 dh_ffdhe3072_q, sizeof(dh_ffdhe3072_q),
sPymbed 0:1387ff3eed4a 263 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 264 dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p),
sPymbed 0:1387ff3eed4a 265 dh_ffdhe3072_g, sizeof(dh_ffdhe3072_g)
sPymbed 0:1387ff3eed4a 266 };
sPymbed 0:1387ff3eed4a 267 return &ffdhe3072;
sPymbed 0:1387ff3eed4a 268 }
sPymbed 0:1387ff3eed4a 269 #endif
sPymbed 0:1387ff3eed4a 270
sPymbed 0:1387ff3eed4a 271 #ifdef HAVE_FFDHE_4096
sPymbed 0:1387ff3eed4a 272 static const byte dh_ffdhe4096_p[] = {
sPymbed 0:1387ff3eed4a 273 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 274 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
sPymbed 0:1387ff3eed4a 275 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
sPymbed 0:1387ff3eed4a 276 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
sPymbed 0:1387ff3eed4a 277 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
sPymbed 0:1387ff3eed4a 278 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
sPymbed 0:1387ff3eed4a 279 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
sPymbed 0:1387ff3eed4a 280 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
sPymbed 0:1387ff3eed4a 281 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
sPymbed 0:1387ff3eed4a 282 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
sPymbed 0:1387ff3eed4a 283 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
sPymbed 0:1387ff3eed4a 284 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
sPymbed 0:1387ff3eed4a 285 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
sPymbed 0:1387ff3eed4a 286 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
sPymbed 0:1387ff3eed4a 287 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
sPymbed 0:1387ff3eed4a 288 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
sPymbed 0:1387ff3eed4a 289 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
sPymbed 0:1387ff3eed4a 290 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
sPymbed 0:1387ff3eed4a 291 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
sPymbed 0:1387ff3eed4a 292 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
sPymbed 0:1387ff3eed4a 293 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
sPymbed 0:1387ff3eed4a 294 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
sPymbed 0:1387ff3eed4a 295 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
sPymbed 0:1387ff3eed4a 296 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
sPymbed 0:1387ff3eed4a 297 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
sPymbed 0:1387ff3eed4a 298 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
sPymbed 0:1387ff3eed4a 299 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
sPymbed 0:1387ff3eed4a 300 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
sPymbed 0:1387ff3eed4a 301 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
sPymbed 0:1387ff3eed4a 302 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
sPymbed 0:1387ff3eed4a 303 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
sPymbed 0:1387ff3eed4a 304 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
sPymbed 0:1387ff3eed4a 305 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
sPymbed 0:1387ff3eed4a 306 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
sPymbed 0:1387ff3eed4a 307 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
sPymbed 0:1387ff3eed4a 308 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
sPymbed 0:1387ff3eed4a 309 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
sPymbed 0:1387ff3eed4a 310 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
sPymbed 0:1387ff3eed4a 311 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
sPymbed 0:1387ff3eed4a 312 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
sPymbed 0:1387ff3eed4a 313 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
sPymbed 0:1387ff3eed4a 314 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
sPymbed 0:1387ff3eed4a 315 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
sPymbed 0:1387ff3eed4a 316 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
sPymbed 0:1387ff3eed4a 317 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
sPymbed 0:1387ff3eed4a 318 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
sPymbed 0:1387ff3eed4a 319 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
sPymbed 0:1387ff3eed4a 320 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
sPymbed 0:1387ff3eed4a 321 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
sPymbed 0:1387ff3eed4a 322 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
sPymbed 0:1387ff3eed4a 323 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
sPymbed 0:1387ff3eed4a 324 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
sPymbed 0:1387ff3eed4a 325 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
sPymbed 0:1387ff3eed4a 326 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
sPymbed 0:1387ff3eed4a 327 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
sPymbed 0:1387ff3eed4a 328 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
sPymbed 0:1387ff3eed4a 329 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
sPymbed 0:1387ff3eed4a 330 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
sPymbed 0:1387ff3eed4a 331 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
sPymbed 0:1387ff3eed4a 332 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
sPymbed 0:1387ff3eed4a 333 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
sPymbed 0:1387ff3eed4a 334 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
sPymbed 0:1387ff3eed4a 335 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A,
sPymbed 0:1387ff3eed4a 336 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 337 };
sPymbed 0:1387ff3eed4a 338 static const byte dh_ffdhe4096_g[] = { 0x02 };
sPymbed 0:1387ff3eed4a 339 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 340 static const byte dh_ffdhe4096_q[] = {
sPymbed 0:1387ff3eed4a 341 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 342 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
sPymbed 0:1387ff3eed4a 343 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
sPymbed 0:1387ff3eed4a 344 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
sPymbed 0:1387ff3eed4a 345 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
sPymbed 0:1387ff3eed4a 346 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
sPymbed 0:1387ff3eed4a 347 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
sPymbed 0:1387ff3eed4a 348 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
sPymbed 0:1387ff3eed4a 349 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
sPymbed 0:1387ff3eed4a 350 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
sPymbed 0:1387ff3eed4a 351 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
sPymbed 0:1387ff3eed4a 352 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
sPymbed 0:1387ff3eed4a 353 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
sPymbed 0:1387ff3eed4a 354 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
sPymbed 0:1387ff3eed4a 355 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
sPymbed 0:1387ff3eed4a 356 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
sPymbed 0:1387ff3eed4a 357 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
sPymbed 0:1387ff3eed4a 358 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
sPymbed 0:1387ff3eed4a 359 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
sPymbed 0:1387ff3eed4a 360 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
sPymbed 0:1387ff3eed4a 361 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
sPymbed 0:1387ff3eed4a 362 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
sPymbed 0:1387ff3eed4a 363 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
sPymbed 0:1387ff3eed4a 364 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
sPymbed 0:1387ff3eed4a 365 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
sPymbed 0:1387ff3eed4a 366 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
sPymbed 0:1387ff3eed4a 367 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
sPymbed 0:1387ff3eed4a 368 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
sPymbed 0:1387ff3eed4a 369 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
sPymbed 0:1387ff3eed4a 370 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
sPymbed 0:1387ff3eed4a 371 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
sPymbed 0:1387ff3eed4a 372 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
sPymbed 0:1387ff3eed4a 373 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
sPymbed 0:1387ff3eed4a 374 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
sPymbed 0:1387ff3eed4a 375 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
sPymbed 0:1387ff3eed4a 376 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
sPymbed 0:1387ff3eed4a 377 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
sPymbed 0:1387ff3eed4a 378 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
sPymbed 0:1387ff3eed4a 379 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
sPymbed 0:1387ff3eed4a 380 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
sPymbed 0:1387ff3eed4a 381 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
sPymbed 0:1387ff3eed4a 382 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
sPymbed 0:1387ff3eed4a 383 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
sPymbed 0:1387ff3eed4a 384 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
sPymbed 0:1387ff3eed4a 385 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
sPymbed 0:1387ff3eed4a 386 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
sPymbed 0:1387ff3eed4a 387 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
sPymbed 0:1387ff3eed4a 388 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
sPymbed 0:1387ff3eed4a 389 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
sPymbed 0:1387ff3eed4a 390 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
sPymbed 0:1387ff3eed4a 391 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
sPymbed 0:1387ff3eed4a 392 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
sPymbed 0:1387ff3eed4a 393 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
sPymbed 0:1387ff3eed4a 394 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
sPymbed 0:1387ff3eed4a 395 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
sPymbed 0:1387ff3eed4a 396 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
sPymbed 0:1387ff3eed4a 397 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
sPymbed 0:1387ff3eed4a 398 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
sPymbed 0:1387ff3eed4a 399 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
sPymbed 0:1387ff3eed4a 400 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
sPymbed 0:1387ff3eed4a 401 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
sPymbed 0:1387ff3eed4a 402 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
sPymbed 0:1387ff3eed4a 403 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x32, 0xAF, 0xB5,
sPymbed 0:1387ff3eed4a 404 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 405 };
sPymbed 0:1387ff3eed4a 406 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 407
sPymbed 0:1387ff3eed4a 408 const DhParams* wc_Dh_ffdhe4096_Get(void)
sPymbed 0:1387ff3eed4a 409 {
sPymbed 0:1387ff3eed4a 410 static const DhParams ffdhe4096 = {
sPymbed 0:1387ff3eed4a 411 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 412 dh_ffdhe4096_q, sizeof(dh_ffdhe4096_q),
sPymbed 0:1387ff3eed4a 413 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 414 dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p),
sPymbed 0:1387ff3eed4a 415 dh_ffdhe4096_g, sizeof(dh_ffdhe4096_g)
sPymbed 0:1387ff3eed4a 416 };
sPymbed 0:1387ff3eed4a 417 return &ffdhe4096;
sPymbed 0:1387ff3eed4a 418 }
sPymbed 0:1387ff3eed4a 419 #endif
sPymbed 0:1387ff3eed4a 420
sPymbed 0:1387ff3eed4a 421 #ifdef HAVE_FFDHE_6144
sPymbed 0:1387ff3eed4a 422 static const byte dh_ffdhe6144_p[] = {
sPymbed 0:1387ff3eed4a 423 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 424 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
sPymbed 0:1387ff3eed4a 425 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
sPymbed 0:1387ff3eed4a 426 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
sPymbed 0:1387ff3eed4a 427 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
sPymbed 0:1387ff3eed4a 428 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
sPymbed 0:1387ff3eed4a 429 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
sPymbed 0:1387ff3eed4a 430 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
sPymbed 0:1387ff3eed4a 431 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
sPymbed 0:1387ff3eed4a 432 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
sPymbed 0:1387ff3eed4a 433 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
sPymbed 0:1387ff3eed4a 434 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
sPymbed 0:1387ff3eed4a 435 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
sPymbed 0:1387ff3eed4a 436 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
sPymbed 0:1387ff3eed4a 437 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
sPymbed 0:1387ff3eed4a 438 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
sPymbed 0:1387ff3eed4a 439 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
sPymbed 0:1387ff3eed4a 440 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
sPymbed 0:1387ff3eed4a 441 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
sPymbed 0:1387ff3eed4a 442 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
sPymbed 0:1387ff3eed4a 443 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
sPymbed 0:1387ff3eed4a 444 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
sPymbed 0:1387ff3eed4a 445 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
sPymbed 0:1387ff3eed4a 446 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
sPymbed 0:1387ff3eed4a 447 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
sPymbed 0:1387ff3eed4a 448 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
sPymbed 0:1387ff3eed4a 449 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
sPymbed 0:1387ff3eed4a 450 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
sPymbed 0:1387ff3eed4a 451 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
sPymbed 0:1387ff3eed4a 452 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
sPymbed 0:1387ff3eed4a 453 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
sPymbed 0:1387ff3eed4a 454 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
sPymbed 0:1387ff3eed4a 455 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
sPymbed 0:1387ff3eed4a 456 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
sPymbed 0:1387ff3eed4a 457 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
sPymbed 0:1387ff3eed4a 458 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
sPymbed 0:1387ff3eed4a 459 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
sPymbed 0:1387ff3eed4a 460 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
sPymbed 0:1387ff3eed4a 461 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
sPymbed 0:1387ff3eed4a 462 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
sPymbed 0:1387ff3eed4a 463 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
sPymbed 0:1387ff3eed4a 464 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
sPymbed 0:1387ff3eed4a 465 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
sPymbed 0:1387ff3eed4a 466 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
sPymbed 0:1387ff3eed4a 467 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
sPymbed 0:1387ff3eed4a 468 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
sPymbed 0:1387ff3eed4a 469 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
sPymbed 0:1387ff3eed4a 470 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
sPymbed 0:1387ff3eed4a 471 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
sPymbed 0:1387ff3eed4a 472 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
sPymbed 0:1387ff3eed4a 473 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
sPymbed 0:1387ff3eed4a 474 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
sPymbed 0:1387ff3eed4a 475 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
sPymbed 0:1387ff3eed4a 476 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
sPymbed 0:1387ff3eed4a 477 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
sPymbed 0:1387ff3eed4a 478 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
sPymbed 0:1387ff3eed4a 479 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
sPymbed 0:1387ff3eed4a 480 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
sPymbed 0:1387ff3eed4a 481 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
sPymbed 0:1387ff3eed4a 482 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
sPymbed 0:1387ff3eed4a 483 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
sPymbed 0:1387ff3eed4a 484 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
sPymbed 0:1387ff3eed4a 485 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
sPymbed 0:1387ff3eed4a 486 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
sPymbed 0:1387ff3eed4a 487 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
sPymbed 0:1387ff3eed4a 488 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
sPymbed 0:1387ff3eed4a 489 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
sPymbed 0:1387ff3eed4a 490 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
sPymbed 0:1387ff3eed4a 491 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
sPymbed 0:1387ff3eed4a 492 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
sPymbed 0:1387ff3eed4a 493 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
sPymbed 0:1387ff3eed4a 494 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
sPymbed 0:1387ff3eed4a 495 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
sPymbed 0:1387ff3eed4a 496 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
sPymbed 0:1387ff3eed4a 497 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
sPymbed 0:1387ff3eed4a 498 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
sPymbed 0:1387ff3eed4a 499 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
sPymbed 0:1387ff3eed4a 500 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
sPymbed 0:1387ff3eed4a 501 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
sPymbed 0:1387ff3eed4a 502 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
sPymbed 0:1387ff3eed4a 503 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
sPymbed 0:1387ff3eed4a 504 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
sPymbed 0:1387ff3eed4a 505 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
sPymbed 0:1387ff3eed4a 506 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
sPymbed 0:1387ff3eed4a 507 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
sPymbed 0:1387ff3eed4a 508 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
sPymbed 0:1387ff3eed4a 509 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
sPymbed 0:1387ff3eed4a 510 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
sPymbed 0:1387ff3eed4a 511 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
sPymbed 0:1387ff3eed4a 512 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
sPymbed 0:1387ff3eed4a 513 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
sPymbed 0:1387ff3eed4a 514 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
sPymbed 0:1387ff3eed4a 515 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
sPymbed 0:1387ff3eed4a 516 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
sPymbed 0:1387ff3eed4a 517 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65,
sPymbed 0:1387ff3eed4a 518 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 519 };
sPymbed 0:1387ff3eed4a 520 static const byte dh_ffdhe6144_g[] = { 0x02 };
sPymbed 0:1387ff3eed4a 521 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 522 static const byte dh_ffdhe6144_q[] = {
sPymbed 0:1387ff3eed4a 523 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 524 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
sPymbed 0:1387ff3eed4a 525 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
sPymbed 0:1387ff3eed4a 526 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
sPymbed 0:1387ff3eed4a 527 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
sPymbed 0:1387ff3eed4a 528 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
sPymbed 0:1387ff3eed4a 529 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
sPymbed 0:1387ff3eed4a 530 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
sPymbed 0:1387ff3eed4a 531 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
sPymbed 0:1387ff3eed4a 532 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
sPymbed 0:1387ff3eed4a 533 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
sPymbed 0:1387ff3eed4a 534 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
sPymbed 0:1387ff3eed4a 535 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
sPymbed 0:1387ff3eed4a 536 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
sPymbed 0:1387ff3eed4a 537 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
sPymbed 0:1387ff3eed4a 538 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
sPymbed 0:1387ff3eed4a 539 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
sPymbed 0:1387ff3eed4a 540 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
sPymbed 0:1387ff3eed4a 541 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
sPymbed 0:1387ff3eed4a 542 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
sPymbed 0:1387ff3eed4a 543 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
sPymbed 0:1387ff3eed4a 544 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
sPymbed 0:1387ff3eed4a 545 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
sPymbed 0:1387ff3eed4a 546 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
sPymbed 0:1387ff3eed4a 547 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
sPymbed 0:1387ff3eed4a 548 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
sPymbed 0:1387ff3eed4a 549 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
sPymbed 0:1387ff3eed4a 550 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
sPymbed 0:1387ff3eed4a 551 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
sPymbed 0:1387ff3eed4a 552 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
sPymbed 0:1387ff3eed4a 553 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
sPymbed 0:1387ff3eed4a 554 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
sPymbed 0:1387ff3eed4a 555 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
sPymbed 0:1387ff3eed4a 556 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
sPymbed 0:1387ff3eed4a 557 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
sPymbed 0:1387ff3eed4a 558 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
sPymbed 0:1387ff3eed4a 559 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
sPymbed 0:1387ff3eed4a 560 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
sPymbed 0:1387ff3eed4a 561 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
sPymbed 0:1387ff3eed4a 562 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
sPymbed 0:1387ff3eed4a 563 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
sPymbed 0:1387ff3eed4a 564 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
sPymbed 0:1387ff3eed4a 565 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
sPymbed 0:1387ff3eed4a 566 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
sPymbed 0:1387ff3eed4a 567 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
sPymbed 0:1387ff3eed4a 568 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
sPymbed 0:1387ff3eed4a 569 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
sPymbed 0:1387ff3eed4a 570 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
sPymbed 0:1387ff3eed4a 571 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
sPymbed 0:1387ff3eed4a 572 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
sPymbed 0:1387ff3eed4a 573 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
sPymbed 0:1387ff3eed4a 574 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
sPymbed 0:1387ff3eed4a 575 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
sPymbed 0:1387ff3eed4a 576 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
sPymbed 0:1387ff3eed4a 577 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
sPymbed 0:1387ff3eed4a 578 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
sPymbed 0:1387ff3eed4a 579 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
sPymbed 0:1387ff3eed4a 580 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
sPymbed 0:1387ff3eed4a 581 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
sPymbed 0:1387ff3eed4a 582 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
sPymbed 0:1387ff3eed4a 583 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
sPymbed 0:1387ff3eed4a 584 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
sPymbed 0:1387ff3eed4a 585 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
sPymbed 0:1387ff3eed4a 586 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D,
sPymbed 0:1387ff3eed4a 587 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D,
sPymbed 0:1387ff3eed4a 588 0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53,
sPymbed 0:1387ff3eed4a 589 0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64,
sPymbed 0:1387ff3eed4a 590 0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6,
sPymbed 0:1387ff3eed4a 591 0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D,
sPymbed 0:1387ff3eed4a 592 0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
sPymbed 0:1387ff3eed4a 593 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F,
sPymbed 0:1387ff3eed4a 594 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B,
sPymbed 0:1387ff3eed4a 595 0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88,
sPymbed 0:1387ff3eed4a 596 0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C,
sPymbed 0:1387ff3eed4a 597 0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1,
sPymbed 0:1387ff3eed4a 598 0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37,
sPymbed 0:1387ff3eed4a 599 0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
sPymbed 0:1387ff3eed4a 600 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA,
sPymbed 0:1387ff3eed4a 601 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0,
sPymbed 0:1387ff3eed4a 602 0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9,
sPymbed 0:1387ff3eed4a 603 0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB,
sPymbed 0:1387ff3eed4a 604 0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41,
sPymbed 0:1387ff3eed4a 605 0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F,
sPymbed 0:1387ff3eed4a 606 0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
sPymbed 0:1387ff3eed4a 607 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF,
sPymbed 0:1387ff3eed4a 608 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23,
sPymbed 0:1387ff3eed4a 609 0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5,
sPymbed 0:1387ff3eed4a 610 0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B,
sPymbed 0:1387ff3eed4a 611 0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01,
sPymbed 0:1387ff3eed4a 612 0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82,
sPymbed 0:1387ff3eed4a 613 0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
sPymbed 0:1387ff3eed4a 614 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34,
sPymbed 0:1387ff3eed4a 615 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0,
sPymbed 0:1387ff3eed4a 616 0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A,
sPymbed 0:1387ff3eed4a 617 0x52, 0x07, 0x19, 0x4E, 0x68, 0x72, 0x07, 0x32,
sPymbed 0:1387ff3eed4a 618 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 619 };
sPymbed 0:1387ff3eed4a 620 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 621
sPymbed 0:1387ff3eed4a 622 const DhParams* wc_Dh_ffdhe6144_Get(void)
sPymbed 0:1387ff3eed4a 623 {
sPymbed 0:1387ff3eed4a 624 static const DhParams ffdhe6144 = {
sPymbed 0:1387ff3eed4a 625 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 626 dh_ffdhe6144_q, sizeof(dh_ffdhe6144_q),
sPymbed 0:1387ff3eed4a 627 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 628 dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p),
sPymbed 0:1387ff3eed4a 629 dh_ffdhe6144_g, sizeof(dh_ffdhe6144_g)
sPymbed 0:1387ff3eed4a 630 };
sPymbed 0:1387ff3eed4a 631 return &ffdhe6144;
sPymbed 0:1387ff3eed4a 632 }
sPymbed 0:1387ff3eed4a 633 #endif
sPymbed 0:1387ff3eed4a 634
sPymbed 0:1387ff3eed4a 635 #ifdef HAVE_FFDHE_8192
sPymbed 0:1387ff3eed4a 636 static const byte dh_ffdhe8192_p[] = {
sPymbed 0:1387ff3eed4a 637 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 638 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
sPymbed 0:1387ff3eed4a 639 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
sPymbed 0:1387ff3eed4a 640 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
sPymbed 0:1387ff3eed4a 641 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
sPymbed 0:1387ff3eed4a 642 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
sPymbed 0:1387ff3eed4a 643 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
sPymbed 0:1387ff3eed4a 644 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
sPymbed 0:1387ff3eed4a 645 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
sPymbed 0:1387ff3eed4a 646 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
sPymbed 0:1387ff3eed4a 647 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
sPymbed 0:1387ff3eed4a 648 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
sPymbed 0:1387ff3eed4a 649 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
sPymbed 0:1387ff3eed4a 650 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
sPymbed 0:1387ff3eed4a 651 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
sPymbed 0:1387ff3eed4a 652 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
sPymbed 0:1387ff3eed4a 653 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
sPymbed 0:1387ff3eed4a 654 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
sPymbed 0:1387ff3eed4a 655 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
sPymbed 0:1387ff3eed4a 656 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
sPymbed 0:1387ff3eed4a 657 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
sPymbed 0:1387ff3eed4a 658 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
sPymbed 0:1387ff3eed4a 659 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
sPymbed 0:1387ff3eed4a 660 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
sPymbed 0:1387ff3eed4a 661 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
sPymbed 0:1387ff3eed4a 662 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
sPymbed 0:1387ff3eed4a 663 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
sPymbed 0:1387ff3eed4a 664 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
sPymbed 0:1387ff3eed4a 665 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
sPymbed 0:1387ff3eed4a 666 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
sPymbed 0:1387ff3eed4a 667 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
sPymbed 0:1387ff3eed4a 668 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
sPymbed 0:1387ff3eed4a 669 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
sPymbed 0:1387ff3eed4a 670 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
sPymbed 0:1387ff3eed4a 671 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
sPymbed 0:1387ff3eed4a 672 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
sPymbed 0:1387ff3eed4a 673 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
sPymbed 0:1387ff3eed4a 674 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
sPymbed 0:1387ff3eed4a 675 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
sPymbed 0:1387ff3eed4a 676 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
sPymbed 0:1387ff3eed4a 677 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
sPymbed 0:1387ff3eed4a 678 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
sPymbed 0:1387ff3eed4a 679 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
sPymbed 0:1387ff3eed4a 680 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
sPymbed 0:1387ff3eed4a 681 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
sPymbed 0:1387ff3eed4a 682 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
sPymbed 0:1387ff3eed4a 683 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
sPymbed 0:1387ff3eed4a 684 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
sPymbed 0:1387ff3eed4a 685 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
sPymbed 0:1387ff3eed4a 686 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
sPymbed 0:1387ff3eed4a 687 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
sPymbed 0:1387ff3eed4a 688 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
sPymbed 0:1387ff3eed4a 689 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
sPymbed 0:1387ff3eed4a 690 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
sPymbed 0:1387ff3eed4a 691 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
sPymbed 0:1387ff3eed4a 692 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
sPymbed 0:1387ff3eed4a 693 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
sPymbed 0:1387ff3eed4a 694 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
sPymbed 0:1387ff3eed4a 695 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
sPymbed 0:1387ff3eed4a 696 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
sPymbed 0:1387ff3eed4a 697 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
sPymbed 0:1387ff3eed4a 698 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
sPymbed 0:1387ff3eed4a 699 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
sPymbed 0:1387ff3eed4a 700 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
sPymbed 0:1387ff3eed4a 701 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
sPymbed 0:1387ff3eed4a 702 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
sPymbed 0:1387ff3eed4a 703 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
sPymbed 0:1387ff3eed4a 704 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
sPymbed 0:1387ff3eed4a 705 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
sPymbed 0:1387ff3eed4a 706 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
sPymbed 0:1387ff3eed4a 707 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
sPymbed 0:1387ff3eed4a 708 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
sPymbed 0:1387ff3eed4a 709 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
sPymbed 0:1387ff3eed4a 710 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
sPymbed 0:1387ff3eed4a 711 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
sPymbed 0:1387ff3eed4a 712 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
sPymbed 0:1387ff3eed4a 713 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
sPymbed 0:1387ff3eed4a 714 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
sPymbed 0:1387ff3eed4a 715 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
sPymbed 0:1387ff3eed4a 716 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
sPymbed 0:1387ff3eed4a 717 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
sPymbed 0:1387ff3eed4a 718 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
sPymbed 0:1387ff3eed4a 719 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
sPymbed 0:1387ff3eed4a 720 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
sPymbed 0:1387ff3eed4a 721 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
sPymbed 0:1387ff3eed4a 722 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
sPymbed 0:1387ff3eed4a 723 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
sPymbed 0:1387ff3eed4a 724 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
sPymbed 0:1387ff3eed4a 725 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
sPymbed 0:1387ff3eed4a 726 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
sPymbed 0:1387ff3eed4a 727 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
sPymbed 0:1387ff3eed4a 728 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
sPymbed 0:1387ff3eed4a 729 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
sPymbed 0:1387ff3eed4a 730 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
sPymbed 0:1387ff3eed4a 731 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA,
sPymbed 0:1387ff3eed4a 732 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38,
sPymbed 0:1387ff3eed4a 733 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64,
sPymbed 0:1387ff3eed4a 734 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43,
sPymbed 0:1387ff3eed4a 735 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E,
sPymbed 0:1387ff3eed4a 736 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF,
sPymbed 0:1387ff3eed4a 737 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29,
sPymbed 0:1387ff3eed4a 738 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65,
sPymbed 0:1387ff3eed4a 739 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02,
sPymbed 0:1387ff3eed4a 740 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4,
sPymbed 0:1387ff3eed4a 741 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82,
sPymbed 0:1387ff3eed4a 742 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C,
sPymbed 0:1387ff3eed4a 743 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51,
sPymbed 0:1387ff3eed4a 744 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22,
sPymbed 0:1387ff3eed4a 745 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74,
sPymbed 0:1387ff3eed4a 746 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE,
sPymbed 0:1387ff3eed4a 747 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C,
sPymbed 0:1387ff3eed4a 748 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC,
sPymbed 0:1387ff3eed4a 749 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B,
sPymbed 0:1387ff3eed4a 750 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9,
sPymbed 0:1387ff3eed4a 751 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0,
sPymbed 0:1387ff3eed4a 752 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31,
sPymbed 0:1387ff3eed4a 753 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57,
sPymbed 0:1387ff3eed4a 754 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8,
sPymbed 0:1387ff3eed4a 755 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E,
sPymbed 0:1387ff3eed4a 756 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30,
sPymbed 0:1387ff3eed4a 757 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E,
sPymbed 0:1387ff3eed4a 758 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE,
sPymbed 0:1387ff3eed4a 759 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D,
sPymbed 0:1387ff3eed4a 760 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D,
sPymbed 0:1387ff3eed4a 761 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E,
sPymbed 0:1387ff3eed4a 762 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C,
sPymbed 0:1387ff3eed4a 763 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C,
sPymbed 0:1387ff3eed4a 764 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 765 };
sPymbed 0:1387ff3eed4a 766 static const byte dh_ffdhe8192_g[] = { 0x02 };
sPymbed 0:1387ff3eed4a 767 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 768 static const byte dh_ffdhe8192_g[] = {
sPymbed 0:1387ff3eed4a 769 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
sPymbed 0:1387ff3eed4a 770 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
sPymbed 0:1387ff3eed4a 771 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
sPymbed 0:1387ff3eed4a 772 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
sPymbed 0:1387ff3eed4a 773 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
sPymbed 0:1387ff3eed4a 774 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
sPymbed 0:1387ff3eed4a 775 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
sPymbed 0:1387ff3eed4a 776 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
sPymbed 0:1387ff3eed4a 777 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
sPymbed 0:1387ff3eed4a 778 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
sPymbed 0:1387ff3eed4a 779 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
sPymbed 0:1387ff3eed4a 780 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
sPymbed 0:1387ff3eed4a 781 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
sPymbed 0:1387ff3eed4a 782 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
sPymbed 0:1387ff3eed4a 783 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
sPymbed 0:1387ff3eed4a 784 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
sPymbed 0:1387ff3eed4a 785 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
sPymbed 0:1387ff3eed4a 786 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
sPymbed 0:1387ff3eed4a 787 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
sPymbed 0:1387ff3eed4a 788 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
sPymbed 0:1387ff3eed4a 789 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
sPymbed 0:1387ff3eed4a 790 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
sPymbed 0:1387ff3eed4a 791 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
sPymbed 0:1387ff3eed4a 792 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
sPymbed 0:1387ff3eed4a 793 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
sPymbed 0:1387ff3eed4a 794 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
sPymbed 0:1387ff3eed4a 795 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
sPymbed 0:1387ff3eed4a 796 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
sPymbed 0:1387ff3eed4a 797 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
sPymbed 0:1387ff3eed4a 798 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
sPymbed 0:1387ff3eed4a 799 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
sPymbed 0:1387ff3eed4a 800 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
sPymbed 0:1387ff3eed4a 801 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
sPymbed 0:1387ff3eed4a 802 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
sPymbed 0:1387ff3eed4a 803 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
sPymbed 0:1387ff3eed4a 804 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
sPymbed 0:1387ff3eed4a 805 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
sPymbed 0:1387ff3eed4a 806 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
sPymbed 0:1387ff3eed4a 807 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
sPymbed 0:1387ff3eed4a 808 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
sPymbed 0:1387ff3eed4a 809 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
sPymbed 0:1387ff3eed4a 810 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
sPymbed 0:1387ff3eed4a 811 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
sPymbed 0:1387ff3eed4a 812 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
sPymbed 0:1387ff3eed4a 813 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
sPymbed 0:1387ff3eed4a 814 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
sPymbed 0:1387ff3eed4a 815 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
sPymbed 0:1387ff3eed4a 816 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
sPymbed 0:1387ff3eed4a 817 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
sPymbed 0:1387ff3eed4a 818 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
sPymbed 0:1387ff3eed4a 819 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
sPymbed 0:1387ff3eed4a 820 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
sPymbed 0:1387ff3eed4a 821 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
sPymbed 0:1387ff3eed4a 822 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
sPymbed 0:1387ff3eed4a 823 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
sPymbed 0:1387ff3eed4a 824 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
sPymbed 0:1387ff3eed4a 825 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
sPymbed 0:1387ff3eed4a 826 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
sPymbed 0:1387ff3eed4a 827 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
sPymbed 0:1387ff3eed4a 828 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
sPymbed 0:1387ff3eed4a 829 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
sPymbed 0:1387ff3eed4a 830 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
sPymbed 0:1387ff3eed4a 831 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
sPymbed 0:1387ff3eed4a 832 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D,
sPymbed 0:1387ff3eed4a 833 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D,
sPymbed 0:1387ff3eed4a 834 0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53,
sPymbed 0:1387ff3eed4a 835 0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64,
sPymbed 0:1387ff3eed4a 836 0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6,
sPymbed 0:1387ff3eed4a 837 0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D,
sPymbed 0:1387ff3eed4a 838 0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
sPymbed 0:1387ff3eed4a 839 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F,
sPymbed 0:1387ff3eed4a 840 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B,
sPymbed 0:1387ff3eed4a 841 0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88,
sPymbed 0:1387ff3eed4a 842 0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C,
sPymbed 0:1387ff3eed4a 843 0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1,
sPymbed 0:1387ff3eed4a 844 0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37,
sPymbed 0:1387ff3eed4a 845 0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
sPymbed 0:1387ff3eed4a 846 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA,
sPymbed 0:1387ff3eed4a 847 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0,
sPymbed 0:1387ff3eed4a 848 0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9,
sPymbed 0:1387ff3eed4a 849 0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB,
sPymbed 0:1387ff3eed4a 850 0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41,
sPymbed 0:1387ff3eed4a 851 0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F,
sPymbed 0:1387ff3eed4a 852 0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
sPymbed 0:1387ff3eed4a 853 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF,
sPymbed 0:1387ff3eed4a 854 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23,
sPymbed 0:1387ff3eed4a 855 0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5,
sPymbed 0:1387ff3eed4a 856 0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B,
sPymbed 0:1387ff3eed4a 857 0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01,
sPymbed 0:1387ff3eed4a 858 0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82,
sPymbed 0:1387ff3eed4a 859 0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
sPymbed 0:1387ff3eed4a 860 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34,
sPymbed 0:1387ff3eed4a 861 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0,
sPymbed 0:1387ff3eed4a 862 0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A,
sPymbed 0:1387ff3eed4a 863 0x52, 0x07, 0x19, 0x4E, 0x67, 0xFA, 0x35, 0x55,
sPymbed 0:1387ff3eed4a 864 0x1B, 0x56, 0x80, 0x26, 0x7B, 0x00, 0x64, 0x1C,
sPymbed 0:1387ff3eed4a 865 0x0F, 0x21, 0x2D, 0x18, 0xEC, 0xA8, 0xD7, 0x32,
sPymbed 0:1387ff3eed4a 866 0x7E, 0xD9, 0x1F, 0xE7, 0x64, 0xA8, 0x4E, 0xA1,
sPymbed 0:1387ff3eed4a 867 0xB4, 0x3F, 0xF5, 0xB4, 0xF6, 0xE8, 0xE6, 0x2F,
sPymbed 0:1387ff3eed4a 868 0x05, 0xC6, 0x61, 0xDE, 0xFB, 0x25, 0x88, 0x77,
sPymbed 0:1387ff3eed4a 869 0xC3, 0x5B, 0x18, 0xA1, 0x51, 0xD5, 0xC4, 0x14,
sPymbed 0:1387ff3eed4a 870 0xAA, 0xAD, 0x97, 0xBA, 0x3E, 0x49, 0x93, 0x32,
sPymbed 0:1387ff3eed4a 871 0xE5, 0x96, 0x07, 0x8E, 0x60, 0x0D, 0xEB, 0x81,
sPymbed 0:1387ff3eed4a 872 0x14, 0x9C, 0x44, 0x1C, 0xE9, 0x57, 0x82, 0xF2,
sPymbed 0:1387ff3eed4a 873 0x2A, 0x28, 0x25, 0x63, 0xC5, 0xBA, 0xC1, 0x41,
sPymbed 0:1387ff3eed4a 874 0x14, 0x23, 0x60, 0x5D, 0x1A, 0xE1, 0xAF, 0xAE,
sPymbed 0:1387ff3eed4a 875 0x2C, 0x8B, 0x06, 0x60, 0x23, 0x7E, 0xC1, 0x28,
sPymbed 0:1387ff3eed4a 876 0xAA, 0x0F, 0xE3, 0x46, 0x4E, 0x43, 0x58, 0x11,
sPymbed 0:1387ff3eed4a 877 0x5D, 0xB8, 0x4C, 0xC3, 0xB5, 0x23, 0x07, 0x3A,
sPymbed 0:1387ff3eed4a 878 0x28, 0xD4, 0x54, 0x98, 0x84, 0xB8, 0x1F, 0xF7,
sPymbed 0:1387ff3eed4a 879 0x0E, 0x10, 0xBF, 0x36, 0x1C, 0x13, 0x72, 0x96,
sPymbed 0:1387ff3eed4a 880 0x28, 0xD5, 0x34, 0x8F, 0x07, 0x21, 0x1E, 0x7E,
sPymbed 0:1387ff3eed4a 881 0x4C, 0xF4, 0xF1, 0x8B, 0x28, 0x60, 0x90, 0xBD,
sPymbed 0:1387ff3eed4a 882 0xB1, 0x24, 0x0B, 0x66, 0xD6, 0xCD, 0x4A, 0xFC,
sPymbed 0:1387ff3eed4a 883 0xEA, 0xDC, 0x00, 0xCA, 0x44, 0x6C, 0xE0, 0x50,
sPymbed 0:1387ff3eed4a 884 0x50, 0xFF, 0x18, 0x3A, 0xD2, 0xBB, 0xF1, 0x18,
sPymbed 0:1387ff3eed4a 885 0xC1, 0xFC, 0x0E, 0xA5, 0x1F, 0x97, 0xD2, 0x2B,
sPymbed 0:1387ff3eed4a 886 0x8F, 0x7E, 0x46, 0x70, 0x5D, 0x45, 0x27, 0xF4,
sPymbed 0:1387ff3eed4a 887 0x5B, 0x42, 0xAE, 0xFF, 0x39, 0x58, 0x53, 0x37,
sPymbed 0:1387ff3eed4a 888 0x6F, 0x69, 0x7D, 0xD5, 0xFD, 0xF2, 0xC5, 0x18,
sPymbed 0:1387ff3eed4a 889 0x7D, 0x7D, 0x5F, 0x0E, 0x2E, 0xB8, 0xD4, 0x3F,
sPymbed 0:1387ff3eed4a 890 0x17, 0xBA, 0x0F, 0x7C, 0x60, 0xFF, 0x43, 0x7F,
sPymbed 0:1387ff3eed4a 891 0x53, 0x5D, 0xFE, 0xF2, 0x98, 0x33, 0xBF, 0x86,
sPymbed 0:1387ff3eed4a 892 0xCB, 0xE8, 0x8E, 0xA4, 0xFB, 0xD4, 0x22, 0x1E,
sPymbed 0:1387ff3eed4a 893 0x84, 0x11, 0x72, 0x83, 0x54, 0xFA, 0x30, 0xA7,
sPymbed 0:1387ff3eed4a 894 0x00, 0x8F, 0x15, 0x4A, 0x41, 0xC7, 0xFC, 0x46,
sPymbed 0:1387ff3eed4a 895 0x6B, 0x46, 0x45, 0xDB, 0xE2, 0xE3, 0x21, 0x26,
sPymbed 0:1387ff3eed4a 896 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
sPymbed 0:1387ff3eed4a 897 };
sPymbed 0:1387ff3eed4a 898 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 899
sPymbed 0:1387ff3eed4a 900 const DhParams* wc_Dh_ffdhe8192_Get(void)
sPymbed 0:1387ff3eed4a 901 {
sPymbed 0:1387ff3eed4a 902 static const DhParams ffdhe8192 = {
sPymbed 0:1387ff3eed4a 903 #ifdef HAVE_FFDHE_Q
sPymbed 0:1387ff3eed4a 904 dh_ffdhe8192_q, sizeof(dh_ffdhe8192_q),
sPymbed 0:1387ff3eed4a 905 #endif /* HAVE_FFDHE_Q */
sPymbed 0:1387ff3eed4a 906 dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p),
sPymbed 0:1387ff3eed4a 907 dh_ffdhe8192_g, sizeof(dh_ffdhe8192_g)
sPymbed 0:1387ff3eed4a 908 };
sPymbed 0:1387ff3eed4a 909 return &ffdhe8192;
sPymbed 0:1387ff3eed4a 910 }
sPymbed 0:1387ff3eed4a 911 #endif
sPymbed 0:1387ff3eed4a 912
sPymbed 0:1387ff3eed4a 913 int wc_InitDhKey_ex(DhKey* key, void* heap, int devId)
sPymbed 0:1387ff3eed4a 914 {
sPymbed 0:1387ff3eed4a 915 int ret = 0;
sPymbed 0:1387ff3eed4a 916
sPymbed 0:1387ff3eed4a 917 if (key == NULL)
sPymbed 0:1387ff3eed4a 918 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 919
sPymbed 0:1387ff3eed4a 920 key->heap = heap; /* for XMALLOC/XFREE in future */
sPymbed 0:1387ff3eed4a 921
sPymbed 0:1387ff3eed4a 922 if (mp_init_multi(&key->p, &key->g, &key->q, NULL, NULL, NULL) != MP_OKAY)
sPymbed 0:1387ff3eed4a 923 return MEMORY_E;
sPymbed 0:1387ff3eed4a 924
sPymbed 0:1387ff3eed4a 925 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
sPymbed 0:1387ff3eed4a 926 /* handle as async */
sPymbed 0:1387ff3eed4a 927 ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH,
sPymbed 0:1387ff3eed4a 928 key->heap, devId);
sPymbed 0:1387ff3eed4a 929 #else
sPymbed 0:1387ff3eed4a 930 (void)devId;
sPymbed 0:1387ff3eed4a 931 #endif
sPymbed 0:1387ff3eed4a 932
sPymbed 0:1387ff3eed4a 933 return ret;
sPymbed 0:1387ff3eed4a 934 }
sPymbed 0:1387ff3eed4a 935
sPymbed 0:1387ff3eed4a 936 int wc_InitDhKey(DhKey* key)
sPymbed 0:1387ff3eed4a 937 {
sPymbed 0:1387ff3eed4a 938 return wc_InitDhKey_ex(key, NULL, INVALID_DEVID);
sPymbed 0:1387ff3eed4a 939 }
sPymbed 0:1387ff3eed4a 940
sPymbed 0:1387ff3eed4a 941
sPymbed 0:1387ff3eed4a 942 int wc_FreeDhKey(DhKey* key)
sPymbed 0:1387ff3eed4a 943 {
sPymbed 0:1387ff3eed4a 944 if (key) {
sPymbed 0:1387ff3eed4a 945 mp_clear(&key->p);
sPymbed 0:1387ff3eed4a 946 mp_clear(&key->g);
sPymbed 0:1387ff3eed4a 947 mp_clear(&key->q);
sPymbed 0:1387ff3eed4a 948
sPymbed 0:1387ff3eed4a 949 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
sPymbed 0:1387ff3eed4a 950 wolfAsync_DevCtxFree(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH);
sPymbed 0:1387ff3eed4a 951 #endif
sPymbed 0:1387ff3eed4a 952 }
sPymbed 0:1387ff3eed4a 953 return 0;
sPymbed 0:1387ff3eed4a 954 }
sPymbed 0:1387ff3eed4a 955
sPymbed 0:1387ff3eed4a 956
sPymbed 0:1387ff3eed4a 957 /* if defined to not use floating point values do not compile in */
sPymbed 0:1387ff3eed4a 958 #ifndef WOLFSSL_DH_CONST
sPymbed 0:1387ff3eed4a 959 static word32 DiscreteLogWorkFactor(word32 n)
sPymbed 0:1387ff3eed4a 960 {
sPymbed 0:1387ff3eed4a 961 /* assuming discrete log takes about the same time as factoring */
sPymbed 0:1387ff3eed4a 962 if (n < 5)
sPymbed 0:1387ff3eed4a 963 return 0;
sPymbed 0:1387ff3eed4a 964 else
sPymbed 0:1387ff3eed4a 965 return (word32)(2.4 * XPOW((double)n, 1.0/3.0) *
sPymbed 0:1387ff3eed4a 966 XPOW(XLOG((double)n), 2.0/3.0) - 5);
sPymbed 0:1387ff3eed4a 967 }
sPymbed 0:1387ff3eed4a 968 #endif /* WOLFSSL_DH_CONST*/
sPymbed 0:1387ff3eed4a 969
sPymbed 0:1387ff3eed4a 970
sPymbed 0:1387ff3eed4a 971 /* if not using fixed points use DiscreteLogWorkFactor function for unsual size
sPymbed 0:1387ff3eed4a 972 otherwise round up on size needed */
sPymbed 0:1387ff3eed4a 973 #ifndef WOLFSSL_DH_CONST
sPymbed 0:1387ff3eed4a 974 #define WOLFSSL_DH_ROUND(x)
sPymbed 0:1387ff3eed4a 975 #else
sPymbed 0:1387ff3eed4a 976 #define WOLFSSL_DH_ROUND(x) \
sPymbed 0:1387ff3eed4a 977 do { \
sPymbed 0:1387ff3eed4a 978 if (x % 128) { \
sPymbed 0:1387ff3eed4a 979 x &= 0xffffff80;\
sPymbed 0:1387ff3eed4a 980 x += 128; \
sPymbed 0:1387ff3eed4a 981 } \
sPymbed 0:1387ff3eed4a 982 } \
sPymbed 0:1387ff3eed4a 983 while (0)
sPymbed 0:1387ff3eed4a 984 #endif
sPymbed 0:1387ff3eed4a 985
sPymbed 0:1387ff3eed4a 986
sPymbed 0:1387ff3eed4a 987 #ifndef WOLFSSL_NO_DH186
sPymbed 0:1387ff3eed4a 988 /* validate that (L,N) match allowed sizes from SP 800-56A, Section 5.5.1.1.
sPymbed 0:1387ff3eed4a 989 * modLen - represents L, the size of p in bits
sPymbed 0:1387ff3eed4a 990 * divLen - represents N, the size of q in bits
sPymbed 0:1387ff3eed4a 991 * return 0 on success, -1 on error */
sPymbed 0:1387ff3eed4a 992 static int CheckDhLN(int modLen, int divLen)
sPymbed 0:1387ff3eed4a 993 {
sPymbed 0:1387ff3eed4a 994 int ret = -1;
sPymbed 0:1387ff3eed4a 995
sPymbed 0:1387ff3eed4a 996 switch (modLen) {
sPymbed 0:1387ff3eed4a 997 /* FA */
sPymbed 0:1387ff3eed4a 998 case 1024:
sPymbed 0:1387ff3eed4a 999 if (divLen == 160)
sPymbed 0:1387ff3eed4a 1000 ret = 0;
sPymbed 0:1387ff3eed4a 1001 break;
sPymbed 0:1387ff3eed4a 1002 /* FB, FC */
sPymbed 0:1387ff3eed4a 1003 case 2048:
sPymbed 0:1387ff3eed4a 1004 if (divLen == 224 || divLen == 256)
sPymbed 0:1387ff3eed4a 1005 ret = 0;
sPymbed 0:1387ff3eed4a 1006 break;
sPymbed 0:1387ff3eed4a 1007 default:
sPymbed 0:1387ff3eed4a 1008 break;
sPymbed 0:1387ff3eed4a 1009 }
sPymbed 0:1387ff3eed4a 1010
sPymbed 0:1387ff3eed4a 1011 return ret;
sPymbed 0:1387ff3eed4a 1012 }
sPymbed 0:1387ff3eed4a 1013
sPymbed 0:1387ff3eed4a 1014
sPymbed 0:1387ff3eed4a 1015 /* Create DH private key
sPymbed 0:1387ff3eed4a 1016 *
sPymbed 0:1387ff3eed4a 1017 * Based on NIST FIPS 186-4,
sPymbed 0:1387ff3eed4a 1018 * "B.1.1 Key Pair Generation Using Extra Random Bits"
sPymbed 0:1387ff3eed4a 1019 *
sPymbed 0:1387ff3eed4a 1020 * dh - pointer to initialized DhKey structure, needs to have dh->q
sPymbed 0:1387ff3eed4a 1021 * rng - pointer to initialized WC_RNG structure
sPymbed 0:1387ff3eed4a 1022 * priv - output location for generated private key
sPymbed 0:1387ff3eed4a 1023 * privSz - IN/OUT, size of priv buffer, size of generated private key
sPymbed 0:1387ff3eed4a 1024 *
sPymbed 0:1387ff3eed4a 1025 * return 0 on success, negative on error */
sPymbed 0:1387ff3eed4a 1026 static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
sPymbed 0:1387ff3eed4a 1027 word32* privSz)
sPymbed 0:1387ff3eed4a 1028 {
sPymbed 0:1387ff3eed4a 1029 byte* cBuf;
sPymbed 0:1387ff3eed4a 1030 int qSz, pSz, cSz, err;
sPymbed 0:1387ff3eed4a 1031 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1032 mp_int* tmpQ = NULL;
sPymbed 0:1387ff3eed4a 1033 mp_int* tmpX = NULL;
sPymbed 0:1387ff3eed4a 1034 #else
sPymbed 0:1387ff3eed4a 1035 mp_int tmpQ[1], tmpX[1];
sPymbed 0:1387ff3eed4a 1036 #endif
sPymbed 0:1387ff3eed4a 1037
sPymbed 0:1387ff3eed4a 1038 /* Parameters validated in calling functions. */
sPymbed 0:1387ff3eed4a 1039
sPymbed 0:1387ff3eed4a 1040 if (mp_iszero(&key->q) == MP_YES) {
sPymbed 0:1387ff3eed4a 1041 WOLFSSL_MSG("DH q parameter needed for FIPS 186-4 key generation");
sPymbed 0:1387ff3eed4a 1042 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1043 }
sPymbed 0:1387ff3eed4a 1044
sPymbed 0:1387ff3eed4a 1045 qSz = mp_unsigned_bin_size(&key->q);
sPymbed 0:1387ff3eed4a 1046 pSz = mp_unsigned_bin_size(&key->p);
sPymbed 0:1387ff3eed4a 1047
sPymbed 0:1387ff3eed4a 1048 /* verify (L,N) pair bit lengths */
sPymbed 0:1387ff3eed4a 1049 if (CheckDhLN(pSz * WOLFSSL_BIT_SIZE, qSz * WOLFSSL_BIT_SIZE) != 0) {
sPymbed 0:1387ff3eed4a 1050 WOLFSSL_MSG("DH param sizes do not match SP 800-56A requirements");
sPymbed 0:1387ff3eed4a 1051 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1052 }
sPymbed 0:1387ff3eed4a 1053
sPymbed 0:1387ff3eed4a 1054 /* generate extra 64 bits so that bias from mod function is negligible */
sPymbed 0:1387ff3eed4a 1055 cSz = qSz + (64 / WOLFSSL_BIT_SIZE);
sPymbed 0:1387ff3eed4a 1056 cBuf = (byte*)XMALLOC(cSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 1057 if (cBuf == NULL) {
sPymbed 0:1387ff3eed4a 1058 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1059 }
sPymbed 0:1387ff3eed4a 1060 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1061 tmpQ = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1062 if (tmpQ == NULL) {
sPymbed 0:1387ff3eed4a 1063 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 1064 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1065 }
sPymbed 0:1387ff3eed4a 1066 tmpX = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1067 if (tmpX == NULL) {
sPymbed 0:1387ff3eed4a 1068 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 1069 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1070 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1071 }
sPymbed 0:1387ff3eed4a 1072 #endif
sPymbed 0:1387ff3eed4a 1073
sPymbed 0:1387ff3eed4a 1074
sPymbed 0:1387ff3eed4a 1075 if ((err = mp_init_multi(tmpX, tmpQ, NULL, NULL, NULL, NULL))
sPymbed 0:1387ff3eed4a 1076 != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1077 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 1078 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1079 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1080 XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1081 #endif
sPymbed 0:1387ff3eed4a 1082 return err;
sPymbed 0:1387ff3eed4a 1083 }
sPymbed 0:1387ff3eed4a 1084
sPymbed 0:1387ff3eed4a 1085 do {
sPymbed 0:1387ff3eed4a 1086 /* generate N+64 bits (c) from RBG into tmpX, making sure positive.
sPymbed 0:1387ff3eed4a 1087 * Hash_DRBG uses SHA-256 which matches maximum
sPymbed 0:1387ff3eed4a 1088 * requested_security_strength of (L,N) */
sPymbed 0:1387ff3eed4a 1089 err = wc_RNG_GenerateBlock(rng, cBuf, cSz);
sPymbed 0:1387ff3eed4a 1090 if (err == MP_OKAY)
sPymbed 0:1387ff3eed4a 1091 err = mp_read_unsigned_bin(tmpX, cBuf, cSz);
sPymbed 0:1387ff3eed4a 1092 if (err != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1093 mp_clear(tmpX);
sPymbed 0:1387ff3eed4a 1094 mp_clear(tmpQ);
sPymbed 0:1387ff3eed4a 1095 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 1096 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1097 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1098 XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1099 #endif
sPymbed 0:1387ff3eed4a 1100 return err;
sPymbed 0:1387ff3eed4a 1101 }
sPymbed 0:1387ff3eed4a 1102 } while (mp_cmp_d(tmpX, 1) != MP_GT);
sPymbed 0:1387ff3eed4a 1103
sPymbed 0:1387ff3eed4a 1104 ForceZero(cBuf, cSz);
sPymbed 0:1387ff3eed4a 1105 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 1106
sPymbed 0:1387ff3eed4a 1107 /* tmpQ = q - 1 */
sPymbed 0:1387ff3eed4a 1108 if (err == MP_OKAY)
sPymbed 0:1387ff3eed4a 1109 err = mp_copy(&key->q, tmpQ);
sPymbed 0:1387ff3eed4a 1110
sPymbed 0:1387ff3eed4a 1111 if (err == MP_OKAY)
sPymbed 0:1387ff3eed4a 1112 err = mp_sub_d(tmpQ, 1, tmpQ);
sPymbed 0:1387ff3eed4a 1113
sPymbed 0:1387ff3eed4a 1114 /* x = c mod (q-1), tmpX holds c */
sPymbed 0:1387ff3eed4a 1115 if (err == MP_OKAY)
sPymbed 0:1387ff3eed4a 1116 err = mp_mod(tmpX, tmpQ, tmpX);
sPymbed 0:1387ff3eed4a 1117
sPymbed 0:1387ff3eed4a 1118 /* x = c mod (q-1) + 1 */
sPymbed 0:1387ff3eed4a 1119 if (err == MP_OKAY)
sPymbed 0:1387ff3eed4a 1120 err = mp_add_d(tmpX, 1, tmpX);
sPymbed 0:1387ff3eed4a 1121
sPymbed 0:1387ff3eed4a 1122 /* copy tmpX into priv */
sPymbed 0:1387ff3eed4a 1123 if (err == MP_OKAY) {
sPymbed 0:1387ff3eed4a 1124 pSz = mp_unsigned_bin_size(tmpX);
sPymbed 0:1387ff3eed4a 1125 if (pSz > (int)*privSz) {
sPymbed 0:1387ff3eed4a 1126 WOLFSSL_MSG("DH private key output buffer too small");
sPymbed 0:1387ff3eed4a 1127 err = BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1128 } else {
sPymbed 0:1387ff3eed4a 1129 *privSz = pSz;
sPymbed 0:1387ff3eed4a 1130 err = mp_to_unsigned_bin(tmpX, priv);
sPymbed 0:1387ff3eed4a 1131 }
sPymbed 0:1387ff3eed4a 1132 }
sPymbed 0:1387ff3eed4a 1133
sPymbed 0:1387ff3eed4a 1134 mp_forcezero(tmpX);
sPymbed 0:1387ff3eed4a 1135 mp_clear(tmpX);
sPymbed 0:1387ff3eed4a 1136 mp_clear(tmpQ);
sPymbed 0:1387ff3eed4a 1137 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1138 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1139 XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1140 #endif
sPymbed 0:1387ff3eed4a 1141
sPymbed 0:1387ff3eed4a 1142 return err;
sPymbed 0:1387ff3eed4a 1143 }
sPymbed 0:1387ff3eed4a 1144 #endif /* WOLFSSL_NO_DH186 */
sPymbed 0:1387ff3eed4a 1145
sPymbed 0:1387ff3eed4a 1146
sPymbed 0:1387ff3eed4a 1147 static int GeneratePrivateDh(DhKey* key, WC_RNG* rng, byte* priv,
sPymbed 0:1387ff3eed4a 1148 word32* privSz)
sPymbed 0:1387ff3eed4a 1149 {
sPymbed 0:1387ff3eed4a 1150 int ret = 0;
sPymbed 0:1387ff3eed4a 1151 word32 sz = 0;
sPymbed 0:1387ff3eed4a 1152
sPymbed 0:1387ff3eed4a 1153 #ifndef WOLFSSL_NO_DH186
sPymbed 0:1387ff3eed4a 1154 if (mp_iszero(&key->q) == MP_NO) {
sPymbed 0:1387ff3eed4a 1155
sPymbed 0:1387ff3eed4a 1156 /* q param available, use NIST FIPS 186-4, "B.1.1 Key Pair
sPymbed 0:1387ff3eed4a 1157 * Generation Using Extra Random Bits" */
sPymbed 0:1387ff3eed4a 1158 ret = GeneratePrivateDh186(key, rng, priv, privSz);
sPymbed 0:1387ff3eed4a 1159
sPymbed 0:1387ff3eed4a 1160 } else
sPymbed 0:1387ff3eed4a 1161 #endif
sPymbed 0:1387ff3eed4a 1162 {
sPymbed 0:1387ff3eed4a 1163
sPymbed 0:1387ff3eed4a 1164 sz = mp_unsigned_bin_size(&key->p);
sPymbed 0:1387ff3eed4a 1165
sPymbed 0:1387ff3eed4a 1166 /* Table of predetermined values from the operation
sPymbed 0:1387ff3eed4a 1167 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) /
sPymbed 0:1387ff3eed4a 1168 WOLFSSL_BIT_SIZE + 1
sPymbed 0:1387ff3eed4a 1169 Sizes in table checked against RFC 3526
sPymbed 0:1387ff3eed4a 1170 */
sPymbed 0:1387ff3eed4a 1171 WOLFSSL_DH_ROUND(sz); /* if using fixed points only, then round up */
sPymbed 0:1387ff3eed4a 1172 switch (sz) {
sPymbed 0:1387ff3eed4a 1173 case 128: sz = 21; break;
sPymbed 0:1387ff3eed4a 1174 case 256: sz = 29; break;
sPymbed 0:1387ff3eed4a 1175 case 384: sz = 34; break;
sPymbed 0:1387ff3eed4a 1176 case 512: sz = 39; break;
sPymbed 0:1387ff3eed4a 1177 case 640: sz = 42; break;
sPymbed 0:1387ff3eed4a 1178 case 768: sz = 46; break;
sPymbed 0:1387ff3eed4a 1179 case 896: sz = 49; break;
sPymbed 0:1387ff3eed4a 1180 case 1024: sz = 52; break;
sPymbed 0:1387ff3eed4a 1181 default:
sPymbed 0:1387ff3eed4a 1182 #ifndef WOLFSSL_DH_CONST
sPymbed 0:1387ff3eed4a 1183 /* if using floating points and size of p is not in table */
sPymbed 0:1387ff3eed4a 1184 sz = min(sz, 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) /
sPymbed 0:1387ff3eed4a 1185 WOLFSSL_BIT_SIZE + 1);
sPymbed 0:1387ff3eed4a 1186 break;
sPymbed 0:1387ff3eed4a 1187 #else
sPymbed 0:1387ff3eed4a 1188 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1189 #endif
sPymbed 0:1387ff3eed4a 1190 }
sPymbed 0:1387ff3eed4a 1191
sPymbed 0:1387ff3eed4a 1192 ret = wc_RNG_GenerateBlock(rng, priv, sz);
sPymbed 0:1387ff3eed4a 1193
sPymbed 0:1387ff3eed4a 1194 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1195 priv[0] |= 0x0C;
sPymbed 0:1387ff3eed4a 1196 *privSz = sz;
sPymbed 0:1387ff3eed4a 1197 }
sPymbed 0:1387ff3eed4a 1198 }
sPymbed 0:1387ff3eed4a 1199
sPymbed 0:1387ff3eed4a 1200 return ret;
sPymbed 0:1387ff3eed4a 1201 }
sPymbed 0:1387ff3eed4a 1202
sPymbed 0:1387ff3eed4a 1203
sPymbed 0:1387ff3eed4a 1204 static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
sPymbed 0:1387ff3eed4a 1205 byte* pub, word32* pubSz)
sPymbed 0:1387ff3eed4a 1206 {
sPymbed 0:1387ff3eed4a 1207 int ret = 0;
sPymbed 0:1387ff3eed4a 1208 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1209 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1210 mp_int* x = NULL;
sPymbed 0:1387ff3eed4a 1211 mp_int* y = NULL;
sPymbed 0:1387ff3eed4a 1212 #else
sPymbed 0:1387ff3eed4a 1213 mp_int x[1];
sPymbed 0:1387ff3eed4a 1214 mp_int y[1];
sPymbed 0:1387ff3eed4a 1215 #endif
sPymbed 0:1387ff3eed4a 1216 #endif
sPymbed 0:1387ff3eed4a 1217
sPymbed 0:1387ff3eed4a 1218 #ifdef WOLFSSL_HAVE_SP_DH
sPymbed 0:1387ff3eed4a 1219 #ifndef WOLFSSL_SP_NO_2048
sPymbed 0:1387ff3eed4a 1220 if (mp_count_bits(&key->p) == 2048)
sPymbed 0:1387ff3eed4a 1221 return sp_DhExp_2048(&key->g, priv, privSz, &key->p, pub, pubSz);
sPymbed 0:1387ff3eed4a 1222 #endif
sPymbed 0:1387ff3eed4a 1223 #ifndef WOLFSSL_SP_NO_3072
sPymbed 0:1387ff3eed4a 1224 if (mp_count_bits(&key->p) == 3072)
sPymbed 0:1387ff3eed4a 1225 return sp_DhExp_3072(&key->g, priv, privSz, &key->p, pub, pubSz);
sPymbed 0:1387ff3eed4a 1226 #endif
sPymbed 0:1387ff3eed4a 1227 #endif
sPymbed 0:1387ff3eed4a 1228
sPymbed 0:1387ff3eed4a 1229 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1230 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1231 x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1232 if (x == NULL)
sPymbed 0:1387ff3eed4a 1233 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1234 y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1235 if (y == NULL) {
sPymbed 0:1387ff3eed4a 1236 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1237 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1238 }
sPymbed 0:1387ff3eed4a 1239 #endif
sPymbed 0:1387ff3eed4a 1240 if (mp_init_multi(x, y, 0, 0, 0, 0) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1241 return MP_INIT_E;
sPymbed 0:1387ff3eed4a 1242
sPymbed 0:1387ff3eed4a 1243 if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1244 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1245
sPymbed 0:1387ff3eed4a 1246 if (ret == 0 && mp_exptmod(&key->g, x, &key->p, y) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1247 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1248
sPymbed 0:1387ff3eed4a 1249 if (ret == 0 && mp_to_unsigned_bin(y, pub) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1250 ret = MP_TO_E;
sPymbed 0:1387ff3eed4a 1251
sPymbed 0:1387ff3eed4a 1252 if (ret == 0)
sPymbed 0:1387ff3eed4a 1253 *pubSz = mp_unsigned_bin_size(y);
sPymbed 0:1387ff3eed4a 1254
sPymbed 0:1387ff3eed4a 1255 mp_clear(y);
sPymbed 0:1387ff3eed4a 1256 mp_clear(x);
sPymbed 0:1387ff3eed4a 1257 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1258 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1259 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1260 #endif
sPymbed 0:1387ff3eed4a 1261 #else
sPymbed 0:1387ff3eed4a 1262 ret = WC_KEY_SIZE_E;
sPymbed 0:1387ff3eed4a 1263 #endif
sPymbed 0:1387ff3eed4a 1264
sPymbed 0:1387ff3eed4a 1265 return ret;
sPymbed 0:1387ff3eed4a 1266 }
sPymbed 0:1387ff3eed4a 1267
sPymbed 0:1387ff3eed4a 1268 static int wc_DhGenerateKeyPair_Sync(DhKey* key, WC_RNG* rng,
sPymbed 0:1387ff3eed4a 1269 byte* priv, word32* privSz, byte* pub, word32* pubSz)
sPymbed 0:1387ff3eed4a 1270 {
sPymbed 0:1387ff3eed4a 1271 int ret;
sPymbed 0:1387ff3eed4a 1272
sPymbed 0:1387ff3eed4a 1273 if (key == NULL || rng == NULL || priv == NULL || privSz == NULL ||
sPymbed 0:1387ff3eed4a 1274 pub == NULL || pubSz == NULL) {
sPymbed 0:1387ff3eed4a 1275 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1276 }
sPymbed 0:1387ff3eed4a 1277
sPymbed 0:1387ff3eed4a 1278 ret = GeneratePrivateDh(key, rng, priv, privSz);
sPymbed 0:1387ff3eed4a 1279
sPymbed 0:1387ff3eed4a 1280 return (ret != 0) ? ret : GeneratePublicDh(key, priv, *privSz, pub, pubSz);
sPymbed 0:1387ff3eed4a 1281 }
sPymbed 0:1387ff3eed4a 1282
sPymbed 0:1387ff3eed4a 1283 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
sPymbed 0:1387ff3eed4a 1284 static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng,
sPymbed 0:1387ff3eed4a 1285 byte* priv, word32* privSz, byte* pub, word32* pubSz)
sPymbed 0:1387ff3eed4a 1286 {
sPymbed 0:1387ff3eed4a 1287 int ret;
sPymbed 0:1387ff3eed4a 1288
sPymbed 0:1387ff3eed4a 1289 #if defined(HAVE_INTEL_QA)
sPymbed 0:1387ff3eed4a 1290 word32 sz;
sPymbed 0:1387ff3eed4a 1291
sPymbed 0:1387ff3eed4a 1292 /* verify prime is at least 768-bits */
sPymbed 0:1387ff3eed4a 1293 /* QAT HW must have prime at least 768-bits */
sPymbed 0:1387ff3eed4a 1294 sz = mp_unsigned_bin_size(&key->p);
sPymbed 0:1387ff3eed4a 1295 if (sz >= (768/8)) {
sPymbed 0:1387ff3eed4a 1296 mp_int x;
sPymbed 0:1387ff3eed4a 1297
sPymbed 0:1387ff3eed4a 1298 ret = mp_init(&x);
sPymbed 0:1387ff3eed4a 1299 if (ret != MP_OKAY)
sPymbed 0:1387ff3eed4a 1300 return ret;
sPymbed 0:1387ff3eed4a 1301
sPymbed 0:1387ff3eed4a 1302 ret = GeneratePrivateDh(key, rng, priv, privSz);
sPymbed 0:1387ff3eed4a 1303 if (ret == 0)
sPymbed 0:1387ff3eed4a 1304 ret = mp_read_unsigned_bin(&x, priv, *privSz);
sPymbed 0:1387ff3eed4a 1305 if (ret == MP_OKAY)
sPymbed 0:1387ff3eed4a 1306 ret = wc_mp_to_bigint(&x, &x.raw);
sPymbed 0:1387ff3eed4a 1307 if (ret == MP_OKAY)
sPymbed 0:1387ff3eed4a 1308 ret = wc_mp_to_bigint(&key->p, &key->p.raw);
sPymbed 0:1387ff3eed4a 1309 if (ret == MP_OKAY)
sPymbed 0:1387ff3eed4a 1310 ret = wc_mp_to_bigint(&key->g, &key->g.raw);
sPymbed 0:1387ff3eed4a 1311 if (ret == MP_OKAY)
sPymbed 0:1387ff3eed4a 1312 ret = IntelQaDhKeyGen(&key->asyncDev, &key->p.raw, &key->g.raw,
sPymbed 0:1387ff3eed4a 1313 &x.raw, pub, pubSz);
sPymbed 0:1387ff3eed4a 1314 mp_clear(&x);
sPymbed 0:1387ff3eed4a 1315
sPymbed 0:1387ff3eed4a 1316 return ret;
sPymbed 0:1387ff3eed4a 1317 }
sPymbed 0:1387ff3eed4a 1318
sPymbed 0:1387ff3eed4a 1319 #elif defined(HAVE_CAVIUM)
sPymbed 0:1387ff3eed4a 1320 /* TODO: Not implemented - use software for now */
sPymbed 0:1387ff3eed4a 1321
sPymbed 0:1387ff3eed4a 1322 #else /* WOLFSSL_ASYNC_CRYPT_TEST */
sPymbed 0:1387ff3eed4a 1323 if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_DH_GEN)) {
sPymbed 0:1387ff3eed4a 1324 WC_ASYNC_TEST* testDev = &key->asyncDev.test;
sPymbed 0:1387ff3eed4a 1325 testDev->dhGen.key = key;
sPymbed 0:1387ff3eed4a 1326 testDev->dhGen.rng = rng;
sPymbed 0:1387ff3eed4a 1327 testDev->dhGen.priv = priv;
sPymbed 0:1387ff3eed4a 1328 testDev->dhGen.privSz = privSz;
sPymbed 0:1387ff3eed4a 1329 testDev->dhGen.pub = pub;
sPymbed 0:1387ff3eed4a 1330 testDev->dhGen.pubSz = pubSz;
sPymbed 0:1387ff3eed4a 1331 return WC_PENDING_E;
sPymbed 0:1387ff3eed4a 1332 }
sPymbed 0:1387ff3eed4a 1333 #endif
sPymbed 0:1387ff3eed4a 1334
sPymbed 0:1387ff3eed4a 1335 /* otherwise use software DH */
sPymbed 0:1387ff3eed4a 1336 ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz);
sPymbed 0:1387ff3eed4a 1337
sPymbed 0:1387ff3eed4a 1338 return ret;
sPymbed 0:1387ff3eed4a 1339 }
sPymbed 0:1387ff3eed4a 1340 #endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_DH */
sPymbed 0:1387ff3eed4a 1341
sPymbed 0:1387ff3eed4a 1342
sPymbed 0:1387ff3eed4a 1343 /* Check DH Public Key for invalid numbers, optionally allowing
sPymbed 0:1387ff3eed4a 1344 * the public key to be checked against the large prime (q).
sPymbed 0:1387ff3eed4a 1345 * Check per process in SP 800-56Ar3, section 5.6.2.3.1.
sPymbed 0:1387ff3eed4a 1346 *
sPymbed 0:1387ff3eed4a 1347 * key DH key group parameters.
sPymbed 0:1387ff3eed4a 1348 * pub Public Key.
sPymbed 0:1387ff3eed4a 1349 * pubSz Public Key size.
sPymbed 0:1387ff3eed4a 1350 * prime Large prime (q), optionally NULL to skip check
sPymbed 0:1387ff3eed4a 1351 * primeSz Size of large prime
sPymbed 0:1387ff3eed4a 1352 *
sPymbed 0:1387ff3eed4a 1353 * returns 0 on success or error code
sPymbed 0:1387ff3eed4a 1354 */
sPymbed 0:1387ff3eed4a 1355 int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
sPymbed 0:1387ff3eed4a 1356 const byte* prime, word32 primeSz)
sPymbed 0:1387ff3eed4a 1357 {
sPymbed 0:1387ff3eed4a 1358 int ret = 0;
sPymbed 0:1387ff3eed4a 1359 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1360 mp_int* y = NULL;
sPymbed 0:1387ff3eed4a 1361 mp_int* p = NULL;
sPymbed 0:1387ff3eed4a 1362 mp_int* q = NULL;
sPymbed 0:1387ff3eed4a 1363 #else
sPymbed 0:1387ff3eed4a 1364 mp_int y[1];
sPymbed 0:1387ff3eed4a 1365 mp_int p[1];
sPymbed 0:1387ff3eed4a 1366 mp_int q[1];
sPymbed 0:1387ff3eed4a 1367 #endif
sPymbed 0:1387ff3eed4a 1368
sPymbed 0:1387ff3eed4a 1369 if (key == NULL || pub == NULL) {
sPymbed 0:1387ff3eed4a 1370 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1371 }
sPymbed 0:1387ff3eed4a 1372
sPymbed 0:1387ff3eed4a 1373 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1374 y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1375 if (y == NULL)
sPymbed 0:1387ff3eed4a 1376 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1377 p = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1378 if (p == NULL) {
sPymbed 0:1387ff3eed4a 1379 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1380 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1381 }
sPymbed 0:1387ff3eed4a 1382 q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1383 if (q == NULL) {
sPymbed 0:1387ff3eed4a 1384 XFREE(p, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1385 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1386 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1387 }
sPymbed 0:1387ff3eed4a 1388 #endif
sPymbed 0:1387ff3eed4a 1389
sPymbed 0:1387ff3eed4a 1390 if (mp_init_multi(y, p, q, NULL, NULL, NULL) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1391 return MP_INIT_E;
sPymbed 0:1387ff3eed4a 1392 }
sPymbed 0:1387ff3eed4a 1393
sPymbed 0:1387ff3eed4a 1394 if (mp_read_unsigned_bin(y, pub, pubSz) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1395 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1396 }
sPymbed 0:1387ff3eed4a 1397
sPymbed 0:1387ff3eed4a 1398 if (ret == 0 && prime != NULL) {
sPymbed 0:1387ff3eed4a 1399 if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1400 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1401
sPymbed 0:1387ff3eed4a 1402 } else if (mp_iszero(&key->q) == MP_NO) {
sPymbed 0:1387ff3eed4a 1403 /* use q available in DhKey */
sPymbed 0:1387ff3eed4a 1404 if (mp_copy(&key->q, q) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1405 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1406 }
sPymbed 0:1387ff3eed4a 1407
sPymbed 0:1387ff3eed4a 1408 /* SP 800-56Ar3, section 5.6.2.3.1, process step 1 */
sPymbed 0:1387ff3eed4a 1409 /* pub (y) should not be 0 or 1 */
sPymbed 0:1387ff3eed4a 1410 if (ret == 0 && mp_cmp_d(y, 2) == MP_LT) {
sPymbed 0:1387ff3eed4a 1411 ret = MP_CMP_E;
sPymbed 0:1387ff3eed4a 1412 }
sPymbed 0:1387ff3eed4a 1413
sPymbed 0:1387ff3eed4a 1414 /* pub (y) shouldn't be greater than or equal to p - 1 */
sPymbed 0:1387ff3eed4a 1415 if (ret == 0 && mp_copy(&key->p, p) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1416 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1417 }
sPymbed 0:1387ff3eed4a 1418 if (ret == 0 && mp_sub_d(p, 2, p) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1419 ret = MP_SUB_E;
sPymbed 0:1387ff3eed4a 1420 }
sPymbed 0:1387ff3eed4a 1421 if (ret == 0 && mp_cmp(y, p) == MP_GT) {
sPymbed 0:1387ff3eed4a 1422 ret = MP_CMP_E;
sPymbed 0:1387ff3eed4a 1423 }
sPymbed 0:1387ff3eed4a 1424
sPymbed 0:1387ff3eed4a 1425 if (ret == 0 && (prime != NULL || (mp_iszero(&key->q) == MP_NO) )) {
sPymbed 0:1387ff3eed4a 1426
sPymbed 0:1387ff3eed4a 1427 /* restore key->p into p */
sPymbed 0:1387ff3eed4a 1428 if (mp_copy(&key->p, p) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1429 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1430 }
sPymbed 0:1387ff3eed4a 1431
sPymbed 0:1387ff3eed4a 1432 if (ret == 0 && prime != NULL) {
sPymbed 0:1387ff3eed4a 1433 #ifdef WOLFSSL_HAVE_SP_DH
sPymbed 0:1387ff3eed4a 1434 #ifndef WOLFSSL_SP_NO_2048
sPymbed 0:1387ff3eed4a 1435 if (mp_count_bits(&key->p) == 2048) {
sPymbed 0:1387ff3eed4a 1436 ret = sp_ModExp_2048(y, q, p, y);
sPymbed 0:1387ff3eed4a 1437 if (ret != 0)
sPymbed 0:1387ff3eed4a 1438 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1439 }
sPymbed 0:1387ff3eed4a 1440 else
sPymbed 0:1387ff3eed4a 1441 #endif
sPymbed 0:1387ff3eed4a 1442 #ifndef WOLFSSL_SP_NO_3072
sPymbed 0:1387ff3eed4a 1443 if (mp_count_bits(&key->p) == 3072) {
sPymbed 0:1387ff3eed4a 1444 ret = sp_ModExp_3072(y, q, p, y);
sPymbed 0:1387ff3eed4a 1445 if (ret != 0)
sPymbed 0:1387ff3eed4a 1446 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1447 }
sPymbed 0:1387ff3eed4a 1448 else
sPymbed 0:1387ff3eed4a 1449 #endif
sPymbed 0:1387ff3eed4a 1450 #endif
sPymbed 0:1387ff3eed4a 1451
sPymbed 0:1387ff3eed4a 1452 {
sPymbed 0:1387ff3eed4a 1453 /* SP 800-56Ar3, section 5.6.2.3.1, process step 2 */
sPymbed 0:1387ff3eed4a 1454 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1455 /* calculate (y^q) mod(p), store back into y */
sPymbed 0:1387ff3eed4a 1456 if (ret == 0 && mp_exptmod(y, q, p, y) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1457 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1458 #else
sPymbed 0:1387ff3eed4a 1459 ret = WC_KEY_SIZE_E;
sPymbed 0:1387ff3eed4a 1460 #endif
sPymbed 0:1387ff3eed4a 1461 }
sPymbed 0:1387ff3eed4a 1462
sPymbed 0:1387ff3eed4a 1463 /* verify above == 1 */
sPymbed 0:1387ff3eed4a 1464 if (ret == 0 && mp_cmp_d(y, 1) != MP_EQ)
sPymbed 0:1387ff3eed4a 1465 ret = MP_CMP_E;
sPymbed 0:1387ff3eed4a 1466 }
sPymbed 0:1387ff3eed4a 1467
sPymbed 0:1387ff3eed4a 1468 mp_clear(y);
sPymbed 0:1387ff3eed4a 1469 mp_clear(p);
sPymbed 0:1387ff3eed4a 1470 mp_clear(q);
sPymbed 0:1387ff3eed4a 1471 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1472 XFREE(q, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1473 XFREE(p, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1474 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1475 #endif
sPymbed 0:1387ff3eed4a 1476
sPymbed 0:1387ff3eed4a 1477 return ret;
sPymbed 0:1387ff3eed4a 1478 }
sPymbed 0:1387ff3eed4a 1479
sPymbed 0:1387ff3eed4a 1480
sPymbed 0:1387ff3eed4a 1481 /* Check DH Public Key for invalid numbers
sPymbed 0:1387ff3eed4a 1482 *
sPymbed 0:1387ff3eed4a 1483 * key DH key group parameters.
sPymbed 0:1387ff3eed4a 1484 * pub Public Key.
sPymbed 0:1387ff3eed4a 1485 * pubSz Public Key size.
sPymbed 0:1387ff3eed4a 1486 *
sPymbed 0:1387ff3eed4a 1487 * returns 0 on success or error code
sPymbed 0:1387ff3eed4a 1488 */
sPymbed 0:1387ff3eed4a 1489 int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz)
sPymbed 0:1387ff3eed4a 1490 {
sPymbed 0:1387ff3eed4a 1491 return wc_DhCheckPubKey_ex(key, pub, pubSz, NULL, 0);
sPymbed 0:1387ff3eed4a 1492 }
sPymbed 0:1387ff3eed4a 1493
sPymbed 0:1387ff3eed4a 1494
sPymbed 0:1387ff3eed4a 1495 /* Check DH Private Key for invalid numbers, optionally allowing
sPymbed 0:1387ff3eed4a 1496 * the private key to be checked against the large prime (q).
sPymbed 0:1387ff3eed4a 1497 * Check per process in SP 800-56Ar3, section 5.6.2.1.2.
sPymbed 0:1387ff3eed4a 1498 *
sPymbed 0:1387ff3eed4a 1499 * key DH key group parameters.
sPymbed 0:1387ff3eed4a 1500 * priv Private Key.
sPymbed 0:1387ff3eed4a 1501 * privSz Private Key size.
sPymbed 0:1387ff3eed4a 1502 * prime Large prime (q), optionally NULL to skip check
sPymbed 0:1387ff3eed4a 1503 * primeSz Size of large prime
sPymbed 0:1387ff3eed4a 1504 *
sPymbed 0:1387ff3eed4a 1505 * returns 0 on success or error code
sPymbed 0:1387ff3eed4a 1506 */
sPymbed 0:1387ff3eed4a 1507 int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
sPymbed 0:1387ff3eed4a 1508 const byte* prime, word32 primeSz)
sPymbed 0:1387ff3eed4a 1509 {
sPymbed 0:1387ff3eed4a 1510 int ret = 0;
sPymbed 0:1387ff3eed4a 1511 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1512 mp_int* x = NULL;
sPymbed 0:1387ff3eed4a 1513 mp_int* q = NULL;
sPymbed 0:1387ff3eed4a 1514 #else
sPymbed 0:1387ff3eed4a 1515 mp_int x[1];
sPymbed 0:1387ff3eed4a 1516 mp_int q[1];
sPymbed 0:1387ff3eed4a 1517 #endif
sPymbed 0:1387ff3eed4a 1518
sPymbed 0:1387ff3eed4a 1519 if (key == NULL || priv == NULL) {
sPymbed 0:1387ff3eed4a 1520 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1521 }
sPymbed 0:1387ff3eed4a 1522
sPymbed 0:1387ff3eed4a 1523 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1524 x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1525 if (x == NULL)
sPymbed 0:1387ff3eed4a 1526 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1527 q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1528 if (q == NULL) {
sPymbed 0:1387ff3eed4a 1529 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1530 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1531 }
sPymbed 0:1387ff3eed4a 1532 #endif
sPymbed 0:1387ff3eed4a 1533
sPymbed 0:1387ff3eed4a 1534 if (mp_init_multi(x, q, NULL, NULL, NULL, NULL) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1535 return MP_INIT_E;
sPymbed 0:1387ff3eed4a 1536 }
sPymbed 0:1387ff3eed4a 1537
sPymbed 0:1387ff3eed4a 1538 if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1539 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1540 }
sPymbed 0:1387ff3eed4a 1541
sPymbed 0:1387ff3eed4a 1542 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1543 if (prime != NULL) {
sPymbed 0:1387ff3eed4a 1544 if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1545 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1546 }
sPymbed 0:1387ff3eed4a 1547 else if (mp_iszero(&key->q) == MP_NO) {
sPymbed 0:1387ff3eed4a 1548 /* use q available in DhKey */
sPymbed 0:1387ff3eed4a 1549 if (mp_copy(&key->q, q) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1550 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1551 }
sPymbed 0:1387ff3eed4a 1552 }
sPymbed 0:1387ff3eed4a 1553
sPymbed 0:1387ff3eed4a 1554 /* priv (x) should not be 0 */
sPymbed 0:1387ff3eed4a 1555 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1556 if (mp_cmp_d(x, 0) == MP_EQ)
sPymbed 0:1387ff3eed4a 1557 ret = MP_CMP_E;
sPymbed 0:1387ff3eed4a 1558 }
sPymbed 0:1387ff3eed4a 1559
sPymbed 0:1387ff3eed4a 1560 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1561 if (mp_iszero(q) == MP_NO) {
sPymbed 0:1387ff3eed4a 1562 /* priv (x) shouldn't be greater than q - 1 */
sPymbed 0:1387ff3eed4a 1563 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1564 if (mp_copy(&key->q, q) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1565 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1566 }
sPymbed 0:1387ff3eed4a 1567 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1568 if (mp_sub_d(q, 1, q) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1569 ret = MP_SUB_E;
sPymbed 0:1387ff3eed4a 1570 }
sPymbed 0:1387ff3eed4a 1571 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1572 if (mp_cmp(x, q) == MP_GT)
sPymbed 0:1387ff3eed4a 1573 ret = DH_CHECK_PRIV_E;
sPymbed 0:1387ff3eed4a 1574 }
sPymbed 0:1387ff3eed4a 1575 }
sPymbed 0:1387ff3eed4a 1576 }
sPymbed 0:1387ff3eed4a 1577
sPymbed 0:1387ff3eed4a 1578 mp_clear(x);
sPymbed 0:1387ff3eed4a 1579 mp_clear(q);
sPymbed 0:1387ff3eed4a 1580 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1581 XFREE(q, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1582 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1583 #endif
sPymbed 0:1387ff3eed4a 1584
sPymbed 0:1387ff3eed4a 1585 return ret;
sPymbed 0:1387ff3eed4a 1586 }
sPymbed 0:1387ff3eed4a 1587
sPymbed 0:1387ff3eed4a 1588
sPymbed 0:1387ff3eed4a 1589 /* Check DH Private Key for invalid numbers
sPymbed 0:1387ff3eed4a 1590 *
sPymbed 0:1387ff3eed4a 1591 * key DH key group parameters.
sPymbed 0:1387ff3eed4a 1592 * priv Private Key.
sPymbed 0:1387ff3eed4a 1593 * privSz Private Key size.
sPymbed 0:1387ff3eed4a 1594 *
sPymbed 0:1387ff3eed4a 1595 * returns 0 on success or error code
sPymbed 0:1387ff3eed4a 1596 */
sPymbed 0:1387ff3eed4a 1597 int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 privSz)
sPymbed 0:1387ff3eed4a 1598 {
sPymbed 0:1387ff3eed4a 1599 return wc_DhCheckPrivKey_ex(key, priv, privSz, NULL, 0);
sPymbed 0:1387ff3eed4a 1600 }
sPymbed 0:1387ff3eed4a 1601
sPymbed 0:1387ff3eed4a 1602
sPymbed 0:1387ff3eed4a 1603 /* Check DH Keys for pair-wise consistency per process in
sPymbed 0:1387ff3eed4a 1604 * SP 800-56Ar3, section 5.6.2.1.4, method (b) for FFC.
sPymbed 0:1387ff3eed4a 1605 *
sPymbed 0:1387ff3eed4a 1606 * key DH key group parameters.
sPymbed 0:1387ff3eed4a 1607 * pub Public Key.
sPymbed 0:1387ff3eed4a 1608 * pubSz Public Key size.
sPymbed 0:1387ff3eed4a 1609 * priv Private Key.
sPymbed 0:1387ff3eed4a 1610 * privSz Private Key size.
sPymbed 0:1387ff3eed4a 1611 *
sPymbed 0:1387ff3eed4a 1612 * returns 0 on success or error code
sPymbed 0:1387ff3eed4a 1613 */
sPymbed 0:1387ff3eed4a 1614 int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
sPymbed 0:1387ff3eed4a 1615 const byte* priv, word32 privSz)
sPymbed 0:1387ff3eed4a 1616 {
sPymbed 0:1387ff3eed4a 1617 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1618 mp_int* publicKey = NULL;
sPymbed 0:1387ff3eed4a 1619 mp_int* privateKey = NULL;
sPymbed 0:1387ff3eed4a 1620 mp_int* checkKey = NULL;
sPymbed 0:1387ff3eed4a 1621 #else
sPymbed 0:1387ff3eed4a 1622 mp_int publicKey[1];
sPymbed 0:1387ff3eed4a 1623 mp_int privateKey[1];
sPymbed 0:1387ff3eed4a 1624 mp_int checkKey[1];
sPymbed 0:1387ff3eed4a 1625 #endif
sPymbed 0:1387ff3eed4a 1626 int ret = 0;
sPymbed 0:1387ff3eed4a 1627
sPymbed 0:1387ff3eed4a 1628 if (key == NULL || pub == NULL || priv == NULL)
sPymbed 0:1387ff3eed4a 1629 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1630
sPymbed 0:1387ff3eed4a 1631 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1632 publicKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1633 if (publicKey == NULL)
sPymbed 0:1387ff3eed4a 1634 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1635 privateKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1636 if (privateKey == NULL) {
sPymbed 0:1387ff3eed4a 1637 XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1638 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1639 }
sPymbed 0:1387ff3eed4a 1640 checkKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1641 if (checkKey == NULL) {
sPymbed 0:1387ff3eed4a 1642 XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1643 XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1644 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1645 }
sPymbed 0:1387ff3eed4a 1646 #endif
sPymbed 0:1387ff3eed4a 1647
sPymbed 0:1387ff3eed4a 1648 if (mp_init_multi(publicKey, privateKey, checkKey,
sPymbed 0:1387ff3eed4a 1649 NULL, NULL, NULL) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1650
sPymbed 0:1387ff3eed4a 1651 return MP_INIT_E;
sPymbed 0:1387ff3eed4a 1652 }
sPymbed 0:1387ff3eed4a 1653
sPymbed 0:1387ff3eed4a 1654 /* Load the private and public keys into big integers. */
sPymbed 0:1387ff3eed4a 1655 if (mp_read_unsigned_bin(publicKey, pub, pubSz) != MP_OKAY ||
sPymbed 0:1387ff3eed4a 1656 mp_read_unsigned_bin(privateKey, priv, privSz) != MP_OKAY) {
sPymbed 0:1387ff3eed4a 1657
sPymbed 0:1387ff3eed4a 1658 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1659 }
sPymbed 0:1387ff3eed4a 1660
sPymbed 0:1387ff3eed4a 1661 /* Calculate checkKey = g^privateKey mod p */
sPymbed 0:1387ff3eed4a 1662 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1663 #ifdef WOLFSSL_HAVE_SP_DH
sPymbed 0:1387ff3eed4a 1664 #ifndef WOLFSSL_SP_NO_2048
sPymbed 0:1387ff3eed4a 1665 if (mp_count_bits(&key->p) == 2048) {
sPymbed 0:1387ff3eed4a 1666 ret = sp_ModExp_2048(&key->g, privateKey, &key->p, checkKey);
sPymbed 0:1387ff3eed4a 1667 if (ret != 0)
sPymbed 0:1387ff3eed4a 1668 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1669 }
sPymbed 0:1387ff3eed4a 1670 else
sPymbed 0:1387ff3eed4a 1671 #endif
sPymbed 0:1387ff3eed4a 1672 #ifndef WOLFSSL_SP_NO_3072
sPymbed 0:1387ff3eed4a 1673 if (mp_count_bits(&key->p) == 3072) {
sPymbed 0:1387ff3eed4a 1674 ret = sp_ModExp_3072(&key->g, privateKey, &key->p, checkKey);
sPymbed 0:1387ff3eed4a 1675 if (ret != 0)
sPymbed 0:1387ff3eed4a 1676 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1677 }
sPymbed 0:1387ff3eed4a 1678 else
sPymbed 0:1387ff3eed4a 1679 #endif
sPymbed 0:1387ff3eed4a 1680 #endif
sPymbed 0:1387ff3eed4a 1681 {
sPymbed 0:1387ff3eed4a 1682 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1683 if (mp_exptmod(&key->g, privateKey, &key->p, checkKey) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1684 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1685 #else
sPymbed 0:1387ff3eed4a 1686 ret = WC_KEY_SIZE_E;
sPymbed 0:1387ff3eed4a 1687 #endif
sPymbed 0:1387ff3eed4a 1688 }
sPymbed 0:1387ff3eed4a 1689 }
sPymbed 0:1387ff3eed4a 1690
sPymbed 0:1387ff3eed4a 1691 /* Compare the calculated public key to the supplied check value. */
sPymbed 0:1387ff3eed4a 1692 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1693 if (mp_cmp(checkKey, publicKey) != MP_EQ)
sPymbed 0:1387ff3eed4a 1694 ret = MP_CMP_E;
sPymbed 0:1387ff3eed4a 1695 }
sPymbed 0:1387ff3eed4a 1696
sPymbed 0:1387ff3eed4a 1697 mp_forcezero(privateKey);
sPymbed 0:1387ff3eed4a 1698 mp_clear(privateKey);
sPymbed 0:1387ff3eed4a 1699 mp_clear(publicKey);
sPymbed 0:1387ff3eed4a 1700 mp_clear(checkKey);
sPymbed 0:1387ff3eed4a 1701 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1702 XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1703 XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1704 XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1705 #endif
sPymbed 0:1387ff3eed4a 1706
sPymbed 0:1387ff3eed4a 1707 return ret;
sPymbed 0:1387ff3eed4a 1708 }
sPymbed 0:1387ff3eed4a 1709
sPymbed 0:1387ff3eed4a 1710
sPymbed 0:1387ff3eed4a 1711 int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng,
sPymbed 0:1387ff3eed4a 1712 byte* priv, word32* privSz, byte* pub, word32* pubSz)
sPymbed 0:1387ff3eed4a 1713 {
sPymbed 0:1387ff3eed4a 1714 int ret;
sPymbed 0:1387ff3eed4a 1715
sPymbed 0:1387ff3eed4a 1716 if (key == NULL || rng == NULL || priv == NULL || privSz == NULL ||
sPymbed 0:1387ff3eed4a 1717 pub == NULL || pubSz == NULL) {
sPymbed 0:1387ff3eed4a 1718 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1719 }
sPymbed 0:1387ff3eed4a 1720
sPymbed 0:1387ff3eed4a 1721 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
sPymbed 0:1387ff3eed4a 1722 if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) {
sPymbed 0:1387ff3eed4a 1723 ret = wc_DhGenerateKeyPair_Async(key, rng, priv, privSz, pub, pubSz);
sPymbed 0:1387ff3eed4a 1724 }
sPymbed 0:1387ff3eed4a 1725 else
sPymbed 0:1387ff3eed4a 1726 #endif
sPymbed 0:1387ff3eed4a 1727 {
sPymbed 0:1387ff3eed4a 1728 ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz);
sPymbed 0:1387ff3eed4a 1729 }
sPymbed 0:1387ff3eed4a 1730
sPymbed 0:1387ff3eed4a 1731 return ret;
sPymbed 0:1387ff3eed4a 1732 }
sPymbed 0:1387ff3eed4a 1733
sPymbed 0:1387ff3eed4a 1734
sPymbed 0:1387ff3eed4a 1735 static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
sPymbed 0:1387ff3eed4a 1736 const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz)
sPymbed 0:1387ff3eed4a 1737 {
sPymbed 0:1387ff3eed4a 1738 int ret = 0;
sPymbed 0:1387ff3eed4a 1739 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1740 mp_int* y = NULL;
sPymbed 0:1387ff3eed4a 1741 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1742 mp_int* x = NULL;
sPymbed 0:1387ff3eed4a 1743 mp_int* z = NULL;
sPymbed 0:1387ff3eed4a 1744 #endif
sPymbed 0:1387ff3eed4a 1745 #else
sPymbed 0:1387ff3eed4a 1746 mp_int y[1];
sPymbed 0:1387ff3eed4a 1747 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1748 mp_int x[1];
sPymbed 0:1387ff3eed4a 1749 mp_int z[1];
sPymbed 0:1387ff3eed4a 1750 #endif
sPymbed 0:1387ff3eed4a 1751 #endif
sPymbed 0:1387ff3eed4a 1752
sPymbed 0:1387ff3eed4a 1753 #ifdef WOLFSSL_VALIDATE_FFC_IMPORT
sPymbed 0:1387ff3eed4a 1754 if (wc_DhCheckPrivKey(key, priv, privSz) != 0) {
sPymbed 0:1387ff3eed4a 1755 WOLFSSL_MSG("wc_DhAgree wc_DhCheckPrivKey failed");
sPymbed 0:1387ff3eed4a 1756 return DH_CHECK_PRIV_E;
sPymbed 0:1387ff3eed4a 1757 }
sPymbed 0:1387ff3eed4a 1758
sPymbed 0:1387ff3eed4a 1759 if (wc_DhCheckPubKey(key, otherPub, pubSz) != 0) {
sPymbed 0:1387ff3eed4a 1760 WOLFSSL_MSG("wc_DhAgree wc_DhCheckPubKey failed");
sPymbed 0:1387ff3eed4a 1761 return DH_CHECK_PUB_E;
sPymbed 0:1387ff3eed4a 1762 }
sPymbed 0:1387ff3eed4a 1763 #endif
sPymbed 0:1387ff3eed4a 1764
sPymbed 0:1387ff3eed4a 1765 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1766 y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1767 if (y == NULL)
sPymbed 0:1387ff3eed4a 1768 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1769 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1770 x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1771 if (x == NULL) {
sPymbed 0:1387ff3eed4a 1772 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1773 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1774 }
sPymbed 0:1387ff3eed4a 1775 z = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1776 if (z == NULL) {
sPymbed 0:1387ff3eed4a 1777 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1778 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1779 return MEMORY_E;
sPymbed 0:1387ff3eed4a 1780 }
sPymbed 0:1387ff3eed4a 1781 #endif
sPymbed 0:1387ff3eed4a 1782 #endif
sPymbed 0:1387ff3eed4a 1783
sPymbed 0:1387ff3eed4a 1784 #ifdef WOLFSSL_HAVE_SP_DH
sPymbed 0:1387ff3eed4a 1785 #ifndef WOLFSSL_SP_NO_2048
sPymbed 0:1387ff3eed4a 1786 if (mp_count_bits(&key->p) == 2048) {
sPymbed 0:1387ff3eed4a 1787 if (mp_init(y) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1788 return MP_INIT_E;
sPymbed 0:1387ff3eed4a 1789
sPymbed 0:1387ff3eed4a 1790 if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1791 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1792
sPymbed 0:1387ff3eed4a 1793 if (ret == 0)
sPymbed 0:1387ff3eed4a 1794 ret = sp_DhExp_2048(y, priv, privSz, &key->p, agree, agreeSz);
sPymbed 0:1387ff3eed4a 1795
sPymbed 0:1387ff3eed4a 1796 mp_clear(y);
sPymbed 0:1387ff3eed4a 1797 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1798 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1799 XFREE(z, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1800 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1801 #endif
sPymbed 0:1387ff3eed4a 1802 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1803 #endif
sPymbed 0:1387ff3eed4a 1804 return ret;
sPymbed 0:1387ff3eed4a 1805 }
sPymbed 0:1387ff3eed4a 1806 #endif
sPymbed 0:1387ff3eed4a 1807 #ifndef WOLFSSL_SP_NO_3072
sPymbed 0:1387ff3eed4a 1808 if (mp_count_bits(&key->p) == 3072) {
sPymbed 0:1387ff3eed4a 1809 if (mp_init(y) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1810 return MP_INIT_E;
sPymbed 0:1387ff3eed4a 1811
sPymbed 0:1387ff3eed4a 1812 if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1813 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1814
sPymbed 0:1387ff3eed4a 1815 if (ret == 0)
sPymbed 0:1387ff3eed4a 1816 ret = sp_DhExp_3072(y, priv, privSz, &key->p, agree, agreeSz);
sPymbed 0:1387ff3eed4a 1817
sPymbed 0:1387ff3eed4a 1818 mp_clear(y);
sPymbed 0:1387ff3eed4a 1819 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1820 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1821 XFREE(z, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1822 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1823 #endif
sPymbed 0:1387ff3eed4a 1824 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1825 #endif
sPymbed 0:1387ff3eed4a 1826 return ret;
sPymbed 0:1387ff3eed4a 1827 }
sPymbed 0:1387ff3eed4a 1828 #endif
sPymbed 0:1387ff3eed4a 1829 #endif
sPymbed 0:1387ff3eed4a 1830
sPymbed 0:1387ff3eed4a 1831 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1832 if (mp_init_multi(x, y, z, 0, 0, 0) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1833 return MP_INIT_E;
sPymbed 0:1387ff3eed4a 1834
sPymbed 0:1387ff3eed4a 1835 if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1836 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1837
sPymbed 0:1387ff3eed4a 1838 if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1839 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 1840
sPymbed 0:1387ff3eed4a 1841 if (ret == 0 && mp_exptmod(y, x, &key->p, z) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1842 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 1843
sPymbed 0:1387ff3eed4a 1844 /* make sure z is not one (SP800-56A, 5.7.1.1) */
sPymbed 0:1387ff3eed4a 1845 if (ret == 0 && (mp_cmp_d(z, 1) == MP_EQ))
sPymbed 0:1387ff3eed4a 1846 ret = MP_VAL;
sPymbed 0:1387ff3eed4a 1847
sPymbed 0:1387ff3eed4a 1848 if (ret == 0 && mp_to_unsigned_bin(z, agree) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1849 ret = MP_TO_E;
sPymbed 0:1387ff3eed4a 1850
sPymbed 0:1387ff3eed4a 1851 if (ret == 0)
sPymbed 0:1387ff3eed4a 1852 *agreeSz = mp_unsigned_bin_size(z);
sPymbed 0:1387ff3eed4a 1853
sPymbed 0:1387ff3eed4a 1854 mp_clear(z);
sPymbed 0:1387ff3eed4a 1855 mp_clear(y);
sPymbed 0:1387ff3eed4a 1856 mp_forcezero(x);
sPymbed 0:1387ff3eed4a 1857 #endif
sPymbed 0:1387ff3eed4a 1858
sPymbed 0:1387ff3eed4a 1859 #ifdef WOLFSSL_SMALL_STACK
sPymbed 0:1387ff3eed4a 1860 #ifndef WOLFSSL_SP_MATH
sPymbed 0:1387ff3eed4a 1861 XFREE(z, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1862 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1863 #endif
sPymbed 0:1387ff3eed4a 1864 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
sPymbed 0:1387ff3eed4a 1865 #endif
sPymbed 0:1387ff3eed4a 1866
sPymbed 0:1387ff3eed4a 1867 return ret;
sPymbed 0:1387ff3eed4a 1868 }
sPymbed 0:1387ff3eed4a 1869
sPymbed 0:1387ff3eed4a 1870 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
sPymbed 0:1387ff3eed4a 1871 static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
sPymbed 0:1387ff3eed4a 1872 const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz)
sPymbed 0:1387ff3eed4a 1873 {
sPymbed 0:1387ff3eed4a 1874 int ret;
sPymbed 0:1387ff3eed4a 1875
sPymbed 0:1387ff3eed4a 1876 #ifdef HAVE_CAVIUM
sPymbed 0:1387ff3eed4a 1877 /* TODO: Not implemented - use software for now */
sPymbed 0:1387ff3eed4a 1878 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz);
sPymbed 0:1387ff3eed4a 1879
sPymbed 0:1387ff3eed4a 1880 #elif defined(HAVE_INTEL_QA)
sPymbed 0:1387ff3eed4a 1881 ret = wc_mp_to_bigint(&key->p, &key->p.raw);
sPymbed 0:1387ff3eed4a 1882 if (ret == MP_OKAY)
sPymbed 0:1387ff3eed4a 1883 ret = IntelQaDhAgree(&key->asyncDev, &key->p.raw,
sPymbed 0:1387ff3eed4a 1884 agree, agreeSz, priv, privSz, otherPub, pubSz);
sPymbed 0:1387ff3eed4a 1885 #else /* WOLFSSL_ASYNC_CRYPT_TEST */
sPymbed 0:1387ff3eed4a 1886 if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_DH_AGREE)) {
sPymbed 0:1387ff3eed4a 1887 WC_ASYNC_TEST* testDev = &key->asyncDev.test;
sPymbed 0:1387ff3eed4a 1888 testDev->dhAgree.key = key;
sPymbed 0:1387ff3eed4a 1889 testDev->dhAgree.agree = agree;
sPymbed 0:1387ff3eed4a 1890 testDev->dhAgree.agreeSz = agreeSz;
sPymbed 0:1387ff3eed4a 1891 testDev->dhAgree.priv = priv;
sPymbed 0:1387ff3eed4a 1892 testDev->dhAgree.privSz = privSz;
sPymbed 0:1387ff3eed4a 1893 testDev->dhAgree.otherPub = otherPub;
sPymbed 0:1387ff3eed4a 1894 testDev->dhAgree.pubSz = pubSz;
sPymbed 0:1387ff3eed4a 1895 return WC_PENDING_E;
sPymbed 0:1387ff3eed4a 1896 }
sPymbed 0:1387ff3eed4a 1897 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz);
sPymbed 0:1387ff3eed4a 1898 #endif
sPymbed 0:1387ff3eed4a 1899
sPymbed 0:1387ff3eed4a 1900 return ret;
sPymbed 0:1387ff3eed4a 1901 }
sPymbed 0:1387ff3eed4a 1902 #endif /* WOLFSSL_ASYNC_CRYPT */
sPymbed 0:1387ff3eed4a 1903
sPymbed 0:1387ff3eed4a 1904 int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,
sPymbed 0:1387ff3eed4a 1905 word32 privSz, const byte* otherPub, word32 pubSz)
sPymbed 0:1387ff3eed4a 1906 {
sPymbed 0:1387ff3eed4a 1907 int ret = 0;
sPymbed 0:1387ff3eed4a 1908
sPymbed 0:1387ff3eed4a 1909 if (key == NULL || agree == NULL || agreeSz == NULL || priv == NULL ||
sPymbed 0:1387ff3eed4a 1910 otherPub == NULL) {
sPymbed 0:1387ff3eed4a 1911 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1912 }
sPymbed 0:1387ff3eed4a 1913
sPymbed 0:1387ff3eed4a 1914 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
sPymbed 0:1387ff3eed4a 1915 if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) {
sPymbed 0:1387ff3eed4a 1916 ret = wc_DhAgree_Async(key, agree, agreeSz, priv, privSz, otherPub, pubSz);
sPymbed 0:1387ff3eed4a 1917 }
sPymbed 0:1387ff3eed4a 1918 else
sPymbed 0:1387ff3eed4a 1919 #endif
sPymbed 0:1387ff3eed4a 1920 {
sPymbed 0:1387ff3eed4a 1921 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz);
sPymbed 0:1387ff3eed4a 1922 }
sPymbed 0:1387ff3eed4a 1923
sPymbed 0:1387ff3eed4a 1924 return ret;
sPymbed 0:1387ff3eed4a 1925 }
sPymbed 0:1387ff3eed4a 1926
sPymbed 0:1387ff3eed4a 1927
sPymbed 0:1387ff3eed4a 1928 int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, const byte* g,
sPymbed 0:1387ff3eed4a 1929 word32 gSz, const byte* q, word32 qSz)
sPymbed 0:1387ff3eed4a 1930 {
sPymbed 0:1387ff3eed4a 1931 int ret = 0;
sPymbed 0:1387ff3eed4a 1932 mp_int* keyP = NULL;
sPymbed 0:1387ff3eed4a 1933 mp_int* keyG = NULL;
sPymbed 0:1387ff3eed4a 1934 mp_int* keyQ = NULL;
sPymbed 0:1387ff3eed4a 1935
sPymbed 0:1387ff3eed4a 1936 if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) {
sPymbed 0:1387ff3eed4a 1937 ret = BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1938 }
sPymbed 0:1387ff3eed4a 1939
sPymbed 0:1387ff3eed4a 1940 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1941 /* may have leading 0 */
sPymbed 0:1387ff3eed4a 1942 if (p[0] == 0) {
sPymbed 0:1387ff3eed4a 1943 pSz--; p++;
sPymbed 0:1387ff3eed4a 1944 }
sPymbed 0:1387ff3eed4a 1945
sPymbed 0:1387ff3eed4a 1946 if (g[0] == 0) {
sPymbed 0:1387ff3eed4a 1947 gSz--; g++;
sPymbed 0:1387ff3eed4a 1948 }
sPymbed 0:1387ff3eed4a 1949
sPymbed 0:1387ff3eed4a 1950 if (q != NULL) {
sPymbed 0:1387ff3eed4a 1951 if (q[0] == 0) {
sPymbed 0:1387ff3eed4a 1952 qSz--; q++;
sPymbed 0:1387ff3eed4a 1953 }
sPymbed 0:1387ff3eed4a 1954 }
sPymbed 0:1387ff3eed4a 1955
sPymbed 0:1387ff3eed4a 1956 if (mp_init(&key->p) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1957 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1958 }
sPymbed 0:1387ff3eed4a 1959
sPymbed 0:1387ff3eed4a 1960 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1961 if (mp_read_unsigned_bin(&key->p, p, pSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1962 ret = ASN_DH_KEY_E;
sPymbed 0:1387ff3eed4a 1963 else
sPymbed 0:1387ff3eed4a 1964 keyP = &key->p;
sPymbed 0:1387ff3eed4a 1965 }
sPymbed 0:1387ff3eed4a 1966 if (ret == 0 && mp_init(&key->g) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1967 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1968 if (ret == 0) {
sPymbed 0:1387ff3eed4a 1969 if (mp_read_unsigned_bin(&key->g, g, gSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1970 ret = ASN_DH_KEY_E;
sPymbed 0:1387ff3eed4a 1971 else
sPymbed 0:1387ff3eed4a 1972 keyG = &key->g;
sPymbed 0:1387ff3eed4a 1973 }
sPymbed 0:1387ff3eed4a 1974
sPymbed 0:1387ff3eed4a 1975 if (ret == 0 && q != NULL) {
sPymbed 0:1387ff3eed4a 1976 if (mp_init(&key->q) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1977 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1978 }
sPymbed 0:1387ff3eed4a 1979 if (ret == 0 && q != NULL) {
sPymbed 0:1387ff3eed4a 1980 if (mp_read_unsigned_bin(&key->q, q, qSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 1981 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 1982 else
sPymbed 0:1387ff3eed4a 1983 keyQ = &key->q;
sPymbed 0:1387ff3eed4a 1984 }
sPymbed 0:1387ff3eed4a 1985
sPymbed 0:1387ff3eed4a 1986 if (ret != 0 && key != NULL) {
sPymbed 0:1387ff3eed4a 1987 if (keyQ)
sPymbed 0:1387ff3eed4a 1988 mp_clear(keyQ);
sPymbed 0:1387ff3eed4a 1989 if (keyG)
sPymbed 0:1387ff3eed4a 1990 mp_clear(keyG);
sPymbed 0:1387ff3eed4a 1991 if (keyP)
sPymbed 0:1387ff3eed4a 1992 mp_clear(keyP);
sPymbed 0:1387ff3eed4a 1993 }
sPymbed 0:1387ff3eed4a 1994
sPymbed 0:1387ff3eed4a 1995 return ret;
sPymbed 0:1387ff3eed4a 1996 }
sPymbed 0:1387ff3eed4a 1997
sPymbed 0:1387ff3eed4a 1998
sPymbed 0:1387ff3eed4a 1999 /* not in asn anymore since no actual asn types used */
sPymbed 0:1387ff3eed4a 2000 int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
sPymbed 0:1387ff3eed4a 2001 word32 gSz)
sPymbed 0:1387ff3eed4a 2002 {
sPymbed 0:1387ff3eed4a 2003 return wc_DhSetKey_ex(key, p, pSz, g, gSz, NULL, 0);
sPymbed 0:1387ff3eed4a 2004 }
sPymbed 0:1387ff3eed4a 2005
sPymbed 0:1387ff3eed4a 2006
sPymbed 0:1387ff3eed4a 2007 #ifdef WOLFSSL_KEY_GEN
sPymbed 0:1387ff3eed4a 2008
sPymbed 0:1387ff3eed4a 2009 /* modulus_size in bits */
sPymbed 0:1387ff3eed4a 2010 int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
sPymbed 0:1387ff3eed4a 2011 {
sPymbed 0:1387ff3eed4a 2012 mp_int tmp, tmp2;
sPymbed 0:1387ff3eed4a 2013 int groupSz = 0, bufSz = 0,
sPymbed 0:1387ff3eed4a 2014 primeCheckCount = 0,
sPymbed 0:1387ff3eed4a 2015 primeCheck = MP_NO,
sPymbed 0:1387ff3eed4a 2016 ret = 0;
sPymbed 0:1387ff3eed4a 2017 unsigned char *buf = NULL;
sPymbed 0:1387ff3eed4a 2018
sPymbed 0:1387ff3eed4a 2019 if (rng == NULL || dh == NULL)
sPymbed 0:1387ff3eed4a 2020 ret = BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 2021
sPymbed 0:1387ff3eed4a 2022 /* set group size in bytes from modulus size
sPymbed 0:1387ff3eed4a 2023 * FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256)
sPymbed 0:1387ff3eed4a 2024 */
sPymbed 0:1387ff3eed4a 2025 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2026 switch (modSz) {
sPymbed 0:1387ff3eed4a 2027 case 1024:
sPymbed 0:1387ff3eed4a 2028 groupSz = 20;
sPymbed 0:1387ff3eed4a 2029 break;
sPymbed 0:1387ff3eed4a 2030 case 2048:
sPymbed 0:1387ff3eed4a 2031 case 3072:
sPymbed 0:1387ff3eed4a 2032 groupSz = 32;
sPymbed 0:1387ff3eed4a 2033 break;
sPymbed 0:1387ff3eed4a 2034 default:
sPymbed 0:1387ff3eed4a 2035 ret = BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 2036 break;
sPymbed 0:1387ff3eed4a 2037 }
sPymbed 0:1387ff3eed4a 2038 }
sPymbed 0:1387ff3eed4a 2039
sPymbed 0:1387ff3eed4a 2040 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2041 /* modulus size in bytes */
sPymbed 0:1387ff3eed4a 2042 modSz /= WOLFSSL_BIT_SIZE;
sPymbed 0:1387ff3eed4a 2043 bufSz = modSz - groupSz;
sPymbed 0:1387ff3eed4a 2044
sPymbed 0:1387ff3eed4a 2045 /* allocate ram */
sPymbed 0:1387ff3eed4a 2046 buf = (unsigned char *)XMALLOC(bufSz,
sPymbed 0:1387ff3eed4a 2047 dh->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 2048 if (buf == NULL)
sPymbed 0:1387ff3eed4a 2049 ret = MEMORY_E;
sPymbed 0:1387ff3eed4a 2050 }
sPymbed 0:1387ff3eed4a 2051
sPymbed 0:1387ff3eed4a 2052 /* make a random string that will be multplied against q */
sPymbed 0:1387ff3eed4a 2053 if (ret == 0)
sPymbed 0:1387ff3eed4a 2054 ret = wc_RNG_GenerateBlock(rng, buf, bufSz);
sPymbed 0:1387ff3eed4a 2055
sPymbed 0:1387ff3eed4a 2056 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2057 /* force magnitude */
sPymbed 0:1387ff3eed4a 2058 buf[0] |= 0xC0;
sPymbed 0:1387ff3eed4a 2059 /* force even */
sPymbed 0:1387ff3eed4a 2060 buf[bufSz - 1] &= ~1;
sPymbed 0:1387ff3eed4a 2061
sPymbed 0:1387ff3eed4a 2062 if (mp_init_multi(&tmp, &tmp2, &dh->p, &dh->q, &dh->g, 0)
sPymbed 0:1387ff3eed4a 2063 != MP_OKAY) {
sPymbed 0:1387ff3eed4a 2064 ret = MP_INIT_E;
sPymbed 0:1387ff3eed4a 2065 }
sPymbed 0:1387ff3eed4a 2066 }
sPymbed 0:1387ff3eed4a 2067
sPymbed 0:1387ff3eed4a 2068 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2069 if (mp_read_unsigned_bin(&tmp2, buf, bufSz) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2070 ret = MP_READ_E;
sPymbed 0:1387ff3eed4a 2071 }
sPymbed 0:1387ff3eed4a 2072
sPymbed 0:1387ff3eed4a 2073 /* make our prime q */
sPymbed 0:1387ff3eed4a 2074 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2075 if (mp_rand_prime(&dh->q, groupSz, rng, NULL) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2076 ret = PRIME_GEN_E;
sPymbed 0:1387ff3eed4a 2077 }
sPymbed 0:1387ff3eed4a 2078
sPymbed 0:1387ff3eed4a 2079 /* p = random * q */
sPymbed 0:1387ff3eed4a 2080 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2081 if (mp_mul(&dh->q, &tmp2, &dh->p) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2082 ret = MP_MUL_E;
sPymbed 0:1387ff3eed4a 2083 }
sPymbed 0:1387ff3eed4a 2084
sPymbed 0:1387ff3eed4a 2085 /* p = random * q + 1, so q is a prime divisor of p-1 */
sPymbed 0:1387ff3eed4a 2086 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2087 if (mp_add_d(&dh->p, 1, &dh->p) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2088 ret = MP_ADD_E;
sPymbed 0:1387ff3eed4a 2089 }
sPymbed 0:1387ff3eed4a 2090
sPymbed 0:1387ff3eed4a 2091 /* tmp = 2q */
sPymbed 0:1387ff3eed4a 2092 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2093 if (mp_add(&dh->q, &dh->q, &tmp) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2094 ret = MP_ADD_E;
sPymbed 0:1387ff3eed4a 2095 }
sPymbed 0:1387ff3eed4a 2096
sPymbed 0:1387ff3eed4a 2097 /* loop until p is prime */
sPymbed 0:1387ff3eed4a 2098 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2099 do {
sPymbed 0:1387ff3eed4a 2100 if (mp_prime_is_prime(&dh->p, 8, &primeCheck) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2101 ret = PRIME_GEN_E;
sPymbed 0:1387ff3eed4a 2102
sPymbed 0:1387ff3eed4a 2103 if (primeCheck != MP_YES) {
sPymbed 0:1387ff3eed4a 2104 /* p += 2q */
sPymbed 0:1387ff3eed4a 2105 if (mp_add(&tmp, &dh->p, &dh->p) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2106 ret = MP_ADD_E;
sPymbed 0:1387ff3eed4a 2107 else
sPymbed 0:1387ff3eed4a 2108 primeCheckCount++;
sPymbed 0:1387ff3eed4a 2109 }
sPymbed 0:1387ff3eed4a 2110 } while (ret == 0 && primeCheck == MP_NO);
sPymbed 0:1387ff3eed4a 2111 }
sPymbed 0:1387ff3eed4a 2112
sPymbed 0:1387ff3eed4a 2113 /* tmp2 += (2*loop_check_prime)
sPymbed 0:1387ff3eed4a 2114 * to have p = (q * tmp2) + 1 prime
sPymbed 0:1387ff3eed4a 2115 */
sPymbed 0:1387ff3eed4a 2116 if (primeCheckCount) {
sPymbed 0:1387ff3eed4a 2117 if (mp_add_d(&tmp2, 2 * primeCheckCount, &tmp2) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2118 ret = MP_ADD_E;
sPymbed 0:1387ff3eed4a 2119 }
sPymbed 0:1387ff3eed4a 2120
sPymbed 0:1387ff3eed4a 2121 /* find a value g for which g^tmp2 != 1 */
sPymbed 0:1387ff3eed4a 2122 if (mp_set(&dh->g, 1) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2123 ret = MP_ZERO_E;
sPymbed 0:1387ff3eed4a 2124
sPymbed 0:1387ff3eed4a 2125 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2126 do {
sPymbed 0:1387ff3eed4a 2127 if (mp_add_d(&dh->g, 1, &dh->g) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2128 ret = MP_ADD_E;
sPymbed 0:1387ff3eed4a 2129 else if (mp_exptmod(&dh->g, &tmp2, &dh->p, &tmp) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2130 ret = MP_EXPTMOD_E;
sPymbed 0:1387ff3eed4a 2131 } while (ret == 0 && mp_cmp_d(&tmp, 1) == MP_EQ);
sPymbed 0:1387ff3eed4a 2132 }
sPymbed 0:1387ff3eed4a 2133
sPymbed 0:1387ff3eed4a 2134 /* at this point tmp generates a group of order q mod p */
sPymbed 0:1387ff3eed4a 2135 mp_exch(&tmp, &dh->g);
sPymbed 0:1387ff3eed4a 2136
sPymbed 0:1387ff3eed4a 2137 /* clear the parameters if there was an error */
sPymbed 0:1387ff3eed4a 2138 if (ret != 0) {
sPymbed 0:1387ff3eed4a 2139 mp_clear(&dh->q);
sPymbed 0:1387ff3eed4a 2140 mp_clear(&dh->p);
sPymbed 0:1387ff3eed4a 2141 mp_clear(&dh->g);
sPymbed 0:1387ff3eed4a 2142 }
sPymbed 0:1387ff3eed4a 2143
sPymbed 0:1387ff3eed4a 2144 ForceZero(buf, bufSz);
sPymbed 0:1387ff3eed4a 2145 XFREE(buf, dh->heap, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 2146 mp_clear(&tmp);
sPymbed 0:1387ff3eed4a 2147 mp_clear(&tmp2);
sPymbed 0:1387ff3eed4a 2148
sPymbed 0:1387ff3eed4a 2149 return ret;
sPymbed 0:1387ff3eed4a 2150 }
sPymbed 0:1387ff3eed4a 2151
sPymbed 0:1387ff3eed4a 2152
sPymbed 0:1387ff3eed4a 2153 /* Export raw DH parameters from DhKey structure
sPymbed 0:1387ff3eed4a 2154 *
sPymbed 0:1387ff3eed4a 2155 * dh - pointer to initialized DhKey structure
sPymbed 0:1387ff3eed4a 2156 * p - output location for DH (p) parameter
sPymbed 0:1387ff3eed4a 2157 * pSz - [IN/OUT] size of output buffer for p, size of p
sPymbed 0:1387ff3eed4a 2158 * q - output location for DH (q) parameter
sPymbed 0:1387ff3eed4a 2159 * qSz - [IN/OUT] size of output buffer for q, size of q
sPymbed 0:1387ff3eed4a 2160 * g - output location for DH (g) parameter
sPymbed 0:1387ff3eed4a 2161 * gSz - [IN/OUT] size of output buffer for g, size of g
sPymbed 0:1387ff3eed4a 2162 *
sPymbed 0:1387ff3eed4a 2163 * If p, q, and g pointers are all passed in as NULL, the function
sPymbed 0:1387ff3eed4a 2164 * will set pSz, qSz, and gSz to the required output buffer sizes for p,
sPymbed 0:1387ff3eed4a 2165 * q, and g. In this case, the function will return LENGTH_ONLY_E.
sPymbed 0:1387ff3eed4a 2166 *
sPymbed 0:1387ff3eed4a 2167 * returns 0 on success, negative upon failure
sPymbed 0:1387ff3eed4a 2168 */
sPymbed 0:1387ff3eed4a 2169 int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
sPymbed 0:1387ff3eed4a 2170 byte* q, word32* qSz, byte* g, word32* gSz)
sPymbed 0:1387ff3eed4a 2171 {
sPymbed 0:1387ff3eed4a 2172 int ret = 0;
sPymbed 0:1387ff3eed4a 2173 word32 pLen = 0, qLen = 0, gLen = 0;
sPymbed 0:1387ff3eed4a 2174
sPymbed 0:1387ff3eed4a 2175 if (dh == NULL || pSz == NULL || qSz == NULL || gSz == NULL)
sPymbed 0:1387ff3eed4a 2176 ret = BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 2177
sPymbed 0:1387ff3eed4a 2178 /* get required output buffer sizes */
sPymbed 0:1387ff3eed4a 2179 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2180 pLen = mp_unsigned_bin_size(&dh->p);
sPymbed 0:1387ff3eed4a 2181 qLen = mp_unsigned_bin_size(&dh->q);
sPymbed 0:1387ff3eed4a 2182 gLen = mp_unsigned_bin_size(&dh->g);
sPymbed 0:1387ff3eed4a 2183
sPymbed 0:1387ff3eed4a 2184 /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */
sPymbed 0:1387ff3eed4a 2185 if (p == NULL && q == NULL && g == NULL) {
sPymbed 0:1387ff3eed4a 2186 *pSz = pLen;
sPymbed 0:1387ff3eed4a 2187 *qSz = qLen;
sPymbed 0:1387ff3eed4a 2188 *gSz = gLen;
sPymbed 0:1387ff3eed4a 2189 ret = LENGTH_ONLY_E;
sPymbed 0:1387ff3eed4a 2190 }
sPymbed 0:1387ff3eed4a 2191 }
sPymbed 0:1387ff3eed4a 2192
sPymbed 0:1387ff3eed4a 2193 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2194 if (p == NULL || q == NULL || g == NULL)
sPymbed 0:1387ff3eed4a 2195 ret = BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 2196 }
sPymbed 0:1387ff3eed4a 2197
sPymbed 0:1387ff3eed4a 2198 /* export p */
sPymbed 0:1387ff3eed4a 2199 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2200 if (*pSz < pLen) {
sPymbed 0:1387ff3eed4a 2201 WOLFSSL_MSG("Output buffer for DH p parameter too small, "
sPymbed 0:1387ff3eed4a 2202 "required size placed into pSz");
sPymbed 0:1387ff3eed4a 2203 *pSz = pLen;
sPymbed 0:1387ff3eed4a 2204 ret = BUFFER_E;
sPymbed 0:1387ff3eed4a 2205 }
sPymbed 0:1387ff3eed4a 2206 }
sPymbed 0:1387ff3eed4a 2207
sPymbed 0:1387ff3eed4a 2208 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2209 *pSz = pLen;
sPymbed 0:1387ff3eed4a 2210 if (mp_to_unsigned_bin(&dh->p, p) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2211 ret = MP_TO_E;
sPymbed 0:1387ff3eed4a 2212 }
sPymbed 0:1387ff3eed4a 2213
sPymbed 0:1387ff3eed4a 2214 /* export q */
sPymbed 0:1387ff3eed4a 2215 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2216 if (*qSz < qLen) {
sPymbed 0:1387ff3eed4a 2217 WOLFSSL_MSG("Output buffer for DH q parameter too small, "
sPymbed 0:1387ff3eed4a 2218 "required size placed into qSz");
sPymbed 0:1387ff3eed4a 2219 *qSz = qLen;
sPymbed 0:1387ff3eed4a 2220 ret = BUFFER_E;
sPymbed 0:1387ff3eed4a 2221 }
sPymbed 0:1387ff3eed4a 2222 }
sPymbed 0:1387ff3eed4a 2223
sPymbed 0:1387ff3eed4a 2224 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2225 *qSz = qLen;
sPymbed 0:1387ff3eed4a 2226 if (mp_to_unsigned_bin(&dh->q, q) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2227 ret = MP_TO_E;
sPymbed 0:1387ff3eed4a 2228 }
sPymbed 0:1387ff3eed4a 2229
sPymbed 0:1387ff3eed4a 2230 /* export g */
sPymbed 0:1387ff3eed4a 2231 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2232 if (*gSz < gLen) {
sPymbed 0:1387ff3eed4a 2233 WOLFSSL_MSG("Output buffer for DH g parameter too small, "
sPymbed 0:1387ff3eed4a 2234 "required size placed into gSz");
sPymbed 0:1387ff3eed4a 2235 *gSz = gLen;
sPymbed 0:1387ff3eed4a 2236 ret = BUFFER_E;
sPymbed 0:1387ff3eed4a 2237 }
sPymbed 0:1387ff3eed4a 2238 }
sPymbed 0:1387ff3eed4a 2239
sPymbed 0:1387ff3eed4a 2240 if (ret == 0) {
sPymbed 0:1387ff3eed4a 2241 *gSz = gLen;
sPymbed 0:1387ff3eed4a 2242 if (mp_to_unsigned_bin(&dh->g, g) != MP_OKAY)
sPymbed 0:1387ff3eed4a 2243 ret = MP_TO_E;
sPymbed 0:1387ff3eed4a 2244 }
sPymbed 0:1387ff3eed4a 2245
sPymbed 0:1387ff3eed4a 2246 return ret;
sPymbed 0:1387ff3eed4a 2247 }
sPymbed 0:1387ff3eed4a 2248
sPymbed 0:1387ff3eed4a 2249 #endif /* WOLFSSL_KEY_GEN */
sPymbed 0:1387ff3eed4a 2250
sPymbed 0:1387ff3eed4a 2251 #endif /* NO_DH */
sPymbed 0:1387ff3eed4a 2252