| 1 | /************************************************* |
| 2 | * Exim - an Internet mail transport agent * |
| 3 | *************************************************/ |
| 4 | |
| 5 | /* Copyright (c) Phil Pennock 2012, 2016 |
| 6 | * Copyright (c) The Exim Maintainers 2017 - 2018 |
| 7 | * But almost everything here is fixed published constants from RFCs, so also: |
| 8 | * Copyright (C) The Internet Society (2003) |
| 9 | * Copyright (C) The IETF Trust (2008) |
| 10 | * Most of the text in RFC referencing comments is copy/paste from RFC, |
| 11 | * as is undoubtedly the intention. |
| 12 | * The constants are generated from that text using util/gen_pkcs3.c invoked |
| 13 | * with the -C option. |
| 14 | */ |
| 15 | |
| 16 | /* See the file NOTICE for conditions of use and distribution. */ |
| 17 | |
| 18 | #include "exim.h" |
| 19 | |
| 20 | #ifdef DISABLE_TLS |
| 21 | static void dummy(int x) { dummy(x-1); } |
| 22 | #else |
| 23 | |
| 24 | /* The IETF defines standard primes as "Modular Exponential (MODP) Groups" for |
| 25 | use in IKE in RFC 2409 and 3526, and then some more, "for Use with IETF |
| 26 | Standards" in RFC 5114. These have been thoroughly reviewed as meeting |
| 27 | certain eligibility criteria, which is more than can be said for primes |
| 28 | generated quickly on no particular criteria. |
| 29 | |
| 30 | Any prime used in TLS is disclosed publicly, and if the security of your |
| 31 | session depends upon the prime being secret, then one of three situations |
| 32 | holds: |
| 33 | (1) the prime is too small |
| 34 | (2) the prime is flawed, use one of these instead |
| 35 | (3) you know of fundamental cryptanalytic breaks not currently publicly known |
| 36 | to the cryptographic community. |
| 37 | */ |
| 38 | |
| 39 | /* RFC 2409 MODP IKE_id=1 generator=2 bits=768 |
| 40 | The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } |
| 41 | Its hexadecimal value is |
| 42 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 43 | 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| 44 | EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| 45 | E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF |
| 46 | */ |
| 47 | static const char dh_ike_1_pem[] = |
| 48 | "-----BEGIN DH PARAMETERS-----\n" |
| 49 | "MGYCYQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5siUUoI\n" |
| 50 | "eY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummOjYg////\n" |
| 51 | "//////8CAQI=\n" |
| 52 | "-----END DH PARAMETERS-----\n"; |
| 53 | |
| 54 | /* RFC 2409 MODP IKE_id=2 generator=2 bits=1024 |
| 55 | The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. |
| 56 | Its hexadecimal value is |
| 57 | |
| 58 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 59 | 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| 60 | EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| 61 | E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED |
| 62 | EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 |
| 63 | FFFFFFFF FFFFFFFF |
| 64 | */ |
| 65 | static const char dh_ike_2_pem[] = |
| 66 | "-----BEGIN DH PARAMETERS-----\n" |
| 67 | "MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR\n" |
| 68 | "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL\n" |
| 69 | "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC\n" |
| 70 | "-----END DH PARAMETERS-----\n"; |
| 71 | |
| 72 | /* RFC 2409; id=3 and id=4 are EC2N, not yet supported here */ |
| 73 | |
| 74 | /* RFC 3526 MODP IKE_id=5 generator=2 bits=1536 |
| 75 | The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } |
| 76 | Its hexadecimal value is: |
| 77 | |
| 78 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 79 | 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| 80 | EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| 81 | E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED |
| 82 | EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D |
| 83 | C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F |
| 84 | 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D |
| 85 | 670C354E 4ABC9804 F1746C08 CA237327 FFFFFFFF FFFFFFFF |
| 86 | */ |
| 87 | static const char dh_ike_5_pem[] = |
| 88 | "-----BEGIN DH PARAMETERS-----\n" |
| 89 | "MIHHAoHBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR\n" |
| 90 | "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL\n" |
| 91 | "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7ORbPcIAfLihY78FmNpINhxV05pp\n" |
| 92 | "Fj+o/STPX4NlXSPco62WHGLzViCFUrue1SkHcJaWbWcMNU5KvJgE8XRsCMojcyf/\n" |
| 93 | "/////////wIBAg==\n" |
| 94 | "-----END DH PARAMETERS-----\n"; |
| 95 | |
| 96 | /* RFC 3526 MODP IKE_id=14 generator=2 bits=2048 |
| 97 | This prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } |
| 98 | Its hexadecimal value is: |
| 99 | |
| 100 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 101 | 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| 102 | EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| 103 | E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED |
| 104 | EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D |
| 105 | C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F |
| 106 | 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D |
| 107 | 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B |
| 108 | E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 |
| 109 | DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 |
| 110 | 15728E5A 8AACAA68 FFFFFFFF FFFFFFFF |
| 111 | */ |
| 112 | static const char dh_ike_14_pem[] = |
| 113 | "-----BEGIN DH PARAMETERS-----\n" |
| 114 | "MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" |
| 115 | "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" |
| 116 | "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" |
| 117 | "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" |
| 118 | "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" |
| 119 | "5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==\n" |
| 120 | "-----END DH PARAMETERS-----\n"; |
| 121 | |
| 122 | /* RFC 3526 MODP IKE_id=15 generator=2 bits=3072 |
| 123 | This prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } |
| 124 | Its hexadecimal value is: |
| 125 | |
| 126 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 127 | 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| 128 | EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| 129 | E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED |
| 130 | EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D |
| 131 | C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F |
| 132 | 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D |
| 133 | 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B |
| 134 | E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 |
| 135 | DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 |
| 136 | 15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64 |
| 137 | ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7 |
| 138 | ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B |
| 139 | F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C |
| 140 | BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 |
| 141 | 43DB5BFC E0FD108E 4B82D120 A93AD2CA FFFFFFFF FFFFFFFF |
| 142 | */ |
| 143 | static const char dh_ike_15_pem[] = |
| 144 | "-----BEGIN DH PARAMETERS-----\n" |
| 145 | "MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" |
| 146 | "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" |
| 147 | "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" |
| 148 | "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" |
| 149 | "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" |
| 150 | "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" |
| 151 | "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" |
| 152 | "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS\n" |
| 153 | "yv//////////AgEC\n" |
| 154 | "-----END DH PARAMETERS-----\n"; |
| 155 | |
| 156 | /* RFC 3526 MODP IKE_id=16 generator=2 bits=4096 |
| 157 | This prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } |
| 158 | Its hexadecimal value is: |
| 159 | |
| 160 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 161 | 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| 162 | EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| 163 | E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED |
| 164 | EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D |
| 165 | C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F |
| 166 | 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D |
| 167 | 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B |
| 168 | E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 |
| 169 | DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 |
| 170 | 15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64 |
| 171 | ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7 |
| 172 | ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B |
| 173 | F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C |
| 174 | BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 |
| 175 | 43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 |
| 176 | 88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA |
| 177 | 2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6 |
| 178 | 287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED |
| 179 | 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9 |
| 180 | 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34063199 |
| 181 | FFFFFFFF FFFFFFFF |
| 182 | */ |
| 183 | static const char dh_ike_16_pem[] = |
| 184 | "-----BEGIN DH PARAMETERS-----\n" |
| 185 | "MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" |
| 186 | "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" |
| 187 | "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" |
| 188 | "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" |
| 189 | "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" |
| 190 | "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" |
| 191 | "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" |
| 192 | "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI\n" |
| 193 | "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O\n" |
| 194 | "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI\n" |
| 195 | "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=\n" |
| 196 | "-----END DH PARAMETERS-----\n"; |
| 197 | |
| 198 | /* RFC 3526 MODP IKE_id=17 generator=2 bits=6144 |
| 199 | This prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } |
| 200 | Its hexadecimal value is: |
| 201 | |
| 202 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 |
| 203 | 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B |
| 204 | 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 |
| 205 | A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 |
| 206 | 49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 |
| 207 | FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D |
| 208 | 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C |
| 209 | 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718 |
| 210 | 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D |
| 211 | 04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D |
| 212 | B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 |
| 213 | 1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C |
| 214 | BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC |
| 215 | E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26 |
| 216 | 99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB |
| 217 | 04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2 |
| 218 | 233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 |
| 219 | D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492 |
| 220 | 36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD F8FF9406 |
| 221 | AD9E530E E5DB382F 413001AE B06A53ED 9027D831 179727B0 865A8918 |
| 222 | DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B DB7F1447 E6CC254B 33205151 |
| 223 | 2BD7AF42 6FB8F401 378CD2BF 5983CA01 C64B92EC F032EA15 D1721D03 |
| 224 | F482D7CE 6E74FEF6 D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F |
| 225 | BEC7E8F3 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA |
| 226 | CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 06A1D58B |
| 227 | B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C DA56C9EC 2EF29632 |
| 228 | 387FE8D7 6E3C0468 043E8F66 3F4860EE 12BF2D5B 0B7474D6 E694F91E |
| 229 | 6DCC4024 FFFFFFFF FFFFFFFF |
| 230 | */ |
| 231 | static const char dh_ike_17_pem[] = |
| 232 | "-----BEGIN DH PARAMETERS-----\n" |
| 233 | "MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" |
| 234 | "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" |
| 235 | "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" |
| 236 | "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" |
| 237 | "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" |
| 238 | "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" |
| 239 | "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" |
| 240 | "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI\n" |
| 241 | "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O\n" |
| 242 | "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI\n" |
| 243 | "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG\n" |
| 244 | "3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU\n" |
| 245 | "7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId\n" |
| 246 | "A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha\n" |
| 247 | "xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/\n" |
| 248 | "8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA\n" |
| 249 | "JP//////////AgEC\n" |
| 250 | "-----END DH PARAMETERS-----\n"; |
| 251 | |
| 252 | /* RFC 3526 MODP IKE_id=18 generator=2 bits=8192 |
| 253 | This prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } |
| 254 | Its hexadecimal value is: |
| 255 | |
| 256 | FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 257 | 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| 258 | EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| 259 | E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED |
| 260 | EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D |
| 261 | C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F |
| 262 | 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D |
| 263 | 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B |
| 264 | E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 |
| 265 | DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 |
| 266 | 15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64 |
| 267 | ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7 |
| 268 | ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B |
| 269 | F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C |
| 270 | BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 |
| 271 | 43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 |
| 272 | 88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA |
| 273 | 2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6 |
| 274 | 287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED |
| 275 | 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9 |
| 276 | 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492 |
| 277 | 36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD |
| 278 | F8FF9406 AD9E530E E5DB382F 413001AE B06A53ED 9027D831 |
| 279 | 179727B0 865A8918 DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B |
| 280 | DB7F1447 E6CC254B 33205151 2BD7AF42 6FB8F401 378CD2BF |
| 281 | 5983CA01 C64B92EC F032EA15 D1721D03 F482D7CE 6E74FEF6 |
| 282 | D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F BEC7E8F3 |
| 283 | 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA |
| 284 | CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 |
| 285 | 06A1D58B B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C |
| 286 | DA56C9EC 2EF29632 387FE8D7 6E3C0468 043E8F66 3F4860EE |
| 287 | 12BF2D5B 0B7474D6 E694F91E 6DBE1159 74A3926F 12FEE5E4 |
| 288 | 38777CB6 A932DF8C D8BEC4D0 73B931BA 3BC832B6 8D9DD300 |
| 289 | 741FA7BF 8AFC47ED 2576F693 6BA42466 3AAB639C 5AE4F568 |
| 290 | 3423B474 2BF1C978 238F16CB E39D652D E3FDB8BE FC848AD9 |
| 291 | 22222E04 A4037C07 13EB57A8 1A23F0C7 3473FC64 6CEA306B |
| 292 | 4BCBC886 2F8385DD FA9D4B7F A2C087E8 79683303 ED5BDD3A |
| 293 | 062B3CF5 B3A278A6 6D2A13F8 3F44F82D DF310EE0 74AB6A36 |
| 294 | 4597E899 A0255DC1 64F31CC5 0846851D F9AB4819 5DED7EA1 |
| 295 | B1D510BD 7EE74D73 FAF36BC3 1ECFA268 359046F4 EB879F92 |
| 296 | 4009438B 481C6CD7 889A002E D5EE382B C9190DA6 FC026E47 |
| 297 | 9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71 |
| 298 | 60C980DD 98EDD3DF FFFFFFFF FFFFFFFF |
| 299 | */ |
| 300 | static const char dh_ike_18_pem[] = |
| 301 | "-----BEGIN DH PARAMETERS-----\n" |
| 302 | "MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" |
| 303 | "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" |
| 304 | "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" |
| 305 | "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" |
| 306 | "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" |
| 307 | "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM\n" |
| 308 | "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq\n" |
| 309 | "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI\n" |
| 310 | "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O\n" |
| 311 | "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI\n" |
| 312 | "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG\n" |
| 313 | "3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU\n" |
| 314 | "7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId\n" |
| 315 | "A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha\n" |
| 316 | "xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/\n" |
| 317 | "8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R\n" |
| 318 | "WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk\n" |
| 319 | "ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw\n" |
| 320 | "xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4\n" |
| 321 | "Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i\n" |
| 322 | "aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU\n" |
| 323 | "38gfVuiAuW5xYMmA3Zjt09///////////wIBAg==\n" |
| 324 | "-----END DH PARAMETERS-----\n"; |
| 325 | |
| 326 | /* RFC 5114 IKE_id=22 |
| 327 | 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup |
| 328 | |
| 329 | The hexadecimal value of the prime is: |
| 330 | |
| 331 | p = B10B8F96 A080E01D DE92DE5E AE5D54EC 52C99FBC FB06A3C6 |
| 332 | 9A6A9DCA 52D23B61 6073E286 75A23D18 9838EF1E 2EE652C0 |
| 333 | 13ECB4AE A9061123 24975C3C D49B83BF ACCBDD7D 90C4BD70 |
| 334 | 98488E9C 219A7372 4EFFD6FA E5644738 FAA31A4F F55BCCC0 |
| 335 | A151AF5F 0DC8B4BD 45BF37DF 365C1A65 E68CFDA7 6D4DA708 |
| 336 | DF1FB2BC 2E4A4371 |
| 337 | |
| 338 | The hexadecimal value of the generator is: |
| 339 | |
| 340 | g = A4D1CBD5 C3FD3412 6765A442 EFB99905 F8104DD2 58AC507F |
| 341 | D6406CFF 14266D31 266FEA1E 5C41564B 777E690F 5504F213 |
| 342 | 160217B4 B01B886A 5E91547F 9E2749F4 D7FBD7D3 B9A92EE1 |
| 343 | 909D0D22 63F80A76 A6A24C08 7A091F53 1DBF0A01 69B6A28A |
| 344 | D662A4D1 8E73AFA3 2D779D59 18D08BC8 858F4DCE F97C2A24 |
| 345 | 855E6EEB 22B3B2E5 |
| 346 | |
| 347 | The generator generates a prime-order subgroup of size: |
| 348 | |
| 349 | q = F518AA87 81A8DF27 8ABA4E7D 64B7CB9D 49462353 |
| 350 | */ |
| 351 | static const char dh_ike_22_pem[] = |
| 352 | "-----BEGIN DH PARAMETERS-----\n" |
| 353 | "MIIBCAKBgQCxC4+WoIDgHd6S3l6uXVTsUsmfvPsGo8aaap3KUtI7YWBz4oZ1oj0Y\n" |
| 354 | "mDjvHi7mUsAT7LSuqQYRIySXXDzUm4O/rMvdfZDEvXCYSI6cIZpzck7/1vrlZEc4\n" |
| 355 | "+qMaT/VbzMChUa9fDci0vUW/N982XBpl5oz9p21NpwjfH7K8LkpDcQKBgQCk0cvV\n" |
| 356 | "w/00EmdlpELvuZkF+BBN0lisUH/WQGz/FCZtMSZv6h5cQVZLd35pD1UE8hMWAhe0\n" |
| 357 | "sBuIal6RVH+eJ0n01/vX07mpLuGQnQ0iY/gKdqaiTAh6CR9THb8KAWm2oorWYqTR\n" |
| 358 | "jnOvoy13nVkY0IvIhY9Nzvl8KiSFXm7rIrOy5Q==\n" |
| 359 | "-----END DH PARAMETERS-----\n"; |
| 360 | |
| 361 | /* RFC 5114 IKE_id=23 |
| 362 | 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup |
| 363 | |
| 364 | The hexadecimal value of the prime is: |
| 365 | |
| 366 | p = AD107E1E 9123A9D0 D660FAA7 9559C51F A20D64E5 683B9FD1 |
| 367 | B54B1597 B61D0A75 E6FA141D F95A56DB AF9A3C40 7BA1DF15 |
| 368 | EB3D688A 309C180E 1DE6B85A 1274A0A6 6D3F8152 AD6AC212 |
| 369 | 9037C9ED EFDA4DF8 D91E8FEF 55B7394B 7AD5B7D0 B6C12207 |
| 370 | C9F98D11 ED34DBF6 C6BA0B2C 8BBC27BE 6A00E0A0 B9C49708 |
| 371 | B3BF8A31 70918836 81286130 BC8985DB 1602E714 415D9330 |
| 372 | 278273C7 DE31EFDC 7310F712 1FD5A074 15987D9A DC0A486D |
| 373 | CDF93ACC 44328387 315D75E1 98C641A4 80CD86A1 B9E587E8 |
| 374 | BE60E69C C928B2B9 C52172E4 13042E9B 23F10B0E 16E79763 |
| 375 | C9B53DCF 4BA80A29 E3FB73C1 6B8E75B9 7EF363E2 FFA31F71 |
| 376 | CF9DE538 4E71B81C 0AC4DFFE 0C10E64F |
| 377 | |
| 378 | The hexadecimal value of the generator is: |
| 379 | |
| 380 | g = AC4032EF 4F2D9AE3 9DF30B5C 8FFDAC50 6CDEBE7B 89998CAF |
| 381 | 74866A08 CFE4FFE3 A6824A4E 10B9A6F0 DD921F01 A70C4AFA |
| 382 | AB739D77 00C29F52 C57DB17C 620A8652 BE5E9001 A8D66AD7 |
| 383 | C1766910 1999024A F4D02727 5AC1348B B8A762D0 521BC98A |
| 384 | E2471504 22EA1ED4 09939D54 DA7460CD B5F6C6B2 50717CBE |
| 385 | F180EB34 118E98D1 19529A45 D6F83456 6E3025E3 16A330EF |
| 386 | BB77A86F 0C1AB15B 051AE3D4 28C8F8AC B70A8137 150B8EEB |
| 387 | 10E183ED D19963DD D9E263E4 770589EF 6AA21E7F 5F2FF381 |
| 388 | B539CCE3 409D13CD 566AFBB4 8D6C0191 81E1BCFE 94B30269 |
| 389 | EDFE72FE 9B6AA4BD 7B5A0F1C 71CFFF4C 19C418E1 F6EC0179 |
| 390 | 81BC087F 2A7065B3 84B890D3 191F2BFA |
| 391 | |
| 392 | The generator generates a prime-order subgroup of size: |
| 393 | |
| 394 | q = 801C0D34 C58D93FE 99717710 1F80535A 4738CEBC BF389A99 |
| 395 | B36371EB |
| 396 | */ |
| 397 | static const char dh_ike_23_pem[] = |
| 398 | "-----BEGIN DH PARAMETERS-----\n" |
| 399 | "MIICCgKCAQEArRB+HpEjqdDWYPqnlVnFH6INZOVoO5/RtUsVl7YdCnXm+hQd+VpW\n" |
| 400 | "26+aPEB7od8V6z1oijCcGA4d5rhaEnSgpm0/gVKtasISkDfJ7e/aTfjZHo/vVbc5\n" |
| 401 | "S3rVt9C2wSIHyfmNEe002/bGugssi7wnvmoA4KC5xJcIs7+KMXCRiDaBKGEwvImF\n" |
| 402 | "2xYC5xRBXZMwJ4Jzx94x79xzEPcSH9WgdBWYfZrcCkhtzfk6zEQyg4cxXXXhmMZB\n" |
| 403 | "pIDNhqG55YfovmDmnMkosrnFIXLkEwQumyPxCw4W55djybU9z0uoCinj+3PBa451\n" |
| 404 | "uX7zY+L/ox9xz53lOE5xuBwKxN/+DBDmTwKCAQEArEAy708tmuOd8wtcj/2sUGze\n" |
| 405 | "vnuJmYyvdIZqCM/k/+OmgkpOELmm8N2SHwGnDEr6q3OddwDCn1LFfbF8YgqGUr5e\n" |
| 406 | "kAGo1mrXwXZpEBmZAkr00CcnWsE0i7inYtBSG8mK4kcVBCLqHtQJk51U2nRgzbX2\n" |
| 407 | "xrJQcXy+8YDrNBGOmNEZUppF1vg0Vm4wJeMWozDvu3eobwwasVsFGuPUKMj4rLcK\n" |
| 408 | "gTcVC47rEOGD7dGZY93Z4mPkdwWJ72qiHn9fL/OBtTnM40CdE81Wavu0jWwBkYHh\n" |
| 409 | "vP6UswJp7f5y/ptqpL17Wg8ccc//TBnEGOH27AF5gbwIfypwZbOEuJDTGR8r+g==\n" |
| 410 | "-----END DH PARAMETERS-----\n"; |
| 411 | |
| 412 | /* RFC 5114 IKE_id=24 |
| 413 | 2.3. 2048-bit MODP Group with 256-bit Prime Order Subgroup |
| 414 | |
| 415 | The hexadecimal value of the prime is: |
| 416 | |
| 417 | p = 87A8E61D B4B6663C FFBBD19C 65195999 8CEEF608 660DD0F2 |
| 418 | 5D2CEED4 435E3B00 E00DF8F1 D61957D4 FAF7DF45 61B2AA30 |
| 419 | 16C3D911 34096FAA 3BF4296D 830E9A7C 209E0C64 97517ABD |
| 420 | 5A8A9D30 6BCF67ED 91F9E672 5B4758C0 22E0B1EF 4275BF7B |
| 421 | 6C5BFC11 D45F9088 B941F54E B1E59BB8 BC39A0BF 12307F5C |
| 422 | 4FDB70C5 81B23F76 B63ACAE1 CAA6B790 2D525267 35488A0E |
| 423 | F13C6D9A 51BFA4AB 3AD83477 96524D8E F6A167B5 A41825D9 |
| 424 | 67E144E5 14056425 1CCACB83 E6B486F6 B3CA3F79 71506026 |
| 425 | C0B857F6 89962856 DED4010A BD0BE621 C3A3960A 54E710C3 |
| 426 | 75F26375 D7014103 A4B54330 C198AF12 6116D227 6E11715F |
| 427 | 693877FA D7EF09CA DB094AE9 1E1A1597 |
| 428 | |
| 429 | The hexadecimal value of the generator is: |
| 430 | |
| 431 | g = 3FB32C9B 73134D0B 2E775066 60EDBD48 4CA7B18F 21EF2054 |
| 432 | 07F4793A 1A0BA125 10DBC150 77BE463F FF4FED4A AC0BB555 |
| 433 | BE3A6C1B 0C6B47B1 BC3773BF 7E8C6F62 901228F8 C28CBB18 |
| 434 | A55AE313 41000A65 0196F931 C77A57F2 DDF463E5 E9EC144B |
| 435 | 777DE62A AAB8A862 8AC376D2 82D6ED38 64E67982 428EBC83 |
| 436 | 1D14348F 6F2F9193 B5045AF2 767164E1 DFC967C1 FB3F2E55 |
| 437 | A4BD1BFF E83B9C80 D052B985 D182EA0A DB2A3B73 13D3FE14 |
| 438 | C8484B1E 052588B9 B7D2BBD2 DF016199 ECD06E15 57CD0915 |
| 439 | B3353BBB 64E0EC37 7FD02837 0DF92B52 C7891428 CDC67EB6 |
| 440 | 184B523D 1DB246C3 2F630784 90F00EF8 D647D148 D4795451 |
| 441 | 5E2327CF EF98C582 664B4C0F 6CC41659 |
| 442 | |
| 443 | The generator generates a prime-order subgroup of size: |
| 444 | |
| 445 | q = 8CF83642 A709A097 B4479976 40129DA2 99B1A47D 1EB3750B |
| 446 | A308B0FE 64F5FBD3 |
| 447 | */ |
| 448 | static const char dh_ike_24_pem[] = |
| 449 | "-----BEGIN DH PARAMETERS-----\n" |
| 450 | "MIICCQKCAQEAh6jmHbS2Zjz/u9GcZRlZmYzu9ghmDdDyXSzu1ENeOwDgDfjx1hlX\n" |
| 451 | "1Pr330VhsqowFsPZETQJb6o79Cltgw6afCCeDGSXUXq9WoqdMGvPZ+2R+eZyW0dY\n" |
| 452 | "wCLgse9Cdb97bFv8EdRfkIi5QfVOseWbuLw5oL8SMH9cT9twxYGyP3a2Osrhyqa3\n" |
| 453 | "kC1SUmc1SIoO8TxtmlG/pKs62DR3llJNjvahZ7WkGCXZZ+FE5RQFZCUcysuD5rSG\n" |
| 454 | "9rPKP3lxUGAmwLhX9omWKFbe1AEKvQvmIcOjlgpU5xDDdfJjddcBQQOktUMwwZiv\n" |
| 455 | "EmEW0iduEXFfaTh3+tfvCcrbCUrpHhoVlwKCAQA/syybcxNNCy53UGZg7b1ITKex\n" |
| 456 | "jyHvIFQH9Hk6GguhJRDbwVB3vkY//0/tSqwLtVW+OmwbDGtHsbw3c79+jG9ikBIo\n" |
| 457 | "+MKMuxilWuMTQQAKZQGW+THHelfy3fRj5ensFEt3feYqqrioYorDdtKC1u04ZOZ5\n" |
| 458 | "gkKOvIMdFDSPby+Rk7UEWvJ2cWTh38lnwfs/LlWkvRv/6DucgNBSuYXRguoK2yo7\n" |
| 459 | "cxPT/hTISEseBSWIubfSu9LfAWGZ7NBuFVfNCRWzNTu7ZODsN3/QKDcN+StSx4kU\n" |
| 460 | "KM3GfrYYS1I9HbJGwy9jB4SQ8A741kfRSNR5VFFeIyfP75jFgmZLTA9sxBZZ\n" |
| 461 | "-----END DH PARAMETERS-----\n"; |
| 462 | |
| 463 | /* ------------------------------------------------------------------------- */ |
| 464 | /* RFC 7919 Published August 2016, so strength estimates date from then. |
| 465 | |
| 466 | A.1. ffdhe2048 |
| 467 | |
| 468 | The 2048-bit group has registry value 256 and is calculated from the |
| 469 | following formula: |
| 470 | |
| 471 | The modulus is: |
| 472 | |
| 473 | p = 2^2048 - 2^1984 + {[2^1918 * e] + 560316 } * 2^64 - 1 |
| 474 | |
| 475 | The hexadecimal representation of p is: |
| 476 | |
| 477 | FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 |
| 478 | D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 |
| 479 | 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 |
| 480 | 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 |
| 481 | 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 |
| 482 | 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB |
| 483 | B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 |
| 484 | 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 |
| 485 | 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 |
| 486 | 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA |
| 487 | 886B4238 61285C97 FFFFFFFF FFFFFFFF |
| 488 | |
| 489 | The generator is: g = 2 |
| 490 | |
| 491 | The group size is: q = (p-1)/2 |
| 492 | |
| 493 | The hexadecimal representation of q is: |
| 494 | |
| 495 | 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 |
| 496 | EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C |
| 497 | BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 |
| 498 | 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A |
| 499 | CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A |
| 500 | 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD |
| 501 | DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C |
| 502 | 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 |
| 503 | C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 |
| 504 | 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD |
| 505 | 4435A11C 30942E4B FFFFFFFF FFFFFFFF |
| 506 | |
| 507 | The estimated symmetric-equivalent strength of this group is 103 |
| 508 | bits. |
| 509 | */ |
| 510 | static const char dh_ffdhe2048_pem[] = |
| 511 | "-----BEGIN DH PARAMETERS-----\n" |
| 512 | "MIH+AoH4DfhUWKK7Spqv3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v\n" |
| 513 | "42NjDHXY9oGyAq7EYXrT3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhP\n" |
| 514 | "DHDg5ot34qaJ2vPv6HId8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq\n" |
| 515 | "2rdg1/RoHU9Co945TfSuVu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy\n" |
| 516 | "/pzphYP/jk8SMu7ygYPD/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohr\n" |
| 517 | "QjhhKFyX//////////8CAQI=\n" |
| 518 | "-----END DH PARAMETERS-----\n"; |
| 519 | |
| 520 | /* |
| 521 | A.2. ffdhe3072 |
| 522 | |
| 523 | The 3072-bit prime has registry value 257 and is calculated from the |
| 524 | following formula: |
| 525 | |
| 526 | The modulus is: |
| 527 | |
| 528 | p = 2^3072 - 2^3008 + {[2^2942 * e] + 2625351} * 2^64 - 1 |
| 529 | |
| 530 | The hexadecimal representation of p is: |
| 531 | |
| 532 | FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 |
| 533 | D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 |
| 534 | 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 |
| 535 | 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 |
| 536 | 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 |
| 537 | 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB |
| 538 | B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 |
| 539 | 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 |
| 540 | 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 |
| 541 | 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA |
| 542 | 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 |
| 543 | 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C |
| 544 | AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 |
| 545 | 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D |
| 546 | ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF |
| 547 | 3C1B20EE 3FD59D7C 25E41D2B 66C62E37 FFFFFFFF FFFFFFFF |
| 548 | |
| 549 | The generator is: g = 2 |
| 550 | |
| 551 | The group size is: q = (p-1)/2 |
| 552 | |
| 553 | The hexadecimal representation of q is: |
| 554 | |
| 555 | 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 |
| 556 | EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C |
| 557 | BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 |
| 558 | 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A |
| 559 | CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A |
| 560 | 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD |
| 561 | DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C |
| 562 | 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 |
| 563 | C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 |
| 564 | 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD |
| 565 | 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C |
| 566 | 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E |
| 567 | 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 |
| 568 | B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 |
| 569 | D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 |
| 570 | 9E0D9077 1FEACEBE 12F20E95 B363171B FFFFFFFF FFFFFFFF |
| 571 | |
| 572 | The estimated symmetric-equivalent strength of this group is 125 |
| 573 | bits. |
| 574 | */ |
| 575 | static const char dh_ffdhe3072_pem[] = |
| 576 | "-----BEGIN DH PARAMETERS-----\n" |
| 577 | "MIIBiAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" |
| 578 | "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" |
| 579 | "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" |
| 580 | "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" |
| 581 | "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" |
| 582 | "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" |
| 583 | "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" |
| 584 | "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu\n" |
| 585 | "N///////////AgEC\n" |
| 586 | "-----END DH PARAMETERS-----\n"; |
| 587 | |
| 588 | /* |
| 589 | A.3. ffdhe4096 |
| 590 | |
| 591 | The 4096-bit group has registry value 258 and is calculated from the |
| 592 | following formula: |
| 593 | |
| 594 | The modulus is: |
| 595 | |
| 596 | p = 2^4096 - 2^4032 + {[2^3966 * e] + 5736041} * 2^64 - 1 |
| 597 | |
| 598 | The hexadecimal representation of p is: |
| 599 | |
| 600 | FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 |
| 601 | D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 |
| 602 | 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 |
| 603 | 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 |
| 604 | 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 |
| 605 | 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB |
| 606 | B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 |
| 607 | 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 |
| 608 | 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 |
| 609 | 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA |
| 610 | 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 |
| 611 | 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C |
| 612 | AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 |
| 613 | 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D |
| 614 | ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF |
| 615 | 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB |
| 616 | 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 |
| 617 | 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 |
| 618 | A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A |
| 619 | 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF |
| 620 | 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E655F6A |
| 621 | FFFFFFFF FFFFFFFF |
| 622 | |
| 623 | The generator is: g = 2 |
| 624 | |
| 625 | The group size is: q = (p-1)/2 |
| 626 | |
| 627 | The hexadecimal representation of q is: |
| 628 | |
| 629 | 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 |
| 630 | EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C |
| 631 | BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 |
| 632 | 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A |
| 633 | CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A |
| 634 | 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD |
| 635 | DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C |
| 636 | 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 |
| 637 | C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 |
| 638 | 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD |
| 639 | 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C |
| 640 | 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E |
| 641 | 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 |
| 642 | B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 |
| 643 | D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 |
| 644 | 9E0D9077 1FEACEBE 12F20E95 B34F0F78 B737A961 8B26FA7D |
| 645 | BC9874F2 72C42BDB 563EAFA1 6B4FB68C 3BB1E78E AA81A002 |
| 646 | 43FAADD2 BF18E63D 389AE443 77DA18C5 76B50F00 96CF3419 |
| 647 | 5483B005 48C09862 36E3BC7C B8D6801C 0494CCD1 99E5C5BD |
| 648 | 0D0EDC9E B8A0001E 15276754 FCC68566 054148E6 E764BEE7 |
| 649 | C764DAAD 3FC45235 A6DAD428 FA20C170 E345003F 2F32AFB5 |
| 650 | 7FFFFFFF FFFFFFFF |
| 651 | |
| 652 | The estimated symmetric-equivalent strength of this group is 150 |
| 653 | bits. |
| 654 | */ |
| 655 | static const char dh_ffdhe4096_pem[] = |
| 656 | "-----BEGIN DH PARAMETERS-----\n" |
| 657 | "MIICCAKCAgEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" |
| 658 | "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" |
| 659 | "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" |
| 660 | "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" |
| 661 | "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" |
| 662 | "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" |
| 663 | "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" |
| 664 | "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e\n" |
| 665 | "8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx\n" |
| 666 | "iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K\n" |
| 667 | "zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eZV9q//////////8CAQI=\n" |
| 668 | "-----END DH PARAMETERS-----\n"; |
| 669 | |
| 670 | /* |
| 671 | A.4. ffdhe6144 |
| 672 | |
| 673 | The 6144-bit group has registry value 259 and is calculated from the |
| 674 | following formula: |
| 675 | |
| 676 | The modulus is: |
| 677 | |
| 678 | p = 2^6144 - 2^6080 + {[2^6014 * e] + 15705020} * 2^64 - 1 |
| 679 | |
| 680 | The hexadecimal representation of p is: |
| 681 | |
| 682 | FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 |
| 683 | D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 |
| 684 | 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 |
| 685 | 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 |
| 686 | 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 |
| 687 | 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB |
| 688 | B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 |
| 689 | 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 |
| 690 | 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 |
| 691 | 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA |
| 692 | 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 |
| 693 | 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C |
| 694 | AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 |
| 695 | 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D |
| 696 | ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF |
| 697 | 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB |
| 698 | 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 |
| 699 | 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 |
| 700 | A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A |
| 701 | 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF |
| 702 | 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E0DD902 |
| 703 | 0BFD64B6 45036C7A 4E677D2C 38532A3A 23BA4442 CAF53EA6 |
| 704 | 3BB45432 9B7624C8 917BDD64 B1C0FD4C B38E8C33 4C701C3A |
| 705 | CDAD0657 FCCFEC71 9B1F5C3E 4E46041F 388147FB 4CFDB477 |
| 706 | A52471F7 A9A96910 B855322E DB6340D8 A00EF092 350511E3 |
| 707 | 0ABEC1FF F9E3A26E 7FB29F8C 183023C3 587E38DA 0077D9B4 |
| 708 | 763E4E4B 94B2BBC1 94C6651E 77CAF992 EEAAC023 2A281BF6 |
| 709 | B3A739C1 22611682 0AE8DB58 47A67CBE F9C9091B 462D538C |
| 710 | D72B0374 6AE77F5E 62292C31 1562A846 505DC82D B854338A |
| 711 | E49F5235 C95B9117 8CCF2DD5 CACEF403 EC9D1810 C6272B04 |
| 712 | 5B3B71F9 DC6B80D6 3FDD4A8E 9ADB1E69 62A69526 D43161C1 |
| 713 | A41D570D 7938DAD4 A40E329C D0E40E65 FFFFFFFF FFFFFFFF |
| 714 | |
| 715 | The generator is: g = 2 |
| 716 | |
| 717 | The group size is: q = (p-1)/2 |
| 718 | |
| 719 | The hexadecimal representation of q is: |
| 720 | |
| 721 | 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 |
| 722 | EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C |
| 723 | BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 |
| 724 | 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A |
| 725 | CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A |
| 726 | 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD |
| 727 | DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C |
| 728 | 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 |
| 729 | C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 |
| 730 | 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD |
| 731 | 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C |
| 732 | 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E |
| 733 | 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 |
| 734 | B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 |
| 735 | D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 |
| 736 | 9E0D9077 1FEACEBE 12F20E95 B34F0F78 B737A961 8B26FA7D |
| 737 | BC9874F2 72C42BDB 563EAFA1 6B4FB68C 3BB1E78E AA81A002 |
| 738 | 43FAADD2 BF18E63D 389AE443 77DA18C5 76B50F00 96CF3419 |
| 739 | 5483B005 48C09862 36E3BC7C B8D6801C 0494CCD1 99E5C5BD |
| 740 | 0D0EDC9E B8A0001E 15276754 FCC68566 054148E6 E764BEE7 |
| 741 | C764DAAD 3FC45235 A6DAD428 FA20C170 E345003F 2F06EC81 |
| 742 | 05FEB25B 2281B63D 2733BE96 1C29951D 11DD2221 657A9F53 |
| 743 | 1DDA2A19 4DBB1264 48BDEEB2 58E07EA6 59C74619 A6380E1D |
| 744 | 66D6832B FE67F638 CD8FAE1F 2723020F 9C40A3FD A67EDA3B |
| 745 | D29238FB D4D4B488 5C2A9917 6DB1A06C 50077849 1A8288F1 |
| 746 | 855F60FF FCF1D137 3FD94FC6 0C1811E1 AC3F1C6D 003BECDA |
| 747 | 3B1F2725 CA595DE0 CA63328F 3BE57CC9 77556011 95140DFB |
| 748 | 59D39CE0 91308B41 05746DAC 23D33E5F 7CE4848D A316A9C6 |
| 749 | 6B9581BA 3573BFAF 31149618 8AB15423 282EE416 DC2A19C5 |
| 750 | 724FA91A E4ADC88B C66796EA E5677A01 F64E8C08 63139582 |
| 751 | 2D9DB8FC EE35C06B 1FEEA547 4D6D8F34 B1534A93 6A18B0E0 |
| 752 | D20EAB86 BC9C6D6A 5207194E 68720732 FFFFFFFF FFFFFFFF |
| 753 | |
| 754 | The estimated symmetric-equivalent strength of this group is 175 |
| 755 | bits. |
| 756 | */ |
| 757 | static const char dh_ffdhe6144_pem[] = |
| 758 | "-----BEGIN DH PARAMETERS-----\n" |
| 759 | "MIIDCAKCAwEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" |
| 760 | "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" |
| 761 | "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" |
| 762 | "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" |
| 763 | "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" |
| 764 | "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" |
| 765 | "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" |
| 766 | "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e\n" |
| 767 | "8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx\n" |
| 768 | "iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K\n" |
| 769 | "zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq\n" |
| 770 | "OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE\n" |
| 771 | "HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj\n" |
| 772 | "w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8\n" |
| 773 | "vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70\n" |
| 774 | "A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKc0OQO\n" |
| 775 | "Zf//////////AgEC\n" |
| 776 | "-----END DH PARAMETERS-----\n"; |
| 777 | |
| 778 | /* |
| 779 | A.5. ffdhe8192 |
| 780 | |
| 781 | The 8192-bit group has registry value 260 and is calculated from the |
| 782 | following formula: |
| 783 | |
| 784 | The modulus is: |
| 785 | |
| 786 | p = 2^8192 - 2^8128 + {[2^8062 * e] + 10965728} * 2^64 - 1 |
| 787 | |
| 788 | The hexadecimal representation of p is: |
| 789 | |
| 790 | FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 |
| 791 | D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 |
| 792 | 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 |
| 793 | 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 |
| 794 | 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 |
| 795 | 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB |
| 796 | B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 |
| 797 | 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 |
| 798 | 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 |
| 799 | 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA |
| 800 | 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 |
| 801 | 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C |
| 802 | AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 |
| 803 | 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D |
| 804 | ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF |
| 805 | 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB |
| 806 | 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 |
| 807 | 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 |
| 808 | A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A |
| 809 | 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF |
| 810 | 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E0DD902 |
| 811 | 0BFD64B6 45036C7A 4E677D2C 38532A3A 23BA4442 CAF53EA6 |
| 812 | 3BB45432 9B7624C8 917BDD64 B1C0FD4C B38E8C33 4C701C3A |
| 813 | CDAD0657 FCCFEC71 9B1F5C3E 4E46041F 388147FB 4CFDB477 |
| 814 | A52471F7 A9A96910 B855322E DB6340D8 A00EF092 350511E3 |
| 815 | 0ABEC1FF F9E3A26E 7FB29F8C 183023C3 587E38DA 0077D9B4 |
| 816 | 763E4E4B 94B2BBC1 94C6651E 77CAF992 EEAAC023 2A281BF6 |
| 817 | B3A739C1 22611682 0AE8DB58 47A67CBE F9C9091B 462D538C |
| 818 | D72B0374 6AE77F5E 62292C31 1562A846 505DC82D B854338A |
| 819 | E49F5235 C95B9117 8CCF2DD5 CACEF403 EC9D1810 C6272B04 |
| 820 | 5B3B71F9 DC6B80D6 3FDD4A8E 9ADB1E69 62A69526 D43161C1 |
| 821 | A41D570D 7938DAD4 A40E329C CFF46AAA 36AD004C F600C838 |
| 822 | 1E425A31 D951AE64 FDB23FCE C9509D43 687FEB69 EDD1CC5E |
| 823 | 0B8CC3BD F64B10EF 86B63142 A3AB8829 555B2F74 7C932665 |
| 824 | CB2C0F1C C01BD702 29388839 D2AF05E4 54504AC7 8B758282 |
| 825 | 2846C0BA 35C35F5C 59160CC0 46FD8251 541FC68C 9C86B022 |
| 826 | BB709987 6A460E74 51A8A931 09703FEE 1C217E6C 3826E52C |
| 827 | 51AA691E 0E423CFC 99E9E316 50C1217B 624816CD AD9A95F9 |
| 828 | D5B80194 88D9C0A0 A1FE3075 A577E231 83F81D4A 3F2FA457 |
| 829 | 1EFC8CE0 BA8A4FE8 B6855DFE 72B0A66E DED2FBAB FBE58A30 |
| 830 | FAFABE1C 5D71A87E 2F741EF8 C1FE86FE A6BBFDE5 30677F0D |
| 831 | 97D11D49 F7A8443D 0822E506 A9F4614E 011E2A94 838FF88C |
| 832 | D68C8BB7 C5C6424C FFFFFFFF FFFFFFFF |
| 833 | |
| 834 | The generator is: g = 2 |
| 835 | |
| 836 | The group size is: q = (p-1)/2 |
| 837 | |
| 838 | The hexadecimal representation of q is: |
| 839 | |
| 840 | 7FFFFFFF FFFFFFFF D6FC2A2C 515DA54D 57EE2B10 139E9E78 |
| 841 | EC5CE2C1 E7169B4A D4F09B20 8A3219FD E649CEE7 124D9F7C |
| 842 | BE97F1B1 B1863AEC 7B40D901 576230BD 69EF8F6A EAFEB2B0 |
| 843 | 9219FA8F AF833768 42B1B2AA 9EF68D79 DAAB89AF 3FABE49A |
| 844 | CC278638 707345BB F15344ED 79F7F439 0EF8AC50 9B56F39A |
| 845 | 98566527 A41D3CBD 5E0558C1 59927DB0 E88454A5 D96471FD |
| 846 | DCB56D5B B06BFA34 0EA7A151 EF1CA6FA 572B76F3 B1B95D8C |
| 847 | 8583D3E4 770536B8 4F017E70 E6FBF176 601A0266 941A17B0 |
| 848 | C8B97F4E 74C2C1FF C7278919 777940C1 E1FF1D8D A637D6B9 |
| 849 | 9DDAFE5E 17611002 E2C778C1 BE8B41D9 6379A513 60D977FD |
| 850 | 4435A11C 308FE7EE 6F1AAD9D B28C81AD DE1A7A6F 7CCE011C |
| 851 | 30DA37E4 EB736483 BD6C8E93 48FBFBF7 2CC6587D 60C36C8E |
| 852 | 577F0984 C289C938 5A098649 DE21BCA2 7A7EA229 716BA6E9 |
| 853 | B279710F 38FAA5FF AE574155 CE4EFB4F 743695E2 911B1D06 |
| 854 | D5E290CB CD86F56D 0EDFCD21 6AE22427 055E6835 FD29EEF7 |
| 855 | 9E0D9077 1FEACEBE 12F20E95 B34F0F78 B737A961 8B26FA7D |
| 856 | BC9874F2 72C42BDB 563EAFA1 6B4FB68C 3BB1E78E AA81A002 |
| 857 | 43FAADD2 BF18E63D 389AE443 77DA18C5 76B50F00 96CF3419 |
| 858 | 5483B005 48C09862 36E3BC7C B8D6801C 0494CCD1 99E5C5BD |
| 859 | 0D0EDC9E B8A0001E 15276754 FCC68566 054148E6 E764BEE7 |
| 860 | C764DAAD 3FC45235 A6DAD428 FA20C170 E345003F 2F06EC81 |
| 861 | 05FEB25B 2281B63D 2733BE96 1C29951D 11DD2221 657A9F53 |
| 862 | 1DDA2A19 4DBB1264 48BDEEB2 58E07EA6 59C74619 A6380E1D |
| 863 | 66D6832B FE67F638 CD8FAE1F 2723020F 9C40A3FD A67EDA3B |
| 864 | D29238FB D4D4B488 5C2A9917 6DB1A06C 50077849 1A8288F1 |
| 865 | 855F60FF FCF1D137 3FD94FC6 0C1811E1 AC3F1C6D 003BECDA |
| 866 | 3B1F2725 CA595DE0 CA63328F 3BE57CC9 77556011 95140DFB |
| 867 | 59D39CE0 91308B41 05746DAC 23D33E5F 7CE4848D A316A9C6 |
| 868 | 6B9581BA 3573BFAF 31149618 8AB15423 282EE416 DC2A19C5 |
| 869 | 724FA91A E4ADC88B C66796EA E5677A01 F64E8C08 63139582 |
| 870 | 2D9DB8FC EE35C06B 1FEEA547 4D6D8F34 B1534A93 6A18B0E0 |
| 871 | D20EAB86 BC9C6D6A 5207194E 67FA3555 1B568026 7B00641C |
| 872 | 0F212D18 ECA8D732 7ED91FE7 64A84EA1 B43FF5B4 F6E8E62F |
| 873 | 05C661DE FB258877 C35B18A1 51D5C414 AAAD97BA 3E499332 |
| 874 | E596078E 600DEB81 149C441C E95782F2 2A282563 C5BAC141 |
| 875 | 1423605D 1AE1AFAE 2C8B0660 237EC128 AA0FE346 4E435811 |
| 876 | 5DB84CC3 B523073A 28D45498 84B81FF7 0E10BF36 1C137296 |
| 877 | 28D5348F 07211E7E 4CF4F18B 286090BD B1240B66 D6CD4AFC |
| 878 | EADC00CA 446CE050 50FF183A D2BBF118 C1FC0EA5 1F97D22B |
| 879 | 8F7E4670 5D4527F4 5B42AEFF 39585337 6F697DD5 FDF2C518 |
| 880 | 7D7D5F0E 2EB8D43F 17BA0F7C 60FF437F 535DFEF2 9833BF86 |
| 881 | CBE88EA4 FBD4221E 84117283 54FA30A7 008F154A 41C7FC46 |
| 882 | 6B4645DB E2E32126 7FFFFFFF FFFFFFFF |
| 883 | |
| 884 | The estimated symmetric-equivalent strength of this group is 192 |
| 885 | bits. |
| 886 | */ |
| 887 | static const char dh_ffdhe8192_pem[] = |
| 888 | "-----BEGIN DH PARAMETERS-----\n" |
| 889 | "MIIECAKCBAEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" |
| 890 | "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" |
| 891 | "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" |
| 892 | "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" |
| 893 | "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" |
| 894 | "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" |
| 895 | "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" |
| 896 | "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e\n" |
| 897 | "8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx\n" |
| 898 | "iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K\n" |
| 899 | "zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq\n" |
| 900 | "OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE\n" |
| 901 | "HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj\n" |
| 902 | "w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8\n" |
| 903 | "vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70\n" |
| 904 | "A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKcz/Rq\n" |
| 905 | "qjatAEz2AMg4HkJaMdlRrmT9sj/OyVCdQ2h/62nt0cxeC4zDvfZLEO+GtjFCo6uI\n" |
| 906 | "KVVbL3R8kyZlyywPHMAb1wIpOIg50q8F5FRQSseLdYKCKEbAujXDX1xZFgzARv2C\n" |
| 907 | "UVQfxoychrAiu3CZh2pGDnRRqKkxCXA/7hwhfmw4JuUsUappHg5CPPyZ6eMWUMEh\n" |
| 908 | "e2JIFs2tmpX51bgBlIjZwKCh/jB1pXfiMYP4HUo/L6RXHvyM4LqKT+i2hV3+crCm\n" |
| 909 | "bt7S+6v75Yow+vq+HF1xqH4vdB74wf6G/qa7/eUwZ38Nl9EdSfeoRD0IIuUGqfRh\n" |
| 910 | "TgEeKpSDj/iM1oyLt8XGQkz//////////wIBAg==\n" |
| 911 | "-----END DH PARAMETERS-----\n"; |
| 912 | |
| 913 | /* ========================================================================= */ |
| 914 | |
| 915 | /* |
| 916 | * Generated by Phil as a non-standard option. |
| 917 | * openssl dhparam -2 2048 |
| 918 | * No provenance to prove non-tampering available, beyond trusting that this |
| 919 | * developer generated this as stated above. |
| 920 | */ |
| 921 | |
| 922 | /* MacOSX 10.10.5 invoking system OpenSSL 0.9.8zg */ |
| 923 | static const char dh_exim_20160529_1[] = |
| 924 | "-----BEGIN DH PARAMETERS-----\n" |
| 925 | "MIIBCAKCAQEA8ZMf89Gaye4bDEX1BXZ9+2edkXym9EK0GxmFilHEGpnhgLNmCk+H\n" |
| 926 | "cCb+zn8Ed5bpCOmRuEv9N/VKPjSpno8jYiQbFgUL3vh8uKvQLJNTzDVDbpd3YO7E\n" |
| 927 | "tiS0L0qWL57zIf8b3VZTMRsH4Orz2Rla61wVl6XpxE5WRfGqPS264Vvfew7xmCoi\n" |
| 928 | "INaFzIU6zwk2WeD6K5asctYlQG/UtgY1nRFkQTebIOpm03a6/hw7F14l3yUZgXfv\n" |
| 929 | "I3m4MFaWvxGcuZxddTijXw3VfjMdWvdH3Iz7IcqD32uEzK6Rgi/t4OVSw1kE2oDt\n" |
| 930 | "cFThPUCWb7O4TVq9Xt2UZqZFNU6kUAkv2wIBAg==\n" |
| 931 | "-----END DH PARAMETERS-----\n"; |
| 932 | |
| 933 | /* MacOSX 10.10.5 invoking OpenSSL 1.0.2h installed from brew bottle */ |
| 934 | static const char dh_exim_20160529_2[] = |
| 935 | "-----BEGIN DH PARAMETERS-----\n" |
| 936 | "MIIBCAKCAQEAot84eqyfSb5l8GRCN2ioWP5T85Z/2lVX9A9r9JzwDfvliAAqm6Vp\n" |
| 937 | "UcHdAfVt54kc8DsmLiHdDhxY1I/wo+DcBylfVx13cmkroAocowOD5dwQMYk6iXjV\n" |
| 938 | "ys4heRJhYlAHgt8QZH8dA8c/HLs+rlAHhSUPnetsZmcoPE0LRsjigJsiVXasm+sl\n" |
| 939 | "g/77u5FCkgSrFILcD9PLPto1ciIXp2y8cjXQDk+D9FH1HaSCXLCLkuHxhQXxjTYO\n" |
| 940 | "C3Q53aNLkDJ4zpPt7Kc9NxQFBVlNc260IFDOHTWhgV2zpyG6oIzQoHSmmiLAAfcF\n" |
| 941 | "HrG7I06uZBLjuNGGaM0eeuxHNhs2G2EduwIBAg==\n" |
| 942 | "-----END DH PARAMETERS-----\n"; |
| 943 | |
| 944 | /* Ubuntu 14.04.4 running on dual-core Atom D2500 with OneRNG entropy key */ |
| 945 | static const char dh_exim_20160529_3[] = |
| 946 | "-----BEGIN DH PARAMETERS-----\n" |
| 947 | "MIIBCAKCAQEAkbRYVoge2PtrmV1eKCKluSBFELgckuLSnkuH0TffqbmfoYM34lFu\n" |
| 948 | "2vPM2LhnzKvEBQlIICOTzQD29kROacRfSKpsNINRXhXKUqI6sFXzUZu4Flk69XKG\n" |
| 949 | "ZOSDYvWkI5pSn1amQ4Nnvn6s+uwn/f0ZDZDiKLW9TgntxJV4A2+yeymaeoGCbIXX\n" |
| 950 | "5q8WgajFhAeut36RL93HBnXT1hT7Eja1Y81w9fOzQrwBuXhyfCkAdiMA/VCp0UD4\n" |
| 951 | "0p7uf+okpckVnwD6WnUCHMij8nGlVblZELFYzNi0udtzIrSwlALbZXIeAqhbZXJO\n" |
| 952 | "lCuYspJhzV0Vs0lDJwrxvNwtdg1ernVIowIBAg==\n" |
| 953 | "-----END DH PARAMETERS-----\n"; |
| 954 | |
| 955 | /* ========================================================================= */ |
| 956 | |
| 957 | struct dh_constant { |
| 958 | const char *label; |
| 959 | const char *pem; |
| 960 | }; |
| 961 | |
| 962 | /* KEEP SORTED ALPHABETICALLY; |
| 963 | * duplicate PEM are okay, if we want aliases, but names must be alphabetical */ |
| 964 | static struct dh_constant dh_constants[] = { |
| 965 | /* label pem */ |
| 966 | { "default", dh_exim_20160529_3 }, |
| 967 | { "exim.dev.20160529.1", dh_exim_20160529_1 }, |
| 968 | { "exim.dev.20160529.2", dh_exim_20160529_2 }, |
| 969 | { "exim.dev.20160529.3", dh_exim_20160529_3 }, |
| 970 | { "ffdhe2048", dh_ffdhe2048_pem }, |
| 971 | { "ffdhe3072", dh_ffdhe3072_pem }, |
| 972 | { "ffdhe4096", dh_ffdhe4096_pem }, |
| 973 | { "ffdhe6144", dh_ffdhe6144_pem }, |
| 974 | { "ffdhe8192", dh_ffdhe8192_pem }, |
| 975 | { "ike1", dh_ike_1_pem }, |
| 976 | { "ike14", dh_ike_14_pem }, |
| 977 | { "ike15", dh_ike_15_pem }, |
| 978 | { "ike16", dh_ike_16_pem }, |
| 979 | { "ike17", dh_ike_17_pem }, |
| 980 | { "ike18", dh_ike_18_pem }, |
| 981 | { "ike2", dh_ike_2_pem }, |
| 982 | { "ike22", dh_ike_22_pem }, |
| 983 | { "ike23", dh_ike_23_pem }, |
| 984 | { "ike24", dh_ike_24_pem }, |
| 985 | { "ike5", dh_ike_5_pem }, |
| 986 | }; |
| 987 | static const int dh_constants_count = |
| 988 | sizeof(dh_constants) / sizeof(struct dh_constant); |
| 989 | |
| 990 | |
| 991 | /* A policy decision; in absence of any other data, use a 2048 bit prime, |
| 992 | * pick the first one from the latest RFC providing such. */ |
| 993 | const char * |
| 994 | std_dh_prime_default(void) |
| 995 | { |
| 996 | return dh_ike_23_pem; |
| 997 | } |
| 998 | |
| 999 | |
| 1000 | const char * |
| 1001 | std_dh_prime_named(const uschar *name) |
| 1002 | { |
| 1003 | int first, last; |
| 1004 | char *search_name = CS string_copylc(US name); |
| 1005 | |
| 1006 | first = 0; |
| 1007 | last = dh_constants_count; |
| 1008 | while (last > first) { |
| 1009 | int middle = (first + last)/2; |
| 1010 | int c = strcmp(search_name, dh_constants[middle].label); |
| 1011 | if (c == 0) |
| 1012 | return dh_constants[middle].pem; |
| 1013 | else if (c > 0) |
| 1014 | first = middle + 1; |
| 1015 | else |
| 1016 | last = middle; |
| 1017 | } |
| 1018 | return NULL; |
| 1019 | } |
| 1020 | |
| 1021 | #endif /*DISABLE_TLS*/ |
| 1022 | /* EOF */ |