1 /* 2 * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <openssl/bn.h> 11 #include "crypto/bn_dh.h" 12 13 #define COPY_BN(dst, src) (dst != NULL) ? BN_copy(dst, &src) : BN_dup(&src) 14 15 16 /*- 17 * "First Oakley Default Group" from RFC2409, section 6.1. 18 * 19 * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } 20 * 21 * RFC2409 specifies a generator of 2. 22 * RFC2412 specifies a generator of of 22. 23 */ 24 25 BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn) 26 { 27 static const unsigned char RFC2409_PRIME_768[] = { 28 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 29 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 30 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 31 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 32 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 33 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 34 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 35 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 36 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 37 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 38 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x3A, 0x36, 0x20, 39 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 40 }; 41 return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn); 42 } 43 44 /*- 45 * "Second Oakley Default Group" from RFC2409, section 6.2. 46 * 47 * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. 48 * 49 * RFC2409 specifies a generator of 2. 50 * RFC2412 specifies a generator of 22. 51 */ 52 53 BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn) 54 { 55 static const unsigned char RFC2409_PRIME_1024[] = { 56 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 57 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 58 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 59 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 60 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 61 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 62 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 63 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 64 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 65 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 66 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 67 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 68 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 69 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 70 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81, 71 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 72 }; 73 return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn); 74 } 75 76 /*- 77 * "1536-bit MODP Group" from RFC3526, Section 2. 78 * 79 * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } 80 * 81 * RFC3526 specifies a generator of 2. 82 * RFC2312 specifies a generator of 22. 83 */ 84 85 #ifndef FIPS_MODULE 86 BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn) 87 { 88 return COPY_BN(bn, ossl_bignum_modp_1536_p); 89 } 90 #endif 91 92 /*- 93 * "2048-bit MODP Group" from RFC3526, Section 3. 94 * 95 * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } 96 * 97 * RFC3526 specifies a generator of 2. 98 */ 99 100 BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn) 101 { 102 return COPY_BN(bn, ossl_bignum_modp_2048_p); 103 } 104 105 /*- 106 * "3072-bit MODP Group" from RFC3526, Section 4. 107 * 108 * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } 109 * 110 * RFC3526 specifies a generator of 2. 111 */ 112 113 BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn) 114 { 115 return COPY_BN(bn, ossl_bignum_modp_3072_p); 116 } 117 118 /*- 119 * "4096-bit MODP Group" from RFC3526, Section 5. 120 * 121 * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } 122 * 123 * RFC3526 specifies a generator of 2. 124 */ 125 126 BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn) 127 { 128 return COPY_BN(bn, ossl_bignum_modp_4096_p); 129 } 130 131 /*- 132 * "6144-bit MODP Group" from RFC3526, Section 6. 133 * 134 * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } 135 * 136 * RFC3526 specifies a generator of 2. 137 */ 138 139 BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn) 140 { 141 return COPY_BN(bn, ossl_bignum_modp_6144_p); 142 } 143 144 /*- 145 * "8192-bit MODP Group" from RFC3526, Section 7. 146 * 147 * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } 148 * 149 * RFC3526 specifies a generator of 2. 150 */ 151 152 BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn) 153 { 154 return COPY_BN(bn, ossl_bignum_modp_8192_p); 155 } 156