wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
wolfcrypt/src/dh.c@17:a5f916481144, 2020-06-05 (annotated)
- Committer:
- wolfSSL
- Date:
- Fri Jun 05 00:11:07 2020 +0000
- Revision:
- 17:a5f916481144
- Parent:
- 16:8e0d178b1d1e
wolfSSL 4.4.0
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
wolfSSL | 15:117db924cf7c | 1 | /* dh.c |
wolfSSL | 15:117db924cf7c | 2 | * |
wolfSSL | 16:8e0d178b1d1e | 3 | * Copyright (C) 2006-2020 wolfSSL Inc. |
wolfSSL | 15:117db924cf7c | 4 | * |
wolfSSL | 15:117db924cf7c | 5 | * This file is part of wolfSSL. |
wolfSSL | 15:117db924cf7c | 6 | * |
wolfSSL | 15:117db924cf7c | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
wolfSSL | 15:117db924cf7c | 8 | * it under the terms of the GNU General Public License as published by |
wolfSSL | 15:117db924cf7c | 9 | * the Free Software Foundation; either version 2 of the License, or |
wolfSSL | 15:117db924cf7c | 10 | * (at your option) any later version. |
wolfSSL | 15:117db924cf7c | 11 | * |
wolfSSL | 15:117db924cf7c | 12 | * wolfSSL is distributed in the hope that it will be useful, |
wolfSSL | 15:117db924cf7c | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
wolfSSL | 15:117db924cf7c | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
wolfSSL | 15:117db924cf7c | 15 | * GNU General Public License for more details. |
wolfSSL | 15:117db924cf7c | 16 | * |
wolfSSL | 15:117db924cf7c | 17 | * You should have received a copy of the GNU General Public License |
wolfSSL | 15:117db924cf7c | 18 | * along with this program; if not, write to the Free Software |
wolfSSL | 15:117db924cf7c | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
wolfSSL | 15:117db924cf7c | 20 | */ |
wolfSSL | 15:117db924cf7c | 21 | |
wolfSSL | 15:117db924cf7c | 22 | |
wolfSSL | 15:117db924cf7c | 23 | #ifdef HAVE_CONFIG_H |
wolfSSL | 15:117db924cf7c | 24 | #include <config.h> |
wolfSSL | 15:117db924cf7c | 25 | #endif |
wolfSSL | 15:117db924cf7c | 26 | |
wolfSSL | 15:117db924cf7c | 27 | #include <wolfssl/wolfcrypt/settings.h> |
wolfSSL | 15:117db924cf7c | 28 | |
wolfSSL | 15:117db924cf7c | 29 | #ifndef NO_DH |
wolfSSL | 15:117db924cf7c | 30 | |
wolfSSL | 15:117db924cf7c | 31 | #if defined(HAVE_FIPS) && \ |
wolfSSL | 16:8e0d178b1d1e | 32 | defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) |
wolfSSL | 15:117db924cf7c | 33 | |
wolfSSL | 15:117db924cf7c | 34 | /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ |
wolfSSL | 15:117db924cf7c | 35 | #define FIPS_NO_WRAPPERS |
wolfSSL | 15:117db924cf7c | 36 | |
wolfSSL | 15:117db924cf7c | 37 | #ifdef USE_WINDOWS_API |
wolfSSL | 15:117db924cf7c | 38 | #pragma code_seg(".fipsA$m") |
wolfSSL | 15:117db924cf7c | 39 | #pragma const_seg(".fipsB$m") |
wolfSSL | 15:117db924cf7c | 40 | #endif |
wolfSSL | 15:117db924cf7c | 41 | #endif |
wolfSSL | 15:117db924cf7c | 42 | |
wolfSSL | 15:117db924cf7c | 43 | #include <wolfssl/wolfcrypt/dh.h> |
wolfSSL | 15:117db924cf7c | 44 | #include <wolfssl/wolfcrypt/error-crypt.h> |
wolfSSL | 15:117db924cf7c | 45 | #include <wolfssl/wolfcrypt/logging.h> |
wolfSSL | 15:117db924cf7c | 46 | |
wolfSSL | 15:117db924cf7c | 47 | #ifdef WOLFSSL_HAVE_SP_DH |
wolfSSL | 15:117db924cf7c | 48 | #include <wolfssl/wolfcrypt/sp.h> |
wolfSSL | 15:117db924cf7c | 49 | #endif |
wolfSSL | 15:117db924cf7c | 50 | |
wolfSSL | 15:117db924cf7c | 51 | #ifdef NO_INLINE |
wolfSSL | 15:117db924cf7c | 52 | #include <wolfssl/wolfcrypt/misc.h> |
wolfSSL | 15:117db924cf7c | 53 | #else |
wolfSSL | 15:117db924cf7c | 54 | #define WOLFSSL_MISC_INCLUDED |
wolfSSL | 15:117db924cf7c | 55 | #include <wolfcrypt/src/misc.c> |
wolfSSL | 15:117db924cf7c | 56 | #endif |
wolfSSL | 15:117db924cf7c | 57 | |
wolfSSL | 15:117db924cf7c | 58 | |
wolfSSL | 16:8e0d178b1d1e | 59 | /* |
wolfSSL | 16:8e0d178b1d1e | 60 | Possible DH enable options: |
wolfSSL | 16:8e0d178b1d1e | 61 | * NO_RSA: Overall control of DH default: on (not defined) |
wolfSSL | 16:8e0d178b1d1e | 62 | * WOLFSSL_OLD_PRIME_CHECK: Disables the new prime number check. It does not |
wolfSSL | 16:8e0d178b1d1e | 63 | directly effect this file, but it does speed up DH |
wolfSSL | 16:8e0d178b1d1e | 64 | removing the testing. It is not recommended to |
wolfSSL | 16:8e0d178b1d1e | 65 | disable the prime checking. default: off |
wolfSSL | 16:8e0d178b1d1e | 66 | |
wolfSSL | 16:8e0d178b1d1e | 67 | */ |
wolfSSL | 16:8e0d178b1d1e | 68 | |
wolfSSL | 16:8e0d178b1d1e | 69 | |
wolfSSL | 15:117db924cf7c | 70 | #if !defined(USER_MATH_LIB) && !defined(WOLFSSL_DH_CONST) |
wolfSSL | 15:117db924cf7c | 71 | #include <math.h> |
wolfSSL | 15:117db924cf7c | 72 | #define XPOW(x,y) pow((x),(y)) |
wolfSSL | 15:117db924cf7c | 73 | #define XLOG(x) log((x)) |
wolfSSL | 15:117db924cf7c | 74 | #else |
wolfSSL | 15:117db924cf7c | 75 | /* user's own math lib */ |
wolfSSL | 15:117db924cf7c | 76 | #endif |
wolfSSL | 15:117db924cf7c | 77 | |
wolfSSL | 15:117db924cf7c | 78 | #ifdef HAVE_FFDHE_2048 |
wolfSSL | 15:117db924cf7c | 79 | static const byte dh_ffdhe2048_p[] = { |
wolfSSL | 15:117db924cf7c | 80 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 81 | 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, |
wolfSSL | 15:117db924cf7c | 82 | 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, |
wolfSSL | 15:117db924cf7c | 83 | 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, |
wolfSSL | 15:117db924cf7c | 84 | 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, |
wolfSSL | 15:117db924cf7c | 85 | 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, |
wolfSSL | 15:117db924cf7c | 86 | 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, |
wolfSSL | 15:117db924cf7c | 87 | 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, |
wolfSSL | 15:117db924cf7c | 88 | 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, |
wolfSSL | 15:117db924cf7c | 89 | 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, |
wolfSSL | 15:117db924cf7c | 90 | 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, |
wolfSSL | 15:117db924cf7c | 91 | 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, |
wolfSSL | 15:117db924cf7c | 92 | 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, |
wolfSSL | 15:117db924cf7c | 93 | 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, |
wolfSSL | 15:117db924cf7c | 94 | 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, |
wolfSSL | 15:117db924cf7c | 95 | 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, |
wolfSSL | 15:117db924cf7c | 96 | 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, |
wolfSSL | 15:117db924cf7c | 97 | 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, |
wolfSSL | 15:117db924cf7c | 98 | 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, |
wolfSSL | 15:117db924cf7c | 99 | 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, |
wolfSSL | 15:117db924cf7c | 100 | 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, |
wolfSSL | 15:117db924cf7c | 101 | 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, |
wolfSSL | 15:117db924cf7c | 102 | 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, |
wolfSSL | 15:117db924cf7c | 103 | 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, |
wolfSSL | 15:117db924cf7c | 104 | 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, |
wolfSSL | 15:117db924cf7c | 105 | 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, |
wolfSSL | 15:117db924cf7c | 106 | 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, |
wolfSSL | 15:117db924cf7c | 107 | 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, |
wolfSSL | 15:117db924cf7c | 108 | 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, |
wolfSSL | 15:117db924cf7c | 109 | 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, |
wolfSSL | 15:117db924cf7c | 110 | 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, |
wolfSSL | 15:117db924cf7c | 111 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 112 | }; |
wolfSSL | 15:117db924cf7c | 113 | static const byte dh_ffdhe2048_g[] = { 0x02 }; |
wolfSSL | 15:117db924cf7c | 114 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 115 | static const byte dh_ffdhe2048_q[] = { |
wolfSSL | 15:117db924cf7c | 116 | 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 117 | 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D, |
wolfSSL | 15:117db924cf7c | 118 | 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78, |
wolfSSL | 15:117db924cf7c | 119 | 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A, |
wolfSSL | 15:117db924cf7c | 120 | 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD, |
wolfSSL | 15:117db924cf7c | 121 | 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, |
wolfSSL | 15:117db924cf7c | 122 | 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, |
wolfSSL | 15:117db924cf7c | 123 | 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD, |
wolfSSL | 15:117db924cf7c | 124 | 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0, |
wolfSSL | 15:117db924cf7c | 125 | 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68, |
wolfSSL | 15:117db924cf7c | 126 | 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79, |
wolfSSL | 15:117db924cf7c | 127 | 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, |
wolfSSL | 15:117db924cf7c | 128 | 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, |
wolfSSL | 15:117db924cf7c | 129 | 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, |
wolfSSL | 15:117db924cf7c | 130 | 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A, |
wolfSSL | 15:117db924cf7c | 131 | 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD, |
wolfSSL | 15:117db924cf7c | 132 | 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0, |
wolfSSL | 15:117db924cf7c | 133 | 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD, |
wolfSSL | 15:117db924cf7c | 134 | 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34, |
wolfSSL | 15:117db924cf7c | 135 | 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, |
wolfSSL | 15:117db924cf7c | 136 | 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, |
wolfSSL | 15:117db924cf7c | 137 | 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8, |
wolfSSL | 15:117db924cf7c | 138 | 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76, |
wolfSSL | 15:117db924cf7c | 139 | 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0, |
wolfSSL | 15:117db924cf7c | 140 | 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF, |
wolfSSL | 15:117db924cf7c | 141 | 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1, |
wolfSSL | 15:117db924cf7c | 142 | 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, |
wolfSSL | 15:117db924cf7c | 143 | 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, |
wolfSSL | 15:117db924cf7c | 144 | 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9, |
wolfSSL | 15:117db924cf7c | 145 | 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD, |
wolfSSL | 15:117db924cf7c | 146 | 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x94, 0x2E, 0x4B, |
wolfSSL | 15:117db924cf7c | 147 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 148 | }; |
wolfSSL | 15:117db924cf7c | 149 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 150 | |
wolfSSL | 15:117db924cf7c | 151 | const DhParams* wc_Dh_ffdhe2048_Get(void) |
wolfSSL | 15:117db924cf7c | 152 | { |
wolfSSL | 15:117db924cf7c | 153 | static const DhParams ffdhe2048 = { |
wolfSSL | 15:117db924cf7c | 154 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 155 | dh_ffdhe2048_q, sizeof(dh_ffdhe2048_q), |
wolfSSL | 15:117db924cf7c | 156 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 157 | dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p), |
wolfSSL | 15:117db924cf7c | 158 | dh_ffdhe2048_g, sizeof(dh_ffdhe2048_g) |
wolfSSL | 15:117db924cf7c | 159 | }; |
wolfSSL | 15:117db924cf7c | 160 | return &ffdhe2048; |
wolfSSL | 15:117db924cf7c | 161 | } |
wolfSSL | 15:117db924cf7c | 162 | #endif |
wolfSSL | 15:117db924cf7c | 163 | |
wolfSSL | 15:117db924cf7c | 164 | #ifdef HAVE_FFDHE_3072 |
wolfSSL | 15:117db924cf7c | 165 | static const byte dh_ffdhe3072_p[] = { |
wolfSSL | 15:117db924cf7c | 166 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 167 | 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, |
wolfSSL | 15:117db924cf7c | 168 | 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, |
wolfSSL | 15:117db924cf7c | 169 | 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, |
wolfSSL | 15:117db924cf7c | 170 | 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, |
wolfSSL | 15:117db924cf7c | 171 | 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, |
wolfSSL | 15:117db924cf7c | 172 | 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, |
wolfSSL | 15:117db924cf7c | 173 | 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, |
wolfSSL | 15:117db924cf7c | 174 | 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, |
wolfSSL | 15:117db924cf7c | 175 | 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, |
wolfSSL | 15:117db924cf7c | 176 | 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, |
wolfSSL | 15:117db924cf7c | 177 | 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, |
wolfSSL | 15:117db924cf7c | 178 | 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, |
wolfSSL | 15:117db924cf7c | 179 | 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, |
wolfSSL | 15:117db924cf7c | 180 | 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, |
wolfSSL | 15:117db924cf7c | 181 | 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, |
wolfSSL | 15:117db924cf7c | 182 | 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, |
wolfSSL | 15:117db924cf7c | 183 | 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, |
wolfSSL | 15:117db924cf7c | 184 | 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, |
wolfSSL | 15:117db924cf7c | 185 | 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, |
wolfSSL | 15:117db924cf7c | 186 | 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, |
wolfSSL | 15:117db924cf7c | 187 | 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, |
wolfSSL | 15:117db924cf7c | 188 | 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, |
wolfSSL | 15:117db924cf7c | 189 | 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, |
wolfSSL | 15:117db924cf7c | 190 | 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, |
wolfSSL | 15:117db924cf7c | 191 | 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, |
wolfSSL | 15:117db924cf7c | 192 | 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, |
wolfSSL | 15:117db924cf7c | 193 | 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, |
wolfSSL | 15:117db924cf7c | 194 | 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, |
wolfSSL | 15:117db924cf7c | 195 | 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, |
wolfSSL | 15:117db924cf7c | 196 | 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, |
wolfSSL | 15:117db924cf7c | 197 | 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, |
wolfSSL | 15:117db924cf7c | 198 | 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, |
wolfSSL | 15:117db924cf7c | 199 | 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, |
wolfSSL | 15:117db924cf7c | 200 | 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, |
wolfSSL | 15:117db924cf7c | 201 | 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, |
wolfSSL | 15:117db924cf7c | 202 | 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, |
wolfSSL | 15:117db924cf7c | 203 | 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, |
wolfSSL | 15:117db924cf7c | 204 | 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, |
wolfSSL | 15:117db924cf7c | 205 | 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, |
wolfSSL | 15:117db924cf7c | 206 | 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, |
wolfSSL | 15:117db924cf7c | 207 | 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, |
wolfSSL | 15:117db924cf7c | 208 | 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, |
wolfSSL | 15:117db924cf7c | 209 | 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, |
wolfSSL | 15:117db924cf7c | 210 | 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, |
wolfSSL | 15:117db924cf7c | 211 | 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, |
wolfSSL | 15:117db924cf7c | 212 | 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, |
wolfSSL | 15:117db924cf7c | 213 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 214 | }; |
wolfSSL | 15:117db924cf7c | 215 | static const byte dh_ffdhe3072_g[] = { 0x02 }; |
wolfSSL | 15:117db924cf7c | 216 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 217 | static const byte dh_ffdhe3072_q[] = { |
wolfSSL | 15:117db924cf7c | 218 | 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 219 | 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D, |
wolfSSL | 15:117db924cf7c | 220 | 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78, |
wolfSSL | 15:117db924cf7c | 221 | 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A, |
wolfSSL | 15:117db924cf7c | 222 | 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD, |
wolfSSL | 15:117db924cf7c | 223 | 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, |
wolfSSL | 15:117db924cf7c | 224 | 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, |
wolfSSL | 15:117db924cf7c | 225 | 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD, |
wolfSSL | 15:117db924cf7c | 226 | 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0, |
wolfSSL | 15:117db924cf7c | 227 | 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68, |
wolfSSL | 15:117db924cf7c | 228 | 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79, |
wolfSSL | 15:117db924cf7c | 229 | 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, |
wolfSSL | 15:117db924cf7c | 230 | 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, |
wolfSSL | 15:117db924cf7c | 231 | 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, |
wolfSSL | 15:117db924cf7c | 232 | 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A, |
wolfSSL | 15:117db924cf7c | 233 | 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD, |
wolfSSL | 15:117db924cf7c | 234 | 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0, |
wolfSSL | 15:117db924cf7c | 235 | 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD, |
wolfSSL | 15:117db924cf7c | 236 | 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34, |
wolfSSL | 15:117db924cf7c | 237 | 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, |
wolfSSL | 15:117db924cf7c | 238 | 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, |
wolfSSL | 15:117db924cf7c | 239 | 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8, |
wolfSSL | 15:117db924cf7c | 240 | 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76, |
wolfSSL | 15:117db924cf7c | 241 | 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0, |
wolfSSL | 15:117db924cf7c | 242 | 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF, |
wolfSSL | 15:117db924cf7c | 243 | 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1, |
wolfSSL | 15:117db924cf7c | 244 | 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, |
wolfSSL | 15:117db924cf7c | 245 | 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, |
wolfSSL | 15:117db924cf7c | 246 | 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9, |
wolfSSL | 15:117db924cf7c | 247 | 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD, |
wolfSSL | 15:117db924cf7c | 248 | 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE, |
wolfSSL | 15:117db924cf7c | 249 | 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD, |
wolfSSL | 15:117db924cf7c | 250 | 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C, |
wolfSSL | 15:117db924cf7c | 251 | 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, |
wolfSSL | 15:117db924cf7c | 252 | 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, |
wolfSSL | 15:117db924cf7c | 253 | 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E, |
wolfSSL | 15:117db924cf7c | 254 | 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38, |
wolfSSL | 15:117db924cf7c | 255 | 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2, |
wolfSSL | 15:117db924cf7c | 256 | 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9, |
wolfSSL | 15:117db924cf7c | 257 | 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF, |
wolfSSL | 15:117db924cf7c | 258 | 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, |
wolfSSL | 15:117db924cf7c | 259 | 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, |
wolfSSL | 15:117db924cf7c | 260 | 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D, |
wolfSSL | 15:117db924cf7c | 261 | 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27, |
wolfSSL | 15:117db924cf7c | 262 | 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7, |
wolfSSL | 15:117db924cf7c | 263 | 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE, |
wolfSSL | 15:117db924cf7c | 264 | 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x63, 0x17, 0x1B, |
wolfSSL | 15:117db924cf7c | 265 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 266 | }; |
wolfSSL | 15:117db924cf7c | 267 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 268 | |
wolfSSL | 15:117db924cf7c | 269 | const DhParams* wc_Dh_ffdhe3072_Get(void) |
wolfSSL | 15:117db924cf7c | 270 | { |
wolfSSL | 15:117db924cf7c | 271 | static const DhParams ffdhe3072 = { |
wolfSSL | 15:117db924cf7c | 272 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 273 | dh_ffdhe3072_q, sizeof(dh_ffdhe3072_q), |
wolfSSL | 15:117db924cf7c | 274 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 275 | dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p), |
wolfSSL | 15:117db924cf7c | 276 | dh_ffdhe3072_g, sizeof(dh_ffdhe3072_g) |
wolfSSL | 15:117db924cf7c | 277 | }; |
wolfSSL | 15:117db924cf7c | 278 | return &ffdhe3072; |
wolfSSL | 15:117db924cf7c | 279 | } |
wolfSSL | 15:117db924cf7c | 280 | #endif |
wolfSSL | 15:117db924cf7c | 281 | |
wolfSSL | 15:117db924cf7c | 282 | #ifdef HAVE_FFDHE_4096 |
wolfSSL | 15:117db924cf7c | 283 | static const byte dh_ffdhe4096_p[] = { |
wolfSSL | 15:117db924cf7c | 284 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 285 | 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, |
wolfSSL | 15:117db924cf7c | 286 | 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, |
wolfSSL | 15:117db924cf7c | 287 | 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, |
wolfSSL | 15:117db924cf7c | 288 | 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, |
wolfSSL | 15:117db924cf7c | 289 | 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, |
wolfSSL | 15:117db924cf7c | 290 | 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, |
wolfSSL | 15:117db924cf7c | 291 | 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, |
wolfSSL | 15:117db924cf7c | 292 | 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, |
wolfSSL | 15:117db924cf7c | 293 | 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, |
wolfSSL | 15:117db924cf7c | 294 | 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, |
wolfSSL | 15:117db924cf7c | 295 | 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, |
wolfSSL | 15:117db924cf7c | 296 | 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, |
wolfSSL | 15:117db924cf7c | 297 | 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, |
wolfSSL | 15:117db924cf7c | 298 | 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, |
wolfSSL | 15:117db924cf7c | 299 | 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, |
wolfSSL | 15:117db924cf7c | 300 | 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, |
wolfSSL | 15:117db924cf7c | 301 | 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, |
wolfSSL | 15:117db924cf7c | 302 | 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, |
wolfSSL | 15:117db924cf7c | 303 | 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, |
wolfSSL | 15:117db924cf7c | 304 | 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, |
wolfSSL | 15:117db924cf7c | 305 | 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, |
wolfSSL | 15:117db924cf7c | 306 | 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, |
wolfSSL | 15:117db924cf7c | 307 | 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, |
wolfSSL | 15:117db924cf7c | 308 | 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, |
wolfSSL | 15:117db924cf7c | 309 | 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, |
wolfSSL | 15:117db924cf7c | 310 | 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, |
wolfSSL | 15:117db924cf7c | 311 | 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, |
wolfSSL | 15:117db924cf7c | 312 | 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, |
wolfSSL | 15:117db924cf7c | 313 | 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, |
wolfSSL | 15:117db924cf7c | 314 | 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, |
wolfSSL | 15:117db924cf7c | 315 | 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, |
wolfSSL | 15:117db924cf7c | 316 | 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, |
wolfSSL | 15:117db924cf7c | 317 | 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, |
wolfSSL | 15:117db924cf7c | 318 | 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, |
wolfSSL | 15:117db924cf7c | 319 | 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, |
wolfSSL | 15:117db924cf7c | 320 | 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, |
wolfSSL | 15:117db924cf7c | 321 | 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, |
wolfSSL | 15:117db924cf7c | 322 | 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, |
wolfSSL | 15:117db924cf7c | 323 | 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, |
wolfSSL | 15:117db924cf7c | 324 | 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, |
wolfSSL | 15:117db924cf7c | 325 | 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, |
wolfSSL | 15:117db924cf7c | 326 | 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, |
wolfSSL | 15:117db924cf7c | 327 | 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, |
wolfSSL | 15:117db924cf7c | 328 | 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, |
wolfSSL | 15:117db924cf7c | 329 | 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, |
wolfSSL | 15:117db924cf7c | 330 | 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, |
wolfSSL | 15:117db924cf7c | 331 | 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, |
wolfSSL | 15:117db924cf7c | 332 | 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, |
wolfSSL | 15:117db924cf7c | 333 | 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, |
wolfSSL | 15:117db924cf7c | 334 | 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, |
wolfSSL | 15:117db924cf7c | 335 | 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, |
wolfSSL | 15:117db924cf7c | 336 | 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, |
wolfSSL | 15:117db924cf7c | 337 | 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, |
wolfSSL | 15:117db924cf7c | 338 | 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, |
wolfSSL | 15:117db924cf7c | 339 | 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, |
wolfSSL | 15:117db924cf7c | 340 | 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, |
wolfSSL | 15:117db924cf7c | 341 | 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, |
wolfSSL | 15:117db924cf7c | 342 | 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, |
wolfSSL | 15:117db924cf7c | 343 | 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, |
wolfSSL | 15:117db924cf7c | 344 | 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, |
wolfSSL | 15:117db924cf7c | 345 | 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, |
wolfSSL | 15:117db924cf7c | 346 | 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, |
wolfSSL | 15:117db924cf7c | 347 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 348 | }; |
wolfSSL | 15:117db924cf7c | 349 | static const byte dh_ffdhe4096_g[] = { 0x02 }; |
wolfSSL | 15:117db924cf7c | 350 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 351 | static const byte dh_ffdhe4096_q[] = { |
wolfSSL | 15:117db924cf7c | 352 | 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 353 | 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D, |
wolfSSL | 15:117db924cf7c | 354 | 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78, |
wolfSSL | 15:117db924cf7c | 355 | 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A, |
wolfSSL | 15:117db924cf7c | 356 | 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD, |
wolfSSL | 15:117db924cf7c | 357 | 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, |
wolfSSL | 15:117db924cf7c | 358 | 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, |
wolfSSL | 15:117db924cf7c | 359 | 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD, |
wolfSSL | 15:117db924cf7c | 360 | 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0, |
wolfSSL | 15:117db924cf7c | 361 | 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68, |
wolfSSL | 15:117db924cf7c | 362 | 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79, |
wolfSSL | 15:117db924cf7c | 363 | 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, |
wolfSSL | 15:117db924cf7c | 364 | 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, |
wolfSSL | 15:117db924cf7c | 365 | 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, |
wolfSSL | 15:117db924cf7c | 366 | 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A, |
wolfSSL | 15:117db924cf7c | 367 | 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD, |
wolfSSL | 15:117db924cf7c | 368 | 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0, |
wolfSSL | 15:117db924cf7c | 369 | 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD, |
wolfSSL | 15:117db924cf7c | 370 | 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34, |
wolfSSL | 15:117db924cf7c | 371 | 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, |
wolfSSL | 15:117db924cf7c | 372 | 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, |
wolfSSL | 15:117db924cf7c | 373 | 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8, |
wolfSSL | 15:117db924cf7c | 374 | 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76, |
wolfSSL | 15:117db924cf7c | 375 | 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0, |
wolfSSL | 15:117db924cf7c | 376 | 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF, |
wolfSSL | 15:117db924cf7c | 377 | 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1, |
wolfSSL | 15:117db924cf7c | 378 | 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, |
wolfSSL | 15:117db924cf7c | 379 | 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, |
wolfSSL | 15:117db924cf7c | 380 | 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9, |
wolfSSL | 15:117db924cf7c | 381 | 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD, |
wolfSSL | 15:117db924cf7c | 382 | 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE, |
wolfSSL | 15:117db924cf7c | 383 | 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD, |
wolfSSL | 15:117db924cf7c | 384 | 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C, |
wolfSSL | 15:117db924cf7c | 385 | 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, |
wolfSSL | 15:117db924cf7c | 386 | 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, |
wolfSSL | 15:117db924cf7c | 387 | 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E, |
wolfSSL | 15:117db924cf7c | 388 | 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38, |
wolfSSL | 15:117db924cf7c | 389 | 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2, |
wolfSSL | 15:117db924cf7c | 390 | 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9, |
wolfSSL | 15:117db924cf7c | 391 | 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF, |
wolfSSL | 15:117db924cf7c | 392 | 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, |
wolfSSL | 15:117db924cf7c | 393 | 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, |
wolfSSL | 15:117db924cf7c | 394 | 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D, |
wolfSSL | 15:117db924cf7c | 395 | 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27, |
wolfSSL | 15:117db924cf7c | 396 | 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7, |
wolfSSL | 15:117db924cf7c | 397 | 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE, |
wolfSSL | 15:117db924cf7c | 398 | 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78, |
wolfSSL | 15:117db924cf7c | 399 | 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, |
wolfSSL | 15:117db924cf7c | 400 | 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB, |
wolfSSL | 15:117db924cf7c | 401 | 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C, |
wolfSSL | 15:117db924cf7c | 402 | 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02, |
wolfSSL | 15:117db924cf7c | 403 | 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D, |
wolfSSL | 15:117db924cf7c | 404 | 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5, |
wolfSSL | 15:117db924cf7c | 405 | 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19, |
wolfSSL | 15:117db924cf7c | 406 | 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, |
wolfSSL | 15:117db924cf7c | 407 | 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C, |
wolfSSL | 15:117db924cf7c | 408 | 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD, |
wolfSSL | 15:117db924cf7c | 409 | 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E, |
wolfSSL | 15:117db924cf7c | 410 | 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66, |
wolfSSL | 15:117db924cf7c | 411 | 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7, |
wolfSSL | 15:117db924cf7c | 412 | 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35, |
wolfSSL | 15:117db924cf7c | 413 | 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, |
wolfSSL | 15:117db924cf7c | 414 | 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x32, 0xAF, 0xB5, |
wolfSSL | 15:117db924cf7c | 415 | 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 416 | }; |
wolfSSL | 15:117db924cf7c | 417 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 418 | |
wolfSSL | 15:117db924cf7c | 419 | const DhParams* wc_Dh_ffdhe4096_Get(void) |
wolfSSL | 15:117db924cf7c | 420 | { |
wolfSSL | 15:117db924cf7c | 421 | static const DhParams ffdhe4096 = { |
wolfSSL | 15:117db924cf7c | 422 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 423 | dh_ffdhe4096_q, sizeof(dh_ffdhe4096_q), |
wolfSSL | 15:117db924cf7c | 424 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 425 | dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p), |
wolfSSL | 15:117db924cf7c | 426 | dh_ffdhe4096_g, sizeof(dh_ffdhe4096_g) |
wolfSSL | 15:117db924cf7c | 427 | }; |
wolfSSL | 15:117db924cf7c | 428 | return &ffdhe4096; |
wolfSSL | 15:117db924cf7c | 429 | } |
wolfSSL | 15:117db924cf7c | 430 | #endif |
wolfSSL | 15:117db924cf7c | 431 | |
wolfSSL | 15:117db924cf7c | 432 | #ifdef HAVE_FFDHE_6144 |
wolfSSL | 15:117db924cf7c | 433 | static const byte dh_ffdhe6144_p[] = { |
wolfSSL | 15:117db924cf7c | 434 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 435 | 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, |
wolfSSL | 15:117db924cf7c | 436 | 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, |
wolfSSL | 15:117db924cf7c | 437 | 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, |
wolfSSL | 15:117db924cf7c | 438 | 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, |
wolfSSL | 15:117db924cf7c | 439 | 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, |
wolfSSL | 15:117db924cf7c | 440 | 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, |
wolfSSL | 15:117db924cf7c | 441 | 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, |
wolfSSL | 15:117db924cf7c | 442 | 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, |
wolfSSL | 15:117db924cf7c | 443 | 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, |
wolfSSL | 15:117db924cf7c | 444 | 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, |
wolfSSL | 15:117db924cf7c | 445 | 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, |
wolfSSL | 15:117db924cf7c | 446 | 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, |
wolfSSL | 15:117db924cf7c | 447 | 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, |
wolfSSL | 15:117db924cf7c | 448 | 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, |
wolfSSL | 15:117db924cf7c | 449 | 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, |
wolfSSL | 15:117db924cf7c | 450 | 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, |
wolfSSL | 15:117db924cf7c | 451 | 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, |
wolfSSL | 15:117db924cf7c | 452 | 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, |
wolfSSL | 15:117db924cf7c | 453 | 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, |
wolfSSL | 15:117db924cf7c | 454 | 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, |
wolfSSL | 15:117db924cf7c | 455 | 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, |
wolfSSL | 15:117db924cf7c | 456 | 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, |
wolfSSL | 15:117db924cf7c | 457 | 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, |
wolfSSL | 15:117db924cf7c | 458 | 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, |
wolfSSL | 15:117db924cf7c | 459 | 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, |
wolfSSL | 15:117db924cf7c | 460 | 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, |
wolfSSL | 15:117db924cf7c | 461 | 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, |
wolfSSL | 15:117db924cf7c | 462 | 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, |
wolfSSL | 15:117db924cf7c | 463 | 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, |
wolfSSL | 15:117db924cf7c | 464 | 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, |
wolfSSL | 15:117db924cf7c | 465 | 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, |
wolfSSL | 15:117db924cf7c | 466 | 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, |
wolfSSL | 15:117db924cf7c | 467 | 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, |
wolfSSL | 15:117db924cf7c | 468 | 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, |
wolfSSL | 15:117db924cf7c | 469 | 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, |
wolfSSL | 15:117db924cf7c | 470 | 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, |
wolfSSL | 15:117db924cf7c | 471 | 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, |
wolfSSL | 15:117db924cf7c | 472 | 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, |
wolfSSL | 15:117db924cf7c | 473 | 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, |
wolfSSL | 15:117db924cf7c | 474 | 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, |
wolfSSL | 15:117db924cf7c | 475 | 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, |
wolfSSL | 15:117db924cf7c | 476 | 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, |
wolfSSL | 15:117db924cf7c | 477 | 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, |
wolfSSL | 15:117db924cf7c | 478 | 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, |
wolfSSL | 15:117db924cf7c | 479 | 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, |
wolfSSL | 15:117db924cf7c | 480 | 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, |
wolfSSL | 15:117db924cf7c | 481 | 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, |
wolfSSL | 15:117db924cf7c | 482 | 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, |
wolfSSL | 15:117db924cf7c | 483 | 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, |
wolfSSL | 15:117db924cf7c | 484 | 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, |
wolfSSL | 15:117db924cf7c | 485 | 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, |
wolfSSL | 15:117db924cf7c | 486 | 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, |
wolfSSL | 15:117db924cf7c | 487 | 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, |
wolfSSL | 15:117db924cf7c | 488 | 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, |
wolfSSL | 15:117db924cf7c | 489 | 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, |
wolfSSL | 15:117db924cf7c | 490 | 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, |
wolfSSL | 15:117db924cf7c | 491 | 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, |
wolfSSL | 15:117db924cf7c | 492 | 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, |
wolfSSL | 15:117db924cf7c | 493 | 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, |
wolfSSL | 15:117db924cf7c | 494 | 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, |
wolfSSL | 15:117db924cf7c | 495 | 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, |
wolfSSL | 15:117db924cf7c | 496 | 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, |
wolfSSL | 15:117db924cf7c | 497 | 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, |
wolfSSL | 15:117db924cf7c | 498 | 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, |
wolfSSL | 15:117db924cf7c | 499 | 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, |
wolfSSL | 15:117db924cf7c | 500 | 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, |
wolfSSL | 15:117db924cf7c | 501 | 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, |
wolfSSL | 15:117db924cf7c | 502 | 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, |
wolfSSL | 15:117db924cf7c | 503 | 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, |
wolfSSL | 15:117db924cf7c | 504 | 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, |
wolfSSL | 15:117db924cf7c | 505 | 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, |
wolfSSL | 15:117db924cf7c | 506 | 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, |
wolfSSL | 15:117db924cf7c | 507 | 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, |
wolfSSL | 15:117db924cf7c | 508 | 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, |
wolfSSL | 15:117db924cf7c | 509 | 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, |
wolfSSL | 15:117db924cf7c | 510 | 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, |
wolfSSL | 15:117db924cf7c | 511 | 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, |
wolfSSL | 15:117db924cf7c | 512 | 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, |
wolfSSL | 15:117db924cf7c | 513 | 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, |
wolfSSL | 15:117db924cf7c | 514 | 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, |
wolfSSL | 15:117db924cf7c | 515 | 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, |
wolfSSL | 15:117db924cf7c | 516 | 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, |
wolfSSL | 15:117db924cf7c | 517 | 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, |
wolfSSL | 15:117db924cf7c | 518 | 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, |
wolfSSL | 15:117db924cf7c | 519 | 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, |
wolfSSL | 15:117db924cf7c | 520 | 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, |
wolfSSL | 15:117db924cf7c | 521 | 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, |
wolfSSL | 15:117db924cf7c | 522 | 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, |
wolfSSL | 15:117db924cf7c | 523 | 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, |
wolfSSL | 15:117db924cf7c | 524 | 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, |
wolfSSL | 15:117db924cf7c | 525 | 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, |
wolfSSL | 15:117db924cf7c | 526 | 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, |
wolfSSL | 15:117db924cf7c | 527 | 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, |
wolfSSL | 15:117db924cf7c | 528 | 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, |
wolfSSL | 15:117db924cf7c | 529 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 530 | }; |
wolfSSL | 15:117db924cf7c | 531 | static const byte dh_ffdhe6144_g[] = { 0x02 }; |
wolfSSL | 15:117db924cf7c | 532 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 533 | static const byte dh_ffdhe6144_q[] = { |
wolfSSL | 15:117db924cf7c | 534 | 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 535 | 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D, |
wolfSSL | 15:117db924cf7c | 536 | 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78, |
wolfSSL | 15:117db924cf7c | 537 | 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A, |
wolfSSL | 15:117db924cf7c | 538 | 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD, |
wolfSSL | 15:117db924cf7c | 539 | 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, |
wolfSSL | 15:117db924cf7c | 540 | 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, |
wolfSSL | 15:117db924cf7c | 541 | 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD, |
wolfSSL | 15:117db924cf7c | 542 | 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0, |
wolfSSL | 15:117db924cf7c | 543 | 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68, |
wolfSSL | 15:117db924cf7c | 544 | 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79, |
wolfSSL | 15:117db924cf7c | 545 | 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, |
wolfSSL | 15:117db924cf7c | 546 | 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, |
wolfSSL | 15:117db924cf7c | 547 | 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, |
wolfSSL | 15:117db924cf7c | 548 | 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A, |
wolfSSL | 15:117db924cf7c | 549 | 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD, |
wolfSSL | 15:117db924cf7c | 550 | 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0, |
wolfSSL | 15:117db924cf7c | 551 | 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD, |
wolfSSL | 15:117db924cf7c | 552 | 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34, |
wolfSSL | 15:117db924cf7c | 553 | 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, |
wolfSSL | 15:117db924cf7c | 554 | 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, |
wolfSSL | 15:117db924cf7c | 555 | 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8, |
wolfSSL | 15:117db924cf7c | 556 | 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76, |
wolfSSL | 15:117db924cf7c | 557 | 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0, |
wolfSSL | 15:117db924cf7c | 558 | 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF, |
wolfSSL | 15:117db924cf7c | 559 | 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1, |
wolfSSL | 15:117db924cf7c | 560 | 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, |
wolfSSL | 15:117db924cf7c | 561 | 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, |
wolfSSL | 15:117db924cf7c | 562 | 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9, |
wolfSSL | 15:117db924cf7c | 563 | 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD, |
wolfSSL | 15:117db924cf7c | 564 | 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE, |
wolfSSL | 15:117db924cf7c | 565 | 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD, |
wolfSSL | 15:117db924cf7c | 566 | 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C, |
wolfSSL | 15:117db924cf7c | 567 | 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, |
wolfSSL | 15:117db924cf7c | 568 | 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, |
wolfSSL | 15:117db924cf7c | 569 | 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E, |
wolfSSL | 15:117db924cf7c | 570 | 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38, |
wolfSSL | 15:117db924cf7c | 571 | 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2, |
wolfSSL | 15:117db924cf7c | 572 | 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9, |
wolfSSL | 15:117db924cf7c | 573 | 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF, |
wolfSSL | 15:117db924cf7c | 574 | 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, |
wolfSSL | 15:117db924cf7c | 575 | 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, |
wolfSSL | 15:117db924cf7c | 576 | 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D, |
wolfSSL | 15:117db924cf7c | 577 | 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27, |
wolfSSL | 15:117db924cf7c | 578 | 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7, |
wolfSSL | 15:117db924cf7c | 579 | 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE, |
wolfSSL | 15:117db924cf7c | 580 | 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78, |
wolfSSL | 15:117db924cf7c | 581 | 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, |
wolfSSL | 15:117db924cf7c | 582 | 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB, |
wolfSSL | 15:117db924cf7c | 583 | 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C, |
wolfSSL | 15:117db924cf7c | 584 | 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02, |
wolfSSL | 15:117db924cf7c | 585 | 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D, |
wolfSSL | 15:117db924cf7c | 586 | 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5, |
wolfSSL | 15:117db924cf7c | 587 | 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19, |
wolfSSL | 15:117db924cf7c | 588 | 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, |
wolfSSL | 15:117db924cf7c | 589 | 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C, |
wolfSSL | 15:117db924cf7c | 590 | 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD, |
wolfSSL | 15:117db924cf7c | 591 | 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E, |
wolfSSL | 15:117db924cf7c | 592 | 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66, |
wolfSSL | 15:117db924cf7c | 593 | 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7, |
wolfSSL | 15:117db924cf7c | 594 | 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35, |
wolfSSL | 15:117db924cf7c | 595 | 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, |
wolfSSL | 15:117db924cf7c | 596 | 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81, |
wolfSSL | 15:117db924cf7c | 597 | 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D, |
wolfSSL | 15:117db924cf7c | 598 | 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D, |
wolfSSL | 15:117db924cf7c | 599 | 0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53, |
wolfSSL | 15:117db924cf7c | 600 | 0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64, |
wolfSSL | 15:117db924cf7c | 601 | 0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6, |
wolfSSL | 15:117db924cf7c | 602 | 0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D, |
wolfSSL | 15:117db924cf7c | 603 | 0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38, |
wolfSSL | 15:117db924cf7c | 604 | 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F, |
wolfSSL | 15:117db924cf7c | 605 | 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B, |
wolfSSL | 15:117db924cf7c | 606 | 0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88, |
wolfSSL | 15:117db924cf7c | 607 | 0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C, |
wolfSSL | 15:117db924cf7c | 608 | 0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1, |
wolfSSL | 15:117db924cf7c | 609 | 0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37, |
wolfSSL | 15:117db924cf7c | 610 | 0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1, |
wolfSSL | 15:117db924cf7c | 611 | 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA, |
wolfSSL | 15:117db924cf7c | 612 | 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0, |
wolfSSL | 15:117db924cf7c | 613 | 0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9, |
wolfSSL | 15:117db924cf7c | 614 | 0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB, |
wolfSSL | 15:117db924cf7c | 615 | 0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41, |
wolfSSL | 15:117db924cf7c | 616 | 0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F, |
wolfSSL | 15:117db924cf7c | 617 | 0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6, |
wolfSSL | 15:117db924cf7c | 618 | 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF, |
wolfSSL | 15:117db924cf7c | 619 | 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23, |
wolfSSL | 15:117db924cf7c | 620 | 0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5, |
wolfSSL | 15:117db924cf7c | 621 | 0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B, |
wolfSSL | 15:117db924cf7c | 622 | 0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01, |
wolfSSL | 15:117db924cf7c | 623 | 0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82, |
wolfSSL | 15:117db924cf7c | 624 | 0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B, |
wolfSSL | 15:117db924cf7c | 625 | 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34, |
wolfSSL | 15:117db924cf7c | 626 | 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0, |
wolfSSL | 15:117db924cf7c | 627 | 0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A, |
wolfSSL | 15:117db924cf7c | 628 | 0x52, 0x07, 0x19, 0x4E, 0x68, 0x72, 0x07, 0x32, |
wolfSSL | 15:117db924cf7c | 629 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 630 | }; |
wolfSSL | 15:117db924cf7c | 631 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 632 | |
wolfSSL | 15:117db924cf7c | 633 | const DhParams* wc_Dh_ffdhe6144_Get(void) |
wolfSSL | 15:117db924cf7c | 634 | { |
wolfSSL | 15:117db924cf7c | 635 | static const DhParams ffdhe6144 = { |
wolfSSL | 15:117db924cf7c | 636 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 637 | dh_ffdhe6144_q, sizeof(dh_ffdhe6144_q), |
wolfSSL | 15:117db924cf7c | 638 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 639 | dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p), |
wolfSSL | 15:117db924cf7c | 640 | dh_ffdhe6144_g, sizeof(dh_ffdhe6144_g) |
wolfSSL | 15:117db924cf7c | 641 | }; |
wolfSSL | 15:117db924cf7c | 642 | return &ffdhe6144; |
wolfSSL | 15:117db924cf7c | 643 | } |
wolfSSL | 15:117db924cf7c | 644 | #endif |
wolfSSL | 15:117db924cf7c | 645 | |
wolfSSL | 15:117db924cf7c | 646 | #ifdef HAVE_FFDHE_8192 |
wolfSSL | 15:117db924cf7c | 647 | static const byte dh_ffdhe8192_p[] = { |
wolfSSL | 15:117db924cf7c | 648 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 649 | 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, |
wolfSSL | 15:117db924cf7c | 650 | 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, |
wolfSSL | 15:117db924cf7c | 651 | 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, |
wolfSSL | 15:117db924cf7c | 652 | 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, |
wolfSSL | 15:117db924cf7c | 653 | 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, |
wolfSSL | 15:117db924cf7c | 654 | 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, |
wolfSSL | 15:117db924cf7c | 655 | 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, |
wolfSSL | 15:117db924cf7c | 656 | 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, |
wolfSSL | 15:117db924cf7c | 657 | 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, |
wolfSSL | 15:117db924cf7c | 658 | 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, |
wolfSSL | 15:117db924cf7c | 659 | 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, |
wolfSSL | 15:117db924cf7c | 660 | 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, |
wolfSSL | 15:117db924cf7c | 661 | 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, |
wolfSSL | 15:117db924cf7c | 662 | 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, |
wolfSSL | 15:117db924cf7c | 663 | 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, |
wolfSSL | 15:117db924cf7c | 664 | 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, |
wolfSSL | 15:117db924cf7c | 665 | 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, |
wolfSSL | 15:117db924cf7c | 666 | 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, |
wolfSSL | 15:117db924cf7c | 667 | 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, |
wolfSSL | 15:117db924cf7c | 668 | 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, |
wolfSSL | 15:117db924cf7c | 669 | 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, |
wolfSSL | 15:117db924cf7c | 670 | 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, |
wolfSSL | 15:117db924cf7c | 671 | 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, |
wolfSSL | 15:117db924cf7c | 672 | 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, |
wolfSSL | 15:117db924cf7c | 673 | 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, |
wolfSSL | 15:117db924cf7c | 674 | 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, |
wolfSSL | 15:117db924cf7c | 675 | 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, |
wolfSSL | 15:117db924cf7c | 676 | 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, |
wolfSSL | 15:117db924cf7c | 677 | 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, |
wolfSSL | 15:117db924cf7c | 678 | 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, |
wolfSSL | 15:117db924cf7c | 679 | 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, |
wolfSSL | 15:117db924cf7c | 680 | 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, |
wolfSSL | 15:117db924cf7c | 681 | 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, |
wolfSSL | 15:117db924cf7c | 682 | 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, |
wolfSSL | 15:117db924cf7c | 683 | 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, |
wolfSSL | 15:117db924cf7c | 684 | 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, |
wolfSSL | 15:117db924cf7c | 685 | 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, |
wolfSSL | 15:117db924cf7c | 686 | 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, |
wolfSSL | 15:117db924cf7c | 687 | 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, |
wolfSSL | 15:117db924cf7c | 688 | 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, |
wolfSSL | 15:117db924cf7c | 689 | 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, |
wolfSSL | 15:117db924cf7c | 690 | 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, |
wolfSSL | 15:117db924cf7c | 691 | 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, |
wolfSSL | 15:117db924cf7c | 692 | 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, |
wolfSSL | 15:117db924cf7c | 693 | 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, |
wolfSSL | 15:117db924cf7c | 694 | 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, |
wolfSSL | 15:117db924cf7c | 695 | 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, |
wolfSSL | 15:117db924cf7c | 696 | 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, |
wolfSSL | 15:117db924cf7c | 697 | 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, |
wolfSSL | 15:117db924cf7c | 698 | 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, |
wolfSSL | 15:117db924cf7c | 699 | 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, |
wolfSSL | 15:117db924cf7c | 700 | 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, |
wolfSSL | 15:117db924cf7c | 701 | 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, |
wolfSSL | 15:117db924cf7c | 702 | 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, |
wolfSSL | 15:117db924cf7c | 703 | 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, |
wolfSSL | 15:117db924cf7c | 704 | 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, |
wolfSSL | 15:117db924cf7c | 705 | 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, |
wolfSSL | 15:117db924cf7c | 706 | 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, |
wolfSSL | 15:117db924cf7c | 707 | 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, |
wolfSSL | 15:117db924cf7c | 708 | 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, |
wolfSSL | 15:117db924cf7c | 709 | 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, |
wolfSSL | 15:117db924cf7c | 710 | 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, |
wolfSSL | 15:117db924cf7c | 711 | 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, |
wolfSSL | 15:117db924cf7c | 712 | 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, |
wolfSSL | 15:117db924cf7c | 713 | 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, |
wolfSSL | 15:117db924cf7c | 714 | 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, |
wolfSSL | 15:117db924cf7c | 715 | 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, |
wolfSSL | 15:117db924cf7c | 716 | 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, |
wolfSSL | 15:117db924cf7c | 717 | 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, |
wolfSSL | 15:117db924cf7c | 718 | 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, |
wolfSSL | 15:117db924cf7c | 719 | 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, |
wolfSSL | 15:117db924cf7c | 720 | 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, |
wolfSSL | 15:117db924cf7c | 721 | 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, |
wolfSSL | 15:117db924cf7c | 722 | 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, |
wolfSSL | 15:117db924cf7c | 723 | 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, |
wolfSSL | 15:117db924cf7c | 724 | 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, |
wolfSSL | 15:117db924cf7c | 725 | 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, |
wolfSSL | 15:117db924cf7c | 726 | 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, |
wolfSSL | 15:117db924cf7c | 727 | 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, |
wolfSSL | 15:117db924cf7c | 728 | 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, |
wolfSSL | 15:117db924cf7c | 729 | 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, |
wolfSSL | 15:117db924cf7c | 730 | 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, |
wolfSSL | 15:117db924cf7c | 731 | 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, |
wolfSSL | 15:117db924cf7c | 732 | 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, |
wolfSSL | 15:117db924cf7c | 733 | 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, |
wolfSSL | 15:117db924cf7c | 734 | 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, |
wolfSSL | 15:117db924cf7c | 735 | 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, |
wolfSSL | 15:117db924cf7c | 736 | 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, |
wolfSSL | 15:117db924cf7c | 737 | 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, |
wolfSSL | 15:117db924cf7c | 738 | 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, |
wolfSSL | 15:117db924cf7c | 739 | 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, |
wolfSSL | 15:117db924cf7c | 740 | 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, |
wolfSSL | 15:117db924cf7c | 741 | 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, |
wolfSSL | 15:117db924cf7c | 742 | 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, |
wolfSSL | 15:117db924cf7c | 743 | 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, |
wolfSSL | 15:117db924cf7c | 744 | 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, |
wolfSSL | 15:117db924cf7c | 745 | 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, |
wolfSSL | 15:117db924cf7c | 746 | 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, |
wolfSSL | 15:117db924cf7c | 747 | 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, |
wolfSSL | 15:117db924cf7c | 748 | 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, |
wolfSSL | 15:117db924cf7c | 749 | 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, |
wolfSSL | 15:117db924cf7c | 750 | 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, |
wolfSSL | 15:117db924cf7c | 751 | 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, |
wolfSSL | 15:117db924cf7c | 752 | 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, |
wolfSSL | 15:117db924cf7c | 753 | 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, |
wolfSSL | 15:117db924cf7c | 754 | 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, |
wolfSSL | 15:117db924cf7c | 755 | 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, |
wolfSSL | 15:117db924cf7c | 756 | 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, |
wolfSSL | 15:117db924cf7c | 757 | 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, |
wolfSSL | 15:117db924cf7c | 758 | 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, |
wolfSSL | 15:117db924cf7c | 759 | 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, |
wolfSSL | 15:117db924cf7c | 760 | 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, |
wolfSSL | 15:117db924cf7c | 761 | 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, |
wolfSSL | 15:117db924cf7c | 762 | 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, |
wolfSSL | 15:117db924cf7c | 763 | 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, |
wolfSSL | 15:117db924cf7c | 764 | 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, |
wolfSSL | 15:117db924cf7c | 765 | 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, |
wolfSSL | 15:117db924cf7c | 766 | 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, |
wolfSSL | 15:117db924cf7c | 767 | 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, |
wolfSSL | 15:117db924cf7c | 768 | 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, |
wolfSSL | 15:117db924cf7c | 769 | 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, |
wolfSSL | 15:117db924cf7c | 770 | 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, |
wolfSSL | 15:117db924cf7c | 771 | 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, |
wolfSSL | 15:117db924cf7c | 772 | 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, |
wolfSSL | 15:117db924cf7c | 773 | 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, |
wolfSSL | 15:117db924cf7c | 774 | 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, |
wolfSSL | 15:117db924cf7c | 775 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 776 | }; |
wolfSSL | 15:117db924cf7c | 777 | static const byte dh_ffdhe8192_g[] = { 0x02 }; |
wolfSSL | 15:117db924cf7c | 778 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 16:8e0d178b1d1e | 779 | static const byte dh_ffdhe8192_q[] = { |
wolfSSL | 15:117db924cf7c | 780 | 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, |
wolfSSL | 15:117db924cf7c | 781 | 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D, |
wolfSSL | 15:117db924cf7c | 782 | 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78, |
wolfSSL | 15:117db924cf7c | 783 | 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A, |
wolfSSL | 15:117db924cf7c | 784 | 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD, |
wolfSSL | 15:117db924cf7c | 785 | 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, |
wolfSSL | 15:117db924cf7c | 786 | 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, |
wolfSSL | 15:117db924cf7c | 787 | 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD, |
wolfSSL | 15:117db924cf7c | 788 | 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0, |
wolfSSL | 15:117db924cf7c | 789 | 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68, |
wolfSSL | 15:117db924cf7c | 790 | 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79, |
wolfSSL | 15:117db924cf7c | 791 | 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, |
wolfSSL | 15:117db924cf7c | 792 | 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, |
wolfSSL | 15:117db924cf7c | 793 | 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, |
wolfSSL | 15:117db924cf7c | 794 | 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A, |
wolfSSL | 15:117db924cf7c | 795 | 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD, |
wolfSSL | 15:117db924cf7c | 796 | 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0, |
wolfSSL | 15:117db924cf7c | 797 | 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD, |
wolfSSL | 15:117db924cf7c | 798 | 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34, |
wolfSSL | 15:117db924cf7c | 799 | 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, |
wolfSSL | 15:117db924cf7c | 800 | 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, |
wolfSSL | 15:117db924cf7c | 801 | 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8, |
wolfSSL | 15:117db924cf7c | 802 | 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76, |
wolfSSL | 15:117db924cf7c | 803 | 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0, |
wolfSSL | 15:117db924cf7c | 804 | 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF, |
wolfSSL | 15:117db924cf7c | 805 | 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1, |
wolfSSL | 15:117db924cf7c | 806 | 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, |
wolfSSL | 15:117db924cf7c | 807 | 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, |
wolfSSL | 15:117db924cf7c | 808 | 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9, |
wolfSSL | 15:117db924cf7c | 809 | 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD, |
wolfSSL | 15:117db924cf7c | 810 | 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE, |
wolfSSL | 15:117db924cf7c | 811 | 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD, |
wolfSSL | 15:117db924cf7c | 812 | 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C, |
wolfSSL | 15:117db924cf7c | 813 | 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, |
wolfSSL | 15:117db924cf7c | 814 | 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, |
wolfSSL | 15:117db924cf7c | 815 | 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E, |
wolfSSL | 15:117db924cf7c | 816 | 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38, |
wolfSSL | 15:117db924cf7c | 817 | 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2, |
wolfSSL | 15:117db924cf7c | 818 | 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9, |
wolfSSL | 15:117db924cf7c | 819 | 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF, |
wolfSSL | 15:117db924cf7c | 820 | 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, |
wolfSSL | 15:117db924cf7c | 821 | 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, |
wolfSSL | 15:117db924cf7c | 822 | 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D, |
wolfSSL | 15:117db924cf7c | 823 | 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27, |
wolfSSL | 15:117db924cf7c | 824 | 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7, |
wolfSSL | 15:117db924cf7c | 825 | 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE, |
wolfSSL | 15:117db924cf7c | 826 | 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78, |
wolfSSL | 15:117db924cf7c | 827 | 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, |
wolfSSL | 15:117db924cf7c | 828 | 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB, |
wolfSSL | 15:117db924cf7c | 829 | 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C, |
wolfSSL | 15:117db924cf7c | 830 | 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02, |
wolfSSL | 15:117db924cf7c | 831 | 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D, |
wolfSSL | 15:117db924cf7c | 832 | 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5, |
wolfSSL | 15:117db924cf7c | 833 | 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19, |
wolfSSL | 15:117db924cf7c | 834 | 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, |
wolfSSL | 15:117db924cf7c | 835 | 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C, |
wolfSSL | 15:117db924cf7c | 836 | 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD, |
wolfSSL | 15:117db924cf7c | 837 | 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E, |
wolfSSL | 15:117db924cf7c | 838 | 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66, |
wolfSSL | 15:117db924cf7c | 839 | 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7, |
wolfSSL | 15:117db924cf7c | 840 | 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35, |
wolfSSL | 15:117db924cf7c | 841 | 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, |
wolfSSL | 15:117db924cf7c | 842 | 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81, |
wolfSSL | 15:117db924cf7c | 843 | 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D, |
wolfSSL | 15:117db924cf7c | 844 | 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D, |
wolfSSL | 15:117db924cf7c | 845 | 0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53, |
wolfSSL | 15:117db924cf7c | 846 | 0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64, |
wolfSSL | 15:117db924cf7c | 847 | 0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6, |
wolfSSL | 15:117db924cf7c | 848 | 0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D, |
wolfSSL | 15:117db924cf7c | 849 | 0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38, |
wolfSSL | 15:117db924cf7c | 850 | 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F, |
wolfSSL | 15:117db924cf7c | 851 | 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B, |
wolfSSL | 15:117db924cf7c | 852 | 0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88, |
wolfSSL | 15:117db924cf7c | 853 | 0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C, |
wolfSSL | 15:117db924cf7c | 854 | 0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1, |
wolfSSL | 15:117db924cf7c | 855 | 0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37, |
wolfSSL | 15:117db924cf7c | 856 | 0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1, |
wolfSSL | 15:117db924cf7c | 857 | 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA, |
wolfSSL | 15:117db924cf7c | 858 | 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0, |
wolfSSL | 15:117db924cf7c | 859 | 0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9, |
wolfSSL | 15:117db924cf7c | 860 | 0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB, |
wolfSSL | 15:117db924cf7c | 861 | 0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41, |
wolfSSL | 15:117db924cf7c | 862 | 0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F, |
wolfSSL | 15:117db924cf7c | 863 | 0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6, |
wolfSSL | 15:117db924cf7c | 864 | 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF, |
wolfSSL | 15:117db924cf7c | 865 | 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23, |
wolfSSL | 15:117db924cf7c | 866 | 0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5, |
wolfSSL | 15:117db924cf7c | 867 | 0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B, |
wolfSSL | 15:117db924cf7c | 868 | 0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01, |
wolfSSL | 15:117db924cf7c | 869 | 0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82, |
wolfSSL | 15:117db924cf7c | 870 | 0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B, |
wolfSSL | 15:117db924cf7c | 871 | 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34, |
wolfSSL | 15:117db924cf7c | 872 | 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0, |
wolfSSL | 15:117db924cf7c | 873 | 0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A, |
wolfSSL | 15:117db924cf7c | 874 | 0x52, 0x07, 0x19, 0x4E, 0x67, 0xFA, 0x35, 0x55, |
wolfSSL | 15:117db924cf7c | 875 | 0x1B, 0x56, 0x80, 0x26, 0x7B, 0x00, 0x64, 0x1C, |
wolfSSL | 15:117db924cf7c | 876 | 0x0F, 0x21, 0x2D, 0x18, 0xEC, 0xA8, 0xD7, 0x32, |
wolfSSL | 15:117db924cf7c | 877 | 0x7E, 0xD9, 0x1F, 0xE7, 0x64, 0xA8, 0x4E, 0xA1, |
wolfSSL | 15:117db924cf7c | 878 | 0xB4, 0x3F, 0xF5, 0xB4, 0xF6, 0xE8, 0xE6, 0x2F, |
wolfSSL | 15:117db924cf7c | 879 | 0x05, 0xC6, 0x61, 0xDE, 0xFB, 0x25, 0x88, 0x77, |
wolfSSL | 15:117db924cf7c | 880 | 0xC3, 0x5B, 0x18, 0xA1, 0x51, 0xD5, 0xC4, 0x14, |
wolfSSL | 15:117db924cf7c | 881 | 0xAA, 0xAD, 0x97, 0xBA, 0x3E, 0x49, 0x93, 0x32, |
wolfSSL | 15:117db924cf7c | 882 | 0xE5, 0x96, 0x07, 0x8E, 0x60, 0x0D, 0xEB, 0x81, |
wolfSSL | 15:117db924cf7c | 883 | 0x14, 0x9C, 0x44, 0x1C, 0xE9, 0x57, 0x82, 0xF2, |
wolfSSL | 15:117db924cf7c | 884 | 0x2A, 0x28, 0x25, 0x63, 0xC5, 0xBA, 0xC1, 0x41, |
wolfSSL | 15:117db924cf7c | 885 | 0x14, 0x23, 0x60, 0x5D, 0x1A, 0xE1, 0xAF, 0xAE, |
wolfSSL | 15:117db924cf7c | 886 | 0x2C, 0x8B, 0x06, 0x60, 0x23, 0x7E, 0xC1, 0x28, |
wolfSSL | 15:117db924cf7c | 887 | 0xAA, 0x0F, 0xE3, 0x46, 0x4E, 0x43, 0x58, 0x11, |
wolfSSL | 15:117db924cf7c | 888 | 0x5D, 0xB8, 0x4C, 0xC3, 0xB5, 0x23, 0x07, 0x3A, |
wolfSSL | 15:117db924cf7c | 889 | 0x28, 0xD4, 0x54, 0x98, 0x84, 0xB8, 0x1F, 0xF7, |
wolfSSL | 15:117db924cf7c | 890 | 0x0E, 0x10, 0xBF, 0x36, 0x1C, 0x13, 0x72, 0x96, |
wolfSSL | 15:117db924cf7c | 891 | 0x28, 0xD5, 0x34, 0x8F, 0x07, 0x21, 0x1E, 0x7E, |
wolfSSL | 15:117db924cf7c | 892 | 0x4C, 0xF4, 0xF1, 0x8B, 0x28, 0x60, 0x90, 0xBD, |
wolfSSL | 15:117db924cf7c | 893 | 0xB1, 0x24, 0x0B, 0x66, 0xD6, 0xCD, 0x4A, 0xFC, |
wolfSSL | 15:117db924cf7c | 894 | 0xEA, 0xDC, 0x00, 0xCA, 0x44, 0x6C, 0xE0, 0x50, |
wolfSSL | 15:117db924cf7c | 895 | 0x50, 0xFF, 0x18, 0x3A, 0xD2, 0xBB, 0xF1, 0x18, |
wolfSSL | 15:117db924cf7c | 896 | 0xC1, 0xFC, 0x0E, 0xA5, 0x1F, 0x97, 0xD2, 0x2B, |
wolfSSL | 15:117db924cf7c | 897 | 0x8F, 0x7E, 0x46, 0x70, 0x5D, 0x45, 0x27, 0xF4, |
wolfSSL | 15:117db924cf7c | 898 | 0x5B, 0x42, 0xAE, 0xFF, 0x39, 0x58, 0x53, 0x37, |
wolfSSL | 15:117db924cf7c | 899 | 0x6F, 0x69, 0x7D, 0xD5, 0xFD, 0xF2, 0xC5, 0x18, |
wolfSSL | 15:117db924cf7c | 900 | 0x7D, 0x7D, 0x5F, 0x0E, 0x2E, 0xB8, 0xD4, 0x3F, |
wolfSSL | 15:117db924cf7c | 901 | 0x17, 0xBA, 0x0F, 0x7C, 0x60, 0xFF, 0x43, 0x7F, |
wolfSSL | 15:117db924cf7c | 902 | 0x53, 0x5D, 0xFE, 0xF2, 0x98, 0x33, 0xBF, 0x86, |
wolfSSL | 15:117db924cf7c | 903 | 0xCB, 0xE8, 0x8E, 0xA4, 0xFB, 0xD4, 0x22, 0x1E, |
wolfSSL | 15:117db924cf7c | 904 | 0x84, 0x11, 0x72, 0x83, 0x54, 0xFA, 0x30, 0xA7, |
wolfSSL | 15:117db924cf7c | 905 | 0x00, 0x8F, 0x15, 0x4A, 0x41, 0xC7, 0xFC, 0x46, |
wolfSSL | 15:117db924cf7c | 906 | 0x6B, 0x46, 0x45, 0xDB, 0xE2, 0xE3, 0x21, 0x26, |
wolfSSL | 15:117db924cf7c | 907 | 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF |
wolfSSL | 15:117db924cf7c | 908 | }; |
wolfSSL | 15:117db924cf7c | 909 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 910 | |
wolfSSL | 15:117db924cf7c | 911 | const DhParams* wc_Dh_ffdhe8192_Get(void) |
wolfSSL | 15:117db924cf7c | 912 | { |
wolfSSL | 15:117db924cf7c | 913 | static const DhParams ffdhe8192 = { |
wolfSSL | 15:117db924cf7c | 914 | #ifdef HAVE_FFDHE_Q |
wolfSSL | 15:117db924cf7c | 915 | dh_ffdhe8192_q, sizeof(dh_ffdhe8192_q), |
wolfSSL | 15:117db924cf7c | 916 | #endif /* HAVE_FFDHE_Q */ |
wolfSSL | 15:117db924cf7c | 917 | dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p), |
wolfSSL | 15:117db924cf7c | 918 | dh_ffdhe8192_g, sizeof(dh_ffdhe8192_g) |
wolfSSL | 15:117db924cf7c | 919 | }; |
wolfSSL | 15:117db924cf7c | 920 | return &ffdhe8192; |
wolfSSL | 15:117db924cf7c | 921 | } |
wolfSSL | 15:117db924cf7c | 922 | #endif |
wolfSSL | 15:117db924cf7c | 923 | |
wolfSSL | 15:117db924cf7c | 924 | int wc_InitDhKey_ex(DhKey* key, void* heap, int devId) |
wolfSSL | 15:117db924cf7c | 925 | { |
wolfSSL | 15:117db924cf7c | 926 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 927 | |
wolfSSL | 15:117db924cf7c | 928 | if (key == NULL) |
wolfSSL | 15:117db924cf7c | 929 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 930 | |
wolfSSL | 15:117db924cf7c | 931 | key->heap = heap; /* for XMALLOC/XFREE in future */ |
wolfSSL | 15:117db924cf7c | 932 | |
wolfSSL | 16:8e0d178b1d1e | 933 | #if !defined(WOLFSSL_QT) && !defined(OPENSSL_ALL) |
wolfSSL | 15:117db924cf7c | 934 | if (mp_init_multi(&key->p, &key->g, &key->q, NULL, NULL, NULL) != MP_OKAY) |
wolfSSL | 16:8e0d178b1d1e | 935 | #else |
wolfSSL | 16:8e0d178b1d1e | 936 | if (mp_init_multi(&key->p,&key->g,&key->q,&key->pub,&key->priv,NULL) != MP_OKAY) |
wolfSSL | 16:8e0d178b1d1e | 937 | #endif |
wolfSSL | 15:117db924cf7c | 938 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 939 | |
wolfSSL | 15:117db924cf7c | 940 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) |
wolfSSL | 15:117db924cf7c | 941 | /* handle as async */ |
wolfSSL | 15:117db924cf7c | 942 | ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH, |
wolfSSL | 15:117db924cf7c | 943 | key->heap, devId); |
wolfSSL | 15:117db924cf7c | 944 | #else |
wolfSSL | 15:117db924cf7c | 945 | (void)devId; |
wolfSSL | 15:117db924cf7c | 946 | #endif |
wolfSSL | 15:117db924cf7c | 947 | |
wolfSSL | 15:117db924cf7c | 948 | return ret; |
wolfSSL | 15:117db924cf7c | 949 | } |
wolfSSL | 15:117db924cf7c | 950 | |
wolfSSL | 15:117db924cf7c | 951 | int wc_InitDhKey(DhKey* key) |
wolfSSL | 15:117db924cf7c | 952 | { |
wolfSSL | 15:117db924cf7c | 953 | return wc_InitDhKey_ex(key, NULL, INVALID_DEVID); |
wolfSSL | 15:117db924cf7c | 954 | } |
wolfSSL | 15:117db924cf7c | 955 | |
wolfSSL | 15:117db924cf7c | 956 | |
wolfSSL | 15:117db924cf7c | 957 | int wc_FreeDhKey(DhKey* key) |
wolfSSL | 15:117db924cf7c | 958 | { |
wolfSSL | 15:117db924cf7c | 959 | if (key) { |
wolfSSL | 15:117db924cf7c | 960 | mp_clear(&key->p); |
wolfSSL | 15:117db924cf7c | 961 | mp_clear(&key->g); |
wolfSSL | 15:117db924cf7c | 962 | mp_clear(&key->q); |
wolfSSL | 15:117db924cf7c | 963 | |
wolfSSL | 15:117db924cf7c | 964 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) |
wolfSSL | 15:117db924cf7c | 965 | wolfAsync_DevCtxFree(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH); |
wolfSSL | 15:117db924cf7c | 966 | #endif |
wolfSSL | 15:117db924cf7c | 967 | } |
wolfSSL | 15:117db924cf7c | 968 | return 0; |
wolfSSL | 15:117db924cf7c | 969 | } |
wolfSSL | 15:117db924cf7c | 970 | |
wolfSSL | 15:117db924cf7c | 971 | |
wolfSSL | 16:8e0d178b1d1e | 972 | #ifndef WC_NO_RNG |
wolfSSL | 15:117db924cf7c | 973 | /* if defined to not use floating point values do not compile in */ |
wolfSSL | 15:117db924cf7c | 974 | #ifndef WOLFSSL_DH_CONST |
wolfSSL | 15:117db924cf7c | 975 | static word32 DiscreteLogWorkFactor(word32 n) |
wolfSSL | 15:117db924cf7c | 976 | { |
wolfSSL | 15:117db924cf7c | 977 | /* assuming discrete log takes about the same time as factoring */ |
wolfSSL | 15:117db924cf7c | 978 | if (n < 5) |
wolfSSL | 15:117db924cf7c | 979 | return 0; |
wolfSSL | 15:117db924cf7c | 980 | else |
wolfSSL | 15:117db924cf7c | 981 | return (word32)(2.4 * XPOW((double)n, 1.0/3.0) * |
wolfSSL | 15:117db924cf7c | 982 | XPOW(XLOG((double)n), 2.0/3.0) - 5); |
wolfSSL | 15:117db924cf7c | 983 | } |
wolfSSL | 15:117db924cf7c | 984 | #endif /* WOLFSSL_DH_CONST*/ |
wolfSSL | 15:117db924cf7c | 985 | |
wolfSSL | 15:117db924cf7c | 986 | |
wolfSSL | 16:8e0d178b1d1e | 987 | /* if not using fixed points use DiscreteLogWorkFactor function for unusual size |
wolfSSL | 15:117db924cf7c | 988 | otherwise round up on size needed */ |
wolfSSL | 15:117db924cf7c | 989 | #ifndef WOLFSSL_DH_CONST |
wolfSSL | 15:117db924cf7c | 990 | #define WOLFSSL_DH_ROUND(x) |
wolfSSL | 15:117db924cf7c | 991 | #else |
wolfSSL | 15:117db924cf7c | 992 | #define WOLFSSL_DH_ROUND(x) \ |
wolfSSL | 15:117db924cf7c | 993 | do { \ |
wolfSSL | 15:117db924cf7c | 994 | if (x % 128) { \ |
wolfSSL | 15:117db924cf7c | 995 | x &= 0xffffff80;\ |
wolfSSL | 15:117db924cf7c | 996 | x += 128; \ |
wolfSSL | 15:117db924cf7c | 997 | } \ |
wolfSSL | 15:117db924cf7c | 998 | } \ |
wolfSSL | 15:117db924cf7c | 999 | while (0) |
wolfSSL | 15:117db924cf7c | 1000 | #endif |
wolfSSL | 15:117db924cf7c | 1001 | |
wolfSSL | 15:117db924cf7c | 1002 | |
wolfSSL | 15:117db924cf7c | 1003 | #ifndef WOLFSSL_NO_DH186 |
wolfSSL | 15:117db924cf7c | 1004 | /* validate that (L,N) match allowed sizes from SP 800-56A, Section 5.5.1.1. |
wolfSSL | 15:117db924cf7c | 1005 | * modLen - represents L, the size of p in bits |
wolfSSL | 15:117db924cf7c | 1006 | * divLen - represents N, the size of q in bits |
wolfSSL | 15:117db924cf7c | 1007 | * return 0 on success, -1 on error */ |
wolfSSL | 15:117db924cf7c | 1008 | static int CheckDhLN(int modLen, int divLen) |
wolfSSL | 15:117db924cf7c | 1009 | { |
wolfSSL | 15:117db924cf7c | 1010 | int ret = -1; |
wolfSSL | 15:117db924cf7c | 1011 | |
wolfSSL | 15:117db924cf7c | 1012 | switch (modLen) { |
wolfSSL | 15:117db924cf7c | 1013 | /* FA */ |
wolfSSL | 15:117db924cf7c | 1014 | case 1024: |
wolfSSL | 15:117db924cf7c | 1015 | if (divLen == 160) |
wolfSSL | 15:117db924cf7c | 1016 | ret = 0; |
wolfSSL | 15:117db924cf7c | 1017 | break; |
wolfSSL | 15:117db924cf7c | 1018 | /* FB, FC */ |
wolfSSL | 15:117db924cf7c | 1019 | case 2048: |
wolfSSL | 15:117db924cf7c | 1020 | if (divLen == 224 || divLen == 256) |
wolfSSL | 15:117db924cf7c | 1021 | ret = 0; |
wolfSSL | 15:117db924cf7c | 1022 | break; |
wolfSSL | 15:117db924cf7c | 1023 | default: |
wolfSSL | 15:117db924cf7c | 1024 | break; |
wolfSSL | 15:117db924cf7c | 1025 | } |
wolfSSL | 15:117db924cf7c | 1026 | |
wolfSSL | 15:117db924cf7c | 1027 | return ret; |
wolfSSL | 15:117db924cf7c | 1028 | } |
wolfSSL | 15:117db924cf7c | 1029 | |
wolfSSL | 15:117db924cf7c | 1030 | |
wolfSSL | 15:117db924cf7c | 1031 | /* Create DH private key |
wolfSSL | 15:117db924cf7c | 1032 | * |
wolfSSL | 15:117db924cf7c | 1033 | * Based on NIST FIPS 186-4, |
wolfSSL | 15:117db924cf7c | 1034 | * "B.1.1 Key Pair Generation Using Extra Random Bits" |
wolfSSL | 15:117db924cf7c | 1035 | * |
wolfSSL | 15:117db924cf7c | 1036 | * dh - pointer to initialized DhKey structure, needs to have dh->q |
wolfSSL | 15:117db924cf7c | 1037 | * rng - pointer to initialized WC_RNG structure |
wolfSSL | 15:117db924cf7c | 1038 | * priv - output location for generated private key |
wolfSSL | 15:117db924cf7c | 1039 | * privSz - IN/OUT, size of priv buffer, size of generated private key |
wolfSSL | 15:117db924cf7c | 1040 | * |
wolfSSL | 15:117db924cf7c | 1041 | * return 0 on success, negative on error */ |
wolfSSL | 15:117db924cf7c | 1042 | static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv, |
wolfSSL | 15:117db924cf7c | 1043 | word32* privSz) |
wolfSSL | 15:117db924cf7c | 1044 | { |
wolfSSL | 15:117db924cf7c | 1045 | byte* cBuf; |
wolfSSL | 15:117db924cf7c | 1046 | int qSz, pSz, cSz, err; |
wolfSSL | 15:117db924cf7c | 1047 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1048 | mp_int* tmpQ = NULL; |
wolfSSL | 15:117db924cf7c | 1049 | mp_int* tmpX = NULL; |
wolfSSL | 15:117db924cf7c | 1050 | #else |
wolfSSL | 15:117db924cf7c | 1051 | mp_int tmpQ[1], tmpX[1]; |
wolfSSL | 15:117db924cf7c | 1052 | #endif |
wolfSSL | 15:117db924cf7c | 1053 | |
wolfSSL | 15:117db924cf7c | 1054 | /* Parameters validated in calling functions. */ |
wolfSSL | 15:117db924cf7c | 1055 | |
wolfSSL | 15:117db924cf7c | 1056 | if (mp_iszero(&key->q) == MP_YES) { |
wolfSSL | 15:117db924cf7c | 1057 | WOLFSSL_MSG("DH q parameter needed for FIPS 186-4 key generation"); |
wolfSSL | 15:117db924cf7c | 1058 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1059 | } |
wolfSSL | 15:117db924cf7c | 1060 | |
wolfSSL | 15:117db924cf7c | 1061 | qSz = mp_unsigned_bin_size(&key->q); |
wolfSSL | 15:117db924cf7c | 1062 | pSz = mp_unsigned_bin_size(&key->p); |
wolfSSL | 15:117db924cf7c | 1063 | |
wolfSSL | 15:117db924cf7c | 1064 | /* verify (L,N) pair bit lengths */ |
wolfSSL | 15:117db924cf7c | 1065 | if (CheckDhLN(pSz * WOLFSSL_BIT_SIZE, qSz * WOLFSSL_BIT_SIZE) != 0) { |
wolfSSL | 15:117db924cf7c | 1066 | WOLFSSL_MSG("DH param sizes do not match SP 800-56A requirements"); |
wolfSSL | 15:117db924cf7c | 1067 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1068 | } |
wolfSSL | 15:117db924cf7c | 1069 | |
wolfSSL | 15:117db924cf7c | 1070 | /* generate extra 64 bits so that bias from mod function is negligible */ |
wolfSSL | 15:117db924cf7c | 1071 | cSz = qSz + (64 / WOLFSSL_BIT_SIZE); |
wolfSSL | 15:117db924cf7c | 1072 | cBuf = (byte*)XMALLOC(cSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 15:117db924cf7c | 1073 | if (cBuf == NULL) { |
wolfSSL | 15:117db924cf7c | 1074 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1075 | } |
wolfSSL | 15:117db924cf7c | 1076 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1077 | tmpQ = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1078 | if (tmpQ == NULL) { |
wolfSSL | 15:117db924cf7c | 1079 | XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 15:117db924cf7c | 1080 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1081 | } |
wolfSSL | 15:117db924cf7c | 1082 | tmpX = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1083 | if (tmpX == NULL) { |
wolfSSL | 15:117db924cf7c | 1084 | XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 15:117db924cf7c | 1085 | XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1086 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1087 | } |
wolfSSL | 15:117db924cf7c | 1088 | #endif |
wolfSSL | 15:117db924cf7c | 1089 | |
wolfSSL | 15:117db924cf7c | 1090 | |
wolfSSL | 15:117db924cf7c | 1091 | if ((err = mp_init_multi(tmpX, tmpQ, NULL, NULL, NULL, NULL)) |
wolfSSL | 15:117db924cf7c | 1092 | != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1093 | XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 15:117db924cf7c | 1094 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1095 | XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1096 | XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1097 | #endif |
wolfSSL | 15:117db924cf7c | 1098 | return err; |
wolfSSL | 15:117db924cf7c | 1099 | } |
wolfSSL | 15:117db924cf7c | 1100 | |
wolfSSL | 15:117db924cf7c | 1101 | do { |
wolfSSL | 15:117db924cf7c | 1102 | /* generate N+64 bits (c) from RBG into tmpX, making sure positive. |
wolfSSL | 15:117db924cf7c | 1103 | * Hash_DRBG uses SHA-256 which matches maximum |
wolfSSL | 15:117db924cf7c | 1104 | * requested_security_strength of (L,N) */ |
wolfSSL | 15:117db924cf7c | 1105 | err = wc_RNG_GenerateBlock(rng, cBuf, cSz); |
wolfSSL | 15:117db924cf7c | 1106 | if (err == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1107 | err = mp_read_unsigned_bin(tmpX, cBuf, cSz); |
wolfSSL | 15:117db924cf7c | 1108 | if (err != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1109 | mp_clear(tmpX); |
wolfSSL | 15:117db924cf7c | 1110 | mp_clear(tmpQ); |
wolfSSL | 15:117db924cf7c | 1111 | XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 15:117db924cf7c | 1112 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1113 | XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1114 | XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1115 | #endif |
wolfSSL | 15:117db924cf7c | 1116 | return err; |
wolfSSL | 15:117db924cf7c | 1117 | } |
wolfSSL | 15:117db924cf7c | 1118 | } while (mp_cmp_d(tmpX, 1) != MP_GT); |
wolfSSL | 15:117db924cf7c | 1119 | |
wolfSSL | 15:117db924cf7c | 1120 | ForceZero(cBuf, cSz); |
wolfSSL | 15:117db924cf7c | 1121 | XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 15:117db924cf7c | 1122 | |
wolfSSL | 15:117db924cf7c | 1123 | /* tmpQ = q - 1 */ |
wolfSSL | 15:117db924cf7c | 1124 | if (err == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1125 | err = mp_copy(&key->q, tmpQ); |
wolfSSL | 15:117db924cf7c | 1126 | |
wolfSSL | 15:117db924cf7c | 1127 | if (err == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1128 | err = mp_sub_d(tmpQ, 1, tmpQ); |
wolfSSL | 15:117db924cf7c | 1129 | |
wolfSSL | 15:117db924cf7c | 1130 | /* x = c mod (q-1), tmpX holds c */ |
wolfSSL | 15:117db924cf7c | 1131 | if (err == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1132 | err = mp_mod(tmpX, tmpQ, tmpX); |
wolfSSL | 15:117db924cf7c | 1133 | |
wolfSSL | 15:117db924cf7c | 1134 | /* x = c mod (q-1) + 1 */ |
wolfSSL | 15:117db924cf7c | 1135 | if (err == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1136 | err = mp_add_d(tmpX, 1, tmpX); |
wolfSSL | 15:117db924cf7c | 1137 | |
wolfSSL | 15:117db924cf7c | 1138 | /* copy tmpX into priv */ |
wolfSSL | 15:117db924cf7c | 1139 | if (err == MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1140 | pSz = mp_unsigned_bin_size(tmpX); |
wolfSSL | 15:117db924cf7c | 1141 | if (pSz > (int)*privSz) { |
wolfSSL | 15:117db924cf7c | 1142 | WOLFSSL_MSG("DH private key output buffer too small"); |
wolfSSL | 15:117db924cf7c | 1143 | err = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1144 | } else { |
wolfSSL | 15:117db924cf7c | 1145 | *privSz = pSz; |
wolfSSL | 15:117db924cf7c | 1146 | err = mp_to_unsigned_bin(tmpX, priv); |
wolfSSL | 15:117db924cf7c | 1147 | } |
wolfSSL | 15:117db924cf7c | 1148 | } |
wolfSSL | 15:117db924cf7c | 1149 | |
wolfSSL | 15:117db924cf7c | 1150 | mp_forcezero(tmpX); |
wolfSSL | 15:117db924cf7c | 1151 | mp_clear(tmpX); |
wolfSSL | 15:117db924cf7c | 1152 | mp_clear(tmpQ); |
wolfSSL | 15:117db924cf7c | 1153 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1154 | XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1155 | XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1156 | #endif |
wolfSSL | 15:117db924cf7c | 1157 | |
wolfSSL | 15:117db924cf7c | 1158 | return err; |
wolfSSL | 15:117db924cf7c | 1159 | } |
wolfSSL | 15:117db924cf7c | 1160 | #endif /* WOLFSSL_NO_DH186 */ |
wolfSSL | 16:8e0d178b1d1e | 1161 | #endif /* !WC_NO_RNG */ |
wolfSSL | 15:117db924cf7c | 1162 | |
wolfSSL | 15:117db924cf7c | 1163 | static int GeneratePrivateDh(DhKey* key, WC_RNG* rng, byte* priv, |
wolfSSL | 15:117db924cf7c | 1164 | word32* privSz) |
wolfSSL | 15:117db924cf7c | 1165 | { |
wolfSSL | 16:8e0d178b1d1e | 1166 | #ifndef WC_NO_RNG |
wolfSSL | 15:117db924cf7c | 1167 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 1168 | word32 sz = 0; |
wolfSSL | 15:117db924cf7c | 1169 | |
wolfSSL | 15:117db924cf7c | 1170 | #ifndef WOLFSSL_NO_DH186 |
wolfSSL | 15:117db924cf7c | 1171 | if (mp_iszero(&key->q) == MP_NO) { |
wolfSSL | 15:117db924cf7c | 1172 | |
wolfSSL | 15:117db924cf7c | 1173 | /* q param available, use NIST FIPS 186-4, "B.1.1 Key Pair |
wolfSSL | 15:117db924cf7c | 1174 | * Generation Using Extra Random Bits" */ |
wolfSSL | 15:117db924cf7c | 1175 | ret = GeneratePrivateDh186(key, rng, priv, privSz); |
wolfSSL | 15:117db924cf7c | 1176 | |
wolfSSL | 15:117db924cf7c | 1177 | } else |
wolfSSL | 15:117db924cf7c | 1178 | #endif |
wolfSSL | 15:117db924cf7c | 1179 | { |
wolfSSL | 15:117db924cf7c | 1180 | |
wolfSSL | 15:117db924cf7c | 1181 | sz = mp_unsigned_bin_size(&key->p); |
wolfSSL | 15:117db924cf7c | 1182 | |
wolfSSL | 15:117db924cf7c | 1183 | /* Table of predetermined values from the operation |
wolfSSL | 15:117db924cf7c | 1184 | 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) / |
wolfSSL | 15:117db924cf7c | 1185 | WOLFSSL_BIT_SIZE + 1 |
wolfSSL | 15:117db924cf7c | 1186 | Sizes in table checked against RFC 3526 |
wolfSSL | 15:117db924cf7c | 1187 | */ |
wolfSSL | 15:117db924cf7c | 1188 | WOLFSSL_DH_ROUND(sz); /* if using fixed points only, then round up */ |
wolfSSL | 15:117db924cf7c | 1189 | switch (sz) { |
wolfSSL | 15:117db924cf7c | 1190 | case 128: sz = 21; break; |
wolfSSL | 15:117db924cf7c | 1191 | case 256: sz = 29; break; |
wolfSSL | 15:117db924cf7c | 1192 | case 384: sz = 34; break; |
wolfSSL | 15:117db924cf7c | 1193 | case 512: sz = 39; break; |
wolfSSL | 15:117db924cf7c | 1194 | case 640: sz = 42; break; |
wolfSSL | 15:117db924cf7c | 1195 | case 768: sz = 46; break; |
wolfSSL | 15:117db924cf7c | 1196 | case 896: sz = 49; break; |
wolfSSL | 15:117db924cf7c | 1197 | case 1024: sz = 52; break; |
wolfSSL | 15:117db924cf7c | 1198 | default: |
wolfSSL | 15:117db924cf7c | 1199 | #ifndef WOLFSSL_DH_CONST |
wolfSSL | 15:117db924cf7c | 1200 | /* if using floating points and size of p is not in table */ |
wolfSSL | 15:117db924cf7c | 1201 | sz = min(sz, 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) / |
wolfSSL | 15:117db924cf7c | 1202 | WOLFSSL_BIT_SIZE + 1); |
wolfSSL | 15:117db924cf7c | 1203 | break; |
wolfSSL | 15:117db924cf7c | 1204 | #else |
wolfSSL | 15:117db924cf7c | 1205 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1206 | #endif |
wolfSSL | 15:117db924cf7c | 1207 | } |
wolfSSL | 15:117db924cf7c | 1208 | |
wolfSSL | 15:117db924cf7c | 1209 | ret = wc_RNG_GenerateBlock(rng, priv, sz); |
wolfSSL | 15:117db924cf7c | 1210 | |
wolfSSL | 15:117db924cf7c | 1211 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1212 | priv[0] |= 0x0C; |
wolfSSL | 15:117db924cf7c | 1213 | *privSz = sz; |
wolfSSL | 15:117db924cf7c | 1214 | } |
wolfSSL | 15:117db924cf7c | 1215 | } |
wolfSSL | 15:117db924cf7c | 1216 | |
wolfSSL | 15:117db924cf7c | 1217 | return ret; |
wolfSSL | 16:8e0d178b1d1e | 1218 | #else |
wolfSSL | 16:8e0d178b1d1e | 1219 | (void)key; |
wolfSSL | 16:8e0d178b1d1e | 1220 | (void)rng; |
wolfSSL | 16:8e0d178b1d1e | 1221 | (void)priv; |
wolfSSL | 16:8e0d178b1d1e | 1222 | (void)privSz; |
wolfSSL | 16:8e0d178b1d1e | 1223 | return NOT_COMPILED_IN; |
wolfSSL | 16:8e0d178b1d1e | 1224 | #endif /* WC_NO_RNG */ |
wolfSSL | 15:117db924cf7c | 1225 | } |
wolfSSL | 15:117db924cf7c | 1226 | |
wolfSSL | 15:117db924cf7c | 1227 | |
wolfSSL | 15:117db924cf7c | 1228 | static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz, |
wolfSSL | 15:117db924cf7c | 1229 | byte* pub, word32* pubSz) |
wolfSSL | 15:117db924cf7c | 1230 | { |
wolfSSL | 15:117db924cf7c | 1231 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 1232 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1233 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1234 | mp_int* x; |
wolfSSL | 16:8e0d178b1d1e | 1235 | mp_int* y; |
wolfSSL | 15:117db924cf7c | 1236 | #else |
wolfSSL | 15:117db924cf7c | 1237 | mp_int x[1]; |
wolfSSL | 15:117db924cf7c | 1238 | mp_int y[1]; |
wolfSSL | 15:117db924cf7c | 1239 | #endif |
wolfSSL | 15:117db924cf7c | 1240 | #endif |
wolfSSL | 15:117db924cf7c | 1241 | |
wolfSSL | 15:117db924cf7c | 1242 | #ifdef WOLFSSL_HAVE_SP_DH |
wolfSSL | 15:117db924cf7c | 1243 | #ifndef WOLFSSL_SP_NO_2048 |
wolfSSL | 15:117db924cf7c | 1244 | if (mp_count_bits(&key->p) == 2048) |
wolfSSL | 15:117db924cf7c | 1245 | return sp_DhExp_2048(&key->g, priv, privSz, &key->p, pub, pubSz); |
wolfSSL | 15:117db924cf7c | 1246 | #endif |
wolfSSL | 15:117db924cf7c | 1247 | #ifndef WOLFSSL_SP_NO_3072 |
wolfSSL | 15:117db924cf7c | 1248 | if (mp_count_bits(&key->p) == 3072) |
wolfSSL | 15:117db924cf7c | 1249 | return sp_DhExp_3072(&key->g, priv, privSz, &key->p, pub, pubSz); |
wolfSSL | 15:117db924cf7c | 1250 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1251 | #ifdef WOLFSSL_SP_4096 |
wolfSSL | 16:8e0d178b1d1e | 1252 | if (mp_count_bits(&key->p) == 4096) |
wolfSSL | 16:8e0d178b1d1e | 1253 | return sp_DhExp_4096(&key->g, priv, privSz, &key->p, pub, pubSz); |
wolfSSL | 16:8e0d178b1d1e | 1254 | #endif |
wolfSSL | 15:117db924cf7c | 1255 | #endif |
wolfSSL | 15:117db924cf7c | 1256 | |
wolfSSL | 15:117db924cf7c | 1257 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1258 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1259 | x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1260 | if (x == NULL) |
wolfSSL | 15:117db924cf7c | 1261 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1262 | y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1263 | if (y == NULL) { |
wolfSSL | 15:117db924cf7c | 1264 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1265 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1266 | } |
wolfSSL | 15:117db924cf7c | 1267 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1268 | if (mp_init_multi(x, y, 0, 0, 0, 0) != MP_OKAY) { |
wolfSSL | 16:8e0d178b1d1e | 1269 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1270 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1271 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1272 | #endif |
wolfSSL | 15:117db924cf7c | 1273 | return MP_INIT_E; |
wolfSSL | 16:8e0d178b1d1e | 1274 | } |
wolfSSL | 15:117db924cf7c | 1275 | |
wolfSSL | 15:117db924cf7c | 1276 | if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1277 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1278 | |
wolfSSL | 15:117db924cf7c | 1279 | if (ret == 0 && mp_exptmod(&key->g, x, &key->p, y) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1280 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1281 | |
wolfSSL | 15:117db924cf7c | 1282 | if (ret == 0 && mp_to_unsigned_bin(y, pub) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1283 | ret = MP_TO_E; |
wolfSSL | 15:117db924cf7c | 1284 | |
wolfSSL | 15:117db924cf7c | 1285 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 1286 | *pubSz = mp_unsigned_bin_size(y); |
wolfSSL | 15:117db924cf7c | 1287 | |
wolfSSL | 15:117db924cf7c | 1288 | mp_clear(y); |
wolfSSL | 15:117db924cf7c | 1289 | mp_clear(x); |
wolfSSL | 15:117db924cf7c | 1290 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1291 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1292 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1293 | #endif |
wolfSSL | 15:117db924cf7c | 1294 | #else |
wolfSSL | 15:117db924cf7c | 1295 | ret = WC_KEY_SIZE_E; |
wolfSSL | 15:117db924cf7c | 1296 | #endif |
wolfSSL | 15:117db924cf7c | 1297 | |
wolfSSL | 15:117db924cf7c | 1298 | return ret; |
wolfSSL | 15:117db924cf7c | 1299 | } |
wolfSSL | 15:117db924cf7c | 1300 | |
wolfSSL | 15:117db924cf7c | 1301 | static int wc_DhGenerateKeyPair_Sync(DhKey* key, WC_RNG* rng, |
wolfSSL | 15:117db924cf7c | 1302 | byte* priv, word32* privSz, byte* pub, word32* pubSz) |
wolfSSL | 15:117db924cf7c | 1303 | { |
wolfSSL | 15:117db924cf7c | 1304 | int ret; |
wolfSSL | 15:117db924cf7c | 1305 | |
wolfSSL | 15:117db924cf7c | 1306 | if (key == NULL || rng == NULL || priv == NULL || privSz == NULL || |
wolfSSL | 15:117db924cf7c | 1307 | pub == NULL || pubSz == NULL) { |
wolfSSL | 15:117db924cf7c | 1308 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1309 | } |
wolfSSL | 15:117db924cf7c | 1310 | |
wolfSSL | 15:117db924cf7c | 1311 | ret = GeneratePrivateDh(key, rng, priv, privSz); |
wolfSSL | 15:117db924cf7c | 1312 | |
wolfSSL | 15:117db924cf7c | 1313 | return (ret != 0) ? ret : GeneratePublicDh(key, priv, *privSz, pub, pubSz); |
wolfSSL | 15:117db924cf7c | 1314 | } |
wolfSSL | 15:117db924cf7c | 1315 | |
wolfSSL | 15:117db924cf7c | 1316 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) |
wolfSSL | 15:117db924cf7c | 1317 | static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng, |
wolfSSL | 15:117db924cf7c | 1318 | byte* priv, word32* privSz, byte* pub, word32* pubSz) |
wolfSSL | 15:117db924cf7c | 1319 | { |
wolfSSL | 15:117db924cf7c | 1320 | int ret; |
wolfSSL | 15:117db924cf7c | 1321 | |
wolfSSL | 15:117db924cf7c | 1322 | #if defined(HAVE_INTEL_QA) |
wolfSSL | 16:8e0d178b1d1e | 1323 | word32 pBits; |
wolfSSL | 15:117db924cf7c | 1324 | |
wolfSSL | 16:8e0d178b1d1e | 1325 | /* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */ |
wolfSSL | 16:8e0d178b1d1e | 1326 | pBits = mp_unsigned_bin_size(&key->p) * 8; |
wolfSSL | 16:8e0d178b1d1e | 1327 | if (pBits == 768 || pBits == 1024 || pBits == 1536 || |
wolfSSL | 16:8e0d178b1d1e | 1328 | pBits == 2048 || pBits == 3072 || pBits == 4096) { |
wolfSSL | 15:117db924cf7c | 1329 | mp_int x; |
wolfSSL | 15:117db924cf7c | 1330 | |
wolfSSL | 15:117db924cf7c | 1331 | ret = mp_init(&x); |
wolfSSL | 15:117db924cf7c | 1332 | if (ret != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1333 | return ret; |
wolfSSL | 15:117db924cf7c | 1334 | |
wolfSSL | 15:117db924cf7c | 1335 | ret = GeneratePrivateDh(key, rng, priv, privSz); |
wolfSSL | 15:117db924cf7c | 1336 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 1337 | ret = mp_read_unsigned_bin(&x, priv, *privSz); |
wolfSSL | 15:117db924cf7c | 1338 | if (ret == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1339 | ret = wc_mp_to_bigint(&x, &x.raw); |
wolfSSL | 15:117db924cf7c | 1340 | if (ret == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1341 | ret = wc_mp_to_bigint(&key->p, &key->p.raw); |
wolfSSL | 15:117db924cf7c | 1342 | if (ret == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1343 | ret = wc_mp_to_bigint(&key->g, &key->g.raw); |
wolfSSL | 15:117db924cf7c | 1344 | if (ret == MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1345 | ret = IntelQaDhKeyGen(&key->asyncDev, &key->p.raw, &key->g.raw, |
wolfSSL | 15:117db924cf7c | 1346 | &x.raw, pub, pubSz); |
wolfSSL | 15:117db924cf7c | 1347 | mp_clear(&x); |
wolfSSL | 15:117db924cf7c | 1348 | |
wolfSSL | 15:117db924cf7c | 1349 | return ret; |
wolfSSL | 15:117db924cf7c | 1350 | } |
wolfSSL | 15:117db924cf7c | 1351 | |
wolfSSL | 15:117db924cf7c | 1352 | #elif defined(HAVE_CAVIUM) |
wolfSSL | 15:117db924cf7c | 1353 | /* TODO: Not implemented - use software for now */ |
wolfSSL | 15:117db924cf7c | 1354 | |
wolfSSL | 15:117db924cf7c | 1355 | #else /* WOLFSSL_ASYNC_CRYPT_TEST */ |
wolfSSL | 15:117db924cf7c | 1356 | if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_DH_GEN)) { |
wolfSSL | 15:117db924cf7c | 1357 | WC_ASYNC_TEST* testDev = &key->asyncDev.test; |
wolfSSL | 15:117db924cf7c | 1358 | testDev->dhGen.key = key; |
wolfSSL | 15:117db924cf7c | 1359 | testDev->dhGen.rng = rng; |
wolfSSL | 15:117db924cf7c | 1360 | testDev->dhGen.priv = priv; |
wolfSSL | 15:117db924cf7c | 1361 | testDev->dhGen.privSz = privSz; |
wolfSSL | 15:117db924cf7c | 1362 | testDev->dhGen.pub = pub; |
wolfSSL | 15:117db924cf7c | 1363 | testDev->dhGen.pubSz = pubSz; |
wolfSSL | 15:117db924cf7c | 1364 | return WC_PENDING_E; |
wolfSSL | 15:117db924cf7c | 1365 | } |
wolfSSL | 15:117db924cf7c | 1366 | #endif |
wolfSSL | 15:117db924cf7c | 1367 | |
wolfSSL | 15:117db924cf7c | 1368 | /* otherwise use software DH */ |
wolfSSL | 15:117db924cf7c | 1369 | ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz); |
wolfSSL | 15:117db924cf7c | 1370 | |
wolfSSL | 15:117db924cf7c | 1371 | return ret; |
wolfSSL | 15:117db924cf7c | 1372 | } |
wolfSSL | 15:117db924cf7c | 1373 | #endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_DH */ |
wolfSSL | 15:117db924cf7c | 1374 | |
wolfSSL | 15:117db924cf7c | 1375 | |
wolfSSL | 15:117db924cf7c | 1376 | /* Check DH Public Key for invalid numbers, optionally allowing |
wolfSSL | 15:117db924cf7c | 1377 | * the public key to be checked against the large prime (q). |
wolfSSL | 15:117db924cf7c | 1378 | * Check per process in SP 800-56Ar3, section 5.6.2.3.1. |
wolfSSL | 15:117db924cf7c | 1379 | * |
wolfSSL | 15:117db924cf7c | 1380 | * key DH key group parameters. |
wolfSSL | 15:117db924cf7c | 1381 | * pub Public Key. |
wolfSSL | 15:117db924cf7c | 1382 | * pubSz Public Key size. |
wolfSSL | 15:117db924cf7c | 1383 | * prime Large prime (q), optionally NULL to skip check |
wolfSSL | 15:117db924cf7c | 1384 | * primeSz Size of large prime |
wolfSSL | 15:117db924cf7c | 1385 | * |
wolfSSL | 15:117db924cf7c | 1386 | * returns 0 on success or error code |
wolfSSL | 15:117db924cf7c | 1387 | */ |
wolfSSL | 15:117db924cf7c | 1388 | int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz, |
wolfSSL | 15:117db924cf7c | 1389 | const byte* prime, word32 primeSz) |
wolfSSL | 15:117db924cf7c | 1390 | { |
wolfSSL | 15:117db924cf7c | 1391 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 1392 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1393 | mp_int* y = NULL; |
wolfSSL | 15:117db924cf7c | 1394 | mp_int* p = NULL; |
wolfSSL | 15:117db924cf7c | 1395 | mp_int* q = NULL; |
wolfSSL | 15:117db924cf7c | 1396 | #else |
wolfSSL | 15:117db924cf7c | 1397 | mp_int y[1]; |
wolfSSL | 15:117db924cf7c | 1398 | mp_int p[1]; |
wolfSSL | 15:117db924cf7c | 1399 | mp_int q[1]; |
wolfSSL | 15:117db924cf7c | 1400 | #endif |
wolfSSL | 15:117db924cf7c | 1401 | |
wolfSSL | 15:117db924cf7c | 1402 | if (key == NULL || pub == NULL) { |
wolfSSL | 15:117db924cf7c | 1403 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1404 | } |
wolfSSL | 15:117db924cf7c | 1405 | |
wolfSSL | 15:117db924cf7c | 1406 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1407 | y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1408 | if (y == NULL) |
wolfSSL | 15:117db924cf7c | 1409 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1410 | p = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1411 | if (p == NULL) { |
wolfSSL | 15:117db924cf7c | 1412 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1413 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1414 | } |
wolfSSL | 15:117db924cf7c | 1415 | q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1416 | if (q == NULL) { |
wolfSSL | 15:117db924cf7c | 1417 | XFREE(p, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1418 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1419 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1420 | } |
wolfSSL | 15:117db924cf7c | 1421 | #endif |
wolfSSL | 15:117db924cf7c | 1422 | |
wolfSSL | 15:117db924cf7c | 1423 | if (mp_init_multi(y, p, q, NULL, NULL, NULL) != MP_OKAY) { |
wolfSSL | 16:8e0d178b1d1e | 1424 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1425 | XFREE(q, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1426 | XFREE(p, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1427 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1428 | #endif |
wolfSSL | 15:117db924cf7c | 1429 | return MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1430 | } |
wolfSSL | 15:117db924cf7c | 1431 | |
wolfSSL | 15:117db924cf7c | 1432 | if (mp_read_unsigned_bin(y, pub, pubSz) != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1433 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1434 | } |
wolfSSL | 15:117db924cf7c | 1435 | |
wolfSSL | 15:117db924cf7c | 1436 | if (ret == 0 && prime != NULL) { |
wolfSSL | 15:117db924cf7c | 1437 | if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1438 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1439 | |
wolfSSL | 15:117db924cf7c | 1440 | } else if (mp_iszero(&key->q) == MP_NO) { |
wolfSSL | 15:117db924cf7c | 1441 | /* use q available in DhKey */ |
wolfSSL | 15:117db924cf7c | 1442 | if (mp_copy(&key->q, q) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1443 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1444 | } |
wolfSSL | 15:117db924cf7c | 1445 | |
wolfSSL | 15:117db924cf7c | 1446 | /* SP 800-56Ar3, section 5.6.2.3.1, process step 1 */ |
wolfSSL | 15:117db924cf7c | 1447 | /* pub (y) should not be 0 or 1 */ |
wolfSSL | 15:117db924cf7c | 1448 | if (ret == 0 && mp_cmp_d(y, 2) == MP_LT) { |
wolfSSL | 15:117db924cf7c | 1449 | ret = MP_CMP_E; |
wolfSSL | 15:117db924cf7c | 1450 | } |
wolfSSL | 15:117db924cf7c | 1451 | |
wolfSSL | 15:117db924cf7c | 1452 | /* pub (y) shouldn't be greater than or equal to p - 1 */ |
wolfSSL | 15:117db924cf7c | 1453 | if (ret == 0 && mp_copy(&key->p, p) != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1454 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1455 | } |
wolfSSL | 15:117db924cf7c | 1456 | if (ret == 0 && mp_sub_d(p, 2, p) != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1457 | ret = MP_SUB_E; |
wolfSSL | 15:117db924cf7c | 1458 | } |
wolfSSL | 15:117db924cf7c | 1459 | if (ret == 0 && mp_cmp(y, p) == MP_GT) { |
wolfSSL | 15:117db924cf7c | 1460 | ret = MP_CMP_E; |
wolfSSL | 15:117db924cf7c | 1461 | } |
wolfSSL | 15:117db924cf7c | 1462 | |
wolfSSL | 15:117db924cf7c | 1463 | if (ret == 0 && (prime != NULL || (mp_iszero(&key->q) == MP_NO) )) { |
wolfSSL | 15:117db924cf7c | 1464 | |
wolfSSL | 15:117db924cf7c | 1465 | /* restore key->p into p */ |
wolfSSL | 15:117db924cf7c | 1466 | if (mp_copy(&key->p, p) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1467 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1468 | } |
wolfSSL | 15:117db924cf7c | 1469 | |
wolfSSL | 15:117db924cf7c | 1470 | if (ret == 0 && prime != NULL) { |
wolfSSL | 15:117db924cf7c | 1471 | #ifdef WOLFSSL_HAVE_SP_DH |
wolfSSL | 15:117db924cf7c | 1472 | #ifndef WOLFSSL_SP_NO_2048 |
wolfSSL | 15:117db924cf7c | 1473 | if (mp_count_bits(&key->p) == 2048) { |
wolfSSL | 15:117db924cf7c | 1474 | ret = sp_ModExp_2048(y, q, p, y); |
wolfSSL | 15:117db924cf7c | 1475 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1476 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1477 | } |
wolfSSL | 15:117db924cf7c | 1478 | else |
wolfSSL | 15:117db924cf7c | 1479 | #endif |
wolfSSL | 15:117db924cf7c | 1480 | #ifndef WOLFSSL_SP_NO_3072 |
wolfSSL | 15:117db924cf7c | 1481 | if (mp_count_bits(&key->p) == 3072) { |
wolfSSL | 15:117db924cf7c | 1482 | ret = sp_ModExp_3072(y, q, p, y); |
wolfSSL | 15:117db924cf7c | 1483 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1484 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1485 | } |
wolfSSL | 15:117db924cf7c | 1486 | else |
wolfSSL | 15:117db924cf7c | 1487 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1488 | #ifdef WOLFSSL_SP_NO_4096 |
wolfSSL | 16:8e0d178b1d1e | 1489 | if (mp_count_bits(&key->p) == 4096) { |
wolfSSL | 16:8e0d178b1d1e | 1490 | ret = sp_ModExp_4096(y, q, p, y); |
wolfSSL | 16:8e0d178b1d1e | 1491 | if (ret != 0) |
wolfSSL | 16:8e0d178b1d1e | 1492 | ret = MP_EXPTMOD_E; |
wolfSSL | 16:8e0d178b1d1e | 1493 | } |
wolfSSL | 16:8e0d178b1d1e | 1494 | else |
wolfSSL | 16:8e0d178b1d1e | 1495 | #endif |
wolfSSL | 15:117db924cf7c | 1496 | #endif |
wolfSSL | 15:117db924cf7c | 1497 | |
wolfSSL | 15:117db924cf7c | 1498 | { |
wolfSSL | 15:117db924cf7c | 1499 | /* SP 800-56Ar3, section 5.6.2.3.1, process step 2 */ |
wolfSSL | 15:117db924cf7c | 1500 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1501 | /* calculate (y^q) mod(p), store back into y */ |
wolfSSL | 16:8e0d178b1d1e | 1502 | if (mp_exptmod(y, q, p, y) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1503 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1504 | #else |
wolfSSL | 15:117db924cf7c | 1505 | ret = WC_KEY_SIZE_E; |
wolfSSL | 15:117db924cf7c | 1506 | #endif |
wolfSSL | 15:117db924cf7c | 1507 | } |
wolfSSL | 15:117db924cf7c | 1508 | |
wolfSSL | 15:117db924cf7c | 1509 | /* verify above == 1 */ |
wolfSSL | 15:117db924cf7c | 1510 | if (ret == 0 && mp_cmp_d(y, 1) != MP_EQ) |
wolfSSL | 15:117db924cf7c | 1511 | ret = MP_CMP_E; |
wolfSSL | 15:117db924cf7c | 1512 | } |
wolfSSL | 15:117db924cf7c | 1513 | |
wolfSSL | 15:117db924cf7c | 1514 | mp_clear(y); |
wolfSSL | 15:117db924cf7c | 1515 | mp_clear(p); |
wolfSSL | 15:117db924cf7c | 1516 | mp_clear(q); |
wolfSSL | 15:117db924cf7c | 1517 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1518 | XFREE(q, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1519 | XFREE(p, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1520 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1521 | #endif |
wolfSSL | 15:117db924cf7c | 1522 | |
wolfSSL | 15:117db924cf7c | 1523 | return ret; |
wolfSSL | 15:117db924cf7c | 1524 | } |
wolfSSL | 15:117db924cf7c | 1525 | |
wolfSSL | 15:117db924cf7c | 1526 | |
wolfSSL | 15:117db924cf7c | 1527 | /* Check DH Public Key for invalid numbers |
wolfSSL | 15:117db924cf7c | 1528 | * |
wolfSSL | 15:117db924cf7c | 1529 | * key DH key group parameters. |
wolfSSL | 15:117db924cf7c | 1530 | * pub Public Key. |
wolfSSL | 15:117db924cf7c | 1531 | * pubSz Public Key size. |
wolfSSL | 15:117db924cf7c | 1532 | * |
wolfSSL | 15:117db924cf7c | 1533 | * returns 0 on success or error code |
wolfSSL | 15:117db924cf7c | 1534 | */ |
wolfSSL | 15:117db924cf7c | 1535 | int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz) |
wolfSSL | 15:117db924cf7c | 1536 | { |
wolfSSL | 15:117db924cf7c | 1537 | return wc_DhCheckPubKey_ex(key, pub, pubSz, NULL, 0); |
wolfSSL | 15:117db924cf7c | 1538 | } |
wolfSSL | 15:117db924cf7c | 1539 | |
wolfSSL | 15:117db924cf7c | 1540 | |
wolfSSL | 16:8e0d178b1d1e | 1541 | /** |
wolfSSL | 16:8e0d178b1d1e | 1542 | * Quick validity check of public key value against prime. |
wolfSSL | 16:8e0d178b1d1e | 1543 | * Checks are: |
wolfSSL | 16:8e0d178b1d1e | 1544 | * - Public key not 0 or 1 |
wolfSSL | 16:8e0d178b1d1e | 1545 | * - Public key not equal to prime or prime - 1 |
wolfSSL | 16:8e0d178b1d1e | 1546 | * - Public key not bigger than prime. |
wolfSSL | 16:8e0d178b1d1e | 1547 | * |
wolfSSL | 16:8e0d178b1d1e | 1548 | * prime Big-endian encoding of prime in bytes. |
wolfSSL | 16:8e0d178b1d1e | 1549 | * primeSz Size of prime in bytes. |
wolfSSL | 16:8e0d178b1d1e | 1550 | * pub Big-endian encoding of public key in bytes. |
wolfSSL | 16:8e0d178b1d1e | 1551 | * pubSz Size of public key in bytes. |
wolfSSL | 16:8e0d178b1d1e | 1552 | */ |
wolfSSL | 16:8e0d178b1d1e | 1553 | int wc_DhCheckPubValue(const byte* prime, word32 primeSz, const byte* pub, |
wolfSSL | 16:8e0d178b1d1e | 1554 | word32 pubSz) |
wolfSSL | 16:8e0d178b1d1e | 1555 | { |
wolfSSL | 16:8e0d178b1d1e | 1556 | int ret = 0; |
wolfSSL | 16:8e0d178b1d1e | 1557 | word32 i; |
wolfSSL | 16:8e0d178b1d1e | 1558 | |
wolfSSL | 16:8e0d178b1d1e | 1559 | for (i = 0; i < pubSz && pub[i] == 0; i++) { |
wolfSSL | 16:8e0d178b1d1e | 1560 | } |
wolfSSL | 16:8e0d178b1d1e | 1561 | pubSz -= i; |
wolfSSL | 16:8e0d178b1d1e | 1562 | pub += i; |
wolfSSL | 16:8e0d178b1d1e | 1563 | |
wolfSSL | 16:8e0d178b1d1e | 1564 | if (pubSz == 0 || (pubSz == 1 && pub[0] == 1)) |
wolfSSL | 16:8e0d178b1d1e | 1565 | ret = MP_VAL; |
wolfSSL | 16:8e0d178b1d1e | 1566 | else if (pubSz == primeSz) { |
wolfSSL | 16:8e0d178b1d1e | 1567 | for (i = 0; i < pubSz-1 && pub[i] == prime[i]; i++) { |
wolfSSL | 16:8e0d178b1d1e | 1568 | } |
wolfSSL | 16:8e0d178b1d1e | 1569 | if (i == pubSz-1 && (pub[i] == prime[i] || pub[i] == prime[i] - 1)) |
wolfSSL | 16:8e0d178b1d1e | 1570 | ret = MP_VAL; |
wolfSSL | 16:8e0d178b1d1e | 1571 | else if (pub[i] > prime[i]) |
wolfSSL | 16:8e0d178b1d1e | 1572 | ret = MP_VAL; |
wolfSSL | 16:8e0d178b1d1e | 1573 | } |
wolfSSL | 16:8e0d178b1d1e | 1574 | else if (pubSz > primeSz) |
wolfSSL | 16:8e0d178b1d1e | 1575 | ret = MP_VAL; |
wolfSSL | 16:8e0d178b1d1e | 1576 | |
wolfSSL | 16:8e0d178b1d1e | 1577 | return ret; |
wolfSSL | 16:8e0d178b1d1e | 1578 | } |
wolfSSL | 16:8e0d178b1d1e | 1579 | |
wolfSSL | 16:8e0d178b1d1e | 1580 | |
wolfSSL | 15:117db924cf7c | 1581 | /* Check DH Private Key for invalid numbers, optionally allowing |
wolfSSL | 15:117db924cf7c | 1582 | * the private key to be checked against the large prime (q). |
wolfSSL | 15:117db924cf7c | 1583 | * Check per process in SP 800-56Ar3, section 5.6.2.1.2. |
wolfSSL | 15:117db924cf7c | 1584 | * |
wolfSSL | 15:117db924cf7c | 1585 | * key DH key group parameters. |
wolfSSL | 15:117db924cf7c | 1586 | * priv Private Key. |
wolfSSL | 15:117db924cf7c | 1587 | * privSz Private Key size. |
wolfSSL | 15:117db924cf7c | 1588 | * prime Large prime (q), optionally NULL to skip check |
wolfSSL | 15:117db924cf7c | 1589 | * primeSz Size of large prime |
wolfSSL | 15:117db924cf7c | 1590 | * |
wolfSSL | 15:117db924cf7c | 1591 | * returns 0 on success or error code |
wolfSSL | 15:117db924cf7c | 1592 | */ |
wolfSSL | 15:117db924cf7c | 1593 | int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz, |
wolfSSL | 15:117db924cf7c | 1594 | const byte* prime, word32 primeSz) |
wolfSSL | 15:117db924cf7c | 1595 | { |
wolfSSL | 15:117db924cf7c | 1596 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 1597 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1598 | mp_int* x = NULL; |
wolfSSL | 15:117db924cf7c | 1599 | mp_int* q = NULL; |
wolfSSL | 15:117db924cf7c | 1600 | #else |
wolfSSL | 15:117db924cf7c | 1601 | mp_int x[1]; |
wolfSSL | 15:117db924cf7c | 1602 | mp_int q[1]; |
wolfSSL | 15:117db924cf7c | 1603 | #endif |
wolfSSL | 15:117db924cf7c | 1604 | |
wolfSSL | 15:117db924cf7c | 1605 | if (key == NULL || priv == NULL) { |
wolfSSL | 15:117db924cf7c | 1606 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1607 | } |
wolfSSL | 15:117db924cf7c | 1608 | |
wolfSSL | 15:117db924cf7c | 1609 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1610 | x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1611 | if (x == NULL) |
wolfSSL | 15:117db924cf7c | 1612 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1613 | q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1614 | if (q == NULL) { |
wolfSSL | 15:117db924cf7c | 1615 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1616 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1617 | } |
wolfSSL | 15:117db924cf7c | 1618 | #endif |
wolfSSL | 15:117db924cf7c | 1619 | |
wolfSSL | 15:117db924cf7c | 1620 | if (mp_init_multi(x, q, NULL, NULL, NULL, NULL) != MP_OKAY) { |
wolfSSL | 16:8e0d178b1d1e | 1621 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1622 | XFREE(q, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1623 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1624 | #endif |
wolfSSL | 15:117db924cf7c | 1625 | return MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1626 | } |
wolfSSL | 15:117db924cf7c | 1627 | |
wolfSSL | 15:117db924cf7c | 1628 | if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1629 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1630 | } |
wolfSSL | 15:117db924cf7c | 1631 | |
wolfSSL | 15:117db924cf7c | 1632 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1633 | if (prime != NULL) { |
wolfSSL | 15:117db924cf7c | 1634 | if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1635 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1636 | } |
wolfSSL | 15:117db924cf7c | 1637 | else if (mp_iszero(&key->q) == MP_NO) { |
wolfSSL | 15:117db924cf7c | 1638 | /* use q available in DhKey */ |
wolfSSL | 15:117db924cf7c | 1639 | if (mp_copy(&key->q, q) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1640 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1641 | } |
wolfSSL | 15:117db924cf7c | 1642 | } |
wolfSSL | 15:117db924cf7c | 1643 | |
wolfSSL | 15:117db924cf7c | 1644 | /* priv (x) should not be 0 */ |
wolfSSL | 15:117db924cf7c | 1645 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1646 | if (mp_cmp_d(x, 0) == MP_EQ) |
wolfSSL | 15:117db924cf7c | 1647 | ret = MP_CMP_E; |
wolfSSL | 15:117db924cf7c | 1648 | } |
wolfSSL | 15:117db924cf7c | 1649 | |
wolfSSL | 15:117db924cf7c | 1650 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1651 | if (mp_iszero(q) == MP_NO) { |
wolfSSL | 15:117db924cf7c | 1652 | /* priv (x) shouldn't be greater than q - 1 */ |
wolfSSL | 15:117db924cf7c | 1653 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1654 | if (mp_copy(&key->q, q) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1655 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1656 | } |
wolfSSL | 15:117db924cf7c | 1657 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1658 | if (mp_sub_d(q, 1, q) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1659 | ret = MP_SUB_E; |
wolfSSL | 15:117db924cf7c | 1660 | } |
wolfSSL | 15:117db924cf7c | 1661 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1662 | if (mp_cmp(x, q) == MP_GT) |
wolfSSL | 15:117db924cf7c | 1663 | ret = DH_CHECK_PRIV_E; |
wolfSSL | 15:117db924cf7c | 1664 | } |
wolfSSL | 15:117db924cf7c | 1665 | } |
wolfSSL | 15:117db924cf7c | 1666 | } |
wolfSSL | 15:117db924cf7c | 1667 | |
wolfSSL | 15:117db924cf7c | 1668 | mp_clear(x); |
wolfSSL | 15:117db924cf7c | 1669 | mp_clear(q); |
wolfSSL | 15:117db924cf7c | 1670 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1671 | XFREE(q, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1672 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1673 | #endif |
wolfSSL | 15:117db924cf7c | 1674 | |
wolfSSL | 15:117db924cf7c | 1675 | return ret; |
wolfSSL | 15:117db924cf7c | 1676 | } |
wolfSSL | 15:117db924cf7c | 1677 | |
wolfSSL | 15:117db924cf7c | 1678 | |
wolfSSL | 15:117db924cf7c | 1679 | /* Check DH Private Key for invalid numbers |
wolfSSL | 15:117db924cf7c | 1680 | * |
wolfSSL | 15:117db924cf7c | 1681 | * key DH key group parameters. |
wolfSSL | 15:117db924cf7c | 1682 | * priv Private Key. |
wolfSSL | 15:117db924cf7c | 1683 | * privSz Private Key size. |
wolfSSL | 15:117db924cf7c | 1684 | * |
wolfSSL | 15:117db924cf7c | 1685 | * returns 0 on success or error code |
wolfSSL | 15:117db924cf7c | 1686 | */ |
wolfSSL | 15:117db924cf7c | 1687 | int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 privSz) |
wolfSSL | 15:117db924cf7c | 1688 | { |
wolfSSL | 15:117db924cf7c | 1689 | return wc_DhCheckPrivKey_ex(key, priv, privSz, NULL, 0); |
wolfSSL | 15:117db924cf7c | 1690 | } |
wolfSSL | 15:117db924cf7c | 1691 | |
wolfSSL | 15:117db924cf7c | 1692 | |
wolfSSL | 15:117db924cf7c | 1693 | /* Check DH Keys for pair-wise consistency per process in |
wolfSSL | 15:117db924cf7c | 1694 | * SP 800-56Ar3, section 5.6.2.1.4, method (b) for FFC. |
wolfSSL | 15:117db924cf7c | 1695 | * |
wolfSSL | 15:117db924cf7c | 1696 | * key DH key group parameters. |
wolfSSL | 15:117db924cf7c | 1697 | * pub Public Key. |
wolfSSL | 15:117db924cf7c | 1698 | * pubSz Public Key size. |
wolfSSL | 15:117db924cf7c | 1699 | * priv Private Key. |
wolfSSL | 15:117db924cf7c | 1700 | * privSz Private Key size. |
wolfSSL | 15:117db924cf7c | 1701 | * |
wolfSSL | 15:117db924cf7c | 1702 | * returns 0 on success or error code |
wolfSSL | 15:117db924cf7c | 1703 | */ |
wolfSSL | 15:117db924cf7c | 1704 | int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz, |
wolfSSL | 15:117db924cf7c | 1705 | const byte* priv, word32 privSz) |
wolfSSL | 15:117db924cf7c | 1706 | { |
wolfSSL | 15:117db924cf7c | 1707 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1708 | mp_int* publicKey = NULL; |
wolfSSL | 15:117db924cf7c | 1709 | mp_int* privateKey = NULL; |
wolfSSL | 15:117db924cf7c | 1710 | mp_int* checkKey = NULL; |
wolfSSL | 15:117db924cf7c | 1711 | #else |
wolfSSL | 15:117db924cf7c | 1712 | mp_int publicKey[1]; |
wolfSSL | 15:117db924cf7c | 1713 | mp_int privateKey[1]; |
wolfSSL | 15:117db924cf7c | 1714 | mp_int checkKey[1]; |
wolfSSL | 15:117db924cf7c | 1715 | #endif |
wolfSSL | 15:117db924cf7c | 1716 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 1717 | |
wolfSSL | 15:117db924cf7c | 1718 | if (key == NULL || pub == NULL || priv == NULL) |
wolfSSL | 15:117db924cf7c | 1719 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1720 | |
wolfSSL | 15:117db924cf7c | 1721 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1722 | publicKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1723 | if (publicKey == NULL) |
wolfSSL | 15:117db924cf7c | 1724 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1725 | privateKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1726 | if (privateKey == NULL) { |
wolfSSL | 15:117db924cf7c | 1727 | XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1728 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1729 | } |
wolfSSL | 15:117db924cf7c | 1730 | checkKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1731 | if (checkKey == NULL) { |
wolfSSL | 15:117db924cf7c | 1732 | XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1733 | XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1734 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1735 | } |
wolfSSL | 15:117db924cf7c | 1736 | #endif |
wolfSSL | 15:117db924cf7c | 1737 | |
wolfSSL | 15:117db924cf7c | 1738 | if (mp_init_multi(publicKey, privateKey, checkKey, |
wolfSSL | 15:117db924cf7c | 1739 | NULL, NULL, NULL) != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1740 | |
wolfSSL | 16:8e0d178b1d1e | 1741 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1742 | XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1743 | XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1744 | XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1745 | #endif |
wolfSSL | 15:117db924cf7c | 1746 | return MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1747 | } |
wolfSSL | 15:117db924cf7c | 1748 | |
wolfSSL | 15:117db924cf7c | 1749 | /* Load the private and public keys into big integers. */ |
wolfSSL | 15:117db924cf7c | 1750 | if (mp_read_unsigned_bin(publicKey, pub, pubSz) != MP_OKAY || |
wolfSSL | 15:117db924cf7c | 1751 | mp_read_unsigned_bin(privateKey, priv, privSz) != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 1752 | |
wolfSSL | 15:117db924cf7c | 1753 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1754 | } |
wolfSSL | 15:117db924cf7c | 1755 | |
wolfSSL | 15:117db924cf7c | 1756 | /* Calculate checkKey = g^privateKey mod p */ |
wolfSSL | 15:117db924cf7c | 1757 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1758 | #ifdef WOLFSSL_HAVE_SP_DH |
wolfSSL | 15:117db924cf7c | 1759 | #ifndef WOLFSSL_SP_NO_2048 |
wolfSSL | 15:117db924cf7c | 1760 | if (mp_count_bits(&key->p) == 2048) { |
wolfSSL | 15:117db924cf7c | 1761 | ret = sp_ModExp_2048(&key->g, privateKey, &key->p, checkKey); |
wolfSSL | 15:117db924cf7c | 1762 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1763 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1764 | } |
wolfSSL | 15:117db924cf7c | 1765 | else |
wolfSSL | 15:117db924cf7c | 1766 | #endif |
wolfSSL | 15:117db924cf7c | 1767 | #ifndef WOLFSSL_SP_NO_3072 |
wolfSSL | 15:117db924cf7c | 1768 | if (mp_count_bits(&key->p) == 3072) { |
wolfSSL | 15:117db924cf7c | 1769 | ret = sp_ModExp_3072(&key->g, privateKey, &key->p, checkKey); |
wolfSSL | 15:117db924cf7c | 1770 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1771 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1772 | } |
wolfSSL | 15:117db924cf7c | 1773 | else |
wolfSSL | 15:117db924cf7c | 1774 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1775 | #ifdef WOLFSSL_SP_4096 |
wolfSSL | 16:8e0d178b1d1e | 1776 | if (mp_count_bits(&key->p) == 4096) { |
wolfSSL | 16:8e0d178b1d1e | 1777 | ret = sp_ModExp_4096(&key->g, privateKey, &key->p, checkKey); |
wolfSSL | 16:8e0d178b1d1e | 1778 | if (ret != 0) |
wolfSSL | 16:8e0d178b1d1e | 1779 | ret = MP_EXPTMOD_E; |
wolfSSL | 16:8e0d178b1d1e | 1780 | } |
wolfSSL | 16:8e0d178b1d1e | 1781 | else |
wolfSSL | 16:8e0d178b1d1e | 1782 | #endif |
wolfSSL | 15:117db924cf7c | 1783 | #endif |
wolfSSL | 15:117db924cf7c | 1784 | { |
wolfSSL | 15:117db924cf7c | 1785 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1786 | if (mp_exptmod(&key->g, privateKey, &key->p, checkKey) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1787 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1788 | #else |
wolfSSL | 15:117db924cf7c | 1789 | ret = WC_KEY_SIZE_E; |
wolfSSL | 15:117db924cf7c | 1790 | #endif |
wolfSSL | 15:117db924cf7c | 1791 | } |
wolfSSL | 15:117db924cf7c | 1792 | } |
wolfSSL | 15:117db924cf7c | 1793 | |
wolfSSL | 15:117db924cf7c | 1794 | /* Compare the calculated public key to the supplied check value. */ |
wolfSSL | 15:117db924cf7c | 1795 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1796 | if (mp_cmp(checkKey, publicKey) != MP_EQ) |
wolfSSL | 15:117db924cf7c | 1797 | ret = MP_CMP_E; |
wolfSSL | 15:117db924cf7c | 1798 | } |
wolfSSL | 15:117db924cf7c | 1799 | |
wolfSSL | 15:117db924cf7c | 1800 | mp_forcezero(privateKey); |
wolfSSL | 15:117db924cf7c | 1801 | mp_clear(privateKey); |
wolfSSL | 15:117db924cf7c | 1802 | mp_clear(publicKey); |
wolfSSL | 15:117db924cf7c | 1803 | mp_clear(checkKey); |
wolfSSL | 15:117db924cf7c | 1804 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1805 | XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1806 | XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1807 | XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1808 | #endif |
wolfSSL | 15:117db924cf7c | 1809 | |
wolfSSL | 15:117db924cf7c | 1810 | return ret; |
wolfSSL | 15:117db924cf7c | 1811 | } |
wolfSSL | 15:117db924cf7c | 1812 | |
wolfSSL | 15:117db924cf7c | 1813 | |
wolfSSL | 15:117db924cf7c | 1814 | int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, |
wolfSSL | 15:117db924cf7c | 1815 | byte* priv, word32* privSz, byte* pub, word32* pubSz) |
wolfSSL | 15:117db924cf7c | 1816 | { |
wolfSSL | 15:117db924cf7c | 1817 | int ret; |
wolfSSL | 15:117db924cf7c | 1818 | |
wolfSSL | 15:117db924cf7c | 1819 | if (key == NULL || rng == NULL || priv == NULL || privSz == NULL || |
wolfSSL | 15:117db924cf7c | 1820 | pub == NULL || pubSz == NULL) { |
wolfSSL | 15:117db924cf7c | 1821 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1822 | } |
wolfSSL | 15:117db924cf7c | 1823 | |
wolfSSL | 15:117db924cf7c | 1824 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) |
wolfSSL | 15:117db924cf7c | 1825 | if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) { |
wolfSSL | 15:117db924cf7c | 1826 | ret = wc_DhGenerateKeyPair_Async(key, rng, priv, privSz, pub, pubSz); |
wolfSSL | 15:117db924cf7c | 1827 | } |
wolfSSL | 15:117db924cf7c | 1828 | else |
wolfSSL | 15:117db924cf7c | 1829 | #endif |
wolfSSL | 15:117db924cf7c | 1830 | { |
wolfSSL | 15:117db924cf7c | 1831 | ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz); |
wolfSSL | 15:117db924cf7c | 1832 | } |
wolfSSL | 15:117db924cf7c | 1833 | |
wolfSSL | 15:117db924cf7c | 1834 | return ret; |
wolfSSL | 15:117db924cf7c | 1835 | } |
wolfSSL | 15:117db924cf7c | 1836 | |
wolfSSL | 15:117db924cf7c | 1837 | |
wolfSSL | 15:117db924cf7c | 1838 | static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz, |
wolfSSL | 15:117db924cf7c | 1839 | const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz) |
wolfSSL | 15:117db924cf7c | 1840 | { |
wolfSSL | 15:117db924cf7c | 1841 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 1842 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1843 | mp_int* y; |
wolfSSL | 15:117db924cf7c | 1844 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 16:8e0d178b1d1e | 1845 | mp_int* x; |
wolfSSL | 16:8e0d178b1d1e | 1846 | mp_int* z; |
wolfSSL | 15:117db924cf7c | 1847 | #endif |
wolfSSL | 15:117db924cf7c | 1848 | #else |
wolfSSL | 15:117db924cf7c | 1849 | mp_int y[1]; |
wolfSSL | 15:117db924cf7c | 1850 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1851 | mp_int x[1]; |
wolfSSL | 15:117db924cf7c | 1852 | mp_int z[1]; |
wolfSSL | 15:117db924cf7c | 1853 | #endif |
wolfSSL | 15:117db924cf7c | 1854 | #endif |
wolfSSL | 15:117db924cf7c | 1855 | |
wolfSSL | 15:117db924cf7c | 1856 | #ifdef WOLFSSL_VALIDATE_FFC_IMPORT |
wolfSSL | 15:117db924cf7c | 1857 | if (wc_DhCheckPrivKey(key, priv, privSz) != 0) { |
wolfSSL | 15:117db924cf7c | 1858 | WOLFSSL_MSG("wc_DhAgree wc_DhCheckPrivKey failed"); |
wolfSSL | 15:117db924cf7c | 1859 | return DH_CHECK_PRIV_E; |
wolfSSL | 15:117db924cf7c | 1860 | } |
wolfSSL | 15:117db924cf7c | 1861 | |
wolfSSL | 15:117db924cf7c | 1862 | if (wc_DhCheckPubKey(key, otherPub, pubSz) != 0) { |
wolfSSL | 15:117db924cf7c | 1863 | WOLFSSL_MSG("wc_DhAgree wc_DhCheckPubKey failed"); |
wolfSSL | 15:117db924cf7c | 1864 | return DH_CHECK_PUB_E; |
wolfSSL | 15:117db924cf7c | 1865 | } |
wolfSSL | 15:117db924cf7c | 1866 | #endif |
wolfSSL | 15:117db924cf7c | 1867 | |
wolfSSL | 15:117db924cf7c | 1868 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1869 | y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1870 | if (y == NULL) |
wolfSSL | 15:117db924cf7c | 1871 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1872 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1873 | x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1874 | if (x == NULL) { |
wolfSSL | 15:117db924cf7c | 1875 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1876 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1877 | } |
wolfSSL | 15:117db924cf7c | 1878 | z = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1879 | if (z == NULL) { |
wolfSSL | 15:117db924cf7c | 1880 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1881 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1882 | return MEMORY_E; |
wolfSSL | 15:117db924cf7c | 1883 | } |
wolfSSL | 15:117db924cf7c | 1884 | #endif |
wolfSSL | 15:117db924cf7c | 1885 | #endif |
wolfSSL | 15:117db924cf7c | 1886 | |
wolfSSL | 15:117db924cf7c | 1887 | #ifdef WOLFSSL_HAVE_SP_DH |
wolfSSL | 15:117db924cf7c | 1888 | #ifndef WOLFSSL_SP_NO_2048 |
wolfSSL | 15:117db924cf7c | 1889 | if (mp_count_bits(&key->p) == 2048) { |
wolfSSL | 15:117db924cf7c | 1890 | if (mp_init(y) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1891 | return MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1892 | |
wolfSSL | 15:117db924cf7c | 1893 | if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1894 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1895 | |
wolfSSL | 15:117db924cf7c | 1896 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 1897 | ret = sp_DhExp_2048(y, priv, privSz, &key->p, agree, agreeSz); |
wolfSSL | 15:117db924cf7c | 1898 | |
wolfSSL | 15:117db924cf7c | 1899 | mp_clear(y); |
wolfSSL | 15:117db924cf7c | 1900 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1901 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1902 | XFREE(z, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1903 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1904 | #endif |
wolfSSL | 15:117db924cf7c | 1905 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1906 | #endif |
wolfSSL | 15:117db924cf7c | 1907 | return ret; |
wolfSSL | 15:117db924cf7c | 1908 | } |
wolfSSL | 15:117db924cf7c | 1909 | #endif |
wolfSSL | 15:117db924cf7c | 1910 | #ifndef WOLFSSL_SP_NO_3072 |
wolfSSL | 15:117db924cf7c | 1911 | if (mp_count_bits(&key->p) == 3072) { |
wolfSSL | 15:117db924cf7c | 1912 | if (mp_init(y) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1913 | return MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 1914 | |
wolfSSL | 15:117db924cf7c | 1915 | if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1916 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1917 | |
wolfSSL | 15:117db924cf7c | 1918 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 1919 | ret = sp_DhExp_3072(y, priv, privSz, &key->p, agree, agreeSz); |
wolfSSL | 15:117db924cf7c | 1920 | |
wolfSSL | 15:117db924cf7c | 1921 | mp_clear(y); |
wolfSSL | 15:117db924cf7c | 1922 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1923 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1924 | XFREE(z, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1925 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1926 | #endif |
wolfSSL | 15:117db924cf7c | 1927 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1928 | #endif |
wolfSSL | 15:117db924cf7c | 1929 | return ret; |
wolfSSL | 15:117db924cf7c | 1930 | } |
wolfSSL | 15:117db924cf7c | 1931 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1932 | #ifdef WOLFSSL_SP_4096 |
wolfSSL | 16:8e0d178b1d1e | 1933 | if (mp_count_bits(&key->p) == 4096) { |
wolfSSL | 16:8e0d178b1d1e | 1934 | if (mp_init(y) != MP_OKAY) |
wolfSSL | 16:8e0d178b1d1e | 1935 | return MP_INIT_E; |
wolfSSL | 16:8e0d178b1d1e | 1936 | |
wolfSSL | 16:8e0d178b1d1e | 1937 | if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY) |
wolfSSL | 16:8e0d178b1d1e | 1938 | ret = MP_READ_E; |
wolfSSL | 16:8e0d178b1d1e | 1939 | |
wolfSSL | 16:8e0d178b1d1e | 1940 | if (ret == 0) |
wolfSSL | 16:8e0d178b1d1e | 1941 | ret = sp_DhExp_4096(y, priv, privSz, &key->p, agree, agreeSz); |
wolfSSL | 16:8e0d178b1d1e | 1942 | |
wolfSSL | 16:8e0d178b1d1e | 1943 | mp_clear(y); |
wolfSSL | 16:8e0d178b1d1e | 1944 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1945 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 16:8e0d178b1d1e | 1946 | XFREE(z, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1947 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1948 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1949 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1950 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1951 | return ret; |
wolfSSL | 16:8e0d178b1d1e | 1952 | } |
wolfSSL | 16:8e0d178b1d1e | 1953 | #endif |
wolfSSL | 15:117db924cf7c | 1954 | #endif |
wolfSSL | 15:117db924cf7c | 1955 | |
wolfSSL | 15:117db924cf7c | 1956 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 16:8e0d178b1d1e | 1957 | if (mp_init_multi(x, y, z, 0, 0, 0) != MP_OKAY) { |
wolfSSL | 16:8e0d178b1d1e | 1958 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 16:8e0d178b1d1e | 1959 | XFREE(z, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1960 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1961 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 16:8e0d178b1d1e | 1962 | #endif |
wolfSSL | 15:117db924cf7c | 1963 | return MP_INIT_E; |
wolfSSL | 16:8e0d178b1d1e | 1964 | } |
wolfSSL | 15:117db924cf7c | 1965 | |
wolfSSL | 15:117db924cf7c | 1966 | if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1967 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1968 | |
wolfSSL | 15:117db924cf7c | 1969 | if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1970 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 1971 | |
wolfSSL | 15:117db924cf7c | 1972 | if (ret == 0 && mp_exptmod(y, x, &key->p, z) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1973 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 1974 | |
wolfSSL | 15:117db924cf7c | 1975 | /* make sure z is not one (SP800-56A, 5.7.1.1) */ |
wolfSSL | 15:117db924cf7c | 1976 | if (ret == 0 && (mp_cmp_d(z, 1) == MP_EQ)) |
wolfSSL | 15:117db924cf7c | 1977 | ret = MP_VAL; |
wolfSSL | 15:117db924cf7c | 1978 | |
wolfSSL | 15:117db924cf7c | 1979 | if (ret == 0 && mp_to_unsigned_bin(z, agree) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 1980 | ret = MP_TO_E; |
wolfSSL | 15:117db924cf7c | 1981 | |
wolfSSL | 15:117db924cf7c | 1982 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 1983 | *agreeSz = mp_unsigned_bin_size(z); |
wolfSSL | 15:117db924cf7c | 1984 | |
wolfSSL | 15:117db924cf7c | 1985 | mp_clear(z); |
wolfSSL | 15:117db924cf7c | 1986 | mp_clear(y); |
wolfSSL | 15:117db924cf7c | 1987 | mp_forcezero(x); |
wolfSSL | 15:117db924cf7c | 1988 | #endif |
wolfSSL | 15:117db924cf7c | 1989 | |
wolfSSL | 15:117db924cf7c | 1990 | #ifdef WOLFSSL_SMALL_STACK |
wolfSSL | 15:117db924cf7c | 1991 | #ifndef WOLFSSL_SP_MATH |
wolfSSL | 15:117db924cf7c | 1992 | XFREE(z, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1993 | XFREE(x, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1994 | #endif |
wolfSSL | 15:117db924cf7c | 1995 | XFREE(y, key->heap, DYNAMIC_TYPE_DH); |
wolfSSL | 15:117db924cf7c | 1996 | #endif |
wolfSSL | 15:117db924cf7c | 1997 | |
wolfSSL | 15:117db924cf7c | 1998 | return ret; |
wolfSSL | 15:117db924cf7c | 1999 | } |
wolfSSL | 15:117db924cf7c | 2000 | |
wolfSSL | 15:117db924cf7c | 2001 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) |
wolfSSL | 15:117db924cf7c | 2002 | static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz, |
wolfSSL | 15:117db924cf7c | 2003 | const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz) |
wolfSSL | 15:117db924cf7c | 2004 | { |
wolfSSL | 15:117db924cf7c | 2005 | int ret; |
wolfSSL | 15:117db924cf7c | 2006 | |
wolfSSL | 16:8e0d178b1d1e | 2007 | #if defined(HAVE_INTEL_QA) |
wolfSSL | 16:8e0d178b1d1e | 2008 | word32 pBits; |
wolfSSL | 15:117db924cf7c | 2009 | |
wolfSSL | 16:8e0d178b1d1e | 2010 | /* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */ |
wolfSSL | 16:8e0d178b1d1e | 2011 | pBits = mp_unsigned_bin_size(&key->p) * 8; |
wolfSSL | 16:8e0d178b1d1e | 2012 | if (pBits == 768 || pBits == 1024 || pBits == 1536 || |
wolfSSL | 16:8e0d178b1d1e | 2013 | pBits == 2048 || pBits == 3072 || pBits == 4096) { |
wolfSSL | 16:8e0d178b1d1e | 2014 | ret = wc_mp_to_bigint(&key->p, &key->p.raw); |
wolfSSL | 16:8e0d178b1d1e | 2015 | if (ret == MP_OKAY) |
wolfSSL | 16:8e0d178b1d1e | 2016 | ret = IntelQaDhAgree(&key->asyncDev, &key->p.raw, |
wolfSSL | 16:8e0d178b1d1e | 2017 | agree, agreeSz, priv, privSz, otherPub, pubSz); |
wolfSSL | 16:8e0d178b1d1e | 2018 | return ret; |
wolfSSL | 16:8e0d178b1d1e | 2019 | } |
wolfSSL | 16:8e0d178b1d1e | 2020 | |
wolfSSL | 16:8e0d178b1d1e | 2021 | #elif defined(HAVE_CAVIUM) |
wolfSSL | 16:8e0d178b1d1e | 2022 | /* TODO: Not implemented - use software for now */ |
wolfSSL | 16:8e0d178b1d1e | 2023 | |
wolfSSL | 15:117db924cf7c | 2024 | #else /* WOLFSSL_ASYNC_CRYPT_TEST */ |
wolfSSL | 15:117db924cf7c | 2025 | if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_DH_AGREE)) { |
wolfSSL | 15:117db924cf7c | 2026 | WC_ASYNC_TEST* testDev = &key->asyncDev.test; |
wolfSSL | 15:117db924cf7c | 2027 | testDev->dhAgree.key = key; |
wolfSSL | 15:117db924cf7c | 2028 | testDev->dhAgree.agree = agree; |
wolfSSL | 15:117db924cf7c | 2029 | testDev->dhAgree.agreeSz = agreeSz; |
wolfSSL | 15:117db924cf7c | 2030 | testDev->dhAgree.priv = priv; |
wolfSSL | 15:117db924cf7c | 2031 | testDev->dhAgree.privSz = privSz; |
wolfSSL | 15:117db924cf7c | 2032 | testDev->dhAgree.otherPub = otherPub; |
wolfSSL | 15:117db924cf7c | 2033 | testDev->dhAgree.pubSz = pubSz; |
wolfSSL | 15:117db924cf7c | 2034 | return WC_PENDING_E; |
wolfSSL | 15:117db924cf7c | 2035 | } |
wolfSSL | 16:8e0d178b1d1e | 2036 | #endif |
wolfSSL | 16:8e0d178b1d1e | 2037 | |
wolfSSL | 16:8e0d178b1d1e | 2038 | /* otherwise use software DH */ |
wolfSSL | 15:117db924cf7c | 2039 | ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz); |
wolfSSL | 15:117db924cf7c | 2040 | |
wolfSSL | 15:117db924cf7c | 2041 | return ret; |
wolfSSL | 15:117db924cf7c | 2042 | } |
wolfSSL | 15:117db924cf7c | 2043 | #endif /* WOLFSSL_ASYNC_CRYPT */ |
wolfSSL | 15:117db924cf7c | 2044 | |
wolfSSL | 15:117db924cf7c | 2045 | int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv, |
wolfSSL | 15:117db924cf7c | 2046 | word32 privSz, const byte* otherPub, word32 pubSz) |
wolfSSL | 15:117db924cf7c | 2047 | { |
wolfSSL | 15:117db924cf7c | 2048 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 2049 | |
wolfSSL | 15:117db924cf7c | 2050 | if (key == NULL || agree == NULL || agreeSz == NULL || priv == NULL || |
wolfSSL | 15:117db924cf7c | 2051 | otherPub == NULL) { |
wolfSSL | 15:117db924cf7c | 2052 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 2053 | } |
wolfSSL | 15:117db924cf7c | 2054 | |
wolfSSL | 15:117db924cf7c | 2055 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH) |
wolfSSL | 15:117db924cf7c | 2056 | if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) { |
wolfSSL | 15:117db924cf7c | 2057 | ret = wc_DhAgree_Async(key, agree, agreeSz, priv, privSz, otherPub, pubSz); |
wolfSSL | 15:117db924cf7c | 2058 | } |
wolfSSL | 15:117db924cf7c | 2059 | else |
wolfSSL | 15:117db924cf7c | 2060 | #endif |
wolfSSL | 15:117db924cf7c | 2061 | { |
wolfSSL | 15:117db924cf7c | 2062 | ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz); |
wolfSSL | 15:117db924cf7c | 2063 | } |
wolfSSL | 15:117db924cf7c | 2064 | |
wolfSSL | 15:117db924cf7c | 2065 | return ret; |
wolfSSL | 15:117db924cf7c | 2066 | } |
wolfSSL | 15:117db924cf7c | 2067 | |
wolfSSL | 16:8e0d178b1d1e | 2068 | #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) |
wolfSSL | 16:8e0d178b1d1e | 2069 | /* Sets private and public key in DhKey if both are available, otherwise sets |
wolfSSL | 16:8e0d178b1d1e | 2070 | either private or public key, depending on which is available. |
wolfSSL | 16:8e0d178b1d1e | 2071 | Returns WOLFSSL_SUCCESS if at least one of the keys was set. */ |
wolfSSL | 16:8e0d178b1d1e | 2072 | WOLFSSL_LOCAL int wc_DhSetFullKeys(DhKey* key,const byte* priv_key,word32 privSz, |
wolfSSL | 16:8e0d178b1d1e | 2073 | const byte* pub_key, word32 pubSz) |
wolfSSL | 16:8e0d178b1d1e | 2074 | { |
wolfSSL | 16:8e0d178b1d1e | 2075 | byte havePriv = 0; |
wolfSSL | 16:8e0d178b1d1e | 2076 | byte havePub = 0; |
wolfSSL | 16:8e0d178b1d1e | 2077 | mp_int* keyPriv = NULL; |
wolfSSL | 16:8e0d178b1d1e | 2078 | mp_int* keyPub = NULL; |
wolfSSL | 15:117db924cf7c | 2079 | |
wolfSSL | 16:8e0d178b1d1e | 2080 | if (key == NULL) { |
wolfSSL | 16:8e0d178b1d1e | 2081 | return BAD_FUNC_ARG; |
wolfSSL | 16:8e0d178b1d1e | 2082 | } |
wolfSSL | 16:8e0d178b1d1e | 2083 | |
wolfSSL | 16:8e0d178b1d1e | 2084 | havePriv = ( (priv_key != NULL) && (privSz > 0) ); |
wolfSSL | 16:8e0d178b1d1e | 2085 | havePub = ( (pub_key != NULL) && (pubSz > 0) ); |
wolfSSL | 16:8e0d178b1d1e | 2086 | |
wolfSSL | 16:8e0d178b1d1e | 2087 | if (!havePub && !havePriv) { |
wolfSSL | 16:8e0d178b1d1e | 2088 | WOLFSSL_MSG("No Public or Private Key to Set"); |
wolfSSL | 16:8e0d178b1d1e | 2089 | return BAD_FUNC_ARG; |
wolfSSL | 16:8e0d178b1d1e | 2090 | } |
wolfSSL | 16:8e0d178b1d1e | 2091 | /* Set Private Key */ |
wolfSSL | 16:8e0d178b1d1e | 2092 | if (havePriv == TRUE) { |
wolfSSL | 16:8e0d178b1d1e | 2093 | /* may have leading 0 */ |
wolfSSL | 16:8e0d178b1d1e | 2094 | if (priv_key[0] == 0) { |
wolfSSL | 16:8e0d178b1d1e | 2095 | privSz--; priv_key++; |
wolfSSL | 16:8e0d178b1d1e | 2096 | } |
wolfSSL | 16:8e0d178b1d1e | 2097 | if (mp_init(&key->priv) != MP_OKAY) |
wolfSSL | 16:8e0d178b1d1e | 2098 | havePriv = FALSE; |
wolfSSL | 16:8e0d178b1d1e | 2099 | } |
wolfSSL | 16:8e0d178b1d1e | 2100 | |
wolfSSL | 16:8e0d178b1d1e | 2101 | if (havePriv == TRUE) { |
wolfSSL | 16:8e0d178b1d1e | 2102 | if (mp_read_unsigned_bin(&key->priv, priv_key, privSz) != MP_OKAY) { |
wolfSSL | 16:8e0d178b1d1e | 2103 | havePriv = FALSE; |
wolfSSL | 16:8e0d178b1d1e | 2104 | } else { |
wolfSSL | 16:8e0d178b1d1e | 2105 | keyPriv = &key->priv; |
wolfSSL | 16:8e0d178b1d1e | 2106 | WOLFSSL_MSG("DH Private Key Set."); |
wolfSSL | 16:8e0d178b1d1e | 2107 | } |
wolfSSL | 16:8e0d178b1d1e | 2108 | } |
wolfSSL | 16:8e0d178b1d1e | 2109 | |
wolfSSL | 16:8e0d178b1d1e | 2110 | /* Set Public Key */ |
wolfSSL | 16:8e0d178b1d1e | 2111 | if (havePub == TRUE) { |
wolfSSL | 16:8e0d178b1d1e | 2112 | /* may have leading 0 */ |
wolfSSL | 16:8e0d178b1d1e | 2113 | if (pub_key[0] == 0) { |
wolfSSL | 16:8e0d178b1d1e | 2114 | pubSz--; pub_key++; |
wolfSSL | 16:8e0d178b1d1e | 2115 | } |
wolfSSL | 16:8e0d178b1d1e | 2116 | if (mp_init(&key->pub) != MP_OKAY) |
wolfSSL | 16:8e0d178b1d1e | 2117 | havePub = FALSE; |
wolfSSL | 16:8e0d178b1d1e | 2118 | } |
wolfSSL | 16:8e0d178b1d1e | 2119 | |
wolfSSL | 16:8e0d178b1d1e | 2120 | if (havePub == TRUE) { |
wolfSSL | 16:8e0d178b1d1e | 2121 | if (mp_read_unsigned_bin(&key->pub, pub_key, pubSz) != MP_OKAY) { |
wolfSSL | 16:8e0d178b1d1e | 2122 | havePub = FALSE; |
wolfSSL | 16:8e0d178b1d1e | 2123 | } else { |
wolfSSL | 16:8e0d178b1d1e | 2124 | keyPub = &key->pub; |
wolfSSL | 16:8e0d178b1d1e | 2125 | WOLFSSL_MSG("DH Public Key Set."); |
wolfSSL | 16:8e0d178b1d1e | 2126 | } |
wolfSSL | 16:8e0d178b1d1e | 2127 | } |
wolfSSL | 16:8e0d178b1d1e | 2128 | /* Free Memory if error occured */ |
wolfSSL | 16:8e0d178b1d1e | 2129 | if (havePriv == FALSE && keyPriv != NULL) |
wolfSSL | 16:8e0d178b1d1e | 2130 | mp_clear(keyPriv); |
wolfSSL | 16:8e0d178b1d1e | 2131 | if (havePub == FALSE && keyPub != NULL) |
wolfSSL | 16:8e0d178b1d1e | 2132 | mp_clear(keyPub); |
wolfSSL | 16:8e0d178b1d1e | 2133 | |
wolfSSL | 16:8e0d178b1d1e | 2134 | /* WOLFSSL_SUCCESS if private or public was set else WOLFSSL_FAILURE */ |
wolfSSL | 16:8e0d178b1d1e | 2135 | return havePriv || havePub; |
wolfSSL | 16:8e0d178b1d1e | 2136 | } |
wolfSSL | 16:8e0d178b1d1e | 2137 | #endif |
wolfSSL | 16:8e0d178b1d1e | 2138 | |
wolfSSL | 16:8e0d178b1d1e | 2139 | static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, |
wolfSSL | 16:8e0d178b1d1e | 2140 | word32 gSz, const byte* q, word32 qSz, int trusted, |
wolfSSL | 16:8e0d178b1d1e | 2141 | WC_RNG* rng) |
wolfSSL | 15:117db924cf7c | 2142 | { |
wolfSSL | 15:117db924cf7c | 2143 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 2144 | mp_int* keyP = NULL; |
wolfSSL | 15:117db924cf7c | 2145 | mp_int* keyG = NULL; |
wolfSSL | 15:117db924cf7c | 2146 | |
wolfSSL | 15:117db924cf7c | 2147 | if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) { |
wolfSSL | 15:117db924cf7c | 2148 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 2149 | } |
wolfSSL | 15:117db924cf7c | 2150 | |
wolfSSL | 15:117db924cf7c | 2151 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2152 | /* may have leading 0 */ |
wolfSSL | 15:117db924cf7c | 2153 | if (p[0] == 0) { |
wolfSSL | 15:117db924cf7c | 2154 | pSz--; p++; |
wolfSSL | 15:117db924cf7c | 2155 | } |
wolfSSL | 15:117db924cf7c | 2156 | |
wolfSSL | 15:117db924cf7c | 2157 | if (g[0] == 0) { |
wolfSSL | 15:117db924cf7c | 2158 | gSz--; g++; |
wolfSSL | 15:117db924cf7c | 2159 | } |
wolfSSL | 15:117db924cf7c | 2160 | |
wolfSSL | 15:117db924cf7c | 2161 | if (q != NULL) { |
wolfSSL | 15:117db924cf7c | 2162 | if (q[0] == 0) { |
wolfSSL | 15:117db924cf7c | 2163 | qSz--; q++; |
wolfSSL | 15:117db924cf7c | 2164 | } |
wolfSSL | 15:117db924cf7c | 2165 | } |
wolfSSL | 15:117db924cf7c | 2166 | |
wolfSSL | 15:117db924cf7c | 2167 | if (mp_init(&key->p) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2168 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 2169 | } |
wolfSSL | 15:117db924cf7c | 2170 | |
wolfSSL | 15:117db924cf7c | 2171 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2172 | if (mp_read_unsigned_bin(&key->p, p, pSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2173 | ret = ASN_DH_KEY_E; |
wolfSSL | 15:117db924cf7c | 2174 | else |
wolfSSL | 15:117db924cf7c | 2175 | keyP = &key->p; |
wolfSSL | 15:117db924cf7c | 2176 | } |
wolfSSL | 16:8e0d178b1d1e | 2177 | |
wolfSSL | 16:8e0d178b1d1e | 2178 | if (ret == 0 && !trusted) { |
wolfSSL | 16:8e0d178b1d1e | 2179 | int isPrime = 0; |
wolfSSL | 16:8e0d178b1d1e | 2180 | if (rng != NULL) |
wolfSSL | 16:8e0d178b1d1e | 2181 | ret = mp_prime_is_prime_ex(keyP, 8, &isPrime, rng); |
wolfSSL | 16:8e0d178b1d1e | 2182 | else |
wolfSSL | 16:8e0d178b1d1e | 2183 | ret = mp_prime_is_prime(keyP, 8, &isPrime); |
wolfSSL | 16:8e0d178b1d1e | 2184 | |
wolfSSL | 16:8e0d178b1d1e | 2185 | if (ret == 0 && isPrime == 0) |
wolfSSL | 16:8e0d178b1d1e | 2186 | ret = DH_CHECK_PUB_E; |
wolfSSL | 16:8e0d178b1d1e | 2187 | } |
wolfSSL | 16:8e0d178b1d1e | 2188 | |
wolfSSL | 15:117db924cf7c | 2189 | if (ret == 0 && mp_init(&key->g) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2190 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 2191 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2192 | if (mp_read_unsigned_bin(&key->g, g, gSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2193 | ret = ASN_DH_KEY_E; |
wolfSSL | 15:117db924cf7c | 2194 | else |
wolfSSL | 15:117db924cf7c | 2195 | keyG = &key->g; |
wolfSSL | 15:117db924cf7c | 2196 | } |
wolfSSL | 15:117db924cf7c | 2197 | |
wolfSSL | 15:117db924cf7c | 2198 | if (ret == 0 && q != NULL) { |
wolfSSL | 15:117db924cf7c | 2199 | if (mp_init(&key->q) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2200 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 2201 | } |
wolfSSL | 15:117db924cf7c | 2202 | if (ret == 0 && q != NULL) { |
wolfSSL | 15:117db924cf7c | 2203 | if (mp_read_unsigned_bin(&key->q, q, qSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2204 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 2205 | } |
wolfSSL | 15:117db924cf7c | 2206 | |
wolfSSL | 15:117db924cf7c | 2207 | if (ret != 0 && key != NULL) { |
wolfSSL | 15:117db924cf7c | 2208 | if (keyG) |
wolfSSL | 15:117db924cf7c | 2209 | mp_clear(keyG); |
wolfSSL | 15:117db924cf7c | 2210 | if (keyP) |
wolfSSL | 15:117db924cf7c | 2211 | mp_clear(keyP); |
wolfSSL | 15:117db924cf7c | 2212 | } |
wolfSSL | 15:117db924cf7c | 2213 | |
wolfSSL | 15:117db924cf7c | 2214 | return ret; |
wolfSSL | 15:117db924cf7c | 2215 | } |
wolfSSL | 15:117db924cf7c | 2216 | |
wolfSSL | 15:117db924cf7c | 2217 | |
wolfSSL | 16:8e0d178b1d1e | 2218 | int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz, const byte* g, |
wolfSSL | 16:8e0d178b1d1e | 2219 | word32 gSz, const byte* q, word32 qSz, int trusted, |
wolfSSL | 16:8e0d178b1d1e | 2220 | WC_RNG* rng) |
wolfSSL | 16:8e0d178b1d1e | 2221 | { |
wolfSSL | 16:8e0d178b1d1e | 2222 | return _DhSetKey(key, p, pSz, g, gSz, q, qSz, trusted, rng); |
wolfSSL | 16:8e0d178b1d1e | 2223 | } |
wolfSSL | 16:8e0d178b1d1e | 2224 | |
wolfSSL | 16:8e0d178b1d1e | 2225 | |
wolfSSL | 16:8e0d178b1d1e | 2226 | int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, const byte* g, |
wolfSSL | 16:8e0d178b1d1e | 2227 | word32 gSz, const byte* q, word32 qSz) |
wolfSSL | 16:8e0d178b1d1e | 2228 | { |
wolfSSL | 16:8e0d178b1d1e | 2229 | return _DhSetKey(key, p, pSz, g, gSz, q, qSz, 1, NULL); |
wolfSSL | 16:8e0d178b1d1e | 2230 | } |
wolfSSL | 16:8e0d178b1d1e | 2231 | |
wolfSSL | 16:8e0d178b1d1e | 2232 | |
wolfSSL | 15:117db924cf7c | 2233 | /* not in asn anymore since no actual asn types used */ |
wolfSSL | 15:117db924cf7c | 2234 | int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, |
wolfSSL | 15:117db924cf7c | 2235 | word32 gSz) |
wolfSSL | 15:117db924cf7c | 2236 | { |
wolfSSL | 16:8e0d178b1d1e | 2237 | return _DhSetKey(key, p, pSz, g, gSz, NULL, 0, 1, NULL); |
wolfSSL | 15:117db924cf7c | 2238 | } |
wolfSSL | 15:117db924cf7c | 2239 | |
wolfSSL | 15:117db924cf7c | 2240 | |
wolfSSL | 15:117db924cf7c | 2241 | #ifdef WOLFSSL_KEY_GEN |
wolfSSL | 15:117db924cf7c | 2242 | |
wolfSSL | 15:117db924cf7c | 2243 | /* modulus_size in bits */ |
wolfSSL | 15:117db924cf7c | 2244 | int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh) |
wolfSSL | 15:117db924cf7c | 2245 | { |
wolfSSL | 15:117db924cf7c | 2246 | mp_int tmp, tmp2; |
wolfSSL | 15:117db924cf7c | 2247 | int groupSz = 0, bufSz = 0, |
wolfSSL | 15:117db924cf7c | 2248 | primeCheckCount = 0, |
wolfSSL | 15:117db924cf7c | 2249 | primeCheck = MP_NO, |
wolfSSL | 15:117db924cf7c | 2250 | ret = 0; |
wolfSSL | 15:117db924cf7c | 2251 | unsigned char *buf = NULL; |
wolfSSL | 15:117db924cf7c | 2252 | |
wolfSSL | 15:117db924cf7c | 2253 | if (rng == NULL || dh == NULL) |
wolfSSL | 15:117db924cf7c | 2254 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 2255 | |
wolfSSL | 15:117db924cf7c | 2256 | /* set group size in bytes from modulus size |
wolfSSL | 15:117db924cf7c | 2257 | * FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256) |
wolfSSL | 15:117db924cf7c | 2258 | */ |
wolfSSL | 15:117db924cf7c | 2259 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2260 | switch (modSz) { |
wolfSSL | 15:117db924cf7c | 2261 | case 1024: |
wolfSSL | 15:117db924cf7c | 2262 | groupSz = 20; |
wolfSSL | 15:117db924cf7c | 2263 | break; |
wolfSSL | 15:117db924cf7c | 2264 | case 2048: |
wolfSSL | 15:117db924cf7c | 2265 | case 3072: |
wolfSSL | 15:117db924cf7c | 2266 | groupSz = 32; |
wolfSSL | 15:117db924cf7c | 2267 | break; |
wolfSSL | 15:117db924cf7c | 2268 | default: |
wolfSSL | 15:117db924cf7c | 2269 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 2270 | break; |
wolfSSL | 15:117db924cf7c | 2271 | } |
wolfSSL | 15:117db924cf7c | 2272 | } |
wolfSSL | 15:117db924cf7c | 2273 | |
wolfSSL | 15:117db924cf7c | 2274 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2275 | /* modulus size in bytes */ |
wolfSSL | 15:117db924cf7c | 2276 | modSz /= WOLFSSL_BIT_SIZE; |
wolfSSL | 15:117db924cf7c | 2277 | bufSz = modSz - groupSz; |
wolfSSL | 15:117db924cf7c | 2278 | |
wolfSSL | 15:117db924cf7c | 2279 | /* allocate ram */ |
wolfSSL | 15:117db924cf7c | 2280 | buf = (unsigned char *)XMALLOC(bufSz, |
wolfSSL | 15:117db924cf7c | 2281 | dh->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 15:117db924cf7c | 2282 | if (buf == NULL) |
wolfSSL | 15:117db924cf7c | 2283 | ret = MEMORY_E; |
wolfSSL | 15:117db924cf7c | 2284 | } |
wolfSSL | 15:117db924cf7c | 2285 | |
wolfSSL | 16:8e0d178b1d1e | 2286 | /* make a random string that will be multiplied against q */ |
wolfSSL | 15:117db924cf7c | 2287 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 2288 | ret = wc_RNG_GenerateBlock(rng, buf, bufSz); |
wolfSSL | 15:117db924cf7c | 2289 | |
wolfSSL | 15:117db924cf7c | 2290 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2291 | /* force magnitude */ |
wolfSSL | 15:117db924cf7c | 2292 | buf[0] |= 0xC0; |
wolfSSL | 15:117db924cf7c | 2293 | /* force even */ |
wolfSSL | 15:117db924cf7c | 2294 | buf[bufSz - 1] &= ~1; |
wolfSSL | 15:117db924cf7c | 2295 | |
wolfSSL | 15:117db924cf7c | 2296 | if (mp_init_multi(&tmp, &tmp2, &dh->p, &dh->q, &dh->g, 0) |
wolfSSL | 15:117db924cf7c | 2297 | != MP_OKAY) { |
wolfSSL | 15:117db924cf7c | 2298 | ret = MP_INIT_E; |
wolfSSL | 15:117db924cf7c | 2299 | } |
wolfSSL | 15:117db924cf7c | 2300 | } |
wolfSSL | 15:117db924cf7c | 2301 | |
wolfSSL | 15:117db924cf7c | 2302 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2303 | if (mp_read_unsigned_bin(&tmp2, buf, bufSz) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2304 | ret = MP_READ_E; |
wolfSSL | 15:117db924cf7c | 2305 | } |
wolfSSL | 15:117db924cf7c | 2306 | |
wolfSSL | 15:117db924cf7c | 2307 | /* make our prime q */ |
wolfSSL | 15:117db924cf7c | 2308 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2309 | if (mp_rand_prime(&dh->q, groupSz, rng, NULL) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2310 | ret = PRIME_GEN_E; |
wolfSSL | 15:117db924cf7c | 2311 | } |
wolfSSL | 15:117db924cf7c | 2312 | |
wolfSSL | 15:117db924cf7c | 2313 | /* p = random * q */ |
wolfSSL | 15:117db924cf7c | 2314 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2315 | if (mp_mul(&dh->q, &tmp2, &dh->p) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2316 | ret = MP_MUL_E; |
wolfSSL | 15:117db924cf7c | 2317 | } |
wolfSSL | 15:117db924cf7c | 2318 | |
wolfSSL | 15:117db924cf7c | 2319 | /* p = random * q + 1, so q is a prime divisor of p-1 */ |
wolfSSL | 15:117db924cf7c | 2320 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2321 | if (mp_add_d(&dh->p, 1, &dh->p) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2322 | ret = MP_ADD_E; |
wolfSSL | 15:117db924cf7c | 2323 | } |
wolfSSL | 15:117db924cf7c | 2324 | |
wolfSSL | 15:117db924cf7c | 2325 | /* tmp = 2q */ |
wolfSSL | 15:117db924cf7c | 2326 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2327 | if (mp_add(&dh->q, &dh->q, &tmp) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2328 | ret = MP_ADD_E; |
wolfSSL | 15:117db924cf7c | 2329 | } |
wolfSSL | 15:117db924cf7c | 2330 | |
wolfSSL | 15:117db924cf7c | 2331 | /* loop until p is prime */ |
wolfSSL | 15:117db924cf7c | 2332 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2333 | do { |
wolfSSL | 16:8e0d178b1d1e | 2334 | if (mp_prime_is_prime_ex(&dh->p, 8, &primeCheck, rng) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2335 | ret = PRIME_GEN_E; |
wolfSSL | 15:117db924cf7c | 2336 | |
wolfSSL | 15:117db924cf7c | 2337 | if (primeCheck != MP_YES) { |
wolfSSL | 15:117db924cf7c | 2338 | /* p += 2q */ |
wolfSSL | 15:117db924cf7c | 2339 | if (mp_add(&tmp, &dh->p, &dh->p) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2340 | ret = MP_ADD_E; |
wolfSSL | 15:117db924cf7c | 2341 | else |
wolfSSL | 15:117db924cf7c | 2342 | primeCheckCount++; |
wolfSSL | 15:117db924cf7c | 2343 | } |
wolfSSL | 15:117db924cf7c | 2344 | } while (ret == 0 && primeCheck == MP_NO); |
wolfSSL | 15:117db924cf7c | 2345 | } |
wolfSSL | 15:117db924cf7c | 2346 | |
wolfSSL | 15:117db924cf7c | 2347 | /* tmp2 += (2*loop_check_prime) |
wolfSSL | 15:117db924cf7c | 2348 | * to have p = (q * tmp2) + 1 prime |
wolfSSL | 15:117db924cf7c | 2349 | */ |
wolfSSL | 16:8e0d178b1d1e | 2350 | if ((ret == 0) && (primeCheckCount)) { |
wolfSSL | 15:117db924cf7c | 2351 | if (mp_add_d(&tmp2, 2 * primeCheckCount, &tmp2) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2352 | ret = MP_ADD_E; |
wolfSSL | 15:117db924cf7c | 2353 | } |
wolfSSL | 15:117db924cf7c | 2354 | |
wolfSSL | 15:117db924cf7c | 2355 | /* find a value g for which g^tmp2 != 1 */ |
wolfSSL | 16:8e0d178b1d1e | 2356 | if ((ret == 0) && (mp_set(&dh->g, 1) != MP_OKAY)) |
wolfSSL | 15:117db924cf7c | 2357 | ret = MP_ZERO_E; |
wolfSSL | 15:117db924cf7c | 2358 | |
wolfSSL | 15:117db924cf7c | 2359 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2360 | do { |
wolfSSL | 15:117db924cf7c | 2361 | if (mp_add_d(&dh->g, 1, &dh->g) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2362 | ret = MP_ADD_E; |
wolfSSL | 15:117db924cf7c | 2363 | else if (mp_exptmod(&dh->g, &tmp2, &dh->p, &tmp) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2364 | ret = MP_EXPTMOD_E; |
wolfSSL | 15:117db924cf7c | 2365 | } while (ret == 0 && mp_cmp_d(&tmp, 1) == MP_EQ); |
wolfSSL | 15:117db924cf7c | 2366 | } |
wolfSSL | 15:117db924cf7c | 2367 | |
wolfSSL | 16:8e0d178b1d1e | 2368 | if (ret == 0) { |
wolfSSL | 16:8e0d178b1d1e | 2369 | /* at this point tmp generates a group of order q mod p */ |
wolfSSL | 16:8e0d178b1d1e | 2370 | mp_exch(&tmp, &dh->g); |
wolfSSL | 16:8e0d178b1d1e | 2371 | } |
wolfSSL | 15:117db924cf7c | 2372 | |
wolfSSL | 15:117db924cf7c | 2373 | /* clear the parameters if there was an error */ |
wolfSSL | 16:8e0d178b1d1e | 2374 | if ((ret != 0) && (dh != NULL)) { |
wolfSSL | 15:117db924cf7c | 2375 | mp_clear(&dh->q); |
wolfSSL | 15:117db924cf7c | 2376 | mp_clear(&dh->p); |
wolfSSL | 15:117db924cf7c | 2377 | mp_clear(&dh->g); |
wolfSSL | 15:117db924cf7c | 2378 | } |
wolfSSL | 15:117db924cf7c | 2379 | |
wolfSSL | 16:8e0d178b1d1e | 2380 | if (buf != NULL) { |
wolfSSL | 16:8e0d178b1d1e | 2381 | ForceZero(buf, bufSz); |
wolfSSL | 16:8e0d178b1d1e | 2382 | if (dh != NULL) { |
wolfSSL | 16:8e0d178b1d1e | 2383 | XFREE(buf, dh->heap, DYNAMIC_TYPE_TMP_BUFFER); |
wolfSSL | 16:8e0d178b1d1e | 2384 | } |
wolfSSL | 16:8e0d178b1d1e | 2385 | } |
wolfSSL | 15:117db924cf7c | 2386 | mp_clear(&tmp); |
wolfSSL | 15:117db924cf7c | 2387 | mp_clear(&tmp2); |
wolfSSL | 15:117db924cf7c | 2388 | |
wolfSSL | 15:117db924cf7c | 2389 | return ret; |
wolfSSL | 15:117db924cf7c | 2390 | } |
wolfSSL | 15:117db924cf7c | 2391 | |
wolfSSL | 15:117db924cf7c | 2392 | |
wolfSSL | 15:117db924cf7c | 2393 | /* Export raw DH parameters from DhKey structure |
wolfSSL | 15:117db924cf7c | 2394 | * |
wolfSSL | 15:117db924cf7c | 2395 | * dh - pointer to initialized DhKey structure |
wolfSSL | 15:117db924cf7c | 2396 | * p - output location for DH (p) parameter |
wolfSSL | 15:117db924cf7c | 2397 | * pSz - [IN/OUT] size of output buffer for p, size of p |
wolfSSL | 15:117db924cf7c | 2398 | * q - output location for DH (q) parameter |
wolfSSL | 15:117db924cf7c | 2399 | * qSz - [IN/OUT] size of output buffer for q, size of q |
wolfSSL | 15:117db924cf7c | 2400 | * g - output location for DH (g) parameter |
wolfSSL | 15:117db924cf7c | 2401 | * gSz - [IN/OUT] size of output buffer for g, size of g |
wolfSSL | 15:117db924cf7c | 2402 | * |
wolfSSL | 15:117db924cf7c | 2403 | * If p, q, and g pointers are all passed in as NULL, the function |
wolfSSL | 15:117db924cf7c | 2404 | * will set pSz, qSz, and gSz to the required output buffer sizes for p, |
wolfSSL | 15:117db924cf7c | 2405 | * q, and g. In this case, the function will return LENGTH_ONLY_E. |
wolfSSL | 15:117db924cf7c | 2406 | * |
wolfSSL | 15:117db924cf7c | 2407 | * returns 0 on success, negative upon failure |
wolfSSL | 15:117db924cf7c | 2408 | */ |
wolfSSL | 15:117db924cf7c | 2409 | int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz, |
wolfSSL | 15:117db924cf7c | 2410 | byte* q, word32* qSz, byte* g, word32* gSz) |
wolfSSL | 15:117db924cf7c | 2411 | { |
wolfSSL | 15:117db924cf7c | 2412 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 2413 | word32 pLen = 0, qLen = 0, gLen = 0; |
wolfSSL | 15:117db924cf7c | 2414 | |
wolfSSL | 15:117db924cf7c | 2415 | if (dh == NULL || pSz == NULL || qSz == NULL || gSz == NULL) |
wolfSSL | 15:117db924cf7c | 2416 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 2417 | |
wolfSSL | 15:117db924cf7c | 2418 | /* get required output buffer sizes */ |
wolfSSL | 15:117db924cf7c | 2419 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2420 | pLen = mp_unsigned_bin_size(&dh->p); |
wolfSSL | 15:117db924cf7c | 2421 | qLen = mp_unsigned_bin_size(&dh->q); |
wolfSSL | 15:117db924cf7c | 2422 | gLen = mp_unsigned_bin_size(&dh->g); |
wolfSSL | 15:117db924cf7c | 2423 | |
wolfSSL | 15:117db924cf7c | 2424 | /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */ |
wolfSSL | 15:117db924cf7c | 2425 | if (p == NULL && q == NULL && g == NULL) { |
wolfSSL | 15:117db924cf7c | 2426 | *pSz = pLen; |
wolfSSL | 15:117db924cf7c | 2427 | *qSz = qLen; |
wolfSSL | 15:117db924cf7c | 2428 | *gSz = gLen; |
wolfSSL | 15:117db924cf7c | 2429 | ret = LENGTH_ONLY_E; |
wolfSSL | 15:117db924cf7c | 2430 | } |
wolfSSL | 15:117db924cf7c | 2431 | } |
wolfSSL | 15:117db924cf7c | 2432 | |
wolfSSL | 15:117db924cf7c | 2433 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2434 | if (p == NULL || q == NULL || g == NULL) |
wolfSSL | 15:117db924cf7c | 2435 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 2436 | } |
wolfSSL | 15:117db924cf7c | 2437 | |
wolfSSL | 15:117db924cf7c | 2438 | /* export p */ |
wolfSSL | 15:117db924cf7c | 2439 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2440 | if (*pSz < pLen) { |
wolfSSL | 15:117db924cf7c | 2441 | WOLFSSL_MSG("Output buffer for DH p parameter too small, " |
wolfSSL | 15:117db924cf7c | 2442 | "required size placed into pSz"); |
wolfSSL | 15:117db924cf7c | 2443 | *pSz = pLen; |
wolfSSL | 15:117db924cf7c | 2444 | ret = BUFFER_E; |
wolfSSL | 15:117db924cf7c | 2445 | } |
wolfSSL | 15:117db924cf7c | 2446 | } |
wolfSSL | 15:117db924cf7c | 2447 | |
wolfSSL | 15:117db924cf7c | 2448 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2449 | *pSz = pLen; |
wolfSSL | 15:117db924cf7c | 2450 | if (mp_to_unsigned_bin(&dh->p, p) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2451 | ret = MP_TO_E; |
wolfSSL | 15:117db924cf7c | 2452 | } |
wolfSSL | 15:117db924cf7c | 2453 | |
wolfSSL | 15:117db924cf7c | 2454 | /* export q */ |
wolfSSL | 15:117db924cf7c | 2455 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2456 | if (*qSz < qLen) { |
wolfSSL | 15:117db924cf7c | 2457 | WOLFSSL_MSG("Output buffer for DH q parameter too small, " |
wolfSSL | 15:117db924cf7c | 2458 | "required size placed into qSz"); |
wolfSSL | 15:117db924cf7c | 2459 | *qSz = qLen; |
wolfSSL | 15:117db924cf7c | 2460 | ret = BUFFER_E; |
wolfSSL | 15:117db924cf7c | 2461 | } |
wolfSSL | 15:117db924cf7c | 2462 | } |
wolfSSL | 15:117db924cf7c | 2463 | |
wolfSSL | 15:117db924cf7c | 2464 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2465 | *qSz = qLen; |
wolfSSL | 15:117db924cf7c | 2466 | if (mp_to_unsigned_bin(&dh->q, q) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2467 | ret = MP_TO_E; |
wolfSSL | 15:117db924cf7c | 2468 | } |
wolfSSL | 15:117db924cf7c | 2469 | |
wolfSSL | 15:117db924cf7c | 2470 | /* export g */ |
wolfSSL | 15:117db924cf7c | 2471 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2472 | if (*gSz < gLen) { |
wolfSSL | 15:117db924cf7c | 2473 | WOLFSSL_MSG("Output buffer for DH g parameter too small, " |
wolfSSL | 15:117db924cf7c | 2474 | "required size placed into gSz"); |
wolfSSL | 15:117db924cf7c | 2475 | *gSz = gLen; |
wolfSSL | 15:117db924cf7c | 2476 | ret = BUFFER_E; |
wolfSSL | 15:117db924cf7c | 2477 | } |
wolfSSL | 15:117db924cf7c | 2478 | } |
wolfSSL | 15:117db924cf7c | 2479 | |
wolfSSL | 15:117db924cf7c | 2480 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 2481 | *gSz = gLen; |
wolfSSL | 15:117db924cf7c | 2482 | if (mp_to_unsigned_bin(&dh->g, g) != MP_OKAY) |
wolfSSL | 15:117db924cf7c | 2483 | ret = MP_TO_E; |
wolfSSL | 15:117db924cf7c | 2484 | } |
wolfSSL | 15:117db924cf7c | 2485 | |
wolfSSL | 15:117db924cf7c | 2486 | return ret; |
wolfSSL | 15:117db924cf7c | 2487 | } |
wolfSSL | 15:117db924cf7c | 2488 | |
wolfSSL | 15:117db924cf7c | 2489 | #endif /* WOLFSSL_KEY_GEN */ |
wolfSSL | 15:117db924cf7c | 2490 | |
wolfSSL | 15:117db924cf7c | 2491 | #endif /* NO_DH */ |
wolfSSL | 15:117db924cf7c | 2492 |