• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <openssl/bn.h>
11 #include "crypto/bn_dh.h"
12 
13 #define COPY_BN(dst, src) (dst != NULL) ? BN_copy(dst, &src) : BN_dup(&src)
14 
15 
16 /*-
17  * "First Oakley Default Group" from RFC2409, section 6.1.
18  *
19  * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
20  *
21  * RFC2409 specifies a generator of 2.
22  * RFC2412 specifies a generator of of 22.
23  */
24 
BN_get_rfc2409_prime_768(BIGNUM * bn)25 BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
26 {
27     static const unsigned char RFC2409_PRIME_768[] = {
28         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
29         0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
30         0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
31         0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
32         0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
33         0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
34         0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
35         0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
36         0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
37         0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
38         0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x3A, 0x36, 0x20,
39         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
40     };
41     return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
42 }
43 
44 /*-
45  * "Second Oakley Default Group" from RFC2409, section 6.2.
46  *
47  * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
48  *
49  * RFC2409 specifies a generator of 2.
50  * RFC2412 specifies a generator of 22.
51  */
52 
BN_get_rfc2409_prime_1024(BIGNUM * bn)53 BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
54 {
55     static const unsigned char RFC2409_PRIME_1024[] = {
56         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
57         0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
58         0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
59         0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
60         0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
61         0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
62         0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
63         0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
64         0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
65         0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
66         0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
67         0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
68         0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
69         0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
70         0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
71         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
72     };
73     return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
74 }
75 
76 /*-
77  * "1536-bit MODP Group" from RFC3526, Section 2.
78  *
79  * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
80  *
81  * RFC3526 specifies a generator of 2.
82  * RFC2312 specifies a generator of 22.
83  */
84 
BN_get_rfc3526_prime_1536(BIGNUM * bn)85 BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
86 {
87     return COPY_BN(bn, ossl_bignum_modp_1536_p);
88 }
89 
90 /*-
91  * "2048-bit MODP Group" from RFC3526, Section 3.
92  *
93  * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
94  *
95  * RFC3526 specifies a generator of 2.
96  */
97 
BN_get_rfc3526_prime_2048(BIGNUM * bn)98 BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
99 {
100     return COPY_BN(bn, ossl_bignum_modp_2048_p);
101 }
102 
103 /*-
104  * "3072-bit MODP Group" from RFC3526, Section 4.
105  *
106  * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
107  *
108  * RFC3526 specifies a generator of 2.
109  */
110 
BN_get_rfc3526_prime_3072(BIGNUM * bn)111 BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
112 {
113     return COPY_BN(bn, ossl_bignum_modp_3072_p);
114 }
115 
116 /*-
117  * "4096-bit MODP Group" from RFC3526, Section 5.
118  *
119  * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
120  *
121  * RFC3526 specifies a generator of 2.
122  */
123 
BN_get_rfc3526_prime_4096(BIGNUM * bn)124 BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
125 {
126     return COPY_BN(bn, ossl_bignum_modp_4096_p);
127 }
128 
129 /*-
130  * "6144-bit MODP Group" from RFC3526, Section 6.
131  *
132  * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
133  *
134  * RFC3526 specifies a generator of 2.
135  */
136 
BN_get_rfc3526_prime_6144(BIGNUM * bn)137 BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
138 {
139     return COPY_BN(bn, ossl_bignum_modp_6144_p);
140 }
141 
142 /*-
143  * "8192-bit MODP Group" from RFC3526, Section 7.
144  *
145  * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
146  *
147  * RFC3526 specifies a generator of 2.
148  */
149 
BN_get_rfc3526_prime_8192(BIGNUM * bn)150 BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)
151 {
152     return COPY_BN(bn, ossl_bignum_modp_8192_p);
153 }
154