rpms
/
gnutls
7
0
Fork 0
Code Issues Pull Requests Releases Activity
gnutls/SOURCES/gnutls-3.6.14-fips-dh-prime...

1844 lines
79 KiB
Diff
Raw Blame History

From 481e48f3236be42ff1fcb96f96c4efcbb2b69242 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 26 Jun 2020 09:43:02 +0200
Subject: [PATCH 1/2] dh-primes: add MODP primes from RFC 3526
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/dh-primes.c | 933 ++++++++++++++++++++++++++++++++++++++++++++++++
lib/dh.h | 29 ++
2 files changed, 962 insertions(+)
diff --git a/lib/dh-primes.c b/lib/dh-primes.c
index d785584d0..5d2dce0fb 100644
--- a/lib/dh-primes.c
+++ b/lib/dh-primes.c
@@ -960,4 +960,937 @@ const gnutls_datum_t gnutls_ffdhe_8192_group_generator = {
};
const unsigned int gnutls_ffdhe_8192_key_bits = 512;
+static const unsigned char modp_generator = 0x02;
+
+static const unsigned char modp_params_2048[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+ 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char modp_q_2048[] = {
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+ 0x56, 0x55, 0x34, 0x7F, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_2048_group_prime = {
+ (void *) modp_params_2048, sizeof(modp_params_2048)
+};
+const gnutls_datum_t gnutls_modp_2048_group_q = {
+ (void *) modp_q_2048, sizeof(modp_q_2048)
+};
+const gnutls_datum_t gnutls_modp_2048_group_generator = {
+ (void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_2048_key_bits = 256;
+
+static const unsigned char modp_params_3072[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+ 0x20, 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char modp_q_3072[] = {
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+ 0x90, 0x54, 0x9D, 0x69, 0x65, 0x7F, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_3072_group_prime = {
+ (void *) modp_params_3072, sizeof(modp_params_3072)
+};
+const gnutls_datum_t gnutls_modp_3072_group_q = {
+ (void *) modp_q_3072, sizeof(modp_q_3072)
+};
+const gnutls_datum_t gnutls_modp_3072_group_generator = {
+ (void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_3072_key_bits = 276;
+
+static const unsigned char modp_params_4096[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+ 0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72,
+ 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88,
+ 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2,
+ 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15,
+ 0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A,
+ 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+ 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC,
+ 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C,
+ 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99,
+ 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+ 0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2,
+ 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21,
+ 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27,
+ 0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA,
+ 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF,
+ 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D,
+ 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF
+};
+
+static const unsigned char modp_q_4096[] = {
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+ 0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39,
+ 0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4,
+ 0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93,
+ 0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71,
+ 0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A,
+ 0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15,
+ 0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D,
+ 0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E,
+ 0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E,
+ 0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC,
+ 0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1,
+ 0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3,
+ 0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71,
+ 0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10,
+ 0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93,
+ 0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75,
+ 0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F,
+ 0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6,
+ 0xFA, 0x1A, 0xE4, 0x9A, 0x03, 0x18, 0xCC,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_4096_group_prime = {
+ (void *) modp_params_4096, sizeof(modp_params_4096)
+};
+const gnutls_datum_t gnutls_modp_4096_group_q = {
+ (void *) modp_q_4096, sizeof(modp_q_4096)
+};
+const gnutls_datum_t gnutls_modp_4096_group_generator = {
+ (void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_4096_key_bits = 336;
+
+static const unsigned char modp_params_6144[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+ 0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72,
+ 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88,
+ 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2,
+ 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15,
+ 0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A,
+ 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+ 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC,
+ 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C,
+ 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99,
+ 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+ 0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2,
+ 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21,
+ 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27,
+ 0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA,
+ 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF,
+ 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D,
+ 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+ 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70,
+ 0x26, 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26,
+ 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D,
+ 0xBA, 0x37, 0xBD, 0xF8, 0xFF, 0x94, 0x06,
+ 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38,
+ 0x2F, 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A,
+ 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 0x17,
+ 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
+ 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14,
+ 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4,
+ 0xBB, 0x1B, 0xDB, 0x7F, 0x14, 0x47, 0xE6,
+ 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
+ 0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4,
+ 0x01, 0x37, 0x8C, 0xD2, 0xBF, 0x59, 0x83,
+ 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0,
+ 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
+ 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE,
+ 0xF6, 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98,
+ 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, 0x90,
+ 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F,
+ 0xBE, 0xC7, 0xE8, 0xF3, 0x23, 0xA9, 0x7A,
+ 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D,
+ 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 0x4B,
+ 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+ 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1,
+ 0xD8, 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80,
+ 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2,
+ 0x9B, 0xE3, 0x28, 0x06, 0xA1, 0xD5, 0x8B,
+ 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA,
+ 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19,
+ 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 0xDA,
+ 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
+ 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04,
+ 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48,
+ 0x60, 0xEE, 0x12, 0xBF, 0x2D, 0x5B, 0x0B,
+ 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
+ 0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char modp_q_6144[] = {
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+ 0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39,
+ 0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4,
+ 0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93,
+ 0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71,
+ 0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A,
+ 0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15,
+ 0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D,
+ 0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E,
+ 0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E,
+ 0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC,
+ 0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1,
+ 0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3,
+ 0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71,
+ 0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10,
+ 0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93,
+ 0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75,
+ 0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F,
+ 0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6,
+ 0xFA, 0x1A, 0xE4, 0x9A, 0x01, 0x42, 0x49,
+ 0x1B, 0x61, 0xFD, 0x5A, 0x69, 0x3E, 0x38,
+ 0x13, 0x60, 0xEA, 0x6E, 0x59, 0x30, 0x13,
+ 0x23, 0x6F, 0x64, 0xBA, 0x8F, 0x3B, 0x1E,
+ 0xDD, 0x1B, 0xDE, 0xFC, 0x7F, 0xCA, 0x03,
+ 0x56, 0xCF, 0x29, 0x87, 0x72, 0xED, 0x9C,
+ 0x17, 0xA0, 0x98, 0x00, 0xD7, 0x58, 0x35,
+ 0x29, 0xF6, 0xC8, 0x13, 0xEC, 0x18, 0x8B,
+ 0xCB, 0x93, 0xD8, 0x43, 0x2D, 0x44, 0x8C,
+ 0x6D, 0x1F, 0x6D, 0xF5, 0xE7, 0xCD, 0x8A,
+ 0x76, 0xA2, 0x67, 0x36, 0x5D, 0x67, 0x6A,
+ 0x5D, 0x8D, 0xED, 0xBF, 0x8A, 0x23, 0xF3,
+ 0x66, 0x12, 0xA5, 0x99, 0x90, 0x28, 0xA8,
+ 0x95, 0xEB, 0xD7, 0xA1, 0x37, 0xDC, 0x7A,
+ 0x00, 0x9B, 0xC6, 0x69, 0x5F, 0xAC, 0xC1,
+ 0xE5, 0x00, 0xE3, 0x25, 0xC9, 0x76, 0x78,
+ 0x19, 0x75, 0x0A, 0xE8, 0xB9, 0x0E, 0x81,
+ 0xFA, 0x41, 0x6B, 0xE7, 0x37, 0x3A, 0x7F,
+ 0x7B, 0x6A, 0xAF, 0x38, 0x17, 0xA3, 0x4C,
+ 0x06, 0x41, 0x5A, 0xD4, 0x20, 0x18, 0xC8,
+ 0x05, 0x8E, 0x4F, 0x2C, 0xF3, 0xE4, 0xBF,
+ 0xDF, 0x63, 0xF4, 0x79, 0x91, 0xD4, 0xBD,
+ 0x3F, 0x1B, 0x66, 0x44, 0x5F, 0x07, 0x8E,
+ 0xA2, 0xDB, 0xFF, 0xAC, 0x2D, 0x62, 0xA5,
+ 0xEA, 0x03, 0xD9, 0x15, 0xA0, 0xAA, 0x55,
+ 0x66, 0x47, 0xB6, 0xBF, 0x5F, 0xA4, 0x70,
+ 0xEC, 0x0A, 0x66, 0x2F, 0x69, 0x07, 0xC0,
+ 0x1B, 0xF0, 0x53, 0xCB, 0x8A, 0xF7, 0x79,
+ 0x4D, 0xF1, 0x94, 0x03, 0x50, 0xEA, 0xC5,
+ 0xDB, 0xE2, 0xED, 0x3B, 0x7A, 0xA8, 0x55,
+ 0x1E, 0xC5, 0x0F, 0xDF, 0xF8, 0x75, 0x8C,
+ 0xE6, 0x58, 0xD1, 0x89, 0xEA, 0xAE, 0x6D,
+ 0x2B, 0x64, 0xF6, 0x17, 0x79, 0x4B, 0x19,
+ 0x1C, 0x3F, 0xF4, 0x6B, 0xB7, 0x1E, 0x02,
+ 0x34, 0x02, 0x1F, 0x47, 0xB3, 0x1F, 0xA4,
+ 0x30, 0x77, 0x09, 0x5F, 0x96, 0xAD, 0x85,
+ 0xBA, 0x3A, 0x6B, 0x73, 0x4A, 0x7C, 0x8F,
+ 0x36, 0xE6, 0x20, 0x12, 0x7F, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_6144_group_prime = {
+ (void *) modp_params_6144, sizeof(modp_params_6144)
+};
+const gnutls_datum_t gnutls_modp_6144_group_q = {
+ (void *) modp_q_6144, sizeof(modp_q_6144)
+};
+const gnutls_datum_t gnutls_modp_6144_group_generator = {
+ (void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_6144_key_bits = 376;
+
+static const unsigned char modp_params_8192[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+ 0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72,
+ 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88,
+ 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2,
+ 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15,
+ 0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A,
+ 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+ 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC,
+ 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C,
+ 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99,
+ 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+ 0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2,
+ 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21,
+ 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27,
+ 0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA,
+ 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF,
+ 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D,
+ 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+ 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70,
+ 0x26, 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26,
+ 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D,
+ 0xBA, 0x37, 0xBD, 0xF8, 0xFF, 0x94, 0x06,
+ 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38,
+ 0x2F, 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A,
+ 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 0x17,
+ 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
+ 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14,
+ 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4,
+ 0xBB, 0x1B, 0xDB, 0x7F, 0x14, 0x47, 0xE6,
+ 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
+ 0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4,
+ 0x01, 0x37, 0x8C, 0xD2, 0xBF, 0x59, 0x83,
+ 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0,
+ 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
+ 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE,
+ 0xF6, 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98,
+ 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, 0x90,
+ 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F,
+ 0xBE, 0xC7, 0xE8, 0xF3, 0x23, 0xA9, 0x7A,
+ 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D,
+ 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 0x4B,
+ 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+ 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1,
+ 0xD8, 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80,
+ 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2,
+ 0x9B, 0xE3, 0x28, 0x06, 0xA1, 0xD5, 0x8B,
+ 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA,
+ 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19,
+ 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 0xDA,
+ 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
+ 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04,
+ 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48,
+ 0x60, 0xEE, 0x12, 0xBF, 0x2D, 0x5B, 0x0B,
+ 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
+ 0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92,
+ 0x6F, 0x12, 0xFE, 0xE5, 0xE4, 0x38, 0x77,
+ 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8,
+ 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA,
+ 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3,
+ 0x00, 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC,
+ 0x47, 0xED, 0x25, 0x76, 0xF6, 0x93, 0x6B,
+ 0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C,
+ 0x5A, 0xE4, 0xF5, 0x68, 0x34, 0x23, 0xB4,
+ 0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F,
+ 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D, 0xE3,
+ 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
+ 0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C,
+ 0x07, 0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23,
+ 0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C,
+ 0xEA, 0x30, 0x6B, 0x4B, 0xCB, 0xC8, 0x86,
+ 0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B,
+ 0x7F, 0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68,
+ 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, 0x06,
+ 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6,
+ 0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8,
+ 0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB,
+ 0x6A, 0x36, 0x45, 0x97, 0xE8, 0x99, 0xA0,
+ 0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5,
+ 0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48,
+ 0x19, 0x5D, 0xED, 0x7E, 0xA1, 0xB1, 0xD5,
+ 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA,
+ 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68,
+ 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F,
+ 0x92, 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C,
+ 0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E, 0xD5,
+ 0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6,
+ 0xFC, 0x02, 0x6E, 0x47, 0x95, 0x58, 0xE4,
+ 0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30,
+ 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF, 0xC8,
+ 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
+ 0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3,
+ 0xDF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF
+};
+
+static const unsigned char modp_q_8192[] = {
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+ 0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39,
+ 0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4,
+ 0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93,
+ 0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71,
+ 0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A,
+ 0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15,
+ 0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D,
+ 0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E,
+ 0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E,
+ 0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC,
+ 0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1,
+ 0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3,
+ 0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71,
+ 0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10,
+ 0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93,
+ 0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75,
+ 0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F,
+ 0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6,
+ 0xFA, 0x1A, 0xE4, 0x9A, 0x01, 0x42, 0x49,
+ 0x1B, 0x61, 0xFD, 0x5A, 0x69, 0x3E, 0x38,
+ 0x13, 0x60, 0xEA, 0x6E, 0x59, 0x30, 0x13,
+ 0x23, 0x6F, 0x64, 0xBA, 0x8F, 0x3B, 0x1E,
+ 0xDD, 0x1B, 0xDE, 0xFC, 0x7F, 0xCA, 0x03,
+ 0x56, 0xCF, 0x29, 0x87, 0x72, 0xED, 0x9C,
+ 0x17, 0xA0, 0x98, 0x00, 0xD7, 0x58, 0x35,
+ 0x29, 0xF6, 0xC8, 0x13, 0xEC, 0x18, 0x8B,
+ 0xCB, 0x93, 0xD8, 0x43, 0x2D, 0x44, 0x8C,
+ 0x6D, 0x1F, 0x6D, 0xF5, 0xE7, 0xCD, 0x8A,
+ 0x76, 0xA2, 0x67, 0x36, 0x5D, 0x67, 0x6A,
+ 0x5D, 0x8D, 0xED, 0xBF, 0x8A, 0x23, 0xF3,
+ 0x66, 0x12, 0xA5, 0x99, 0x90, 0x28, 0xA8,
+ 0x95, 0xEB, 0xD7, 0xA1, 0x37, 0xDC, 0x7A,
+ 0x00, 0x9B, 0xC6, 0x69, 0x5F, 0xAC, 0xC1,
+ 0xE5, 0x00, 0xE3, 0x25, 0xC9, 0x76, 0x78,
+ 0x19, 0x75, 0x0A, 0xE8, 0xB9, 0x0E, 0x81,
+ 0xFA, 0x41, 0x6B, 0xE7, 0x37, 0x3A, 0x7F,
+ 0x7B, 0x6A, 0xAF, 0x38, 0x17, 0xA3, 0x4C,
+ 0x06, 0x41, 0x5A, 0xD4, 0x20, 0x18, 0xC8,
+ 0x05, 0x8E, 0x4F, 0x2C, 0xF3, 0xE4, 0xBF,
+ 0xDF, 0x63, 0xF4, 0x79, 0x91, 0xD4, 0xBD,
+ 0x3F, 0x1B, 0x66, 0x44, 0x5F, 0x07, 0x8E,
+ 0xA2, 0xDB, 0xFF, 0xAC, 0x2D, 0x62, 0xA5,
+ 0xEA, 0x03, 0xD9, 0x15, 0xA0, 0xAA, 0x55,
+ 0x66, 0x47, 0xB6, 0xBF, 0x5F, 0xA4, 0x70,
+ 0xEC, 0x0A, 0x66, 0x2F, 0x69, 0x07, 0xC0,
+ 0x1B, 0xF0, 0x53, 0xCB, 0x8A, 0xF7, 0x79,
+ 0x4D, 0xF1, 0x94, 0x03, 0x50, 0xEA, 0xC5,
+ 0xDB, 0xE2, 0xED, 0x3B, 0x7A, 0xA8, 0x55,
+ 0x1E, 0xC5, 0x0F, 0xDF, 0xF8, 0x75, 0x8C,
+ 0xE6, 0x58, 0xD1, 0x89, 0xEA, 0xAE, 0x6D,
+ 0x2B, 0x64, 0xF6, 0x17, 0x79, 0x4B, 0x19,
+ 0x1C, 0x3F, 0xF4, 0x6B, 0xB7, 0x1E, 0x02,
+ 0x34, 0x02, 0x1F, 0x47, 0xB3, 0x1F, 0xA4,
+ 0x30, 0x77, 0x09, 0x5F, 0x96, 0xAD, 0x85,
+ 0xBA, 0x3A, 0x6B, 0x73, 0x4A, 0x7C, 0x8F,
+ 0x36, 0xDF, 0x08, 0xAC, 0xBA, 0x51, 0xC9,
+ 0x37, 0x89, 0x7F, 0x72, 0xF2, 0x1C, 0x3B,
+ 0xBE, 0x5B, 0x54, 0x99, 0x6F, 0xC6, 0x6C,
+ 0x5F, 0x62, 0x68, 0x39, 0xDC, 0x98, 0xDD,
+ 0x1D, 0xE4, 0x19, 0x5B, 0x46, 0xCE, 0xE9,
+ 0x80, 0x3A, 0x0F, 0xD3, 0xDF, 0xC5, 0x7E,
+ 0x23, 0xF6, 0x92, 0xBB, 0x7B, 0x49, 0xB5,
+ 0xD2, 0x12, 0x33, 0x1D, 0x55, 0xB1, 0xCE,
+ 0x2D, 0x72, 0x7A, 0xB4, 0x1A, 0x11, 0xDA,
+ 0x3A, 0x15, 0xF8, 0xE4, 0xBC, 0x11, 0xC7,
+ 0x8B, 0x65, 0xF1, 0xCE, 0xB2, 0x96, 0xF1,
+ 0xFE, 0xDC, 0x5F, 0x7E, 0x42, 0x45, 0x6C,
+ 0x91, 0x11, 0x17, 0x02, 0x52, 0x01, 0xBE,
+ 0x03, 0x89, 0xF5, 0xAB, 0xD4, 0x0D, 0x11,
+ 0xF8, 0x63, 0x9A, 0x39, 0xFE, 0x32, 0x36,
+ 0x75, 0x18, 0x35, 0xA5, 0xE5, 0xE4, 0x43,
+ 0x17, 0xC1, 0xC2, 0xEE, 0xFD, 0x4E, 0xA5,
+ 0xBF, 0xD1, 0x60, 0x43, 0xF4, 0x3C, 0xB4,
+ 0x19, 0x81, 0xF6, 0xAD, 0xEE, 0x9D, 0x03,
+ 0x15, 0x9E, 0x7A, 0xD9, 0xD1, 0x3C, 0x53,
+ 0x36, 0x95, 0x09, 0xFC, 0x1F, 0xA2, 0x7C,
+ 0x16, 0xEF, 0x98, 0x87, 0x70, 0x3A, 0x55,
+ 0xB5, 0x1B, 0x22, 0xCB, 0xF4, 0x4C, 0xD0,
+ 0x12, 0xAE, 0xE0, 0xB2, 0x79, 0x8E, 0x62,
+ 0x84, 0x23, 0x42, 0x8E, 0xFC, 0xD5, 0xA4,
+ 0x0C, 0xAE, 0xF6, 0xBF, 0x50, 0xD8, 0xEA,
+ 0x88, 0x5E, 0xBF, 0x73, 0xA6, 0xB9, 0xFD,
+ 0x79, 0xB5, 0xE1, 0x8F, 0x67, 0xD1, 0x34,
+ 0x1A, 0xC8, 0x23, 0x7A, 0x75, 0xC3, 0xCF,
+ 0xC9, 0x20, 0x04, 0xA1, 0xC5, 0xA4, 0x0E,
+ 0x36, 0x6B, 0xC4, 0x4D, 0x00, 0x17, 0x6A,
+ 0xF7, 0x1C, 0x15, 0xE4, 0x8C, 0x86, 0xD3,
+ 0x7E, 0x01, 0x37, 0x23, 0xCA, 0xAC, 0x72,
+ 0x23, 0xAB, 0x3B, 0xF4, 0xD5, 0x4F, 0x18,
+ 0x28, 0x71, 0x3B, 0x2B, 0x4A, 0x6F, 0xE4,
+ 0x0F, 0xAB, 0x74, 0x40, 0x5C, 0xB7, 0x38,
+ 0xB0, 0x64, 0xC0, 0x6E, 0xCC, 0x76, 0xE9,
+ 0xEF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_8192_group_prime = {
+ (void *) modp_params_8192, sizeof(modp_params_8192)
+};
+const gnutls_datum_t gnutls_modp_8192_group_q = {
+ (void *) modp_q_8192, sizeof(modp_q_8192)
+};
+const gnutls_datum_t gnutls_modp_8192_group_generator = {
+ (void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_8192_key_bits = 512;
+
#endif
diff --git a/lib/dh.h b/lib/dh.h
index 9f3dc2a70..a64a4eb5e 100644
--- a/lib/dh.h
+++ b/lib/dh.h
@@ -31,4 +31,33 @@ _gnutls_figure_dh_params(gnutls_session_t session, gnutls_dh_params_t dh_params,
int _gnutls_set_cred_dh_params(gnutls_dh_params_t *cparams, gnutls_sec_param_t sec_param);
+/* The static parameters defined in RFC 3526, used for the approved
+ * primes check in SP800-56A (Appendix D).
+ */
+
+extern const gnutls_datum_t gnutls_modp_8192_group_prime;
+extern const gnutls_datum_t gnutls_modp_8192_group_q;
+extern const gnutls_datum_t gnutls_modp_8192_group_generator;
+extern const unsigned int gnutls_modp_8192_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_6144_group_prime;
+extern const gnutls_datum_t gnutls_modp_6144_group_q;
+extern const gnutls_datum_t gnutls_modp_6144_group_generator;
+extern const unsigned int gnutls_modp_6144_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_4096_group_prime;
+extern const gnutls_datum_t gnutls_modp_4096_group_q;
+extern const gnutls_datum_t gnutls_modp_4096_group_generator;
+extern const unsigned int gnutls_modp_4096_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_3072_group_prime;
+extern const gnutls_datum_t gnutls_modp_3072_group_q;
+extern const gnutls_datum_t gnutls_modp_3072_group_generator;
+extern const unsigned int gnutls_modp_3072_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_2048_group_prime;
+extern const gnutls_datum_t gnutls_modp_2048_group_q;
+extern const gnutls_datum_t gnutls_modp_2048_group_generator;
+extern const unsigned int gnutls_modp_2048_key_bits;
+
#endif /* GNUTLS_LIB_DH_H */
--
2.26.2
From 3f4532862bf9140976d970ab14e102cede61d1c7 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 26 Jun 2020 10:21:26 +0200
Subject: [PATCH 2/2] dhe: check if DH params in SKE match the FIPS approved
algorithms
SP800-56A rev. 3 restricts the FIPS compliant clients to use only
approved DH parameters, defined in RFC 7919 and RFC 3526. This adds a
check in the handling of ServerKeyExchange if DHE is negotiated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
doc/credentials/Makefile.am | 24 ++++
.../dhparams/rfc2409-group-1-768.pem | 5 +
.../dhparams/rfc2409-group-2-1024.pem | 5 +
.../dhparams/rfc3526-group-14-2048.pem | 8 ++
.../dhparams/rfc3526-group-15-3072.pem | 11 ++
.../dhparams/rfc3526-group-16-4096.pem | 13 ++
.../dhparams/rfc3526-group-17-6144.pem | 19 +++
.../dhparams/rfc3526-group-18-8192.pem | 24 ++++
.../dhparams/rfc3526-group-5-1536.pem | 7 +
doc/credentials/dhparams/rfc5054-1024.pem | 5 +
doc/credentials/dhparams/rfc5054-1536.pem | 7 +
doc/credentials/dhparams/rfc5054-2048.pem | 8 ++
doc/credentials/dhparams/rfc5054-3072.pem | 11 ++
doc/credentials/dhparams/rfc5054-4096.pem | 13 ++
doc/credentials/dhparams/rfc5054-6144.pem | 19 +++
doc/credentials/dhparams/rfc5054-8192.pem | 24 ++++
.../dhparams/rfc5114-group-22-1024.pem | 8 ++
.../dhparams/rfc5114-group-23-2048.pem | 13 ++
.../dhparams/rfc5114-group-24-2048.pem | 13 ++
.../dhparams/rfc7919-ffdhe2048.pem | 8 ++
.../dhparams/rfc7919-ffdhe3072.pem | 11 ++
.../dhparams/rfc7919-ffdhe4096.pem | 14 ++
.../dhparams/rfc7919-ffdhe6144.pem | 19 +++
.../dhparams/rfc7919-ffdhe8192.pem | 24 ++++
lib/auth/dh_common.c | 8 ++
lib/dh-primes.c | 34 +++++
lib/dh.h | 6 +
tests/Makefile.am | 2 +
tests/client-sign-md5-rep.c | 5 +
tests/dh-fips-approved.sh | 127 ++++++++++++++++++
tests/utils.c | 58 ++++----
31 files changed, 521 insertions(+), 32 deletions(-)
create mode 100644 doc/credentials/dhparams/rfc2409-group-1-768.pem
create mode 100644 doc/credentials/dhparams/rfc2409-group-2-1024.pem
create mode 100644 doc/credentials/dhparams/rfc3526-group-14-2048.pem
create mode 100644 doc/credentials/dhparams/rfc3526-group-15-3072.pem
create mode 100644 doc/credentials/dhparams/rfc3526-group-16-4096.pem
create mode 100644 doc/credentials/dhparams/rfc3526-group-17-6144.pem
create mode 100644 doc/credentials/dhparams/rfc3526-group-18-8192.pem
create mode 100644 doc/credentials/dhparams/rfc3526-group-5-1536.pem
create mode 100644 doc/credentials/dhparams/rfc5054-1024.pem
create mode 100644 doc/credentials/dhparams/rfc5054-1536.pem
create mode 100644 doc/credentials/dhparams/rfc5054-2048.pem
create mode 100644 doc/credentials/dhparams/rfc5054-3072.pem
create mode 100644 doc/credentials/dhparams/rfc5054-4096.pem
create mode 100644 doc/credentials/dhparams/rfc5054-6144.pem
create mode 100644 doc/credentials/dhparams/rfc5054-8192.pem
create mode 100644 doc/credentials/dhparams/rfc5114-group-22-1024.pem
create mode 100644 doc/credentials/dhparams/rfc5114-group-23-2048.pem
create mode 100644 doc/credentials/dhparams/rfc5114-group-24-2048.pem
create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe2048.pem
create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe3072.pem
create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe4096.pem
create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe6144.pem
create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe8192.pem
create mode 100755 tests/dh-fips-approved.sh
diff --git a/doc/credentials/Makefile.am b/doc/credentials/Makefile.am
index ecdd57a10..25778856f 100644
--- a/doc/credentials/Makefile.am
+++ b/doc/credentials/Makefile.am
@@ -31,3 +31,27 @@ EXTRA_DIST += srp-passwd.txt srp-tpasswd.conf
EXTRA_DIST += psk-passwd.txt
+EXTRA_DIST += \
+ dhparams/rfc2409-group-1-768.pem \
+ dhparams/rfc2409-group-2-1024.pem \
+ dhparams/rfc3526-group-14-2048.pem \
+ dhparams/rfc3526-group-15-3072.pem \
+ dhparams/rfc3526-group-16-4096.pem \
+ dhparams/rfc3526-group-17-6144.pem \
+ dhparams/rfc3526-group-18-8192.pem \
+ dhparams/rfc3526-group-5-1536.pem \
+ dhparams/rfc5054-1024.pem \
+ dhparams/rfc5054-1536.pem \
+ dhparams/rfc5054-2048.pem \
+ dhparams/rfc5054-3072.pem \
+ dhparams/rfc5054-4096.pem \
+ dhparams/rfc5054-6144.pem \
+ dhparams/rfc5054-8192.pem \
+ dhparams/rfc5114-group-22-1024.pem \
+ dhparams/rfc5114-group-23-2048.pem \
+ dhparams/rfc5114-group-24-2048.pem \
+ dhparams/rfc7919-ffdhe2048.pem \
+ dhparams/rfc7919-ffdhe3072.pem \
+ dhparams/rfc7919-ffdhe4096.pem \
+ dhparams/rfc7919-ffdhe6144.pem \
+ dhparams/rfc7919-ffdhe8192.pem
diff --git a/doc/credentials/dhparams/rfc2409-group-1-768.pem b/doc/credentials/dhparams/rfc2409-group-1-768.pem
new file mode 100644
index 000000000..33a617018
--- /dev/null
+++ b/doc/credentials/dhparams/rfc2409-group-1-768.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MGYCYQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5siUUoI
+eY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummOjYg////
+//////8CAQI=
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc2409-group-2-1024.pem b/doc/credentials/dhparams/rfc2409-group-2-1024.pem
new file mode 100644
index 000000000..bbfb1bfb6
--- /dev/null
+++ b/doc/credentials/dhparams/rfc2409-group-2-1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJRSgh5jjQE
+3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL/1y29Aa37e44a/ta
+iZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc3526-group-14-2048.pem b/doc/credentials/dhparams/rfc3526-group-14-2048.pem
new file mode 100644
index 000000000..b15071532
--- /dev/null
+++ b/doc/credentials/dhparams/rfc3526-group-14-2048.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc3526-group-15-3072.pem b/doc/credentials/dhparams/rfc3526-group-15-3072.pem
new file mode 100644
index 000000000..f27b77820
--- /dev/null
+++ b/doc/credentials/dhparams/rfc3526-group-15-3072.pem
@@ -0,0 +1,11 @@
+-----BEGIN DH PARAMETERS-----
+MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS
+yv//////////AgEC
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc3526-group-16-4096.pem b/doc/credentials/dhparams/rfc3526-group-16-4096.pem
new file mode 100644
index 000000000..a734b9050
--- /dev/null
+++ b/doc/credentials/dhparams/rfc3526-group-16-4096.pem
@@ -0,0 +1,13 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc3526-group-17-6144.pem b/doc/credentials/dhparams/rfc3526-group-17-6144.pem
new file mode 100644
index 000000000..d8307bda3
--- /dev/null
+++ b/doc/credentials/dhparams/rfc3526-group-17-6144.pem
@@ -0,0 +1,19 @@
+-----BEGIN DH PARAMETERS-----
+MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG
+3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU
+7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId
+A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha
+xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/
+8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA
+JP//////////AgEC
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc3526-group-18-8192.pem b/doc/credentials/dhparams/rfc3526-group-18-8192.pem
new file mode 100644
index 000000000..af54dd656
--- /dev/null
+++ b/doc/credentials/dhparams/rfc3526-group-18-8192.pem
@@ -0,0 +1,24 @@
+-----BEGIN DH PARAMETERS-----
+MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG
+3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU
+7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId
+A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha
+xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/
+8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R
+WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk
+ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw
+xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4
+Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i
+aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU
+38gfVuiAuW5xYMmA3Zjt09///////////wIBAg==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc3526-group-5-1536.pem b/doc/credentials/dhparams/rfc3526-group-5-1536.pem
new file mode 100644
index 000000000..44df6de65
--- /dev/null
+++ b/doc/credentials/dhparams/rfc3526-group-5-1536.pem
@@ -0,0 +1,7 @@
+-----BEGIN DH PARAMETERS-----
+MIHHAoHBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR
+Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL
+/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7ORbPcIAfLihY78FmNpINhxV05pp
+Fj+o/STPX4NlXSPco62WHGLzViCFUrue1SkHcJaWbWcMNU5KvJgE8XRsCMojcyf/
+/////////wIBAg==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5054-1024.pem b/doc/credentials/dhparams/rfc5054-1024.pem
new file mode 100644
index 000000000..33aed9fab
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5054-1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAO6vCrmts43WnDP4CvqPxehgcmGHdf88C56iMUycJWV21nTfdJbqgdM4
+O0gT1pLG4ODV2OJQuYvkjklcHWCJ2tFdx9e0YVTWts6O9K1psV1JglWbKXvPGIXF
+KfVmZg5X7GjtvDwFcmzAL9TL9Jduqpr9UTj+g3ZDW5/GHS/A6wbjAgEC
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5054-1536.pem b/doc/credentials/dhparams/rfc5054-1536.pem
new file mode 100644
index 000000000..dc2db6b42
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5054-1536.pem
@@ -0,0 +1,7 @@
+-----BEGIN DH PARAMETERS-----
+MIHHAoHBAJ3vPK+5OSd6sfEqhheke7vbpR30maxMgL7uqWFLGcxNX09fVW4ny95R
+xqlL5GB6KRVYkDug0PhDgLZVu5oi6NzfAop87Gfw0IE0sci5eYkUm2CeC+O6tj1H
+VIOB28Wx/HZOP0tT3Z2hFYv9PiucjPVu3wGVOTSWJ9sv1T0kt8SGZXcuQ31sf4zk
+QnNK98y3roN8Jkrjqb64f4ov6bi1KS5aAh//XpFHnoznoowkQsbzFRgPk0maI03P
+duP+0TX5uwIBAg==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5054-2048.pem b/doc/credentials/dhparams/rfc5054-2048.pem
new file mode 100644
index 000000000..814e70ce6
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5054-2048.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEArGvbQTJKmpvxZt5eE4lYL69ytmUZh+4H/DGSlD21YFCjcynLtKCZ
+7YGT4HV3Z6E91SMSq0sDMQ3Nf0ip2gT9UOgIOWntt2ewz2CVF5oWOrNmGgX71fqq
+6CkYqZYvC5O4Vfl5k+yXXuqoDXQK2/T/dHNZ0EHVwz6nHSgeRGsUdzvKl7Q6I/uA
+Fna9IHpDbGSB8dK5B4cXRhpbnTLmiPh3SFRFI7UksNV9Xqd6J3XS7PoDLPvb9S+z
+eGFgJ5AE5Xrmr4dOcwPOUymczAQce8MI2CpWmPOo0MOCca41+Onb+7aUtcgD2J96
+5DXeI21SX1R1m2XjcvzWjvIPpxEfnkr/cwIBAg==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5054-3072.pem b/doc/credentials/dhparams/rfc5054-3072.pem
new file mode 100644
index 000000000..d84b2424a
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5054-3072.pem
@@ -0,0 +1,11 @@
+-----BEGIN DH PARAMETERS-----
+MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS
+yv//////////AgEF
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5054-4096.pem b/doc/credentials/dhparams/rfc5054-4096.pem
new file mode 100644
index 000000000..99ca4456b
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5054-4096.pem
@@ -0,0 +1,13 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQU=
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5054-6144.pem b/doc/credentials/dhparams/rfc5054-6144.pem
new file mode 100644
index 000000000..97d8d21a9
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5054-6144.pem
@@ -0,0 +1,19 @@
+-----BEGIN DH PARAMETERS-----
+MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG
+3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU
+7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId
+A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha
+xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/
+8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA
+JP//////////AgEF
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5054-8192.pem b/doc/credentials/dhparams/rfc5054-8192.pem
new file mode 100644
index 000000000..bb54575c7
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5054-8192.pem
@@ -0,0 +1,24 @@
+-----BEGIN DH PARAMETERS-----
+MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG
+3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU
+7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId
+A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha
+xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/
+8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R
+WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk
+ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw
+xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4
+Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i
+aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU
+38gfVuiAuW5xYMmA3Zjt09///////////wIBEw==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5114-group-22-1024.pem b/doc/credentials/dhparams/rfc5114-group-22-1024.pem
new file mode 100644
index 000000000..759afcb2f
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5114-group-22-1024.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKBgQCxC4+WoIDgHd6S3l6uXVTsUsmfvPsGo8aaap3KUtI7YWBz4oZ1oj0Y
+mDjvHi7mUsAT7LSuqQYRIySXXDzUm4O/rMvdfZDEvXCYSI6cIZpzck7/1vrlZEc4
++qMaT/VbzMChUa9fDci0vUW/N982XBpl5oz9p21NpwjfH7K8LkpDcQKBgQCk0cvV
+w/00EmdlpELvuZkF+BBN0lisUH/WQGz/FCZtMSZv6h5cQVZLd35pD1UE8hMWAhe0
+sBuIal6RVH+eJ0n01/vX07mpLuGQnQ0iY/gKdqaiTAh6CR9THb8KAWm2oorWYqTR
+jnOvoy13nVkY0IvIhY9Nzvl8KiSFXm7rIrOy5Q==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5114-group-23-2048.pem b/doc/credentials/dhparams/rfc5114-group-23-2048.pem
new file mode 100644
index 000000000..d4f360ef2
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5114-group-23-2048.pem
@@ -0,0 +1,13 @@
+-----BEGIN DH PARAMETERS-----
+MIICCgKCAQEArRB+HpEjqdDWYPqnlVnFH6INZOVoO5/RtUsVl7YdCnXm+hQd+VpW
+26+aPEB7od8V6z1oijCcGA4d5rhaEnSgpm0/gVKtasISkDfJ7e/aTfjZHo/vVbc5
+S3rVt9C2wSIHyfmNEe002/bGugssi7wnvmoA4KC5xJcIs7+KMXCRiDaBKGEwvImF
+2xYC5xRBXZMwJ4Jzx94x79xzEPcSH9WgdBWYfZrcCkhtzfk6zEQyg4cxXXXhmMZB
+pIDNhqG55YfovmDmnMkosrnFIXLkEwQumyPxCw4W55djybU9z0uoCinj+3PBa451
+uX7zY+L/ox9xz53lOE5xuBwKxN/+DBDmTwKCAQEArEAy708tmuOd8wtcj/2sUGze
+vnuJmYyvdIZqCM/k/+OmgkpOELmm8N2SHwGnDEr6q3OddwDCn1LFfbF8YgqGUr5e
+kAGo1mrXwXZpEBmZAkr00CcnWsE0i7inYtBSG8mK4kcVBCLqHtQJk51U2nRgzbX2
+xrJQcXy+8YDrNBGOmNEZUppF1vg0Vm4wJeMWozDvu3eobwwasVsFGuPUKMj4rLcK
+gTcVC47rEOGD7dGZY93Z4mPkdwWJ72qiHn9fL/OBtTnM40CdE81Wavu0jWwBkYHh
+vP6UswJp7f5y/ptqpL17Wg8ccc//TBnEGOH27AF5gbwIfypwZbOEuJDTGR8r+g==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc5114-group-24-2048.pem b/doc/credentials/dhparams/rfc5114-group-24-2048.pem
new file mode 100644
index 000000000..dc0211648
--- /dev/null
+++ b/doc/credentials/dhparams/rfc5114-group-24-2048.pem
@@ -0,0 +1,13 @@
+-----BEGIN DH PARAMETERS-----
+MIICCQKCAQEAh6jmHbS2Zjz/u9GcZRlZmYzu9ghmDdDyXSzu1ENeOwDgDfjx1hlX
+1Pr330VhsqowFsPZETQJb6o79Cltgw6afCCeDGSXUXq9WoqdMGvPZ+2R+eZyW0dY
+wCLgse9Cdb97bFv8EdRfkIi5QfVOseWbuLw5oL8SMH9cT9twxYGyP3a2Osrhyqa3
+kC1SUmc1SIoO8TxtmlG/pKs62DR3llJNjvahZ7WkGCXZZ+FE5RQFZCUcysuD5rSG
+9rPKP3lxUGAmwLhX9omWKFbe1AEKvQvmIcOjlgpU5xDDdfJjddcBQQOktUMwwZiv
+EmEW0iduEXFfaTh3+tfvCcrbCUrpHhoVlwKCAQA/syybcxNNCy53UGZg7b1ITKex
+jyHvIFQH9Hk6GguhJRDbwVB3vkY//0/tSqwLtVW+OmwbDGtHsbw3c79+jG9ikBIo
++MKMuxilWuMTQQAKZQGW+THHelfy3fRj5ensFEt3feYqqrioYorDdtKC1u04ZOZ5
+gkKOvIMdFDSPby+Rk7UEWvJ2cWTh38lnwfs/LlWkvRv/6DucgNBSuYXRguoK2yo7
+cxPT/hTISEseBSWIubfSu9LfAWGZ7NBuFVfNCRWzNTu7ZODsN3/QKDcN+StSx4kU
+KM3GfrYYS1I9HbJGwy9jB4SQ8A741kfRSNR5VFFeIyfP75jFgmZLTA9sxBZZ
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc7919-ffdhe2048.pem b/doc/credentials/dhparams/rfc7919-ffdhe2048.pem
new file mode 100644
index 000000000..9b182b720
--- /dev/null
+++ b/doc/credentials/dhparams/rfc7919-ffdhe2048.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc7919-ffdhe3072.pem b/doc/credentials/dhparams/rfc7919-ffdhe3072.pem
new file mode 100644
index 000000000..fb31ccda5
--- /dev/null
+++ b/doc/credentials/dhparams/rfc7919-ffdhe3072.pem
@@ -0,0 +1,11 @@
+-----BEGIN DH PARAMETERS-----
+MIIBiAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3
+7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32
+nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu
+N///////////AgEC
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc7919-ffdhe4096.pem b/doc/credentials/dhparams/rfc7919-ffdhe4096.pem
new file mode 100644
index 000000000..ad9f68b1e
--- /dev/null
+++ b/doc/credentials/dhparams/rfc7919-ffdhe4096.pem
@@ -0,0 +1,14 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3
+7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32
+nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e
+8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx
+iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K
+zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eZV9q//////////8CAQI=
+-----END DH PARAMETERS-----
+
diff --git a/doc/credentials/dhparams/rfc7919-ffdhe6144.pem b/doc/credentials/dhparams/rfc7919-ffdhe6144.pem
new file mode 100644
index 000000000..d8239bb05
--- /dev/null
+++ b/doc/credentials/dhparams/rfc7919-ffdhe6144.pem
@@ -0,0 +1,19 @@
+-----BEGIN DH PARAMETERS-----
+MIIDCAKCAwEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3
+7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32
+nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e
+8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx
+iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K
+zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq
+OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE
+HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj
+w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8
+vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70
+A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKc0OQO
+Zf//////////AgEC
+-----END DH PARAMETERS-----
diff --git a/doc/credentials/dhparams/rfc7919-ffdhe8192.pem b/doc/credentials/dhparams/rfc7919-ffdhe8192.pem
new file mode 100644
index 000000000..4484cf885
--- /dev/null
+++ b/doc/credentials/dhparams/rfc7919-ffdhe8192.pem
@@ -0,0 +1,24 @@
+-----BEGIN DH PARAMETERS-----
+MIIECAKCBAEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3
+7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32
+nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e
+8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx
+iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K
+zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq
+OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE
+HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj
+w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8
+vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70
+A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKcz/Rq
+qjatAEz2AMg4HkJaMdlRrmT9sj/OyVCdQ2h/62nt0cxeC4zDvfZLEO+GtjFCo6uI
+KVVbL3R8kyZlyywPHMAb1wIpOIg50q8F5FRQSseLdYKCKEbAujXDX1xZFgzARv2C
+UVQfxoychrAiu3CZh2pGDnRRqKkxCXA/7hwhfmw4JuUsUappHg5CPPyZ6eMWUMEh
+e2JIFs2tmpX51bgBlIjZwKCh/jB1pXfiMYP4HUo/L6RXHvyM4LqKT+i2hV3+crCm
+bt7S+6v75Yow+vq+HF1xqH4vdB74wf6G/qa7/eUwZ38Nl9EdSfeoRD0IIuUGqfRh
+TgEeKpSDj/iM1oyLt8XGQkz//////////wIBAg==
+-----END DH PARAMETERS-----
diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c
index 19c205bbe..252eea0cb 100644
--- a/lib/auth/dh_common.c
+++ b/lib/auth/dh_common.c
@@ -257,6 +257,14 @@ _gnutls_proc_dh_common_server_kx(gnutls_session_t session,
}
}
+#ifdef ENABLE_FIPS140
+ if (gnutls_fips140_mode_enabled() &&
+ !_gnutls_dh_prime_is_fips_approved(data_p, n_p, data_g, n_g)) {
+ gnutls_assert();
+ return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+ }
+#endif
+
if (_gnutls_mpi_init_scan_nz(&session->key.proto.tls12.dh.params.params[DH_G], data_g, _n_g) != 0) {
gnutls_assert();
return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
diff --git a/lib/dh-primes.c b/lib/dh-primes.c
index 5d2dce0fb..a43a8e5de 100644
--- a/lib/dh-primes.c
+++ b/lib/dh-primes.c
@@ -1893,4 +1893,38 @@ const gnutls_datum_t gnutls_modp_8192_group_generator = {
};
const unsigned int gnutls_modp_8192_key_bits = 512;
+unsigned
+_gnutls_dh_prime_is_fips_approved(const uint8_t *prime,
+ size_t prime_size,
+ const uint8_t *generator,
+ size_t generator_size)
+{
+ static const struct {
+ const gnutls_datum_t *prime;
+ const gnutls_datum_t *generator;
+ } primes[] = {
+ { &gnutls_ffdhe_8192_group_prime, &gnutls_ffdhe_8192_group_generator },
+ { &gnutls_ffdhe_6144_group_prime, &gnutls_ffdhe_6144_group_generator },
+ { &gnutls_ffdhe_4096_group_prime, &gnutls_ffdhe_4096_group_generator },
+ { &gnutls_ffdhe_3072_group_prime, &gnutls_ffdhe_3072_group_generator },
+ { &gnutls_ffdhe_2048_group_prime, &gnutls_ffdhe_2048_group_generator },
+ { &gnutls_modp_8192_group_prime, &gnutls_modp_8192_group_generator },
+ { &gnutls_modp_6144_group_prime, &gnutls_modp_6144_group_generator },
+ { &gnutls_modp_4096_group_prime, &gnutls_modp_4096_group_generator },
+ { &gnutls_modp_3072_group_prime, &gnutls_modp_3072_group_generator },
+ { &gnutls_modp_2048_group_prime, &gnutls_modp_2048_group_generator },
+ };
+ size_t i;
+
+ for (i = 0; i < sizeof(primes) / sizeof(primes[0]); i++) {
+ if (primes[i].prime->size == prime_size &&
+ memcmp(primes[i].prime->data, prime, primes[i].prime->size) == 0 &&
+ primes[i].generator->size == generator_size &&
+ memcmp(primes[i].generator->data, generator, primes[i].generator->size) == 0)
+ return 1;
+ }
+
+ return 0;
+}
+
#endif
diff --git a/lib/dh.h b/lib/dh.h
index a64a4eb5e..672451947 100644
--- a/lib/dh.h
+++ b/lib/dh.h
@@ -60,4 +60,10 @@ extern const gnutls_datum_t gnutls_modp_2048_group_q;
extern const gnutls_datum_t gnutls_modp_2048_group_generator;
extern const unsigned int gnutls_modp_2048_key_bits;
+unsigned
+_gnutls_dh_prime_is_fips_approved(const uint8_t *prime,
+ size_t prime_size,
+ const uint8_t *generator,
+ size_t generator_size);
+
#endif /* GNUTLS_LIB_DH_H */
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 7cdf828e0..13d7ba385 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -522,6 +522,8 @@ endif
dist_check_SCRIPTS += gnutls-cli-self-signed.sh gnutls-cli-invalid-crl.sh gnutls-cli-rawpk.sh
+dist_check_SCRIPTS += dh-fips-approved.sh
+
if ENABLE_PKCS11
dist_check_SCRIPTS += p11-kit-trust.sh testpkcs11.sh certtool-pkcs11.sh
diff --git a/tests/client-sign-md5-rep.c b/tests/client-sign-md5-rep.c
index 1c7877fbd..b1ad46ce9 100644
--- a/tests/client-sign-md5-rep.c
+++ b/tests/client-sign-md5-rep.c
@@ -468,6 +468,11 @@ void doit(void)
int sockets[2];
int err;
+ /* tls1_hello contains ServerKeyExchange with custom DH
+ * parameters */
+ if (gnutls_fips140_mode_enabled())
+ exit(77);
+
signal(SIGPIPE, SIG_IGN);
err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
diff --git a/tests/dh-fips-approved.sh b/tests/dh-fips-approved.sh
new file mode 100755
index 000000000..136dd15f3
--- /dev/null
+++ b/tests/dh-fips-approved.sh
@@ -0,0 +1,127 @@
+#!/bin/sh
+
+# Copyright (C) 2017 Nikos Mavrogiannopoulos
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>
+
+srcdir="${srcdir:-.}"
+SERV="${SERV:-../src/gnutls-serv${EXEEXT}}"
+CLI="${CLI:-../src/gnutls-cli${EXEEXT}}"
+unset RETCODE
+
+if ! test -x "${SERV}"; then
+ exit 77
+fi
+
+if ! test -x "${CLI}"; then
+ exit 77
+fi
+
+if test "${WINDIR}" != ""; then
+ exit 77
+fi
+
+if ! test -z "${VALGRIND}"; then
+ VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
+fi
+
+
+SERV="${SERV} -q"
+
+. "${srcdir}/scripts/common.sh"
+
+KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem
+CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem
+CA1=${srcdir}/../doc/credentials/x509/ca.pem
+
+ALLOWED_PARAMS="
+rfc3526-group-14-2048
+rfc3526-group-15-3072
+rfc3526-group-16-4096
+rfc3526-group-17-6144
+rfc3526-group-18-8192
+rfc7919-ffdhe2048
+rfc7919-ffdhe3072
+rfc7919-ffdhe4096
+rfc7919-ffdhe6144
+rfc7919-ffdhe8192
+"
+
+DISALLOWED_PARAMS="
+rfc2409-group-2-1024
+rfc3526-group-5-1536
+rfc5054-1024
+rfc5054-1536
+rfc5054-2048
+rfc5054-3072
+rfc5054-4096
+rfc5054-6144
+rfc5054-8192
+rfc5114-group-22-1024
+rfc5114-group-23-2048
+rfc5114-group-24-2048
+"
+
+OPTS="--priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+AES-128-GCM:-GROUP-ALL"
+
+for params in $ALLOWED_PARAMS; do
+ echo "Checking with approved DH params: $params"
+
+ PARAMS=${srcdir}/../doc/credentials/dhparams/${params}.pem
+
+ eval "${GETPORT}"
+ launch_server $$ ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS}
+ PID=$!
+ wait_server ${PID}
+
+ ${VALGRIND} "${CLI}" ${OPTS} -p "${PORT}" 127.0.0.1 --verify-hostname=localhost --x509cafile ${CA1} </dev/null >/dev/null || \
+ fail ${PID} "handshake should have succeeded!"
+
+ kill ${PID}
+ wait
+done
+
+for params in $DISALLOWED_PARAMS; do
+ echo "Checking with non-approved DH params: $params"
+
+ PARAMS=${srcdir}/../doc/credentials/dhparams/${params}.pem
+
+ eval "${GETPORT}"
+ launch_server $$ ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS}
+ PID=$!
+ wait_server ${PID}
+
+ ${VALGRIND} "${CLI}" ${OPTS} -p "${PORT}" 127.0.0.1 --verify-hostname=localhost --x509cafile ${CA1} </dev/null >/dev/null
+
+ RET=$?
+
+ if test $RET -eq 0; then
+ if test "${GNUTLS_FORCE_FIPS_MODE}" = 1; then
+ fail ${PID} "handshake should have failed (FIPS mode 1)!"
+ fi
+ else
+ if test "${GNUTLS_FORCE_FIPS_MODE}" != 1; then
+ fail ${PID} "handshake should have succeeded (FIPS mode 0)!"
+ fi
+ fi
+
+ kill ${PID}
+ wait
+done
+
+exit 0
diff --git a/tests/utils.c b/tests/utils.c
index 9186a1757..60cd79b35 100644
--- a/tests/utils.c
+++ b/tests/utils.c
@@ -50,47 +50,41 @@ int debug = 0;
int error_count = 0;
int break_on_error = 0;
+/* doc/credentials/dhparams/rfc3526-group-14-2048.pem */
const char *pkcs3 =
"-----BEGIN DH PARAMETERS-----\n"
- "MIGGAoGAtkxw2jlsVCsrfLqxrN+IrF/3W8vVFvDzYbLmxi2GQv9s/PQGWP1d9i22\n"
- "P2DprfcJknWt7KhCI1SaYseOQIIIAYP78CfyIpGScW/vS8khrw0rlQiyeCvQgF3O\n"
- "GeGOEywcw+oQT4SmFOD7H0smJe2CNyjYpexBXQ/A0mbTF9QKm1cCAQU=\n"
+ "MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n"
+ "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n"
+ "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n"
+ "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n"
+ "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n"
+ "5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==\n"
"-----END DH PARAMETERS-----\n";
+/* doc/credentials/dhparams/rfc7919-ffdhe2048.pem */
const char *pkcs3_2048 =
"-----BEGIN DH PARAMETERS-----\n"
- "MIICDgKCAQEAvVNCqM8M9ZoVYBKEkV2KN8ELHHJ75aTZiK9z6170iKSgbITkOxsd\n"
- "aBCLzHZd7d6/2aNofUeuWdDGHm73d8v53ma2HRVCNESeC2LKsEDFG9FjjUeugvfl\n"
- "zb85TLZwWT9Lb35Ddhdk7CtxoukjS0/JkCE+8RGzmk5+57N8tNffs4aSSHSe4+cw\n"
- "i4wULDxiG2p052czAMP3YR5egWvMuiByhy0vKShiZmOy1/Os5r6E/GUF+298gDjG\n"
- "OeaEUF9snrTcoBwB4yNjVSEbuAh5fMd5zFtz2+dzrk9TYZ44u4DQYkgToW05WcmC\n"
- "+LG0bLAH6lrJR5OMgyheZEo6F20z/d2yyQKCAQEAtzcuTHW61SFQiDRouk6eD0Yx\n"
- "0k1RJdaQdlRf6/Dcc6lEqnbezL90THzvxkBwfJ5jG1VZE7JlVCvLRkBtgb0/6SCf\n"
- "MATfEKG2JMOnKsJxvidmKEp4uN32LketXRrrEBl7rS+HABEfKAzqx+J6trBaq25E\n"
- "7FVJFsyoa8IL8N8YUWwhE2UuEfmiqQQaeoIUYC/xD2arMXn9N0W84Nyy2S9IL4ct\n"
- "e3Azi1Wc8MMfpbxxDRxXCnM2uMkLYWs1lQmcUUX+Uygv3P8lgS+RJ1Pi3+BWMx0S\n"
- "ocsZXqOr6dbEF1WOLObQRK7h/MZp80iVUyrBgX0MbVFN9M5i2u4KKTG95VKRtgIC\n"
- "AQA=\n" "-----END DH PARAMETERS-----\n";
+ "MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n"
+ "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n"
+ "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n"
+ "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n"
+ "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n"
+ "ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==\n"
+ "-----END DH PARAMETERS-----\n";
+/* doc/credentials/dhparams/rfc7919-ffdhe3072.pem */
const char *pkcs3_3072 =
"-----BEGIN DH PARAMETERS-----\n"
- "MIIDDgKCAYEAtRUay8nDgwE5dSVzW525wEu/d0vrFolvYJSevxg2myj5S+gr3Fgq\n"
- "OGaZc4zrBxkxsELc7GuCqaXSOWL4yobT8N05yGbYWkWRPf4crRMx3P7/Gba9WsmH\n"
- "BlL71uPf1IN9CanAlabkhV89RKiYaCpUI19+/sq+N2dO874ToBZCNhxZnTgRZ+po\n"
- "Gdr6XWM0lQ8imIKSer0px3ZHI+/5gmyPry35tGpwlbyclJAg3wlTSdnqDcLxq7AF\n"
- "OZ23PzC3ij7SFErOX9EFBdS2bjtU47O3OkPc9EIYMEv5nwnXICLHslwVifmURAjV\n"
- "LfpObL8LYGN4Gac4tFxuDa0PMg0ES5ADugYBwdRFTAtCy5WOYXINzAAOrH9MommT\n"
- "rMkELf7JOCaV2ktBsvTlrgMAXeyqbf2YSG6CGjj4QnUuqPybSgwPru7VlahsS2lo\n"
- "qjutBPpgIxS53o97Wi3V5kQedKJiNuIDNnJMFNuTADAM+OYwClTH7ZSwTsxEgVpr\n"
- "tMH+WnTI7KTJAoIBgQCrELwIUB4oNbf0x+fIpVndhDpl/WcFc/lDtmiRuym5gWbb\n"
- "NPeI+1rdhnS2R3+nCJODFQTcPNMgIJuSu2EnDCSs5xJ2k08SAgSzyxEdjBpY7qJe\n"
- "+lJPJ12zhcl0vgcvMhb/YgqVe2MKz0RvnYZPwHM/aJbjYjq/6OpK3fVw4M1ZccBK\n"
- "QD4OHK8HOvGU7Wf6kRIcxUlfn15spMCIsrAZQBddWLmQgktsxJNUS+AnaPwTBoOv\n"
- "nGCr1vzw8OS1DtS03VCmtqt3otXhJ3D2oCIG6ogxVAKfHR30KIfzZLBfmCjdzHmH\n"
- "x4OwYTN1wy5juA438QtiDtcgK60ZqSzQO08ZklRncA/TkkyEH6kPn5KSh/hW9O3D\n"
- "KZeAY/KF0/Bc1XNtqPEYFb7Vo3rbTsyjXkICN1Hk9S0OIKL42K7rWBepO9KuddSd\n"
- "aXgH9staP0HXCyyW1VAyqo0TwcWDhE/R7IQQGGwGyd4rD0T+ySW/t09ox23O6X8J\n"
- "FSp6mOVNcuvhB5U2gW8CAgEA\n" "-----END DH PARAMETERS-----\n";
+ "MIIBiAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n"
+ "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n"
+ "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n"
+ "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n"
+ "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n"
+ "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n"
+ "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n"
+ "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu\n"
+ "N///////////AgEC\n"
+ "-----END DH PARAMETERS-----\n";
void _fail(const char *format, ...)
{
--
2.26.2
Reference in New Issue View Git Blame Copy Permalink