wolf SSL
/
wolfSSL-TLS13-Beta
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
dh.c
00001 /* dh.c 00002 * 00003 * Copyright (C) 2006-2016 wolfSSL Inc. 00004 * 00005 * This file is part of wolfSSL. 00006 * 00007 * wolfSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * wolfSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00020 */ 00021 00022 00023 #ifdef HAVE_CONFIG_H 00024 #include <config.h> 00025 #endif 00026 00027 #include <wolfssl/wolfcrypt/settings.h> 00028 00029 #ifndef NO_DH 00030 00031 #include <wolfssl/wolfcrypt/dh.h> 00032 #include <wolfssl/wolfcrypt/error-crypt.h> 00033 #include <wolfssl/wolfcrypt/logging.h> 00034 00035 #ifdef NO_INLINE 00036 #include <wolfssl/wolfcrypt/misc.h> 00037 #else 00038 #define WOLFSSL_MISC_INCLUDED 00039 #include <wolfcrypt/src/misc.c> 00040 #endif 00041 00042 00043 #if !defined(USER_MATH_LIB) && !defined(WOLFSSL_DH_CONST) 00044 #include <math.h> 00045 #define XPOW(x,y) pow((x),(y)) 00046 #define XLOG(x) log((x)) 00047 #else 00048 /* user's own math lib */ 00049 #endif 00050 00051 #ifdef HAVE_FFDHE_2048 00052 static const byte dh_ffdhe2048_p[] = { 00053 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 00054 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 00055 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, 00056 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, 00057 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, 00058 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 00059 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 00060 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, 00061 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, 00062 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, 00063 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 00064 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 00065 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 00066 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 00067 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, 00068 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 00069 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 00070 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, 00071 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, 00072 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 00073 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 00074 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 00075 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, 00076 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, 00077 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, 00078 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 00079 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 00080 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 00081 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, 00082 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, 00083 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, 00084 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 00085 }; 00086 static const byte dh_ffdhe2048_g[] = { 0x02 }; 00087 00088 const DhParams* wc_Dh_ffdhe2048_Get(void) 00089 { 00090 static const DhParams ffdhe2048 = { 00091 dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p), 00092 dh_ffdhe2048_g, sizeof(dh_ffdhe2048_g) 00093 }; 00094 return &ffdhe2048; 00095 } 00096 #endif 00097 00098 #ifdef HAVE_FFDHE_3072 00099 static const byte dh_ffdhe3072_p[] = { 00100 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 00101 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 00102 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, 00103 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, 00104 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, 00105 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 00106 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 00107 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, 00108 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, 00109 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, 00110 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 00111 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 00112 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 00113 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 00114 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, 00115 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 00116 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 00117 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, 00118 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, 00119 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 00120 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 00121 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 00122 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, 00123 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, 00124 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, 00125 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 00126 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 00127 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 00128 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, 00129 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, 00130 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, 00131 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, 00132 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, 00133 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 00134 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, 00135 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, 00136 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, 00137 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, 00138 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, 00139 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, 00140 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 00141 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, 00142 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, 00143 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, 00144 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, 00145 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, 00146 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, 00147 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 00148 }; 00149 static const byte dh_ffdhe3072_g[] = { 0x02 }; 00150 00151 const DhParams* wc_Dh_ffdhe3072_Get(void) 00152 { 00153 static const DhParams ffdhe3072 = { 00154 dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p), 00155 dh_ffdhe3072_g, sizeof(dh_ffdhe3072_g) 00156 }; 00157 return &ffdhe3072; 00158 } 00159 #endif 00160 00161 #ifdef HAVE_FFDHE_4096 00162 static const byte dh_ffdhe4096_p[] = { 00163 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 00164 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 00165 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, 00166 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, 00167 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, 00168 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 00169 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 00170 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, 00171 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, 00172 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, 00173 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 00174 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 00175 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 00176 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 00177 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, 00178 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 00179 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 00180 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, 00181 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, 00182 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 00183 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 00184 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 00185 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, 00186 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, 00187 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, 00188 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 00189 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 00190 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 00191 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, 00192 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, 00193 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, 00194 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, 00195 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, 00196 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 00197 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, 00198 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, 00199 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, 00200 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, 00201 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, 00202 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, 00203 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 00204 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, 00205 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, 00206 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, 00207 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, 00208 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, 00209 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, 00210 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, 00211 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, 00212 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, 00213 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, 00214 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, 00215 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, 00216 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, 00217 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, 00218 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, 00219 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, 00220 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, 00221 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, 00222 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, 00223 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, 00224 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, 00225 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, 00226 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 00227 }; 00228 static const byte dh_ffdhe4096_g[] = { 0x02 }; 00229 00230 const DhParams* wc_Dh_ffdhe4096_Get(void) 00231 { 00232 static const DhParams ffdhe4096 = { 00233 dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p), 00234 dh_ffdhe4096_g, sizeof(dh_ffdhe4096_g) 00235 }; 00236 return &ffdhe4096; 00237 } 00238 #endif 00239 00240 #ifdef HAVE_FFDHE_6144 00241 static const byte dh_ffdhe6144_p[] = { 00242 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 00243 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 00244 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, 00245 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, 00246 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, 00247 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 00248 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 00249 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, 00250 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, 00251 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, 00252 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 00253 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 00254 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 00255 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 00256 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, 00257 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 00258 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 00259 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, 00260 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, 00261 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 00262 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 00263 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 00264 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, 00265 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, 00266 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, 00267 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 00268 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 00269 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 00270 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, 00271 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, 00272 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, 00273 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, 00274 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, 00275 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 00276 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, 00277 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, 00278 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, 00279 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, 00280 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, 00281 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, 00282 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 00283 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, 00284 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, 00285 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, 00286 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, 00287 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, 00288 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, 00289 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, 00290 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, 00291 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, 00292 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, 00293 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, 00294 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, 00295 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, 00296 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, 00297 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, 00298 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, 00299 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, 00300 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, 00301 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, 00302 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, 00303 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, 00304 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, 00305 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, 00306 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, 00307 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, 00308 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, 00309 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, 00310 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, 00311 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, 00312 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, 00313 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, 00314 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, 00315 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, 00316 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, 00317 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, 00318 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, 00319 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, 00320 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, 00321 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, 00322 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, 00323 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, 00324 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, 00325 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, 00326 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, 00327 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, 00328 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, 00329 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, 00330 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, 00331 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, 00332 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, 00333 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, 00334 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, 00335 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, 00336 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, 00337 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 00338 }; 00339 static const byte dh_ffdhe6144_g[] = { 0x02 }; 00340 00341 const DhParams* wc_Dh_ffdhe6144_Get(void) 00342 { 00343 static const DhParams ffdhe6144 = { 00344 dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p), 00345 dh_ffdhe6144_g, sizeof(dh_ffdhe6144_g) 00346 }; 00347 return &ffdhe6144; 00348 } 00349 #endif 00350 00351 #ifdef HAVE_FFDHE_8192 00352 static const byte dh_ffdhe8192_p[] = { 00353 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 00354 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 00355 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, 00356 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, 00357 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, 00358 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 00359 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 00360 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, 00361 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, 00362 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, 00363 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 00364 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 00365 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 00366 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 00367 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, 00368 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 00369 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 00370 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, 00371 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, 00372 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 00373 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 00374 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 00375 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, 00376 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, 00377 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, 00378 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 00379 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 00380 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 00381 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, 00382 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, 00383 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, 00384 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, 00385 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, 00386 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 00387 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, 00388 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, 00389 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, 00390 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, 00391 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, 00392 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, 00393 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 00394 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, 00395 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, 00396 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, 00397 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, 00398 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, 00399 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, 00400 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, 00401 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, 00402 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, 00403 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, 00404 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, 00405 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, 00406 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, 00407 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, 00408 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, 00409 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, 00410 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, 00411 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, 00412 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, 00413 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, 00414 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, 00415 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, 00416 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, 00417 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, 00418 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, 00419 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, 00420 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, 00421 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, 00422 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, 00423 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, 00424 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, 00425 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, 00426 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, 00427 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, 00428 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, 00429 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, 00430 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, 00431 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, 00432 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, 00433 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, 00434 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, 00435 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, 00436 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, 00437 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, 00438 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, 00439 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, 00440 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, 00441 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, 00442 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, 00443 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, 00444 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, 00445 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, 00446 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, 00447 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, 00448 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, 00449 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, 00450 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, 00451 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, 00452 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, 00453 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, 00454 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, 00455 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, 00456 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, 00457 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, 00458 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, 00459 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, 00460 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, 00461 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, 00462 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, 00463 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, 00464 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, 00465 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, 00466 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, 00467 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, 00468 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, 00469 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, 00470 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, 00471 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, 00472 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, 00473 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, 00474 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, 00475 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, 00476 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, 00477 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, 00478 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, 00479 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, 00480 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 00481 }; 00482 static const byte dh_ffdhe8192_g[] = { 0x02 }; 00483 00484 const DhParams* wc_Dh_ffdhe8192_Get(void) 00485 { 00486 static const DhParams ffdhe8192 = { 00487 dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p), 00488 dh_ffdhe8192_g, sizeof(dh_ffdhe8192_g) 00489 }; 00490 return &ffdhe8192; 00491 } 00492 #endif 00493 00494 int wc_InitDhKey_ex(DhKey* key, void* heap, int devId) 00495 { 00496 int ret = 0; 00497 00498 if (key == NULL) 00499 return BAD_FUNC_ARG; 00500 00501 key->heap = heap; /* for XMALLOC/XFREE in future */ 00502 00503 if (mp_init_multi(&key->p, &key->g, NULL, NULL, NULL, NULL) != MP_OKAY) 00504 return MEMORY_E; 00505 00506 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) 00507 /* handle as async */ 00508 ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH, 00509 key->heap, devId); 00510 #else 00511 (void)devId; 00512 #endif 00513 00514 return ret; 00515 } 00516 00517 int wc_InitDhKey(DhKey* key) 00518 { 00519 return wc_InitDhKey_ex(key, NULL, INVALID_DEVID); 00520 } 00521 00522 00523 void wc_FreeDhKey(DhKey* key) 00524 { 00525 if (key) { 00526 mp_clear(&key->p); 00527 mp_clear(&key->g); 00528 00529 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) 00530 wolfAsync_DevCtxFree(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH); 00531 #endif 00532 } 00533 } 00534 00535 00536 /* if defined to not use floating point values do not compile in */ 00537 #ifndef WOLFSSL_DH_CONST 00538 static word32 DiscreteLogWorkFactor(word32 n) 00539 { 00540 /* assuming discrete log takes about the same time as factoring */ 00541 if (n < 5) 00542 return 0; 00543 else 00544 return (word32)(2.4 * XPOW((double)n, 1.0/3.0) * 00545 XPOW(XLOG((double)n), 2.0/3.0) - 5); 00546 } 00547 #endif /* WOLFSSL_DH_CONST*/ 00548 00549 00550 /* if not using fixed points use DiscreteLogWorkFactor function for unsual size 00551 otherwise round up on size needed */ 00552 #ifndef WOLFSSL_DH_CONST 00553 #define WOLFSSL_DH_ROUND(x) 00554 #else 00555 #define WOLFSSL_DH_ROUND(x) \ 00556 do { \ 00557 if (x % 128) { \ 00558 x &= 0xffffff80;\ 00559 x += 128; \ 00560 } \ 00561 } \ 00562 while (0) 00563 #endif 00564 00565 00566 static int GeneratePrivateDh(DhKey* key, WC_RNG* rng, byte* priv, word32* privSz) 00567 { 00568 int ret = 0; 00569 word32 sz = mp_unsigned_bin_size(&key->p); 00570 00571 /* Table of predetermined values from the operation 00572 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) / WOLFSSL_BIT_SIZE + 1 00573 Sizes in table checked against RFC 3526 00574 */ 00575 WOLFSSL_DH_ROUND(sz); /* if using fixed points only, then round up */ 00576 switch (sz) { 00577 case 128: sz = 21; break; 00578 case 256: sz = 29; break; 00579 case 384: sz = 34; break; 00580 case 512: sz = 39; break; 00581 case 640: sz = 42; break; 00582 case 768: sz = 46; break; 00583 case 896: sz = 49; break; 00584 case 1024: sz = 52; break; 00585 default: 00586 #ifndef WOLFSSL_DH_CONST 00587 /* if using floating points and size of p is not in table */ 00588 sz = min(sz, 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) / 00589 WOLFSSL_BIT_SIZE + 1); 00590 break; 00591 #else 00592 return BAD_FUNC_ARG; 00593 #endif 00594 } 00595 00596 ret = wc_RNG_GenerateBlock(rng, priv, sz); 00597 00598 if (ret == 0) { 00599 priv[0] |= 0x0C; 00600 *privSz = sz; 00601 } 00602 00603 return ret; 00604 } 00605 00606 00607 static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz, 00608 byte* pub, word32* pubSz) 00609 { 00610 int ret = 0; 00611 mp_int x; 00612 mp_int y; 00613 00614 if (mp_init_multi(&x, &y, 0, 0, 0, 0) != MP_OKAY) 00615 return MP_INIT_E; 00616 00617 if (mp_read_unsigned_bin(&x, priv, privSz) != MP_OKAY) 00618 ret = MP_READ_E; 00619 00620 if (ret == 0 && mp_exptmod(&key->g, &x, &key->p, &y) != MP_OKAY) 00621 ret = MP_EXPTMOD_E; 00622 00623 if (ret == 0 && mp_to_unsigned_bin(&y, pub) != MP_OKAY) 00624 ret = MP_TO_E; 00625 00626 if (ret == 0) 00627 *pubSz = mp_unsigned_bin_size(&y); 00628 00629 mp_clear(&y); 00630 mp_clear(&x); 00631 00632 return ret; 00633 } 00634 00635 static int wc_DhGenerateKeyPair_Sync(DhKey* key, WC_RNG* rng, 00636 byte* priv, word32* privSz, byte* pub, word32* pubSz) 00637 { 00638 int ret; 00639 00640 if (key == NULL || rng == NULL || priv == NULL || privSz == NULL || 00641 pub == NULL || pubSz == NULL) { 00642 return BAD_FUNC_ARG; 00643 } 00644 00645 ret = GeneratePrivateDh(key, rng, priv, privSz); 00646 00647 return (ret != 0) ? ret : GeneratePublicDh(key, priv, *privSz, pub, pubSz); 00648 } 00649 00650 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) 00651 static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng, 00652 byte* priv, word32* privSz, byte* pub, word32* pubSz) 00653 { 00654 int ret; 00655 00656 #if defined(HAVE_INTEL_QA) 00657 mp_int x; 00658 00659 ret = mp_init(&x); 00660 if (ret != MP_OKAY) 00661 return ret; 00662 00663 ret = GeneratePrivateDh(key, rng, priv, privSz); 00664 if (ret == 0) 00665 ret = mp_read_unsigned_bin(&x, priv, *privSz); 00666 if (ret == MP_OKAY) 00667 ret = wc_mp_to_bigint(&x, &x.raw); 00668 if (ret == MP_OKAY) 00669 ret = wc_mp_to_bigint(&key->p, &key->p.raw); 00670 if (ret == MP_OKAY) 00671 ret = wc_mp_to_bigint(&key->g, &key->g.raw); 00672 if (ret == MP_OKAY) 00673 ret = IntelQaDhKeyGen(&key->asyncDev, &key->p.raw, &key->g.raw, 00674 &x.raw, pub, pubSz); 00675 mp_clear(&x); 00676 00677 #else 00678 00679 #if defined(HAVE_CAVIUM) 00680 /* TODO: Not implemented - use software for now */ 00681 00682 #else /* WOLFSSL_ASYNC_CRYPT_TEST */ 00683 WC_ASYNC_TEST* testDev = &key->asyncDev.test; 00684 if (testDev->type == ASYNC_TEST_NONE) { 00685 testDev->type = ASYNC_TEST_DH_GEN; 00686 testDev->dhGen.key = key; 00687 testDev->dhGen.rng = rng; 00688 testDev->dhGen.priv = priv; 00689 testDev->dhGen.privSz = privSz; 00690 testDev->dhGen.pub = pub; 00691 testDev->dhGen.pubSz = pubSz; 00692 return WC_PENDING_E; 00693 } 00694 #endif 00695 00696 ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz); 00697 00698 #endif /* HAVE_INTEL_QA */ 00699 00700 return ret; 00701 } 00702 #endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_DH */ 00703 00704 00705 /* Check DH Public Key for invalid numbers 00706 * 00707 * key DH key group parameters. 00708 * pub Public Key. 00709 * pubSz Public Key size. 00710 * 00711 * returns 0 on success or error code 00712 */ 00713 int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz) 00714 { 00715 int ret = 0; 00716 00717 mp_int x; 00718 mp_int y; 00719 00720 if (key == NULL || pub == NULL) { 00721 return BAD_FUNC_ARG; 00722 } 00723 00724 if (mp_init_multi(&x, &y, NULL, NULL, NULL, NULL) != MP_OKAY) { 00725 return MP_INIT_E; 00726 } 00727 00728 if (mp_read_unsigned_bin(&x, pub, pubSz) != MP_OKAY) { 00729 ret = MP_READ_E; 00730 } 00731 00732 /* pub should not be 0 or 1 */ 00733 if (ret == 0 && mp_cmp_d(&x, 2) == MP_LT) { 00734 ret = MP_CMP_E; 00735 } 00736 00737 /* pub shouldn't be greater than or equal to p - 1 */ 00738 if (ret == 0 && mp_copy(&key->p, &y) != MP_OKAY) { 00739 ret = MP_INIT_E; 00740 } 00741 if (ret == 0 && mp_sub_d(&y, 2, &y) != MP_OKAY) { 00742 ret = MP_SUB_E; 00743 } 00744 if (ret == 0 && mp_cmp(&x, &y) == MP_GT) { 00745 ret = MP_CMP_E; 00746 } 00747 00748 mp_clear(&y); 00749 mp_clear(&x); 00750 00751 return ret; 00752 } 00753 00754 00755 int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, 00756 byte* priv, word32* privSz, byte* pub, word32* pubSz) 00757 { 00758 int ret; 00759 00760 if (key == NULL || rng == NULL || priv == NULL || privSz == NULL || 00761 pub == NULL || pubSz == NULL) { 00762 return BAD_FUNC_ARG; 00763 } 00764 00765 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) 00766 if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) { 00767 ret = wc_DhGenerateKeyPair_Async(key, rng, priv, privSz, pub, pubSz); 00768 } 00769 else 00770 #endif 00771 { 00772 ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz); 00773 } 00774 00775 return ret; 00776 } 00777 00778 00779 static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz, 00780 const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz) 00781 { 00782 int ret = 0; 00783 mp_int x; 00784 mp_int y; 00785 mp_int z; 00786 00787 if (wc_DhCheckPubKey(key, otherPub, pubSz) != 0) { 00788 WOLFSSL_MSG("wc_DhAgree wc_DhCheckPubKey failed"); 00789 return DH_CHECK_PUB_E; 00790 } 00791 00792 if (mp_init_multi(&x, &y, &z, 0, 0, 0) != MP_OKAY) 00793 return MP_INIT_E; 00794 00795 if (mp_read_unsigned_bin(&x, priv, privSz) != MP_OKAY) 00796 ret = MP_READ_E; 00797 00798 if (ret == 0 && mp_read_unsigned_bin(&y, otherPub, pubSz) != MP_OKAY) 00799 ret = MP_READ_E; 00800 00801 if (ret == 0 && mp_exptmod(&y, &x, &key->p, &z) != MP_OKAY) 00802 ret = MP_EXPTMOD_E; 00803 00804 if (ret == 0 && mp_to_unsigned_bin(&z, agree) != MP_OKAY) 00805 ret = MP_TO_E; 00806 00807 if (ret == 0) 00808 *agreeSz = mp_unsigned_bin_size(&z); 00809 00810 mp_clear(&z); 00811 mp_clear(&y); 00812 mp_forcezero(&x); 00813 00814 return ret; 00815 } 00816 00817 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) 00818 static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz, 00819 const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz) 00820 { 00821 int ret; 00822 00823 #ifdef HAVE_CAVIUM 00824 /* TODO: Not implemented - use software for now */ 00825 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz); 00826 00827 #elif defined(HAVE_INTEL_QA) 00828 ret = wc_mp_to_bigint(&key->p, &key->p.raw); 00829 if (ret == MP_OKAY) 00830 ret = IntelQaDhAgree(&key->asyncDev, &key->p.raw, 00831 agree, agreeSz, priv, privSz, otherPub, pubSz); 00832 #else /* WOLFSSL_ASYNC_CRYPT_TEST */ 00833 WC_ASYNC_TEST* testDev = &key->asyncDev.test; 00834 if (testDev->type == ASYNC_TEST_NONE) { 00835 testDev->type = ASYNC_TEST_DH_AGREE; 00836 testDev->dhAgree.key = key; 00837 testDev->dhAgree.agree = agree; 00838 testDev->dhAgree.agreeSz = agreeSz; 00839 testDev->dhAgree.priv = priv; 00840 testDev->dhAgree.privSz = privSz; 00841 testDev->dhAgree.otherPub = otherPub; 00842 testDev->dhAgree.pubSz = pubSz; 00843 return WC_PENDING_E; 00844 } 00845 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz); 00846 #endif 00847 00848 return ret; 00849 } 00850 #endif /* WOLFSSL_ASYNC_CRYPT */ 00851 00852 int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv, 00853 word32 privSz, const byte* otherPub, word32 pubSz) 00854 { 00855 int ret = 0; 00856 00857 if (key == NULL || agree == NULL || agreeSz == NULL || priv == NULL || 00858 otherPub == NULL) { 00859 return BAD_FUNC_ARG; 00860 } 00861 00862 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) 00863 if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) { 00864 ret = wc_DhAgree_Async(key, agree, agreeSz, priv, privSz, otherPub, pubSz); 00865 } 00866 else 00867 #endif 00868 { 00869 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz); 00870 } 00871 00872 return ret; 00873 } 00874 00875 00876 /* not in asn anymore since no actual asn types used */ 00877 int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, 00878 word32 gSz) 00879 { 00880 if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) { 00881 return BAD_FUNC_ARG; 00882 } 00883 00884 /* may have leading 0 */ 00885 if (p[0] == 0) { 00886 pSz--; p++; 00887 } 00888 00889 if (g[0] == 0) { 00890 gSz--; g++; 00891 } 00892 00893 if (mp_init(&key->p) != MP_OKAY) 00894 return MP_INIT_E; 00895 if (mp_read_unsigned_bin(&key->p, p, pSz) != 0) { 00896 mp_clear(&key->p); 00897 return ASN_DH_KEY_E; 00898 } 00899 00900 if (mp_init(&key->g) != MP_OKAY) { 00901 mp_clear(&key->p); 00902 return MP_INIT_E; 00903 } 00904 if (mp_read_unsigned_bin(&key->g, g, gSz) != 0) { 00905 mp_clear(&key->g); 00906 mp_clear(&key->p); 00907 return ASN_DH_KEY_E; 00908 } 00909 00910 return 0; 00911 } 00912 00913 #endif /* NO_DH */ 00914
Generated on Tue Jul 12 2022 23:30:55 by
1.7.2