1189251Ssam/* 2189251Ssam * Diffie-Hellman groups 3189251Ssam * Copyright (c) 2007, Jouni Malinen <j@w1.fi> 4189251Ssam * 5252726Srpaulo * This software may be distributed under the terms of the BSD license. 6252726Srpaulo * See README for more details. 7189251Ssam */ 8189251Ssam 9189251Ssam#include "includes.h" 10189251Ssam 11189251Ssam#include "common.h" 12189251Ssam#include "crypto.h" 13252726Srpaulo#include "random.h" 14189251Ssam#include "dh_groups.h" 15189251Ssam 16189251Ssam 17209158Srpaulo#ifdef ALL_DH_GROUPS 18209158Srpaulo 19189251Ssam/* RFC 4306, B.1. Group 1 - 768 Bit MODP 20189251Ssam * Generator: 2 21189251Ssam * Prime: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } 22189251Ssam */ 23189251Ssamstatic const u8 dh_group1_generator[1] = { 0x02 }; 24189251Ssamstatic const u8 dh_group1_prime[96] = { 25189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 26189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 27189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 28189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 29189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 30189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 31189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 32189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 33189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 34189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 35189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x3A, 0x36, 0x20, 36189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 37189251Ssam}; 38189251Ssam 39189251Ssam/* RFC 4306, B.2. Group 2 - 1024 Bit MODP 40189251Ssam * Generator: 2 41189251Ssam * Prime: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 } 42189251Ssam */ 43189251Ssamstatic const u8 dh_group2_generator[1] = { 0x02 }; 44189251Ssamstatic const u8 dh_group2_prime[128] = { 45189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 46189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 47189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 48189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 49189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 50189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 51189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 52189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 53189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 54189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 55189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 56189251Ssam 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 57189251Ssam 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 58189251Ssam 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 59189251Ssam 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81, 60189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 61189251Ssam}; 62189251Ssam 63209158Srpaulo#endif /* ALL_DH_GROUPS */ 64209158Srpaulo 65189251Ssam/* RFC 3526, 2. Group 5 - 1536 Bit MODP 66189251Ssam * Generator: 2 67189251Ssam * Prime: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } 68189251Ssam */ 69189251Ssamstatic const u8 dh_group5_generator[1] = { 0x02 }; 70189251Ssamstatic const u8 dh_group5_prime[192] = { 71189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 72189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 73189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 74189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 75189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 76189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 77189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 78189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 79189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 80189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 81189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 82189251Ssam 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 83189251Ssam 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 84189251Ssam 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 85189251Ssam 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 86189251Ssam 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 87189251Ssam 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 88189251Ssam 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, 89189251Ssam 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 90189251Ssam 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 91189251Ssam 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 92189251Ssam 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 93189251Ssam 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23, 0x73, 0x27, 94189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 95189251Ssam}; 96189251Ssam 97209158Srpaulo#ifdef ALL_DH_GROUPS 98209158Srpaulo 99189251Ssam/* RFC 3526, 3. Group 14 - 2048 Bit MODP 100189251Ssam * Generator: 2 101189251Ssam * Prime: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } 102189251Ssam */ 103189251Ssamstatic const u8 dh_group14_generator[1] = { 0x02 }; 104189251Ssamstatic const u8 dh_group14_prime[256] = { 105189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 106189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 107189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 108189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 109189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 110189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 111189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 112189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 113189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 114189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 115189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 116189251Ssam 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 117189251Ssam 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 118189251Ssam 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 119189251Ssam 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 120189251Ssam 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 121189251Ssam 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 122189251Ssam 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, 123189251Ssam 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 124189251Ssam 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 125189251Ssam 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 126189251Ssam 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 127189251Ssam 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 128189251Ssam 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, 129189251Ssam 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 130189251Ssam 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 131189251Ssam 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 132189251Ssam 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 133189251Ssam 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 134189251Ssam 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 135189251Ssam 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 136189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 137189251Ssam}; 138189251Ssam 139189251Ssam/* RFC 3526, 4. Group 15 - 3072 Bit MODP 140189251Ssam * Generator: 2 141189251Ssam * Prime: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } 142189251Ssam */ 143189251Ssamstatic const u8 dh_group15_generator[1] = { 0x02 }; 144189251Ssamstatic const u8 dh_group15_prime[384] = { 145189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 146189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 147189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 148189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 149189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 150189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 151189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 152189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 153189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 154189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 155189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 156189251Ssam 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 157189251Ssam 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 158189251Ssam 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 159189251Ssam 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 160189251Ssam 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 161189251Ssam 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 162189251Ssam 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, 163189251Ssam 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 164189251Ssam 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 165189251Ssam 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 166189251Ssam 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 167189251Ssam 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 168189251Ssam 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, 169189251Ssam 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 170189251Ssam 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 171189251Ssam 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 172189251Ssam 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 173189251Ssam 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 174189251Ssam 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 175189251Ssam 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 176189251Ssam 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, 177189251Ssam 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 178189251Ssam 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 179189251Ssam 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, 180189251Ssam 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, 181189251Ssam 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 182189251Ssam 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, 183189251Ssam 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 184189251Ssam 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 185189251Ssam 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 186189251Ssam 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, 187189251Ssam 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 188189251Ssam 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, 189189251Ssam 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, 190189251Ssam 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 191189251Ssam 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, 192189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 193189251Ssam}; 194189251Ssam 195189251Ssam/* RFC 3526, 5. Group 16 - 4096 Bit MODP 196189251Ssam * Generator: 2 197189251Ssam * Prime: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } 198189251Ssam */ 199189251Ssamstatic const u8 dh_group16_generator[1] = { 0x02 }; 200189251Ssamstatic const u8 dh_group16_prime[512] = { 201189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 202189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 203189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 204189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 205189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 206189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 207189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 208189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 209189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 210189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 211189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 212189251Ssam 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 213189251Ssam 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 214189251Ssam 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 215189251Ssam 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 216189251Ssam 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 217189251Ssam 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 218189251Ssam 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, 219189251Ssam 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 220189251Ssam 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 221189251Ssam 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 222189251Ssam 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 223189251Ssam 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 224189251Ssam 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, 225189251Ssam 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 226189251Ssam 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 227189251Ssam 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 228189251Ssam 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 229189251Ssam 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 230189251Ssam 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 231189251Ssam 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 232189251Ssam 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, 233189251Ssam 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 234189251Ssam 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 235189251Ssam 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, 236189251Ssam 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, 237189251Ssam 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 238189251Ssam 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, 239189251Ssam 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 240189251Ssam 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 241189251Ssam 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 242189251Ssam 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, 243189251Ssam 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 244189251Ssam 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, 245189251Ssam 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, 246189251Ssam 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 247189251Ssam 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, 248189251Ssam 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 249189251Ssam 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 250189251Ssam 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, 251189251Ssam 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, 252189251Ssam 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 253189251Ssam 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, 254189251Ssam 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 255189251Ssam 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 256189251Ssam 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, 257189251Ssam 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, 258189251Ssam 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 259189251Ssam 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, 260189251Ssam 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, 261189251Ssam 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 262189251Ssam 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 263189251Ssam 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, 264189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 265189251Ssam}; 266189251Ssam 267189251Ssam/* RFC 3526, 6. Group 17 - 6144 Bit MODP 268189251Ssam * Generator: 2 269189251Ssam * Prime: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } 270189251Ssam */ 271189251Ssamstatic const u8 dh_group17_generator[1] = { 0x02 }; 272189251Ssamstatic const u8 dh_group17_prime[768] = { 273189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 274189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 275189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 276189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 277189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 278189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 279189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 280189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 281189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 282189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 283189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 284189251Ssam 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 285189251Ssam 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 286189251Ssam 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 287189251Ssam 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 288189251Ssam 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 289189251Ssam 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 290189251Ssam 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, 291189251Ssam 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 292189251Ssam 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 293189251Ssam 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 294189251Ssam 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 295189251Ssam 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 296189251Ssam 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, 297189251Ssam 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 298189251Ssam 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 299189251Ssam 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 300189251Ssam 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 301189251Ssam 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 302189251Ssam 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 303189251Ssam 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 304189251Ssam 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, 305189251Ssam 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 306189251Ssam 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 307189251Ssam 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, 308189251Ssam 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, 309189251Ssam 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 310189251Ssam 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, 311189251Ssam 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 312189251Ssam 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 313189251Ssam 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 314189251Ssam 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, 315189251Ssam 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 316189251Ssam 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, 317189251Ssam 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, 318189251Ssam 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 319189251Ssam 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, 320189251Ssam 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 321189251Ssam 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 322189251Ssam 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, 323189251Ssam 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, 324189251Ssam 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 325189251Ssam 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, 326189251Ssam 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 327189251Ssam 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 328189251Ssam 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, 329189251Ssam 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, 330189251Ssam 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 331189251Ssam 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, 332189251Ssam 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, 333189251Ssam 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 334189251Ssam 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 335189251Ssam 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, 336189251Ssam 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 337189251Ssam 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, 338189251Ssam 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, 339189251Ssam 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 340189251Ssam 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, 341189251Ssam 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 342189251Ssam 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 343189251Ssam 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, 344189251Ssam 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, 345189251Ssam 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 346189251Ssam 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, 347189251Ssam 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, 348189251Ssam 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 349189251Ssam 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, 350189251Ssam 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, 351189251Ssam 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 352189251Ssam 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, 353189251Ssam 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, 354189251Ssam 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 355189251Ssam 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 356189251Ssam 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, 357189251Ssam 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 358189251Ssam 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, 359189251Ssam 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, 360189251Ssam 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 361189251Ssam 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 362189251Ssam 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 363189251Ssam 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 364189251Ssam 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, 365189251Ssam 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, 366189251Ssam 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 367189251Ssam 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xCC, 0x40, 0x24, 368189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 369189251Ssam}; 370189251Ssam 371189251Ssam/* RFC 3526, 7. Group 18 - 8192 Bit MODP 372189251Ssam * Generator: 2 373189251Ssam * Prime: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } 374189251Ssam */ 375189251Ssamstatic const u8 dh_group18_generator[1] = { 0x02 }; 376189251Ssamstatic const u8 dh_group18_prime[1024] = { 377189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 378189251Ssam 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 379189251Ssam 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 380189251Ssam 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 381189251Ssam 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 382189251Ssam 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 383189251Ssam 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 384189251Ssam 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 385189251Ssam 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 386189251Ssam 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 387189251Ssam 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 388189251Ssam 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 389189251Ssam 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 390189251Ssam 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 391189251Ssam 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 392189251Ssam 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 393189251Ssam 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 394189251Ssam 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, 395189251Ssam 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 396189251Ssam 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 397189251Ssam 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 398189251Ssam 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 399189251Ssam 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 400189251Ssam 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, 401189251Ssam 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 402189251Ssam 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 403189251Ssam 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 404189251Ssam 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 405189251Ssam 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 406189251Ssam 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 407189251Ssam 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 408189251Ssam 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, 409189251Ssam 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 410189251Ssam 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 411189251Ssam 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, 412189251Ssam 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, 413189251Ssam 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 414189251Ssam 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, 415189251Ssam 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 416189251Ssam 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 417189251Ssam 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 418189251Ssam 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, 419189251Ssam 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 420189251Ssam 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, 421189251Ssam 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, 422189251Ssam 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 423189251Ssam 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, 424189251Ssam 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 425189251Ssam 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 426189251Ssam 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, 427189251Ssam 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, 428189251Ssam 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 429189251Ssam 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, 430189251Ssam 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 431189251Ssam 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 432189251Ssam 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, 433189251Ssam 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, 434189251Ssam 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 435189251Ssam 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, 436189251Ssam 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, 437189251Ssam 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 438189251Ssam 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 439189251Ssam 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, 440189251Ssam 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 441189251Ssam 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, 442189251Ssam 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, 443189251Ssam 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 444189251Ssam 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, 445189251Ssam 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 446189251Ssam 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 447189251Ssam 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, 448189251Ssam 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, 449189251Ssam 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 450189251Ssam 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, 451189251Ssam 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, 452189251Ssam 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 453189251Ssam 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, 454189251Ssam 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, 455189251Ssam 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 456189251Ssam 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, 457189251Ssam 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, 458189251Ssam 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 459189251Ssam 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 460189251Ssam 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, 461189251Ssam 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 462189251Ssam 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, 463189251Ssam 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, 464189251Ssam 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 465189251Ssam 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 466189251Ssam 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 467189251Ssam 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 468189251Ssam 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, 469189251Ssam 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, 470189251Ssam 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 471189251Ssam 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xBE, 0x11, 0x59, 472189251Ssam 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4, 473189251Ssam 0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 474189251Ssam 0xD8, 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA, 475189251Ssam 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00, 476189251Ssam 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, 477189251Ssam 0x25, 0x76, 0xF6, 0x93, 0x6B, 0xA4, 0x24, 0x66, 478189251Ssam 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68, 479189251Ssam 0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, 480189251Ssam 0x23, 0x8F, 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D, 481189251Ssam 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9, 482189251Ssam 0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, 483189251Ssam 0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, 0xF0, 0xC7, 484189251Ssam 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B, 485189251Ssam 0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, 486189251Ssam 0xFA, 0x9D, 0x4B, 0x7F, 0xA2, 0xC0, 0x87, 0xE8, 487189251Ssam 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, 488189251Ssam 0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, 489189251Ssam 0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, 0x2D, 490189251Ssam 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36, 491189251Ssam 0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, 492189251Ssam 0x64, 0xF3, 0x1C, 0xC5, 0x08, 0x46, 0x85, 0x1D, 493189251Ssam 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1, 494189251Ssam 0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 495189251Ssam 0xFA, 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68, 496189251Ssam 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92, 497189251Ssam 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, 498189251Ssam 0x88, 0x9A, 0x00, 0x2E, 0xD5, 0xEE, 0x38, 0x2B, 499189251Ssam 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47, 500189251Ssam 0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, 501189251Ssam 0x9E, 0x30, 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF, 502189251Ssam 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71, 503189251Ssam 0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, 504189251Ssam 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 505189251Ssam}; 506189251Ssam 507209158Srpaulo#endif /* ALL_DH_GROUPS */ 508189251Ssam 509209158Srpaulo 510189251Ssam#define DH_GROUP(id) \ 511189251Ssam{ id, dh_group ## id ## _generator, sizeof(dh_group ## id ## _generator), \ 512189251Ssamdh_group ## id ## _prime, sizeof(dh_group ## id ## _prime) } 513189251Ssam 514189251Ssam 515189251Ssamstatic struct dh_group dh_groups[] = { 516209158Srpaulo DH_GROUP(5), 517209158Srpaulo#ifdef ALL_DH_GROUPS 518189251Ssam DH_GROUP(1), 519189251Ssam DH_GROUP(2), 520189251Ssam DH_GROUP(14), 521189251Ssam DH_GROUP(15), 522189251Ssam DH_GROUP(16), 523189251Ssam DH_GROUP(17), 524189251Ssam DH_GROUP(18) 525209158Srpaulo#endif /* ALL_DH_GROUPS */ 526189251Ssam}; 527189251Ssam 528189251Ssam#define NUM_DH_GROUPS (sizeof(dh_groups) / sizeof(dh_groups[0])) 529189251Ssam 530189251Ssam 531189251Ssamconst struct dh_group * dh_groups_get(int id) 532189251Ssam{ 533189251Ssam size_t i; 534189251Ssam 535189251Ssam for (i = 0; i < NUM_DH_GROUPS; i++) { 536189251Ssam if (dh_groups[i].id == id) 537189251Ssam return &dh_groups[i]; 538189251Ssam } 539189251Ssam return NULL; 540189251Ssam} 541189251Ssam 542189251Ssam 543189251Ssam/** 544189251Ssam * dh_init - Initialize Diffie-Hellman handshake 545189251Ssam * @dh: Selected Diffie-Hellman group 546189251Ssam * @priv: Pointer for returning Diffie-Hellman private key 547189251Ssam * Returns: Diffie-Hellman public value 548189251Ssam */ 549189251Ssamstruct wpabuf * dh_init(const struct dh_group *dh, struct wpabuf **priv) 550189251Ssam{ 551189251Ssam struct wpabuf *pv; 552189251Ssam size_t pv_len; 553189251Ssam 554189251Ssam if (dh == NULL) 555189251Ssam return NULL; 556189251Ssam 557189251Ssam wpabuf_free(*priv); 558189251Ssam *priv = wpabuf_alloc(dh->prime_len); 559189251Ssam if (*priv == NULL) 560189251Ssam return NULL; 561189251Ssam 562252726Srpaulo if (random_get_bytes(wpabuf_put(*priv, dh->prime_len), dh->prime_len)) 563252726Srpaulo { 564189251Ssam wpabuf_free(*priv); 565189251Ssam *priv = NULL; 566189251Ssam return NULL; 567189251Ssam } 568189251Ssam 569189251Ssam if (os_memcmp(wpabuf_head(*priv), dh->prime, dh->prime_len) > 0) { 570189251Ssam /* Make sure private value is smaller than prime */ 571189251Ssam *(wpabuf_mhead_u8(*priv)) = 0; 572189251Ssam } 573189251Ssam wpa_hexdump_buf_key(MSG_DEBUG, "DH: private value", *priv); 574189251Ssam 575189251Ssam pv_len = dh->prime_len; 576189251Ssam pv = wpabuf_alloc(pv_len); 577189251Ssam if (pv == NULL) 578189251Ssam return NULL; 579189251Ssam if (crypto_mod_exp(dh->generator, dh->generator_len, 580189251Ssam wpabuf_head(*priv), wpabuf_len(*priv), 581189251Ssam dh->prime, dh->prime_len, wpabuf_mhead(pv), 582189251Ssam &pv_len) < 0) { 583189251Ssam wpabuf_free(pv); 584189251Ssam wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed"); 585189251Ssam return NULL; 586189251Ssam } 587189251Ssam wpabuf_put(pv, pv_len); 588189251Ssam wpa_hexdump_buf(MSG_DEBUG, "DH: public value", pv); 589189251Ssam 590189251Ssam return pv; 591189251Ssam} 592189251Ssam 593189251Ssam 594189251Ssam/** 595189251Ssam * dh_derive_shared - Derive shared Diffie-Hellman key 596189251Ssam * @peer_public: Diffie-Hellman public value from peer 597189251Ssam * @own_private: Diffie-Hellman private key from dh_init() 598189251Ssam * @dh: Selected Diffie-Hellman group 599189251Ssam * Returns: Diffie-Hellman shared key 600189251Ssam */ 601189251Ssamstruct wpabuf * dh_derive_shared(const struct wpabuf *peer_public, 602189251Ssam const struct wpabuf *own_private, 603189251Ssam const struct dh_group *dh) 604189251Ssam{ 605189251Ssam struct wpabuf *shared; 606189251Ssam size_t shared_len; 607189251Ssam 608189251Ssam if (dh == NULL || peer_public == NULL || own_private == NULL) 609189251Ssam return NULL; 610189251Ssam 611189251Ssam shared_len = dh->prime_len; 612189251Ssam shared = wpabuf_alloc(shared_len); 613189251Ssam if (shared == NULL) 614189251Ssam return NULL; 615189251Ssam if (crypto_mod_exp(wpabuf_head(peer_public), wpabuf_len(peer_public), 616189251Ssam wpabuf_head(own_private), wpabuf_len(own_private), 617189251Ssam dh->prime, dh->prime_len, 618214734Srpaulo wpabuf_mhead(shared), &shared_len) < 0) { 619189251Ssam wpabuf_free(shared); 620189251Ssam wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed"); 621189251Ssam return NULL; 622189251Ssam } 623214734Srpaulo wpabuf_put(shared, shared_len); 624189251Ssam wpa_hexdump_buf_key(MSG_DEBUG, "DH: shared key", shared); 625189251Ssam 626189251Ssam return shared; 627189251Ssam} 628