diff options
| author | Simo Sorce <simo@redhat.com> | 2019-05-17 14:05:37 -0400 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-05-23 11:35:12 +0200 |
| commit | 12d98928e776ddc09f78d3e2c5b615872576c720 (patch) | |
| tree | 880b4f021b23ef555ac20110c4d6483c7aedf3bc | |
| parent | d0f8c4421a400feea96ba18f564b34ee594a7b85 (diff) | |
| download | gnutls-12d98928e776ddc09f78d3e2c5b615872576c720.tar.gz | |
Add plumbing to handle Q parameter in DH exchanges
Signed-off-by: Simo Sorce <simo@redhat.com>
| -rw-r--r-- | devel/libgnutls-latest-x86_64.abi | 18 | ||||
| -rw-r--r-- | devel/symbols.last | 6 | ||||
| -rw-r--r-- | doc/Makefile.am | 2 | ||||
| -rw-r--r-- | doc/manpages/Makefile.am | 1 | ||||
| -rwxr-xr-x | doc/scripts/getfuncs-map.pl | 5 | ||||
| -rw-r--r-- | lib/dh-primes.c | 468 | ||||
| -rw-r--r-- | lib/dh.c | 74 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 4 | ||||
| -rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 9 | ||||
| -rw-r--r-- | lib/libgnutls.map | 6 | ||||
| -rw-r--r-- | lib/nettle/pk.c | 4 | ||||
| -rw-r--r-- | tests/dh-compute.c | 60 |
12 files changed, 610 insertions, 47 deletions
diff --git a/devel/libgnutls-latest-x86_64.abi b/devel/libgnutls-latest-x86_64.abi index 511f61d47b..c431eba9b9 100644 --- a/devel/libgnutls-latest-x86_64.abi +++ b/devel/libgnutls-latest-x86_64.abi @@ -222,6 +222,7 @@ <elf-symbol name='gnutls_dh_params_import_dsa' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_dh_params_import_pkcs3' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_dh_params_import_raw2' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> + <elf-symbol name='gnutls_dh_params_import_raw3' version='GNUTLS_3_6_8' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_dh_params_import_raw' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_dh_params_init' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_dh_set_prime_bits' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> @@ -1245,18 +1246,23 @@ <elf-symbol name='gnutls_calloc' size='8' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_2048_group_generator' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_2048_group_prime' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> + <elf-symbol name='gnutls_ffdhe_2048_group_q' size='16' version='GNUTLS_3_6_8' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_2048_key_bits' size='4' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_3072_group_generator' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_3072_group_prime' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> + <elf-symbol name='gnutls_ffdhe_3072_group_q' size='16' version='GNUTLS_3_6_8' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_3072_key_bits' size='4' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_4096_group_generator' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_4096_group_prime' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> + <elf-symbol name='gnutls_ffdhe_4096_group_q' size='16' version='GNUTLS_3_6_8' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_4096_key_bits' size='4' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_6144_group_generator' size='16' version='GNUTLS_3_6_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_6144_group_prime' size='16' version='GNUTLS_3_6_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> + <elf-symbol name='gnutls_ffdhe_6144_group_q' size='16' version='GNUTLS_3_6_8' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_6144_key_bits' size='4' version='GNUTLS_3_6_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_8192_group_generator' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_8192_group_prime' size='16' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> + <elf-symbol name='gnutls_ffdhe_8192_group_q' size='16' version='GNUTLS_3_6_8' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_ffdhe_8192_key_bits' size='4' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_free' size='8' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> <elf-symbol name='gnutls_malloc' size='8' version='GNUTLS_3_4' is-default-version='yes' type='object-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/> @@ -5360,6 +5366,13 @@ <parameter type-id='type-id-10' name='key_bits'/> <return type-id='type-id-22'/> </function-decl> + <function-decl name='gnutls_dh_params_import_raw3' mangled-name='gnutls_dh_params_import_raw3' visibility='default' binding='global' size-in-bits='64' elf-symbol-id='gnutls_dh_params_import_raw3@@GNUTLS_3_6_8'> + <parameter type-id='type-id-417' name='dh_params'/> + <parameter type-id='type-id-57' name='prime'/> + <parameter type-id='type-id-57' name='q'/> + <parameter type-id='type-id-57' name='generator'/> + <return type-id='type-id-22'/> + </function-decl> <function-decl name='gnutls_dh_params_import_dsa' mangled-name='gnutls_dh_params_import_dsa' visibility='default' binding='global' size-in-bits='64' elf-symbol-id='gnutls_dh_params_import_dsa@@GNUTLS_3_4'> <parameter type-id='type-id-417' name='dh_params'/> <parameter type-id='type-id-383' name='key'/> @@ -10835,19 +10848,24 @@ </abi-instr> <abi-instr version='1.0' address-size='64' path='dh-primes.c' comp-dir-path='/home/nmavrogi/cvs/gnutls-nmav/lib' language='LANG_C99'> <var-decl name='gnutls_ffdhe_2048_group_prime' type-id='type-id-65' mangled-name='gnutls_ffdhe_2048_group_prime' visibility='default' elf-symbol-id='gnutls_ffdhe_2048_group_prime@@GNUTLS_3_4'/> + <var-decl name='gnutls_ffdhe_2048_group_q' type-id='type-id-65' mangled-name='gnutls_ffdhe_2048_group_q' visibility='default' elf-symbol-id='gnutls_ffdhe_2048_group_q@@GNUTLS_3_6_8'/> <var-decl name='gnutls_ffdhe_2048_group_generator' type-id='type-id-65' mangled-name='gnutls_ffdhe_2048_group_generator' visibility='default' elf-symbol-id='gnutls_ffdhe_2048_group_generator@@GNUTLS_3_4'/> <var-decl name='gnutls_ffdhe_2048_key_bits' type-id='type-id-66' mangled-name='gnutls_ffdhe_2048_key_bits' visibility='default' elf-symbol-id='gnutls_ffdhe_2048_key_bits@@GNUTLS_3_4'/> <var-decl name='gnutls_ffdhe_3072_group_generator' type-id='type-id-65' mangled-name='gnutls_ffdhe_3072_group_generator' visibility='default' elf-symbol-id='gnutls_ffdhe_3072_group_generator@@GNUTLS_3_4'/> <var-decl name='gnutls_ffdhe_3072_group_prime' type-id='type-id-65' mangled-name='gnutls_ffdhe_3072_group_prime' visibility='default' elf-symbol-id='gnutls_ffdhe_3072_group_prime@@GNUTLS_3_4'/> + <var-decl name='gnutls_ffdhe_3072_group_q' type-id='type-id-65' mangled-name='gnutls_ffdhe_3072_group_q' visibility='default' elf-symbol-id='gnutls_ffdhe_3072_group_q@@GNUTLS_3_6_8'/> <var-decl name='gnutls_ffdhe_3072_key_bits' type-id='type-id-66' mangled-name='gnutls_ffdhe_3072_key_bits' visibility='default' elf-symbol-id='gnutls_ffdhe_3072_key_bits@@GNUTLS_3_4'/> <var-decl name='gnutls_ffdhe_4096_group_generator' type-id='type-id-65' mangled-name='gnutls_ffdhe_4096_group_generator' visibility='default' elf-symbol-id='gnutls_ffdhe_4096_group_generator@@GNUTLS_3_4'/> <var-decl name='gnutls_ffdhe_4096_group_prime' type-id='type-id-65' mangled-name='gnutls_ffdhe_4096_group_prime' visibility='default' elf-symbol-id='gnutls_ffdhe_4096_group_prime@@GNUTLS_3_4'/> + <var-decl name='gnutls_ffdhe_4096_group_q' type-id='type-id-65' mangled-name='gnutls_ffdhe_4096_group_q' visibility='default' elf-symbol-id='gnutls_ffdhe_4096_group_q@@GNUTLS_3_6_8'/> <var-decl name='gnutls_ffdhe_4096_key_bits' type-id='type-id-66' mangled-name='gnutls_ffdhe_4096_key_bits' visibility='default' elf-symbol-id='gnutls_ffdhe_4096_key_bits@@GNUTLS_3_4'/> <var-decl name='gnutls_ffdhe_6144_group_prime' type-id='type-id-65' mangled-name='gnutls_ffdhe_6144_group_prime' visibility='default' elf-symbol-id='gnutls_ffdhe_6144_group_prime@@GNUTLS_3_6_4'/> + <var-decl name='gnutls_ffdhe_6144_group_q' type-id='type-id-65' mangled-name='gnutls_ffdhe_6144_group_q' visibility='default' elf-symbol-id='gnutls_ffdhe_6144_group_q@@GNUTLS_3_6_8'/> <var-decl name='gnutls_ffdhe_6144_group_generator' type-id='type-id-65' mangled-name='gnutls_ffdhe_6144_group_generator' visibility='default' elf-symbol-id='gnutls_ffdhe_6144_group_generator@@GNUTLS_3_6_4'/> <var-decl name='gnutls_ffdhe_6144_key_bits' type-id='type-id-66' mangled-name='gnutls_ffdhe_6144_key_bits' visibility='default' elf-symbol-id='gnutls_ffdhe_6144_key_bits@@GNUTLS_3_6_4'/> <var-decl name='gnutls_ffdhe_8192_group_generator' type-id='type-id-65' mangled-name='gnutls_ffdhe_8192_group_generator' visibility='default' elf-symbol-id='gnutls_ffdhe_8192_group_generator@@GNUTLS_3_4'/> <var-decl name='gnutls_ffdhe_8192_group_prime' type-id='type-id-65' mangled-name='gnutls_ffdhe_8192_group_prime' visibility='default' elf-symbol-id='gnutls_ffdhe_8192_group_prime@@GNUTLS_3_4'/> + <var-decl name='gnutls_ffdhe_8192_group_q' type-id='type-id-65' mangled-name='gnutls_ffdhe_8192_group_q' visibility='default' elf-symbol-id='gnutls_ffdhe_8192_group_q@@GNUTLS_3_6_8'/> <var-decl name='gnutls_ffdhe_8192_key_bits' type-id='type-id-66' mangled-name='gnutls_ffdhe_8192_key_bits' visibility='default' elf-symbol-id='gnutls_ffdhe_8192_key_bits@@GNUTLS_3_4'/> </abi-instr> <abi-instr version='1.0' address-size='64' path='openpgp_compat.c' comp-dir-path='/home/nmavrogi/cvs/gnutls-nmav/lib' language='LANG_C99'> diff --git a/devel/symbols.last b/devel/symbols.last index 7449e9acc7..9c6c93a26e 100644 --- a/devel/symbols.last +++ b/devel/symbols.last @@ -175,6 +175,7 @@ gnutls_dh_params_generate2@GNUTLS_3_4 gnutls_dh_params_import_dsa@GNUTLS_3_4 gnutls_dh_params_import_pkcs3@GNUTLS_3_4 gnutls_dh_params_import_raw2@GNUTLS_3_4 +gnutls_dh_params_import_raw3@GNUTLS_3_6_8 gnutls_dh_params_import_raw@GNUTLS_3_4 gnutls_dh_params_init@GNUTLS_3_4 gnutls_dh_set_prime_bits@GNUTLS_3_4 @@ -212,18 +213,23 @@ gnutls_ext_register@GNUTLS_3_4 gnutls_ext_set_data@GNUTLS_3_4 gnutls_ffdhe_2048_group_generator@GNUTLS_3_4 gnutls_ffdhe_2048_group_prime@GNUTLS_3_4 +gnutls_ffdhe_2048_group_q@GNUTLS_3_6_8 gnutls_ffdhe_2048_key_bits@GNUTLS_3_4 gnutls_ffdhe_3072_group_generator@GNUTLS_3_4 gnutls_ffdhe_3072_group_prime@GNUTLS_3_4 +gnutls_ffdhe_3072_group_q@GNUTLS_3_6_8 gnutls_ffdhe_3072_key_bits@GNUTLS_3_4 gnutls_ffdhe_4096_group_generator@GNUTLS_3_4 gnutls_ffdhe_4096_group_prime@GNUTLS_3_4 +gnutls_ffdhe_4096_group_q@GNUTLS_3_6_8 gnutls_ffdhe_4096_key_bits@GNUTLS_3_4 gnutls_ffdhe_6144_group_generator@GNUTLS_3_6_4 gnutls_ffdhe_6144_group_prime@GNUTLS_3_6_4 +gnutls_ffdhe_6144_group_q@GNUTLS_3_6_8 gnutls_ffdhe_6144_key_bits@GNUTLS_3_6_4 gnutls_ffdhe_8192_group_generator@GNUTLS_3_4 gnutls_ffdhe_8192_group_prime@GNUTLS_3_4 +gnutls_ffdhe_8192_group_q@GNUTLS_3_6_8 gnutls_ffdhe_8192_key_bits@GNUTLS_3_4 gnutls_fingerprint@GNUTLS_3_4 gnutls_fips140_mode_enabled@GNUTLS_3_4 diff --git a/doc/Makefile.am b/doc/Makefile.am index bba2c52c97..c2318897d0 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -951,6 +951,8 @@ FUNCS += functions/gnutls_dh_params_import_raw FUNCS += functions/gnutls_dh_params_import_raw.short FUNCS += functions/gnutls_dh_params_import_raw2 FUNCS += functions/gnutls_dh_params_import_raw2.short +FUNCS += functions/gnutls_dh_params_import_raw3 +FUNCS += functions/gnutls_dh_params_import_raw3.short FUNCS += functions/gnutls_dh_params_init FUNCS += functions/gnutls_dh_params_init.short FUNCS += functions/gnutls_dh_set_prime_bits diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am index 503b2c14bc..9beee86060 100644 --- a/doc/manpages/Makefile.am +++ b/doc/manpages/Makefile.am @@ -277,6 +277,7 @@ APIMANS += gnutls_dh_params_import_dsa.3 APIMANS += gnutls_dh_params_import_pkcs3.3 APIMANS += gnutls_dh_params_import_raw.3 APIMANS += gnutls_dh_params_import_raw2.3 +APIMANS += gnutls_dh_params_import_raw3.3 APIMANS += gnutls_dh_params_init.3 APIMANS += gnutls_dh_set_prime_bits.3 APIMANS += gnutls_digest_get_id.3 diff --git a/doc/scripts/getfuncs-map.pl b/doc/scripts/getfuncs-map.pl index 6804e82173..3c75d1af82 100755 --- a/doc/scripts/getfuncs-map.pl +++ b/doc/scripts/getfuncs-map.pl @@ -36,18 +36,23 @@ my %known_false_positives = ( 'gnutls_srp_8192_group_prime' => 1, 'gnutls_ffdhe_2048_group_generator' => 1, 'gnutls_ffdhe_2048_group_prime' => 1, + 'gnutls_ffdhe_2048_group_q' => 1, 'gnutls_ffdhe_2048_key_bits' => 1, 'gnutls_ffdhe_3072_group_generator' => 1, 'gnutls_ffdhe_3072_group_prime' => 1, + 'gnutls_ffdhe_3072_group_q' => 1, 'gnutls_ffdhe_3072_key_bits' => 1, 'gnutls_ffdhe_4096_group_generator' => 1, 'gnutls_ffdhe_4096_group_prime' => 1, + 'gnutls_ffdhe_4096_group_q' => 1, 'gnutls_ffdhe_4096_key_bits' => 1, 'gnutls_ffdhe_6144_group_generator' => 1, 'gnutls_ffdhe_6144_group_prime' => 1, + 'gnutls_ffdhe_6144_group_q' => 1, 'gnutls_ffdhe_6144_key_bits' => 1, 'gnutls_ffdhe_8192_group_generator' => 1, 'gnutls_ffdhe_8192_group_prime' => 1, + 'gnutls_ffdhe_8192_group_q' => 1, 'gnutls_ffdhe_8192_key_bits' => 1, 'gnutls_transport_set_int' => 1, 'gnutls_strdup' => 1, diff --git a/lib/dh-primes.c b/lib/dh-primes.c index 37370bdb12..d785584d0f 100644 --- a/lib/dh-primes.c +++ b/lib/dh-primes.c @@ -27,6 +27,8 @@ #include "dh.h" +static const unsigned char ffdhe_generator = 0x02; + static const unsigned char ffdhe_params_2048[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, @@ -67,12 +69,52 @@ static const unsigned char ffdhe_params_2048[] = { 0xFF, 0xFF, 0xFF, 0xFF }; +static const unsigned char ffdhe_q_2048[] = { + 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, + 0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13, + 0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1, + 0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B, + 0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49, + 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE, + 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, + 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, + 0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, + 0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF, + 0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA, + 0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89, + 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27, + 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1, + 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, + 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, + 0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, + 0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59, + 0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5, + 0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D, + 0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7, + 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57, + 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, + 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, + 0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, + 0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94, + 0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E, + 0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89, + 0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF, + 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D, + 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, + 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, + 0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, + 0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30, + 0x94, 0x2E, 0x4B, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF +}; + const gnutls_datum_t gnutls_ffdhe_2048_group_prime = { (void *) ffdhe_params_2048, sizeof(ffdhe_params_2048) }; - -static const unsigned char ffdhe_generator = 0x02; - +const gnutls_datum_t gnutls_ffdhe_2048_group_q = { + (void *) ffdhe_q_2048, sizeof(ffdhe_q_2048) +}; const gnutls_datum_t gnutls_ffdhe_2048_group_generator = { (void *) &ffdhe_generator, sizeof(ffdhe_generator) }; @@ -136,13 +178,73 @@ static const unsigned char ffdhe_params_3072[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; -const gnutls_datum_t gnutls_ffdhe_3072_group_generator = { - (void *) &ffdhe_generator, sizeof(ffdhe_generator) +static const unsigned char ffdhe_q_3072[] = { + 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, + 0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13, + 0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1, + 0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B, + 0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49, + 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE, + 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, + 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, + 0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, + 0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF, + 0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA, + 0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89, + 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27, + 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1, + 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, + 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, + 0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, + 0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59, + 0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5, + 0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D, + 0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7, + 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57, + 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, + 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, + 0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, + 0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94, + 0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E, + 0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89, + 0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF, + 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D, + 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, + 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, + 0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, + 0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30, + 0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D, + 0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A, + 0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA, + 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD, + 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, + 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, + 0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, + 0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE, + 0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29, + 0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71, + 0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57, + 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74, + 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, + 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, + 0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, + 0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD, + 0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77, + 0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E, + 0x95, 0xB3, 0x63, 0x17, 0x1B, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; const gnutls_datum_t gnutls_ffdhe_3072_group_prime = { (void *) ffdhe_params_3072, sizeof(ffdhe_params_3072) }; +const gnutls_datum_t gnutls_ffdhe_3072_group_q = { + (void *) ffdhe_q_3072, sizeof(ffdhe_q_3072) +}; +const gnutls_datum_t gnutls_ffdhe_3072_group_generator = { + (void *) &ffdhe_generator, sizeof(ffdhe_generator) +}; const unsigned int gnutls_ffdhe_3072_key_bits = 276; static const unsigned char ffdhe_params_4096[] = { @@ -222,13 +324,92 @@ static const unsigned char ffdhe_params_4096[] = { 0xFF }; -const gnutls_datum_t gnutls_ffdhe_4096_group_generator = { - (void *) &ffdhe_generator, sizeof(ffdhe_generator) +static const unsigned char ffdhe_q_4096[] = { + 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, + 0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13, + 0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1, + 0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B, + 0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49, + 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE, + 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, + 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, + 0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, + 0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF, + 0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA, + 0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89, + 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27, + 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1, + 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, + 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, + 0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, + 0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59, + 0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5, + 0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D, + 0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7, + 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57, + 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, + 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, + 0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, + 0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94, + 0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E, + 0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89, + 0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF, + 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D, + 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, + 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, + 0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, + 0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30, + 0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D, + 0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A, + 0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA, + 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD, + 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, + 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, + 0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, + 0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE, + 0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29, + 0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71, + 0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57, + 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74, + 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, + 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, + 0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, + 0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD, + 0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77, + 0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E, + 0x95, 0xB3, 0x4F, 0x0F, 0x78, 0xB7, 0x37, + 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, 0xBC, + 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB, + 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, + 0x8C, 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, + 0xA0, 0x02, 0x43, 0xFA, 0xAD, 0xD2, 0xBF, + 0x18, 0xE6, 0x3D, 0x38, 0x9A, 0xE4, 0x43, + 0x77, 0xDA, 0x18, 0xC5, 0x76, 0xB5, 0x0F, + 0x00, 0x96, 0xCF, 0x34, 0x19, 0x54, 0x83, + 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, 0x36, + 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C, + 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, + 0xBD, 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, + 0x00, 0x1E, 0x15, 0x27, 0x67, 0x54, 0xFC, + 0xC6, 0x85, 0x66, 0x05, 0x41, 0x48, 0xE6, + 0xE7, 0x64, 0xBE, 0xE7, 0xC7, 0x64, 0xDA, + 0xAD, 0x3F, 0xC4, 0x52, 0x35, 0xA6, 0xDA, + 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, 0xE3, + 0x45, 0x00, 0x3F, 0x2F, 0x32, 0xAF, 0xB5, + 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF }; const gnutls_datum_t gnutls_ffdhe_4096_group_prime = { (void *) ffdhe_params_4096, sizeof(ffdhe_params_4096) }; +const gnutls_datum_t gnutls_ffdhe_4096_group_q = { + (void *) ffdhe_q_4096, sizeof(ffdhe_q_4096) +}; +const gnutls_datum_t gnutls_ffdhe_4096_group_generator = { + (void *) &ffdhe_generator, sizeof(ffdhe_generator) +}; const unsigned int gnutls_ffdhe_4096_key_bits = 336; static const unsigned char ffdhe_params_6144[] = { @@ -344,10 +525,125 @@ static const unsigned char ffdhe_params_6144[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; +static const unsigned char ffdhe_q_6144[] = { + 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, + 0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13, + 0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1, + 0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B, + 0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49, + 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE, + 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, + 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, + 0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, + 0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF, + 0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA, + 0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89, + 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27, + 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1, + 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, + 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, + 0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, + 0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59, + 0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5, + 0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D, + 0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7, + 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57, + 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, + 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, + 0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, + 0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94, + 0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E, + 0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89, + 0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF, + 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D, + 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, + 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, + 0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, + 0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30, + 0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D, + 0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A, + 0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA, + 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD, + 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, + 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, + 0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, + 0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE, + 0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29, + 0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71, + 0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57, + 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74, + 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, + 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, + 0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, + 0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD, + 0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77, + 0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E, + 0x95, 0xB3, 0x4F, 0x0F, 0x78, 0xB7, 0x37, + 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, 0xBC, + 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB, + 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, + 0x8C, 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, + 0xA0, 0x02, 0x43, 0xFA, 0xAD, 0xD2, 0xBF, + 0x18, 0xE6, 0x3D, 0x38, 0x9A, 0xE4, 0x43, + 0x77, 0xDA, 0x18, 0xC5, 0x76, 0xB5, 0x0F, + 0x00, 0x96, 0xCF, 0x34, 0x19, 0x54, 0x83, + 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, 0x36, + 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C, + 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, + 0xBD, 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, + 0x00, 0x1E, 0x15, 0x27, 0x67, 0x54, 0xFC, + 0xC6, 0x85, 0x66, 0x05, 0x41, 0x48, 0xE6, + 0xE7, 0x64, 0xBE, 0xE7, 0xC7, 0x64, 0xDA, + 0xAD, 0x3F, 0xC4, 0x52, 0x35, 0xA6, 0xDA, + 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, 0xE3, + 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81, + 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, + 0x3D, 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, + 0x95, 0x1D, 0x11, 0xDD, 0x22, 0x21, 0x65, + 0x7A, 0x9F, 0x53, 0x1D, 0xDA, 0x2A, 0x19, + 0x4D, 0xBB, 0x12, 0x64, 0x48, 0xBD, 0xEE, + 0xB2, 0x58, 0xE0, 0x7E, 0xA6, 0x59, 0xC7, + 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D, 0x66, + 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38, + 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, + 0x0F, 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, + 0xDA, 0x3B, 0xD2, 0x92, 0x38, 0xFB, 0xD4, + 0xD4, 0xB4, 0x88, 0x5C, 0x2A, 0x99, 0x17, + 0x6D, 0xB1, 0xA0, 0x6C, 0x50, 0x07, 0x78, + 0x49, 0x1A, 0x82, 0x88, 0xF1, 0x85, 0x5F, + 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37, 0x3F, + 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1, + 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, + 0xDA, 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, + 0x5D, 0xE0, 0xCA, 0x63, 0x32, 0x8F, 0x3B, + 0xE5, 0x7C, 0xC9, 0x77, 0x55, 0x60, 0x11, + 0x95, 0x14, 0x0D, 0xFB, 0x59, 0xD3, 0x9C, + 0xE0, 0x91, 0x30, 0x8B, 0x41, 0x05, 0x74, + 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F, 0x7C, + 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6, + 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, + 0xAF, 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, + 0x54, 0x23, 0x28, 0x2E, 0xE4, 0x16, 0xDC, + 0x2A, 0x19, 0xC5, 0x72, 0x4F, 0xA9, 0x1A, + 0xE4, 0xAD, 0xC8, 0x8B, 0xC6, 0x67, 0x96, + 0xEA, 0xE5, 0x67, 0x7A, 0x01, 0xF6, 0x4E, + 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82, 0x2D, + 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B, + 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, + 0x34, 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, + 0xB0, 0xE0, 0xD2, 0x0E, 0xAB, 0x86, 0xBC, + 0x9C, 0x6D, 0x6A, 0x52, 0x07, 0x19, 0x4E, + 0x68, 0x72, 0x07, 0x32, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + const gnutls_datum_t gnutls_ffdhe_6144_group_prime = { (void *) ffdhe_params_6144, sizeof(ffdhe_params_6144) }; - +const gnutls_datum_t gnutls_ffdhe_6144_group_q = { + (void *) ffdhe_q_6144, sizeof(ffdhe_q_6144) +}; const gnutls_datum_t gnutls_ffdhe_6144_group_generator = { (void *) &ffdhe_generator, sizeof(ffdhe_generator) }; @@ -503,13 +799,165 @@ static const unsigned char ffdhe_params_8192[] = { 0xFF, 0xFF }; -const gnutls_datum_t gnutls_ffdhe_8192_group_generator = { - (void *) &ffdhe_generator, sizeof(ffdhe_generator) +static const unsigned char ffdhe_q_8192[] = { + 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, + 0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13, + 0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1, + 0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B, + 0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49, + 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE, + 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC, + 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, + 0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, + 0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF, + 0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA, + 0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89, + 0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27, + 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1, + 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39, + 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, + 0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, + 0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59, + 0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5, + 0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D, + 0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7, + 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57, + 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C, + 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, + 0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, + 0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94, + 0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E, + 0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89, + 0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF, + 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D, + 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02, + 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, + 0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, + 0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30, + 0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D, + 0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A, + 0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA, + 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD, + 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7, + 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, + 0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, + 0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE, + 0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29, + 0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71, + 0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57, + 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74, + 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06, + 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, + 0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, + 0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD, + 0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77, + 0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E, + 0x95, 0xB3, 0x4F, 0x0F, 0x78, 0xB7, 0x37, + 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, 0xBC, + 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB, + 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, + 0x8C, 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, + 0xA0, 0x02, 0x43, 0xFA, 0xAD, 0xD2, 0xBF, + 0x18, 0xE6, 0x3D, 0x38, 0x9A, 0xE4, 0x43, + 0x77, 0xDA, 0x18, 0xC5, 0x76, 0xB5, 0x0F, + 0x00, 0x96, 0xCF, 0x34, 0x19, 0x54, 0x83, + 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, 0x36, + 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C, + 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, + 0xBD, 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, + 0x00, 0x1E, 0x15, 0x27, 0x67, 0x54, 0xFC, + 0xC6, 0x85, 0x66, 0x05, 0x41, 0x48, 0xE6, + 0xE7, 0x64, 0xBE, 0xE7, 0xC7, 0x64, 0xDA, + 0xAD, 0x3F, 0xC4, 0x52, 0x35, 0xA6, 0xDA, + 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, 0xE3, + 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81, + 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, + 0x3D, 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, + 0x95, 0x1D, 0x11, 0xDD, 0x22, 0x21, 0x65, + 0x7A, 0x9F, 0x53, 0x1D, 0xDA, 0x2A, 0x19, + 0x4D, 0xBB, 0x12, 0x64, 0x48, 0xBD, 0xEE, + 0xB2, 0x58, 0xE0, 0x7E, 0xA6, 0x59, 0xC7, + 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D, 0x66, + 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38, + 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, + 0x0F, 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, + 0xDA, 0x3B, 0xD2, 0x92, 0x38, 0xFB, 0xD4, + 0xD4, 0xB4, 0x88, 0x5C, 0x2A, 0x99, 0x17, + 0x6D, 0xB1, 0xA0, 0x6C, 0x50, 0x07, 0x78, + 0x49, 0x1A, 0x82, 0x88, 0xF1, 0x85, 0x5F, + 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37, 0x3F, + 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1, + 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, + 0xDA, 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, + 0x5D, 0xE0, 0xCA, 0x63, 0x32, 0x8F, 0x3B, + 0xE5, 0x7C, 0xC9, 0x77, 0x55, 0x60, 0x11, + 0x95, 0x14, 0x0D, 0xFB, 0x59, 0xD3, 0x9C, + 0xE0, 0x91, 0x30, 0x8B, 0x41, 0x05, 0x74, + 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F, 0x7C, + 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6, + 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, + 0xAF, 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, + 0x54, 0x23, 0x28, 0x2E, 0xE4, 0x16, 0xDC, + 0x2A, 0x19, 0xC5, 0x72, 0x4F, 0xA9, 0x1A, + 0xE4, 0xAD, 0xC8, 0x8B, 0xC6, 0x67, 0x96, + 0xEA, 0xE5, 0x67, 0x7A, 0x01, 0xF6, 0x4E, + 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82, 0x2D, + 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B, + 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, + 0x34, 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, + 0xB0, 0xE0, 0xD2, 0x0E, 0xAB, 0x86, 0xBC, + 0x9C, 0x6D, 0x6A, 0x52, 0x07, 0x19, 0x4E, + 0x67, 0xFA, 0x35, 0x55, 0x1B, 0x56, 0x80, + 0x26, 0x7B, 0x00, 0x64, 0x1C, 0x0F, 0x21, + 0x2D, 0x18, 0xEC, 0xA8, 0xD7, 0x32, 0x7E, + 0xD9, 0x1F, 0xE7, 0x64, 0xA8, 0x4E, 0xA1, + 0xB4, 0x3F, 0xF5, 0xB4, 0xF6, 0xE8, 0xE6, + 0x2F, 0x05, 0xC6, 0x61, 0xDE, 0xFB, 0x25, + 0x88, 0x77, 0xC3, 0x5B, 0x18, 0xA1, 0x51, + 0xD5, 0xC4, 0x14, 0xAA, 0xAD, 0x97, 0xBA, + 0x3E, 0x49, 0x93, 0x32, 0xE5, 0x96, 0x07, + 0x8E, 0x60, 0x0D, 0xEB, 0x81, 0x14, 0x9C, + 0x44, 0x1C, 0xE9, 0x57, 0x82, 0xF2, 0x2A, + 0x28, 0x25, 0x63, 0xC5, 0xBA, 0xC1, 0x41, + 0x14, 0x23, 0x60, 0x5D, 0x1A, 0xE1, 0xAF, + 0xAE, 0x2C, 0x8B, 0x06, 0x60, 0x23, 0x7E, + 0xC1, 0x28, 0xAA, 0x0F, 0xE3, 0x46, 0x4E, + 0x43, 0x58, 0x11, 0x5D, 0xB8, 0x4C, 0xC3, + 0xB5, 0x23, 0x07, 0x3A, 0x28, 0xD4, 0x54, + 0x98, 0x84, 0xB8, 0x1F, 0xF7, 0x0E, 0x10, + 0xBF, 0x36, 0x1C, 0x13, 0x72, 0x96, 0x28, + 0xD5, 0x34, 0x8F, 0x07, 0x21, 0x1E, 0x7E, + 0x4C, 0xF4, 0xF1, 0x8B, 0x28, 0x60, 0x90, + 0xBD, 0xB1, 0x24, 0x0B, 0x66, 0xD6, 0xCD, + 0x4A, 0xFC, 0xEA, 0xDC, 0x00, 0xCA, 0x44, + 0x6C, 0xE0, 0x50, 0x50, 0xFF, 0x18, 0x3A, + 0xD2, 0xBB, 0xF1, 0x18, 0xC1, 0xFC, 0x0E, + 0xA5, 0x1F, 0x97, 0xD2, 0x2B, 0x8F, 0x7E, + 0x46, 0x70, 0x5D, 0x45, 0x27, 0xF4, 0x5B, + 0x42, 0xAE, 0xFF, 0x39, 0x58, 0x53, 0x37, + 0x6F, 0x69, 0x7D, 0xD5, 0xFD, 0xF2, 0xC5, + 0x18, 0x7D, 0x7D, 0x5F, 0x0E, 0x2E, 0xB8, + 0xD4, 0x3F, 0x17, 0xBA, 0x0F, 0x7C, 0x60, + 0xFF, 0x43, 0x7F, 0x53, 0x5D, 0xFE, 0xF2, + 0x98, 0x33, 0xBF, 0x86, 0xCB, 0xE8, 0x8E, + 0xA4, 0xFB, 0xD4, 0x22, 0x1E, 0x84, 0x11, + 0x72, 0x83, 0x54, 0xFA, 0x30, 0xA7, 0x00, + 0x8F, 0x15, 0x4A, 0x41, 0xC7, 0xFC, 0x46, + 0x6B, 0x46, 0x45, 0xDB, 0xE2, 0xE3, 0x21, + 0x26, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF }; const gnutls_datum_t gnutls_ffdhe_8192_group_prime = { (void *) ffdhe_params_8192, sizeof(ffdhe_params_8192) }; +const gnutls_datum_t gnutls_ffdhe_8192_group_q = { + (void *) ffdhe_q_8192, sizeof(ffdhe_q_8192) +}; +const gnutls_datum_t gnutls_ffdhe_8192_group_generator = { + (void *) &ffdhe_generator, sizeof(ffdhe_generator) +}; const unsigned int gnutls_ffdhe_8192_key_bits = 512; #endif @@ -224,25 +224,14 @@ int gnutls_dh_params_import_dsa(gnutls_dh_params_t dh_params, gnutls_x509_privkey_t key) { gnutls_datum_t p, g, q; - bigint_t tmp_q; int ret; ret = gnutls_x509_privkey_export_dsa_raw(key, &p, &q, &g, NULL, NULL); if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_mpi_init_scan_nz(&tmp_q, q.data, q.size); - if (ret < 0) { - gnutls_assert(); - ret = GNUTLS_E_MPI_SCAN_FAILED; - goto cleanup; - } + ret = gnutls_dh_params_import_raw3(dh_params, &p, &q, &g); - ret = gnutls_dh_params_import_raw2(dh_params, &p, &g, _gnutls_mpi_get_nbits(tmp_q)); - - _gnutls_mpi_release(&tmp_q); - - cleanup: gnutls_free(p.data); gnutls_free(g.data); gnutls_free(q.data); @@ -296,6 +285,64 @@ gnutls_dh_params_import_raw2(gnutls_dh_params_t dh_params, } /** + * gnutls_dh_params_import_raw3: + * @dh_params: The parameters + * @prime: holds the new prime + * @q: holds the subgroup if available, otherwise NULL + * @generator: holds the new generator + * + * This function will replace the pair of prime and generator for use + * in the Diffie-Hellman key exchange. The new parameters should be + * stored in the appropriate gnutls_datum. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, + * otherwise a negative error code is returned. + **/ +int +gnutls_dh_params_import_raw3(gnutls_dh_params_t dh_params, + const gnutls_datum_t * prime, + const gnutls_datum_t * q, + const gnutls_datum_t * generator) +{ + bigint_t tmp_p, tmp_g, tmp_q = NULL; + + if (_gnutls_mpi_init_scan_nz(&tmp_p, prime->data, prime->size)) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + if (_gnutls_mpi_init_scan_nz(&tmp_g, generator->data, + generator->size)) { + _gnutls_mpi_release(&tmp_p); + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + if (q) { + if (_gnutls_mpi_init_scan_nz(&tmp_q, q->data, q->size)) { + _gnutls_mpi_release(&tmp_p); + _gnutls_mpi_release(&tmp_g); + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + } else if (_gnutls_fips_mode_enabled()) { + /* Mandatory in FIPS mode */ + gnutls_assert(); + return GNUTLS_E_DH_PRIME_UNACCEPTABLE; + } + + /* store the generated values + */ + dh_params->params[0] = tmp_p; + dh_params->params[1] = tmp_g; + dh_params->params[2] = tmp_q; + if (tmp_q) + dh_params->q_bits = _gnutls_mpi_get_nbits(tmp_q); + + return 0; +} + +/** * gnutls_dh_params_init: * @dh_params: The parameters * @@ -330,6 +377,7 @@ void gnutls_dh_params_deinit(gnutls_dh_params_t dh_params) _gnutls_mpi_release(&dh_params->params[0]); _gnutls_mpi_release(&dh_params->params[1]); + _gnutls_mpi_release(&dh_params->params[2]); gnutls_free(dh_params); @@ -353,6 +401,8 @@ int gnutls_dh_params_cpy(gnutls_dh_params_t dst, gnutls_dh_params_t src) dst->params[0] = _gnutls_mpi_copy(src->params[0]); dst->params[1] = _gnutls_mpi_copy(src->params[1]); + if (src->params[2]) + dst->params[2] = _gnutls_mpi_copy(src->params[2]); dst->q_bits = src->q_bits; if (dst->params[0] == NULL || dst->params[1] == NULL) diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 63dfaa61c8..177a8be018 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -1007,9 +1007,9 @@ struct gnutls_priority_st { /* DH and RSA parameters types. */ typedef struct gnutls_dh_params_int { - /* [0] is the prime, [1] is the generator. + /* [0] is the prime, [1] is the generator, [2] is Q if available. */ - bigint_t params[2]; + bigint_t params[3]; int q_bits; /* length of q in bits. If zero then length is unknown. */ } dh_params_st; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 87ce08823b..1555ab3338 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -2241,6 +2241,10 @@ int gnutls_dh_params_import_raw2(gnutls_dh_params_t dh_params, const gnutls_datum_t * prime, const gnutls_datum_t * generator, unsigned key_bits); +int gnutls_dh_params_import_raw3(gnutls_dh_params_t dh_params, + const gnutls_datum_t * prime, + const gnutls_datum_t * q, + const gnutls_datum_t * generator); int gnutls_dh_params_import_pkcs3(gnutls_dh_params_t params, const gnutls_datum_t * pkcs3_params, gnutls_x509_crt_fmt_t format); @@ -2413,22 +2417,27 @@ extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_1024_group_generator; */ extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_8192_group_prime; +extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_8192_group_q; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_8192_group_generator; extern _SYM_EXPORT const unsigned int gnutls_ffdhe_8192_key_bits; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_6144_group_prime; +extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_6144_group_q; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_6144_group_generator; extern _SYM_EXPORT const unsigned int gnutls_ffdhe_6144_key_bits; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_4096_group_prime; +extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_4096_group_q; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_4096_group_generator; extern _SYM_EXPORT const unsigned int gnutls_ffdhe_4096_key_bits; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_3072_group_prime; +extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_3072_group_q; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_3072_group_generator; extern _SYM_EXPORT const unsigned int gnutls_ffdhe_3072_key_bits; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_2048_group_prime; +extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_2048_group_q; extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_2048_group_generator; extern _SYM_EXPORT const unsigned int gnutls_ffdhe_2048_key_bits; diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 2ed202e279..f200c841d7 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1278,6 +1278,12 @@ GNUTLS_3_6_8 global: gnutls_prf_early; gnutls_record_set_max_recv_size; + gnutls_dh_params_import_raw3; + gnutls_ffdhe_2048_group_q; + gnutls_ffdhe_3072_group_q; + gnutls_ffdhe_4096_group_q; + gnutls_ffdhe_6144_group_q; + gnutls_ffdhe_8192_group_q; } GNUTLS_3_6_6; GNUTLS_FIPS140_3_4 { diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 1874bca54f..6bb2cef877 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -1550,6 +1550,8 @@ int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params, priv.params[DH_P] = _gnutls_mpi_copy(dh_params->params[0]); priv.params[DH_G] = _gnutls_mpi_copy(dh_params->params[1]); + if (dh_params->params[2]) + priv.params[DH_Q] = _gnutls_mpi_copy(dh_params->params[2]); if (_gnutls_mpi_init_scan_nz (&priv.params[DH_X], priv_key->data, @@ -1559,7 +1561,7 @@ int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params, goto cleanup; } - priv.params_nr = 3; /* include empty q */ + priv.params_nr = 3; /* include, possibly empty, q */ priv.algo = GNUTLS_PK_DH; Z->data = NULL; diff --git a/tests/dh-compute.c b/tests/dh-compute.c index 173729312e..217b23b762 100644 --- a/tests/dh-compute.c +++ b/tests/dh-compute.c @@ -41,8 +41,8 @@ int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params, const gnutls_datum_t *pub_key, const gnutls_datum_t *peer_key, gnutls_datum_t *Z); -static void params(gnutls_dh_params_t *dh_params, unsigned int key_bits, - const gnutls_datum_t *p, const gnutls_datum_t *g) +static void params(gnutls_dh_params_t *dh_params, const gnutls_datum_t *p, + const gnutls_datum_t *q, const gnutls_datum_t *g) { int ret; @@ -50,7 +50,7 @@ static void params(gnutls_dh_params_t *dh_params, unsigned int key_bits, if (ret != 0) fail("error\n"); - ret = gnutls_dh_params_import_raw2(*dh_params, p, g, key_bits); + ret = gnutls_dh_params_import_raw3(*dh_params, p, q, g); if (ret != 0) fail("error\n"); } @@ -65,32 +65,33 @@ static void genkey(gnutls_dh_params_t *dh_params, fail("error\n"); } -static void compute_key(gnutls_dh_params_t *dh_params, +static void compute_key(const char *name, gnutls_dh_params_t *dh_params, gnutls_datum_t *priv_key, gnutls_datum_t *pub_key, const gnutls_datum_t *peer_key, int expect_error, gnutls_datum_t *result, bool expect_success) { - gnutls_datum_t Z; + gnutls_datum_t Z = { 0 }; bool success; int ret; ret = _gnutls_dh_compute_key(*dh_params, priv_key, pub_key, peer_key, &Z); if (expect_error != ret) - fail("error (%d)\n", ret); + fail("%s: error %d (expected %d)\n", name, ret, expect_error); if (result) { success = (Z.size != result->size && memcmp(Z.data, result->data, Z.size)); if (success != expect_success) - fail("error\n"); + fail("%s: failed to match result\n", name); } gnutls_free(Z.data); } struct dh_test_data { - const unsigned int key_size; + const char *name; const gnutls_datum_t prime; + const gnutls_datum_t q; const gnutls_datum_t generator; const gnutls_datum_t peer_key; int expected_error; @@ -100,45 +101,60 @@ void doit(void) { struct dh_test_data test_data[] = { { - /* y == 0 */ - gnutls_ffdhe_2048_key_bits, + "[y == 0]", gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, gnutls_ffdhe_2048_group_generator, { (void *)"\x00", 1 }, GNUTLS_E_MPI_SCAN_FAILED }, { - /* y < 2 */ - gnutls_ffdhe_2048_key_bits, + "[y < 2]", gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, gnutls_ffdhe_2048_group_generator, { (void *)"\x01", 1 }, GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER }, { - /* y > p - 2 */ - gnutls_ffdhe_2048_key_bits, + "[y > p - 2]", gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, gnutls_ffdhe_2048_group_generator, gnutls_ffdhe_2048_group_prime, GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER }, - { 0 } + { + "[y ^ q mod p == 1]", + gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, + gnutls_ffdhe_2048_group_generator, + gnutls_ffdhe_2048_group_q, + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER + }, + { + "Legal Input", + gnutls_ffdhe_2048_group_prime, + gnutls_ffdhe_2048_group_q, + gnutls_ffdhe_2048_group_generator, + { (void *)"\x02", 1 }, + 0 + }, + { NULL } }; - for (int i = 0; test_data[i].key_size != 0; i++) { + for (int i = 0; test_data[i].name != NULL; i++) { gnutls_datum_t priv_key, pub_key; gnutls_dh_params_t dh_params; - params(&dh_params, test_data[i].key_size, - &test_data[i].prime, &test_data[i].generator); + params(&dh_params, &test_data[i].prime, &test_data[i].q, + &test_data[i].generator); genkey(&dh_params, &priv_key, &pub_key); - compute_key(&dh_params, &priv_key, &pub_key, - &test_data[i].peer_key, - test_data[i].expected_error, - NULL, 0); + compute_key(test_data[i].name, &dh_params, &priv_key, + &pub_key, &test_data[i].peer_key, + test_data[i].expected_error, NULL, 0); gnutls_dh_params_deinit(dh_params); gnutls_free(priv_key.data); |