From e90fcc54809db2591dc083f43ef54c6ec8c60847 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 18:16:13 +0200 Subject: Adding upstream version 4.96. Signed-off-by: Daniel Baumann --- src/std-crypto.c | 1031 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1031 insertions(+) create mode 100644 src/std-crypto.c (limited to 'src/std-crypto.c') diff --git a/src/std-crypto.c b/src/std-crypto.c new file mode 100644 index 0000000..200fb71 --- /dev/null +++ b/src/std-crypto.c @@ -0,0 +1,1031 @@ +/************************************************* +* Exim - an Internet mail transport agent * +*************************************************/ + +/* Copyright (c) Phil Pennock 2012, 2016 + * Copyright (c) The Exim Maintainers 2017 - 2021 + * But almost everything here is fixed published constants from RFCs, so also: + * Copyright (C) The Internet Society (2003) + * Copyright (C) The IETF Trust (2008) + * Most of the text in RFC referencing comments is copy/paste from RFC, + * as is undoubtedly the intention. + * The constants are generated from that text using util/gen_pkcs3.c invoked + * with the -C option. + */ + +/* See the file NOTICE for conditions of use and distribution. */ + +#include "exim.h" + +#ifdef DISABLE_TLS +static void dummy(int x) { dummy(x-1); } +#else + +/* The IETF defines standard primes as "Modular Exponential (MODP) Groups" for +use in IKE in RFC 2409 and 3526, and then some more, "for Use with IETF +Standards" in RFC 5114. These have been thoroughly reviewed as meeting +certain eligibility criteria, which is more than can be said for primes +generated quickly on no particular criteria. + +Any prime used in TLS is disclosed publicly, and if the security of your +session depends upon the prime being secret, then one of three situations +holds: + (1) the prime is too small + (2) the prime is flawed, use one of these instead + (3) you know of fundamental cryptanalytic breaks not currently publicly known + to the cryptographic community. +*/ + +/* RFC 2409 MODP IKE_id=1 generator=2 bits=768 + The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } + Its hexadecimal value is + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_1_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MGYCYQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5siUUoI\n" +"eY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummOjYg////\n" +"//////8CAQI=\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 2409 MODP IKE_id=2 generator=2 bits=1024 + The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. + Its hexadecimal value is + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED + EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 + FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_2_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR\n" +"Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL\n" +"/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 2409; id=3 and id=4 are EC2N, not yet supported here */ + +/* RFC 3526 MODP IKE_id=5 generator=2 bits=1536 + The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } + Its hexadecimal value is: + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED + EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D + C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F + 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA237327 FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_5_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIHHAoHBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR\n" +"Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL\n" +"/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7ORbPcIAfLihY78FmNpINhxV05pp\n" +"Fj+o/STPX4NlXSPco62WHGLzViCFUrue1SkHcJaWbWcMNU5KvJgE8XRsCMojcyf/\n" +"/////////wIBAg==\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 3526 MODP IKE_id=14 generator=2 bits=2048 + This prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } + Its hexadecimal value is: + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED + EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D + C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F + 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B + E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 + DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 + 15728E5A 8AACAA68 FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_14_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" +"IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" +"awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" +"mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" +"fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" +"5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 3526 MODP IKE_id=15 generator=2 bits=3072 + This prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } + Its hexadecimal value is: + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED + EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D + C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F + 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B + E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 + DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 + 15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64 + ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7 + ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B + F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C + BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 + 43DB5BFC E0FD108E 4B82D120 A93AD2CA FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_15_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" +"IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" +"awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" +"mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" +"fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" +"5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" +"fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" +"ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS\n" +"yv//////////AgEC\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 3526 MODP IKE_id=16 generator=2 bits=4096 + This prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } + Its hexadecimal value is: + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED + EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D + C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F + 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B + E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 + DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 + 15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64 + ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7 + ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B + F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C + BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 + 43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 + 88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA + 2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6 + 287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED + 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9 + 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34063199 + FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_16_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" +"IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" +"awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" +"mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" +"fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" +"5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" +"fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" +"ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI\n" +"ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O\n" +"+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI\n" +"HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 3526 MODP IKE_id=17 generator=2 bits=6144 + This prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } + Its hexadecimal value is: + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 + 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B + 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 + A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 + 49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 + FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C + 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718 + 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D + 04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D + B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 + 1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C + BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC + E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26 + 99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB + 04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2 + 233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 + D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492 + 36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD F8FF9406 + AD9E530E E5DB382F 413001AE B06A53ED 9027D831 179727B0 865A8918 + DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B DB7F1447 E6CC254B 33205151 + 2BD7AF42 6FB8F401 378CD2BF 5983CA01 C64B92EC F032EA15 D1721D03 + F482D7CE 6E74FEF6 D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F + BEC7E8F3 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA + CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 06A1D58B + B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C DA56C9EC 2EF29632 + 387FE8D7 6E3C0468 043E8F66 3F4860EE 12BF2D5B 0B7474D6 E694F91E + 6DCC4024 FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_17_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" +"IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" +"awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" +"mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" +"fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" +"5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" +"fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" +"ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI\n" +"ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O\n" +"+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI\n" +"HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG\n" +"3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU\n" +"7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId\n" +"A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha\n" +"xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/\n" +"8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA\n" +"JP//////////AgEC\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 3526 MODP IKE_id=18 generator=2 bits=8192 + This prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } + Its hexadecimal value is: + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED + EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D + C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F + 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B + E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 + DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 + 15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64 + ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7 + ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B + F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C + BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 + 43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 + 88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA + 2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6 + 287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED + 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9 + 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492 + 36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD + F8FF9406 AD9E530E E5DB382F 413001AE B06A53ED 9027D831 + 179727B0 865A8918 DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B + DB7F1447 E6CC254B 33205151 2BD7AF42 6FB8F401 378CD2BF + 5983CA01 C64B92EC F032EA15 D1721D03 F482D7CE 6E74FEF6 + D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F BEC7E8F3 + 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA + CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 + 06A1D58B B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C + DA56C9EC 2EF29632 387FE8D7 6E3C0468 043E8F66 3F4860EE + 12BF2D5B 0B7474D6 E694F91E 6DBE1159 74A3926F 12FEE5E4 + 38777CB6 A932DF8C D8BEC4D0 73B931BA 3BC832B6 8D9DD300 + 741FA7BF 8AFC47ED 2576F693 6BA42466 3AAB639C 5AE4F568 + 3423B474 2BF1C978 238F16CB E39D652D E3FDB8BE FC848AD9 + 22222E04 A4037C07 13EB57A8 1A23F0C7 3473FC64 6CEA306B + 4BCBC886 2F8385DD FA9D4B7F A2C087E8 79683303 ED5BDD3A + 062B3CF5 B3A278A6 6D2A13F8 3F44F82D DF310EE0 74AB6A36 + 4597E899 A0255DC1 64F31CC5 0846851D F9AB4819 5DED7EA1 + B1D510BD 7EE74D73 FAF36BC3 1ECFA268 359046F4 EB879F92 + 4009438B 481C6CD7 889A002E D5EE382B C9190DA6 FC026E47 + 9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71 + 60C980DD 98EDD3DF FFFFFFFF FFFFFFFF +*/ +static const char dh_ike_18_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" +"IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" +"awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" +"mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" +"fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" +"5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" +"fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" +"ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI\n" +"ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O\n" +"+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI\n" +"HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG\n" +"3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU\n" +"7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId\n" +"A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha\n" +"xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/\n" +"8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R\n" +"WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk\n" +"ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw\n" +"xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4\n" +"Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i\n" +"aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU\n" +"38gfVuiAuW5xYMmA3Zjt09///////////wIBAg==\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 5114 IKE_id=22 +2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup + + The hexadecimal value of the prime is: + + p = B10B8F96 A080E01D DE92DE5E AE5D54EC 52C99FBC FB06A3C6 + 9A6A9DCA 52D23B61 6073E286 75A23D18 9838EF1E 2EE652C0 + 13ECB4AE A9061123 24975C3C D49B83BF ACCBDD7D 90C4BD70 + 98488E9C 219A7372 4EFFD6FA E5644738 FAA31A4F F55BCCC0 + A151AF5F 0DC8B4BD 45BF37DF 365C1A65 E68CFDA7 6D4DA708 + DF1FB2BC 2E4A4371 + + The hexadecimal value of the generator is: + + g = A4D1CBD5 C3FD3412 6765A442 EFB99905 F8104DD2 58AC507F + D6406CFF 14266D31 266FEA1E 5C41564B 777E690F 5504F213 + 160217B4 B01B886A 5E91547F 9E2749F4 D7FBD7D3 B9A92EE1 + 909D0D22 63F80A76 A6A24C08 7A091F53 1DBF0A01 69B6A28A + D662A4D1 8E73AFA3 2D779D59 18D08BC8 858F4DCE F97C2A24 + 855E6EEB 22B3B2E5 + + The generator generates a prime-order subgroup of size: + + q = F518AA87 81A8DF27 8ABA4E7D 64B7CB9D 49462353 +*/ +static const char dh_ike_22_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBDAKBgQCxC4+WoIDgHd6S3l6uXVTsUsmfvPsGo8aaap3KUtI7YWBz4oZ1oj0Y\n" +"mDjvHi7mUsAT7LSuqQYRIySXXDzUm4O/rMvdfZDEvXCYSI6cIZpzck7/1vrlZEc4\n" +"+qMaT/VbzMChUa9fDci0vUW/N982XBpl5oz9p21NpwjfH7K8LkpDcQKBgQCk0cvV\n" +"w/00EmdlpELvuZkF+BBN0lisUH/WQGz/FCZtMSZv6h5cQVZLd35pD1UE8hMWAhe0\n" +"sBuIal6RVH+eJ0n01/vX07mpLuGQnQ0iY/gKdqaiTAh6CR9THb8KAWm2oorWYqTR\n" +"jnOvoy13nVkY0IvIhY9Nzvl8KiSFXm7rIrOy5QICAKA=\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 5114 IKE_id=23 +2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup + + The hexadecimal value of the prime is: + + p = AD107E1E 9123A9D0 D660FAA7 9559C51F A20D64E5 683B9FD1 + B54B1597 B61D0A75 E6FA141D F95A56DB AF9A3C40 7BA1DF15 + EB3D688A 309C180E 1DE6B85A 1274A0A6 6D3F8152 AD6AC212 + 9037C9ED EFDA4DF8 D91E8FEF 55B7394B 7AD5B7D0 B6C12207 + C9F98D11 ED34DBF6 C6BA0B2C 8BBC27BE 6A00E0A0 B9C49708 + B3BF8A31 70918836 81286130 BC8985DB 1602E714 415D9330 + 278273C7 DE31EFDC 7310F712 1FD5A074 15987D9A DC0A486D + CDF93ACC 44328387 315D75E1 98C641A4 80CD86A1 B9E587E8 + BE60E69C C928B2B9 C52172E4 13042E9B 23F10B0E 16E79763 + C9B53DCF 4BA80A29 E3FB73C1 6B8E75B9 7EF363E2 FFA31F71 + CF9DE538 4E71B81C 0AC4DFFE 0C10E64F + + The hexadecimal value of the generator is: + + g = AC4032EF 4F2D9AE3 9DF30B5C 8FFDAC50 6CDEBE7B 89998CAF + 74866A08 CFE4FFE3 A6824A4E 10B9A6F0 DD921F01 A70C4AFA + AB739D77 00C29F52 C57DB17C 620A8652 BE5E9001 A8D66AD7 + C1766910 1999024A F4D02727 5AC1348B B8A762D0 521BC98A + E2471504 22EA1ED4 09939D54 DA7460CD B5F6C6B2 50717CBE + F180EB34 118E98D1 19529A45 D6F83456 6E3025E3 16A330EF + BB77A86F 0C1AB15B 051AE3D4 28C8F8AC B70A8137 150B8EEB + 10E183ED D19963DD D9E263E4 770589EF 6AA21E7F 5F2FF381 + B539CCE3 409D13CD 566AFBB4 8D6C0191 81E1BCFE 94B30269 + EDFE72FE 9B6AA4BD 7B5A0F1C 71CFFF4C 19C418E1 F6EC0179 + 81BC087F 2A7065B3 84B890D3 191F2BFA + + The generator generates a prime-order subgroup of size: + + q = 801C0D34 C58D93FE 99717710 1F80535A 4738CEBC BF389A99 + B36371EB +*/ +static const char dh_ike_23_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIICDgKCAQEArRB+HpEjqdDWYPqnlVnFH6INZOVoO5/RtUsVl7YdCnXm+hQd+VpW\n" +"26+aPEB7od8V6z1oijCcGA4d5rhaEnSgpm0/gVKtasISkDfJ7e/aTfjZHo/vVbc5\n" +"S3rVt9C2wSIHyfmNEe002/bGugssi7wnvmoA4KC5xJcIs7+KMXCRiDaBKGEwvImF\n" +"2xYC5xRBXZMwJ4Jzx94x79xzEPcSH9WgdBWYfZrcCkhtzfk6zEQyg4cxXXXhmMZB\n" +"pIDNhqG55YfovmDmnMkosrnFIXLkEwQumyPxCw4W55djybU9z0uoCinj+3PBa451\n" +"uX7zY+L/ox9xz53lOE5xuBwKxN/+DBDmTwKCAQEArEAy708tmuOd8wtcj/2sUGze\n" +"vnuJmYyvdIZqCM/k/+OmgkpOELmm8N2SHwGnDEr6q3OddwDCn1LFfbF8YgqGUr5e\n" +"kAGo1mrXwXZpEBmZAkr00CcnWsE0i7inYtBSG8mK4kcVBCLqHtQJk51U2nRgzbX2\n" +"xrJQcXy+8YDrNBGOmNEZUppF1vg0Vm4wJeMWozDvu3eobwwasVsFGuPUKMj4rLcK\n" +"gTcVC47rEOGD7dGZY93Z4mPkdwWJ72qiHn9fL/OBtTnM40CdE81Wavu0jWwBkYHh\n" +"vP6UswJp7f5y/ptqpL17Wg8ccc//TBnEGOH27AF5gbwIfypwZbOEuJDTGR8r+gIC\n" +"AOA=\n" +"-----END DH PARAMETERS-----\n"; + +/* RFC 5114 IKE_id=24 +2.3. 2048-bit MODP Group with 256-bit Prime Order Subgroup + + The hexadecimal value of the prime is: + + p = 87A8E61D B4B6663C FFBBD19C 65195999 8CEEF608 660DD0F2 + 5D2CEED4 435E3B00 E00DF8F1 D61957D4 FAF7DF45 61B2AA30 + 16C3D911 34096FAA 3BF4296D 830E9A7C 209E0C64 97517ABD + 5A8A9D30 6BCF67ED 91F9E672 5B4758C0 22E0B1EF 4275BF7B + 6C5BFC11 D45F9088 B941F54E B1E59BB8 BC39A0BF 12307F5C + 4FDB70C5 81B23F76 B63ACAE1 CAA6B790 2D525267 35488A0E + F13C6D9A 51BFA4AB 3AD83477 96524D8E F6A167B5 A41825D9 + 67E144E5 14056425 1CCACB83 E6B486F6 B3CA3F79 71506026 + C0B857F6 89962856 DED4010A BD0BE621 C3A3960A 54E710C3 + 75F26375 D7014103 A4B54330 C198AF12 6116D227 6E11715F + 693877FA D7EF09CA DB094AE9 1E1A1597 + + The hexadecimal value of the generator is: + + g = 3FB32C9B 73134D0B 2E775066 60EDBD48 4CA7B18F 21EF2054 + 07F4793A 1A0BA125 10DBC150 77BE463F FF4FED4A AC0BB555 + BE3A6C1B 0C6B47B1 BC3773BF 7E8C6F62 901228F8 C28CBB18 + A55AE313 41000A65 0196F931 C77A57F2 DDF463E5 E9EC144B + 777DE62A AAB8A862 8AC376D2 82D6ED38 64E67982 428EBC83 + 1D14348F 6F2F9193 B5045AF2 767164E1 DFC967C1 FB3F2E55 + A4BD1BFF E83B9C80 D052B985 D182EA0A DB2A3B73 13D3FE14 + C8484B1E 052588B9 B7D2BBD2 DF016199 ECD06E15 57CD0915 + B3353BBB 64E0EC37 7FD02837 0DF92B52 C7891428 CDC67EB6 + 184B523D 1DB246C3 2F630784 90F00EF8 D647D148 D4795451 + 5E2327CF EF98C582 664B4C0F 6CC41659 + + The generator generates a prime-order subgroup of size: + + q = 8CF83642 A709A097 B4479976 40129DA2 99B1A47D 1EB3750B + A308B0FE 64F5FBD3 +*/ +static const char dh_ike_24_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIICDQKCAQEAh6jmHbS2Zjz/u9GcZRlZmYzu9ghmDdDyXSzu1ENeOwDgDfjx1hlX\n" +"1Pr330VhsqowFsPZETQJb6o79Cltgw6afCCeDGSXUXq9WoqdMGvPZ+2R+eZyW0dY\n" +"wCLgse9Cdb97bFv8EdRfkIi5QfVOseWbuLw5oL8SMH9cT9twxYGyP3a2Osrhyqa3\n" +"kC1SUmc1SIoO8TxtmlG/pKs62DR3llJNjvahZ7WkGCXZZ+FE5RQFZCUcysuD5rSG\n" +"9rPKP3lxUGAmwLhX9omWKFbe1AEKvQvmIcOjlgpU5xDDdfJjddcBQQOktUMwwZiv\n" +"EmEW0iduEXFfaTh3+tfvCcrbCUrpHhoVlwKCAQA/syybcxNNCy53UGZg7b1ITKex\n" +"jyHvIFQH9Hk6GguhJRDbwVB3vkY//0/tSqwLtVW+OmwbDGtHsbw3c79+jG9ikBIo\n" +"+MKMuxilWuMTQQAKZQGW+THHelfy3fRj5ensFEt3feYqqrioYorDdtKC1u04ZOZ5\n" +"gkKOvIMdFDSPby+Rk7UEWvJ2cWTh38lnwfs/LlWkvRv/6DucgNBSuYXRguoK2yo7\n" +"cxPT/hTISEseBSWIubfSu9LfAWGZ7NBuFVfNCRWzNTu7ZODsN3/QKDcN+StSx4kU\n" +"KM3GfrYYS1I9HbJGwy9jB4SQ8A741kfRSNR5VFFeIyfP75jFgmZLTA9sxBZZAgIB\n" +"AA==\n" +"-----END DH PARAMETERS-----\n"; + +/* ------------------------------------------------------------------------- */ +/* RFC 7919 Published August 2016, so strength estimates date from then. + +A.1. ffdhe2048 + + The 2048-bit group has registry value 256 and is calculated from the + following formula: + + The modulus is: + + p = 2^2048 - 2^1984 + {[2^1918 * e] + 560316 } * 2^64 - 1 + + The hexadecimal representation of p is: + + FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 + D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 + 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 + 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 + 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 + 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB + B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 + 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 + 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 + 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA + 886B4238 61285C97 FFFFFFFF FFFFFFFF + + The generator is: g = 2 + + The group size is: q = (p-1)/2 + + The hexadecimal representation of q is: + + 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 + EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C + BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 + 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A + CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A + 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD + DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C + 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 + C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 + 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD + 4435A11C 30942E4B FFFFFFFF FFFFFFFF + + The estimated symmetric-equivalent strength of this group is 103 + bits. +*/ +static const char dh_ffdhe2048_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBDAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" +"+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" +"87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" +"YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" +"7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" +"ssbzSibBsu/6iGtCOGEoXJf//////////wIBAgICB/8=\n" +"-----END DH PARAMETERS-----\n"; + +/* +A.2. ffdhe3072 + + The 3072-bit prime has registry value 257 and is calculated from the + following formula: + + The modulus is: + + p = 2^3072 - 2^3008 + {[2^2942 * e] + 2625351} * 2^64 - 1 + + The hexadecimal representation of p is: + + FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 + D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 + 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 + 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 + 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 + 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB + B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 + 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 + 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 + 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA + 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 + 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C + AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 + 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D + ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF + 3C1B20EE 3FD59D7C 25E41D2B 66C62E37 FFFFFFFF FFFFFFFF + + The generator is: g = 2 + + The group size is: q = (p-1)/2 + + The hexadecimal representation of q is: + + 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 + EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C + BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 + 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A + CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A + 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD + DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C + 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 + C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 + 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD + 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C + 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E + 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 + B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 + D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 + 9E0D9077 1FEACEBE 12F20E95 B363171B FFFFFFFF FFFFFFFF + + The estimated symmetric-equivalent strength of this group is 125 + bits. +*/ +static const char dh_ffdhe3072_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBjAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" +"+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" +"87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" +"YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" +"7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" +"ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" +"7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" +"nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu\n" +"N///////////AgECAgIL/w==\n" +"-----END DH PARAMETERS-----\n"; + +/* +A.3. ffdhe4096 + + The 4096-bit group has registry value 258 and is calculated from the + following formula: + + The modulus is: + + p = 2^4096 - 2^4032 + {[2^3966 * e] + 5736041} * 2^64 - 1 + + The hexadecimal representation of p is: + + FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 + D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 + 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 + 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 + 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 + 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB + B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 + 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 + 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 + 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA + 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 + 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C + AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 + 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D + ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF + 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB + 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 + 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 + A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A + 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF + 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E655F6A + FFFFFFFF FFFFFFFF + + The generator is: g = 2 + + The group size is: q = (p-1)/2 + + The hexadecimal representation of q is: + + 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 + EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C + BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 + 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A + CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A + 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD + DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C + 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 + C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 + 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD + 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C + 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E + 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 + B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 + D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 + 9E0D9077 1FEACEBE 12F20E95 B34F0F78 B737A961 8B26FA7D + BC9874F2 72C42BDB 563EAFA1 6B4FB68C 3BB1E78E AA81A002 + 43FAADD2 BF18E63D 389AE443 77DA18C5 76B50F00 96CF3419 + 5483B005 48C09862 36E3BC7C B8D6801C 0494CCD1 99E5C5BD + 0D0EDC9E B8A0001E 15276754 FCC68566 054148E6 E764BEE7 + C764DAAD 3FC45235 A6DAD428 FA20C170 E345003F 2F32AFB5 + 7FFFFFFF FFFFFFFF + + The estimated symmetric-equivalent strength of this group is 150 + bits. +*/ +static const char dh_ffdhe4096_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIICDAKCAgEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" +"+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" +"87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" +"YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" +"7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" +"ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" +"7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" +"nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e\n" +"8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx\n" +"iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K\n" +"zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eZV9q//////////8CAQICAg//\n" +"-----END DH PARAMETERS-----\n"; + +/* +A.4. ffdhe6144 + + The 6144-bit group has registry value 259 and is calculated from the + following formula: + + The modulus is: + + p = 2^6144 - 2^6080 + {[2^6014 * e] + 15705020} * 2^64 - 1 + + The hexadecimal representation of p is: + + FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 + D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 + 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 + 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 + 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 + 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB + B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 + 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 + 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 + 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA + 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 + 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C + AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 + 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D + ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF + 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB + 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 + 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 + A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A + 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF + 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E0DD902 + 0BFD64B6 45036C7A 4E677D2C 38532A3A 23BA4442 CAF53EA6 + 3BB45432 9B7624C8 917BDD64 B1C0FD4C B38E8C33 4C701C3A + CDAD0657 FCCFEC71 9B1F5C3E 4E46041F 388147FB 4CFDB477 + A52471F7 A9A96910 B855322E DB6340D8 A00EF092 350511E3 + 0ABEC1FF F9E3A26E 7FB29F8C 183023C3 587E38DA 0077D9B4 + 763E4E4B 94B2BBC1 94C6651E 77CAF992 EEAAC023 2A281BF6 + B3A739C1 22611682 0AE8DB58 47A67CBE F9C9091B 462D538C + D72B0374 6AE77F5E 62292C31 1562A846 505DC82D B854338A + E49F5235 C95B9117 8CCF2DD5 CACEF403 EC9D1810 C6272B04 + 5B3B71F9 DC6B80D6 3FDD4A8E 9ADB1E69 62A69526 D43161C1 + A41D570D 7938DAD4 A40E329C D0E40E65 FFFFFFFF FFFFFFFF + + The generator is: g = 2 + + The group size is: q = (p-1)/2 + + The hexadecimal representation of q is: + + 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 + EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C + BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 + 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A + CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A + 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD + DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C + 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 + C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 + 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD + 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C + 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E + 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 + B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 + D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 + 9E0D9077 1FEACEBE 12F20E95 B34F0F78 B737A961 8B26FA7D + BC9874F2 72C42BDB 563EAFA1 6B4FB68C 3BB1E78E AA81A002 + 43FAADD2 BF18E63D 389AE443 77DA18C5 76B50F00 96CF3419 + 5483B005 48C09862 36E3BC7C B8D6801C 0494CCD1 99E5C5BD + 0D0EDC9E B8A0001E 15276754 FCC68566 054148E6 E764BEE7 + C764DAAD 3FC45235 A6DAD428 FA20C170 E345003F 2F06EC81 + 05FEB25B 2281B63D 2733BE96 1C29951D 11DD2221 657A9F53 + 1DDA2A19 4DBB1264 48BDEEB2 58E07EA6 59C74619 A6380E1D + 66D6832B FE67F638 CD8FAE1F 2723020F 9C40A3FD A67EDA3B + D29238FB D4D4B488 5C2A9917 6DB1A06C 50077849 1A8288F1 + 855F60FF FCF1D137 3FD94FC6 0C1811E1 AC3F1C6D 003BECDA + 3B1F2725 CA595DE0 CA63328F 3BE57CC9 77556011 95140DFB + 59D39CE0 91308B41 05746DAC 23D33E5F 7CE4848D A316A9C6 + 6B9581BA 3573BFAF 31149618 8AB15423 282EE416 DC2A19C5 + 724FA91A E4ADC88B C66796EA E5677A01 F64E8C08 63139582 + 2D9DB8FC EE35C06B 1FEEA547 4D6D8F34 B1534A93 6A18B0E0 + D20EAB86 BC9C6D6A 5207194E 68720732 FFFFFFFF FFFFFFFF + + The estimated symmetric-equivalent strength of this group is 175 + bits. +*/ +static const char dh_ffdhe6144_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIDDAKCAwEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" +"+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" +"87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" +"YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" +"7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" +"ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" +"7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" +"nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e\n" +"8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx\n" +"iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K\n" +"zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq\n" +"OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE\n" +"HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj\n" +"w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8\n" +"vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70\n" +"A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKc0OQO\n" +"Zf//////////AgECAgIX/w==\n" +"-----END DH PARAMETERS-----\n"; + +/* +A.5. ffdhe8192 + + The 8192-bit group has registry value 260 and is calculated from the + following formula: + + The modulus is: + + p = 2^8192 - 2^8128 + {[2^8062 * e] + 10965728} * 2^64 - 1 + + The hexadecimal representation of p is: + + FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 + D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 + 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 + 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 + 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 + 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB + B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 + 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 + 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 + 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA + 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 + 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C + AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 + 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D + ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF + 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB + 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 + 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 + A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A + 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF + 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E0DD902 + 0BFD64B6 45036C7A 4E677D2C 38532A3A 23BA4442 CAF53EA6 + 3BB45432 9B7624C8 917BDD64 B1C0FD4C B38E8C33 4C701C3A + CDAD0657 FCCFEC71 9B1F5C3E 4E46041F 388147FB 4CFDB477 + A52471F7 A9A96910 B855322E DB6340D8 A00EF092 350511E3 + 0ABEC1FF F9E3A26E 7FB29F8C 183023C3 587E38DA 0077D9B4 + 763E4E4B 94B2BBC1 94C6651E 77CAF992 EEAAC023 2A281BF6 + B3A739C1 22611682 0AE8DB58 47A67CBE F9C9091B 462D538C + D72B0374 6AE77F5E 62292C31 1562A846 505DC82D B854338A + E49F5235 C95B9117 8CCF2DD5 CACEF403 EC9D1810 C6272B04 + 5B3B71F9 DC6B80D6 3FDD4A8E 9ADB1E69 62A69526 D43161C1 + A41D570D 7938DAD4 A40E329C CFF46AAA 36AD004C F600C838 + 1E425A31 D951AE64 FDB23FCE C9509D43 687FEB69 EDD1CC5E + 0B8CC3BD F64B10EF 86B63142 A3AB8829 555B2F74 7C932665 + CB2C0F1C C01BD702 29388839 D2AF05E4 54504AC7 8B758282 + 2846C0BA 35C35F5C 59160CC0 46FD8251 541FC68C 9C86B022 + BB709987 6A460E74 51A8A931 09703FEE 1C217E6C 3826E52C + 51AA691E 0E423CFC 99E9E316 50C1217B 624816CD AD9A95F9 + D5B80194 88D9C0A0 A1FE3075 A577E231 83F81D4A 3F2FA457 + 1EFC8CE0 BA8A4FE8 B6855DFE 72B0A66E DED2FBAB FBE58A30 + FAFABE1C 5D71A87E 2F741EF8 C1FE86FE A6BBFDE5 30677F0D + 97D11D49 F7A8443D 0822E506 A9F4614E 011E2A94 838FF88C + D68C8BB7 C5C6424C FFFFFFFF FFFFFFFF + + The generator is: g = 2 + + The group size is: q = (p-1)/2 + + The hexadecimal representation of q is: + + 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 + EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C + BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 + 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A + CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A + 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD + DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C + 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 + C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 + 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD + 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C + 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E + 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 + B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 + D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 + 9E0D9077 1FEACEBE 12F20E95 B34F0F78 B737A961 8B26FA7D + BC9874F2 72C42BDB 563EAFA1 6B4FB68C 3BB1E78E AA81A002 + 43FAADD2 BF18E63D 389AE443 77DA18C5 76B50F00 96CF3419 + 5483B005 48C09862 36E3BC7C B8D6801C 0494CCD1 99E5C5BD + 0D0EDC9E B8A0001E 15276754 FCC68566 054148E6 E764BEE7 + C764DAAD 3FC45235 A6DAD428 FA20C170 E345003F 2F06EC81 + 05FEB25B 2281B63D 2733BE96 1C29951D 11DD2221 657A9F53 + 1DDA2A19 4DBB1264 48BDEEB2 58E07EA6 59C74619 A6380E1D + 66D6832B FE67F638 CD8FAE1F 2723020F 9C40A3FD A67EDA3B + D29238FB D4D4B488 5C2A9917 6DB1A06C 50077849 1A8288F1 + 855F60FF FCF1D137 3FD94FC6 0C1811E1 AC3F1C6D 003BECDA + 3B1F2725 CA595DE0 CA63328F 3BE57CC9 77556011 95140DFB + 59D39CE0 91308B41 05746DAC 23D33E5F 7CE4848D A316A9C6 + 6B9581BA 3573BFAF 31149618 8AB15423 282EE416 DC2A19C5 + 724FA91A E4ADC88B C66796EA E5677A01 F64E8C08 63139582 + 2D9DB8FC EE35C06B 1FEEA547 4D6D8F34 B1534A93 6A18B0E0 + D20EAB86 BC9C6D6A 5207194E 67FA3555 1B568026 7B00641C + 0F212D18 ECA8D732 7ED91FE7 64A84EA1 B43FF5B4 F6E8E62F + 05C661DE FB258877 C35B18A1 51D5C414 AAAD97BA 3E499332 + E596078E 600DEB81 149C441C E95782F2 2A282563 C5BAC141 + 1423605D 1AE1AFAE 2C8B0660 237EC128 AA0FE346 4E435811 + 5DB84CC3 B523073A 28D45498 84B81FF7 0E10BF36 1C137296 + 28D5348F 07211E7E 4CF4F18B 286090BD B1240B66 D6CD4AFC + EADC00CA 446CE050 50FF183A D2BBF118 C1FC0EA5 1F97D22B + 8F7E4670 5D4527F4 5B42AEFF 39585337 6F697DD5 FDF2C518 + 7D7D5F0E 2EB8D43F 17BA0F7C 60FF437F 535DFEF2 9833BF86 + CBE88EA4 FBD4221E 84117283 54FA30A7 008F154A 41C7FC46 + 6B4645DB E2E32126 7FFFFFFF FFFFFFFF + + The estimated symmetric-equivalent strength of this group is 192 + bits. +*/ +static const char dh_ffdhe8192_pem[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIEDAKCBAEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" +"+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" +"87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" +"YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" +"7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" +"ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" +"7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" +"nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e\n" +"8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx\n" +"iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K\n" +"zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq\n" +"OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE\n" +"HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj\n" +"w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8\n" +"vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70\n" +"A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKcz/Rq\n" +"qjatAEz2AMg4HkJaMdlRrmT9sj/OyVCdQ2h/62nt0cxeC4zDvfZLEO+GtjFCo6uI\n" +"KVVbL3R8kyZlyywPHMAb1wIpOIg50q8F5FRQSseLdYKCKEbAujXDX1xZFgzARv2C\n" +"UVQfxoychrAiu3CZh2pGDnRRqKkxCXA/7hwhfmw4JuUsUappHg5CPPyZ6eMWUMEh\n" +"e2JIFs2tmpX51bgBlIjZwKCh/jB1pXfiMYP4HUo/L6RXHvyM4LqKT+i2hV3+crCm\n" +"bt7S+6v75Yow+vq+HF1xqH4vdB74wf6G/qa7/eUwZ38Nl9EdSfeoRD0IIuUGqfRh\n" +"TgEeKpSDj/iM1oyLt8XGQkz//////////wIBAgICH/8=\n" +"-----END DH PARAMETERS-----\n"; + +/* ========================================================================= */ + +/* Generated by Phil as a non-standard option. +openssl dhparam -2 2048 +No provenance to prove non-tampering available, beyond trusting that this +developer generated this as stated above. */ + + +/* MacOSX 10.10.5 invoking system OpenSSL 0.9.8zg */ +static const char dh_exim_20160529_1[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBCAKCAQEA8ZMf89Gaye4bDEX1BXZ9+2edkXym9EK0GxmFilHEGpnhgLNmCk+H\n" +"cCb+zn8Ed5bpCOmRuEv9N/VKPjSpno8jYiQbFgUL3vh8uKvQLJNTzDVDbpd3YO7E\n" +"tiS0L0qWL57zIf8b3VZTMRsH4Orz2Rla61wVl6XpxE5WRfGqPS264Vvfew7xmCoi\n" +"INaFzIU6zwk2WeD6K5asctYlQG/UtgY1nRFkQTebIOpm03a6/hw7F14l3yUZgXfv\n" +"I3m4MFaWvxGcuZxddTijXw3VfjMdWvdH3Iz7IcqD32uEzK6Rgi/t4OVSw1kE2oDt\n" +"cFThPUCWb7O4TVq9Xt2UZqZFNU6kUAkv2wIBAg==\n" +"-----END DH PARAMETERS-----\n"; + +/* MacOSX 10.10.5 invoking OpenSSL 1.0.2h installed from brew bottle */ +static const char dh_exim_20160529_2[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBCAKCAQEAot84eqyfSb5l8GRCN2ioWP5T85Z/2lVX9A9r9JzwDfvliAAqm6Vp\n" +"UcHdAfVt54kc8DsmLiHdDhxY1I/wo+DcBylfVx13cmkroAocowOD5dwQMYk6iXjV\n" +"ys4heRJhYlAHgt8QZH8dA8c/HLs+rlAHhSUPnetsZmcoPE0LRsjigJsiVXasm+sl\n" +"g/77u5FCkgSrFILcD9PLPto1ciIXp2y8cjXQDk+D9FH1HaSCXLCLkuHxhQXxjTYO\n" +"C3Q53aNLkDJ4zpPt7Kc9NxQFBVlNc260IFDOHTWhgV2zpyG6oIzQoHSmmiLAAfcF\n" +"HrG7I06uZBLjuNGGaM0eeuxHNhs2G2EduwIBAg==\n" +"-----END DH PARAMETERS-----\n"; + +/* Ubuntu 14.04.4 running on dual-core Atom D2500 with OneRNG entropy key */ +static const char dh_exim_20160529_3[] = +"-----BEGIN DH PARAMETERS-----\n" +"MIIBCAKCAQEAkbRYVoge2PtrmV1eKCKluSBFELgckuLSnkuH0TffqbmfoYM34lFu\n" +"2vPM2LhnzKvEBQlIICOTzQD29kROacRfSKpsNINRXhXKUqI6sFXzUZu4Flk69XKG\n" +"ZOSDYvWkI5pSn1amQ4Nnvn6s+uwn/f0ZDZDiKLW9TgntxJV4A2+yeymaeoGCbIXX\n" +"5q8WgajFhAeut36RL93HBnXT1hT7Eja1Y81w9fOzQrwBuXhyfCkAdiMA/VCp0UD4\n" +"0p7uf+okpckVnwD6WnUCHMij8nGlVblZELFYzNi0udtzIrSwlALbZXIeAqhbZXJO\n" +"lCuYspJhzV0Vs0lDJwrxvNwtdg1ernVIowIBAg==\n" +"-----END DH PARAMETERS-----\n"; + +/* ========================================================================= */ + +struct dh_constant { + const char * label; + const char * pem; + int logging; +}; + +#define EXIM_DH_PRIME_DEFAULT dh_exim_20160529_3 + +/* KEEP SORTED ALPHABETICALLY; +duplicate PEM are okay, if we want aliases, but names must be alphabetical */ + +static struct dh_constant dh_constants[] = { + /* label pem */ + { "default", EXIM_DH_PRIME_DEFAULT, 0 }, + { "exim.dev.20160529.1", dh_exim_20160529_1, 0 }, + { "exim.dev.20160529.2", dh_exim_20160529_2, 0 }, + { "exim.dev.20160529.3", dh_exim_20160529_3, 0 }, + { "ffdhe2048", dh_ffdhe2048_pem, 0 }, + { "ffdhe3072", dh_ffdhe3072_pem, 0 }, + { "ffdhe4096", dh_ffdhe4096_pem, 0 }, + { "ffdhe6144", dh_ffdhe6144_pem, 0 }, + { "ffdhe8192", dh_ffdhe8192_pem, 0 }, + { "ike1", dh_ike_1_pem, LOG_MAIN | LOG_PANIC }, + { "ike14", dh_ike_14_pem, 0 }, + { "ike15", dh_ike_15_pem, 0 }, + { "ike16", dh_ike_16_pem, 0 }, + { "ike17", dh_ike_17_pem, 0 }, + { "ike18", dh_ike_18_pem, 0 }, + { "ike2", dh_ike_2_pem, LOG_MAIN }, + { "ike22", dh_ike_22_pem, LOG_MAIN | LOG_PANIC }, + { "ike23", dh_ike_23_pem, LOG_MAIN }, + { "ike24", dh_ike_24_pem, LOG_MAIN }, + { "ike5", dh_ike_5_pem, 0 }, +}; +static const int dh_constants_count = nelem(dh_constants); + + +/* A policy decision; in absence of any other data, use a 2048 bit prime, +pick the first one from the latest RFC providing such. */ + +const char * +std_dh_prime_default(void) +{ +return EXIM_DH_PRIME_DEFAULT; +} + + +/* Return PEM string for given name */ + +const char * +std_dh_prime_named(const uschar * name) +{ +for (int first = 0, last = dh_constants_count; last > first; ) + { + int middle = (first + last)/2; + struct dh_constant * dp = &dh_constants[middle]; + int c = Ustrcmp(name, dp->label); + if (c == 0) + { + if (dp->logging) + log_write(0, dp->logging, + "WARNING: deprecated Diffie-Hellman parameter '%s' used", dp->label); + return dp->pem; + } + else if (c > 0) + first = middle + 1; + else + last = middle; + } +return NULL; +} + +#endif /*DISABLE_TLS*/ +/* EOF */ -- cgit v1.2.3