SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync code with last fixes and improvements from OpenBSD

Browse source
This commit is contained in:
purplerain 2023-07-20 23:56:46 +00:00
parent f57be82572
commit 58b04bcee7
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
468 changed files with 9958 additions and 7882 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/libcrypto/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.137 2023/07/07 06:10:14 jsing Exp $
# $OpenBSD: Makefile,v 1.138 2023/07/20 16:36:06 tb Exp $
LIB= crypto
LIBREBUILD=y
@ -386,8 +386,6 @@ SRCS+= tb_pkmeth.c
SRCS+= tb_rand.c
SRCS+= tb_rsa.c
SRCS+= tb_store.c
# XXX unnecessary? handled in EVP now...
# SRCS+= eng_aesni.c # local addition
# err/
SRCS+= err.c

147
lib/libcrypto/asn1/asn1_item.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1_item.c,v 1.16 2023/07/07 19:37:52 beck Exp $ */
/* $OpenBSD: asn1_item.c,v 1.17 2023/07/13 20:59:10 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -230,73 +230,59 @@ ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
}
int
ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
static int
asn1_item_set_algorithm_identifiers(EVP_MD_CTX *ctx, X509_ALGOR *algor1,
X509_ALGOR *algor2)
{
const EVP_MD *type;
EVP_PKEY *pkey;
unsigned char *in = NULL, *out = NULL;
size_t out_len = 0;
int in_len = 0;
int signid, paramtype;
int rv = 2;
int ret = 0;
ASN1_OBJECT *aobj;
const EVP_MD *md;
int sign_id, sign_param;
if ((pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx)) == NULL) {
ASN1error(ASN1_R_CONTEXT_NOT_INITIALISED);
return 0;
}
if (pkey->ameth == NULL) {
ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
if ((md = EVP_MD_CTX_md(ctx)) == NULL) {
ASN1error(ASN1_R_CONTEXT_NOT_INITIALISED);
return 0;
}
if (pkey->ameth->item_sign != NULL) {
rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
signature);
if (rv == 1) {
out_len = signature->length;
goto done;
}
/* Return value meanings:
* <=0: error.
* 1: method does everything.
* 2: carry on as normal.
* 3: ASN1 method sets algorithm identifiers: just sign.
*/
if (rv <= 0) {
ASN1error(ERR_R_EVP_LIB);
goto err;
}
if (!OBJ_find_sigid_by_algs(&sign_id, EVP_MD_nid(md),
pkey->ameth->pkey_id)) {
ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
return 0;
}
if ((aobj = OBJ_nid2obj(sign_id)) == NULL) {
ASN1error(ASN1_R_UNKNOWN_OBJECT_TYPE);
return 0;
}
if (rv == 2) {
if ((type = EVP_MD_CTX_md(ctx)) == NULL) {
ASN1error(ASN1_R_CONTEXT_NOT_INITIALISED);
sign_param = V_ASN1_UNDEF;
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
sign_param = V_ASN1_NULL;
if (algor1 != NULL) {
if (!X509_ALGOR_set0(algor1, aobj, sign_param, NULL))
return 0;
}
if (!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type),
pkey->ameth->pkey_id)) {
ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
return 0;
}
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
paramtype = V_ASN1_NULL;
else
paramtype = V_ASN1_UNDEF;
if (algor1)
X509_ALGOR_set0(algor1,
OBJ_nid2obj(signid), paramtype, NULL);
if (algor2)
X509_ALGOR_set0(algor2,
OBJ_nid2obj(signid), paramtype, NULL);
}
if (algor2 != NULL) {
if (!X509_ALGOR_set0(algor2, aobj, sign_param, NULL))
return 0;
}
return 1;
}
static int
asn1_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
ASN1_BIT_STRING *signature)
{
unsigned char *in = NULL, *out = NULL;
size_t out_len = 0;
int in_len = 0;
int ret = 0;
if ((in_len = ASN1_item_i2d(asn, &in, it)) <= 0) {
in_len = 0;
@ -325,20 +311,69 @@ ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
out = NULL;
if (!asn1_abs_set_unused_bits(signature, 0)) {
ASN1_STRING_set0(signature, NULL, 0);
ASN1error(ERR_R_ASN1_LIB);
goto err;
}
done:
ret = out_len;
ret = 1;
err:
EVP_MD_CTX_cleanup(ctx);
freezero(in, in_len);
freezero(out, out_len);
return ret;
}
int
ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
{
EVP_PKEY *pkey;
int rv;
int ret = 0;
if ((pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx)) == NULL) {
ASN1error(ASN1_R_CONTEXT_NOT_INITIALISED);
goto err;
}
if (pkey->ameth == NULL) {
ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
goto err;
}
/*
* API insanity ahead. If the item_sign() method is absent or if it
* returns 2, this means: do all the work here. If it returns 3, only
* sign. If it returns 1, then there's nothing to do but to return
* the signature's length. Everything else is an error.
*/
rv = 2;
if (pkey->ameth->item_sign != NULL)
rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
signature);
if (rv <= 0 || rv > 3)
goto err;
if (rv == 1)
goto done;
if (rv == 2) {
if (!asn1_item_set_algorithm_identifiers(ctx, algor1, algor2))
goto err;
}
if (!asn1_item_sign(ctx, it, asn, signature))
goto err;
done:
ret = signature->length;
err:
EVP_MD_CTX_cleanup(ctx);
return ret;
}
int
ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)

23
lib/libcrypto/asn1/bio_ndef.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio_ndef.c,v 1.22 2023/04/25 19:08:30 tb Exp $ */
/* $OpenBSD: bio_ndef.c,v 1.23 2023/07/09 19:22:43 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
@ -171,7 +171,7 @@ static int
ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
{
NDEF_SUPPORT *ndef_aux;
unsigned char *p;
unsigned char *p = NULL;
int derlen;
if (!parg)
@ -179,13 +179,13 @@ ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
ndef_aux = *(NDEF_SUPPORT **)parg;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
p = malloc(derlen);
if ((derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it)) <= 0)
return 0;
ndef_aux->derbuf = p;
*pbuf = p;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
if (!*ndef_aux->boundary)
if (*ndef_aux->boundary == NULL)
return 0;
*plen = *ndef_aux->boundary - *pbuf;
@ -231,7 +231,7 @@ static int
ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
{
NDEF_SUPPORT *ndef_aux;
unsigned char *p;
unsigned char *p = NULL;
int derlen;
const ASN1_AUX *aux;
ASN1_STREAM_ARG sarg;
@ -251,14 +251,15 @@ ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
&ndef_aux->val, ndef_aux->it, &sarg) <= 0)
return 0;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
p = malloc(derlen);
if ((derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it)) <= 0)
return 0;
ndef_aux->derbuf = p;
*pbuf = p;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
if (!*ndef_aux->boundary)
if (*ndef_aux->boundary == NULL)
return 0;
*pbuf = *ndef_aux->boundary;
*plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf);

11
lib/libcrypto/bio/bio_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio_lib.c,v 1.46 2023/07/07 19:37:53 beck Exp $ */
/* $OpenBSD: bio_lib.c,v 1.47 2023/07/10 02:33:33 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -548,11 +548,10 @@ BIO_indent(BIO *b, int indent, int max)
{
if (indent > max)
indent = max;
if (indent < 0)
indent = 0;
while (indent--)
if (BIO_puts(b, " ") != 1)
return 0;
if (indent <= 0)
return 1;
if (BIO_printf(b, "%*s", indent, "") <= 0)
return 0;
return 1;
}
LCRYPTO_ALIAS(BIO_indent);

646
lib/libcrypto/bn/bn_const.c
View file

@ -1,9 +1,10 @@
/* $OpenBSD: bn_const.c,v 1.6 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn_const.c,v 1.7 2023/07/10 03:26:30 tb Exp $ */
/* Insert boilerplate */
#include <openssl/bn.h>
/* "First Oakley Default Group" from RFC2409, section 6.1.
/*
* "First Oakley Default Group" from RFC2409, section 6.1.
*
* The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
*
@ -11,19 +12,20 @@
* RFC2412 specifies a generator of of 22.
*/
static const unsigned char RFC2409_PRIME_768[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc2409_prime_768(BIGNUM *bn)
{
static const unsigned char RFC2409_PRIME_768[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
}
LCRYPTO_ALIAS(get_rfc2409_prime_768);
@ -31,11 +33,12 @@ LCRYPTO_ALIAS(get_rfc2409_prime_768);
BIGNUM *
BN_get_rfc2409_prime_768(BIGNUM *bn)
{
return get_rfc2409_prime_768(bn);
return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
}
LCRYPTO_ALIAS(BN_get_rfc2409_prime_768);
/* "Second Oakley Default Group" from RFC2409, section 6.2.
/*
* "Second Oakley Default Group" from RFC2409, section 6.2.
*
* The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
*
@ -43,22 +46,23 @@ LCRYPTO_ALIAS(BN_get_rfc2409_prime_768);
* RFC2412 specifies a generator of 22.
*/
static const unsigned char RFC2409_PRIME_1024[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc2409_prime_1024(BIGNUM *bn)
{
static const unsigned char RFC2409_PRIME_1024[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
}
LCRYPTO_ALIAS(get_rfc2409_prime_1024);
@ -66,11 +70,12 @@ LCRYPTO_ALIAS(get_rfc2409_prime_1024);
BIGNUM *
BN_get_rfc2409_prime_1024(BIGNUM *bn)
{
return get_rfc2409_prime_1024(bn);
return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
}
LCRYPTO_ALIAS(BN_get_rfc2409_prime_1024);
/* "1536-bit MODP Group" from RFC3526, Section 2.
/*
* "1536-bit MODP Group" from RFC3526, Section 2.
*
* The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
*
@ -78,27 +83,28 @@ LCRYPTO_ALIAS(BN_get_rfc2409_prime_1024);
* RFC2312 specifies a generator of 22.
*/
static const unsigned char RFC3526_PRIME_1536[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_1536(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_1536[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_1536);
@ -106,44 +112,46 @@ LCRYPTO_ALIAS(get_rfc3526_prime_1536);
BIGNUM *
BN_get_rfc3526_prime_1536(BIGNUM *bn)
{
return get_rfc3526_prime_1536(bn);
return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn);
}
LCRYPTO_ALIAS(BN_get_rfc3526_prime_1536);
/* "2048-bit MODP Group" from RFC3526, Section 3.
/*
* "2048-bit MODP Group" from RFC3526, Section 3.
*
* The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
*
* RFC3526 specifies a generator of 2.
*/
static const unsigned char RFC3526_PRIME_2048[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_2048(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_2048[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_2048);
@ -151,54 +159,56 @@ LCRYPTO_ALIAS(get_rfc3526_prime_2048);
BIGNUM *
BN_get_rfc3526_prime_2048(BIGNUM *bn)
{
return get_rfc3526_prime_2048(bn);
return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn);
}
LCRYPTO_ALIAS(BN_get_rfc3526_prime_2048);
/* "3072-bit MODP Group" from RFC3526, Section 4.
/*
* "3072-bit MODP Group" from RFC3526, Section 4.
*
* The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
*
* RFC3526 specifies a generator of 2.
*/
static const unsigned char RFC3526_PRIME_3072[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_3072(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_3072[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_3072);
@ -206,65 +216,67 @@ LCRYPTO_ALIAS(get_rfc3526_prime_3072);
BIGNUM *
BN_get_rfc3526_prime_3072(BIGNUM *bn)
{
return get_rfc3526_prime_3072(bn);
return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn);
}
LCRYPTO_ALIAS(BN_get_rfc3526_prime_3072);
/* "4096-bit MODP Group" from RFC3526, Section 5.
/*
* "4096-bit MODP Group" from RFC3526, Section 5.
*
* The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
*
* RFC3526 specifies a generator of 2.
*/
static const unsigned char RFC3526_PRIME_4096[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_4096(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_4096[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_4096);
@ -272,86 +284,88 @@ LCRYPTO_ALIAS(get_rfc3526_prime_4096);
BIGNUM *
BN_get_rfc3526_prime_4096(BIGNUM *bn)
{
return get_rfc3526_prime_4096(bn);
return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn);
}
LCRYPTO_ALIAS(BN_get_rfc3526_prime_4096);
/* "6144-bit MODP Group" from RFC3526, Section 6.
/*
* "6144-bit MODP Group" from RFC3526, Section 6.
*
* The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
*
* RFC3526 specifies a generator of 2.
*/
static const unsigned char RFC3526_PRIME_6144[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_6144(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_6144[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_6144);
@ -359,108 +373,110 @@ LCRYPTO_ALIAS(get_rfc3526_prime_6144);
BIGNUM *
BN_get_rfc3526_prime_6144(BIGNUM *bn)
{
return get_rfc3526_prime_6144(bn);
return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn);
}
LCRYPTO_ALIAS(BN_get_rfc3526_prime_6144);
/* "8192-bit MODP Group" from RFC3526, Section 7.
/*
* "8192-bit MODP Group" from RFC3526, Section 7.
*
* The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
*
* RFC3526 specifies a generator of 2.
*/
static const unsigned char RFC3526_PRIME_8192[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4,
0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8, 0xBE, 0xC4, 0xD0,
0x73, 0xB9, 0x31, 0xBA, 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00,
0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, 0x25, 0x76, 0xF6, 0x93,
0x6B, 0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68,
0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F, 0x16, 0xCB,
0xE3, 0x9D, 0x65, 0x2D, 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, 0x13, 0xEB, 0x57, 0xA8,
0x1A, 0x23, 0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B,
0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B, 0x7F,
0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A,
0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, 0x6D, 0x2A, 0x13, 0xF8,
0x3F, 0x44, 0xF8, 0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36,
0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5,
0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1,
0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA, 0xF3, 0x6B, 0xC3,
0x1E, 0xCF, 0xA2, 0x68, 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92,
0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E,
0xD5, 0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47,
0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30, 0x50, 0xE2,
0x76, 0x56, 0x94, 0xDF, 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_8192(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_8192[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4,
0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8, 0xBE, 0xC4, 0xD0,
0x73, 0xB9, 0x31, 0xBA, 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00,
0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, 0x25, 0x76, 0xF6, 0x93,
0x6B, 0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68,
0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F, 0x16, 0xCB,
0xE3, 0x9D, 0x65, 0x2D, 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, 0x13, 0xEB, 0x57, 0xA8,
0x1A, 0x23, 0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B,
0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B, 0x7F,
0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A,
0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, 0x6D, 0x2A, 0x13, 0xF8,
0x3F, 0x44, 0xF8, 0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36,
0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5,
0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1,
0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA, 0xF3, 0x6B, 0xC3,
0x1E, 0xCF, 0xA2, 0x68, 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92,
0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E,
0xD5, 0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47,
0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30, 0x50, 0xE2,
0x76, 0x56, 0x94, 0xDF, 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF,
};
return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_8192);
@ -468,6 +484,6 @@ LCRYPTO_ALIAS(get_rfc3526_prime_8192);
BIGNUM *
BN_get_rfc3526_prime_8192(BIGNUM *bn)
{
return get_rfc3526_prime_8192(bn);
return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn);
}
LCRYPTO_ALIAS(BN_get_rfc3526_prime_8192);

105
lib/libcrypto/bn/bn_convert.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_convert.c,v 1.13 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn_convert.c,v 1.15 2023/07/09 18:37:58 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -497,20 +497,27 @@ BN_dec2bn(BIGNUM **bnp, const char *s)
}
LCRYPTO_ALIAS(BN_dec2bn);
char *
BN_bn2hex(const BIGNUM *bn)
static int
bn_bn2hex_internal(const BIGNUM *bn, int include_sign, int nibbles_only,
char **out, size_t *out_len)
{
int started = 0;
uint8_t *s = NULL;
size_t s_len;
size_t s_len = 0;
BN_ULONG v, w;
int i, j;
CBB cbb;
CBS cbs;
uint8_t nul;
int ret = 0;
*out = NULL;
*out_len = 0;
if (!CBB_init(&cbb, 0))
goto err;
if (BN_is_negative(bn)) {
if (BN_is_negative(bn) && include_sign) {
if (!CBB_add_u8(&cbb, '-'))
goto err;
}
@ -524,8 +531,10 @@ BN_bn2hex(const BIGNUM *bn)
v = (w >> j) & 0xff;
if (!started && v == 0)
continue;
if (!CBB_add_u8(&cbb, hex_digits[v >> 4]))
goto err;
if (started || !nibbles_only || (v >> 4) != 0) {
if (!CBB_add_u8(&cbb, hex_digits[v >> 4]))
goto err;
}
if (!CBB_add_u8(&cbb, hex_digits[v & 0xf]))
goto err;
started = 1;
@ -536,8 +545,45 @@ BN_bn2hex(const BIGNUM *bn)
if (!CBB_finish(&cbb, &s, &s_len))
goto err;
/* The length of a C string does not include the terminating NUL. */
CBS_init(&cbs, s, s_len);
if (!CBS_get_last_u8(&cbs, &nul))
goto err;
*out = (char *)CBS_data(&cbs);
*out_len = CBS_len(&cbs);
s = NULL;
s_len = 0;
ret = 1;
err:
CBB_cleanup(&cbb);
freezero(s, s_len);
return ret;
}
int
bn_bn2hex_nosign(const BIGNUM *bn, char **out, size_t *out_len)
{
return bn_bn2hex_internal(bn, 0, 0, out, out_len);
}
int
bn_bn2hex_nibbles(const BIGNUM *bn, char **out, size_t *out_len)
{
return bn_bn2hex_internal(bn, 1, 1, out, out_len);
}
char *
BN_bn2hex(const BIGNUM *bn)
{
char *s;
size_t s_len;
if (!bn_bn2hex_internal(bn, 1, 0, &s, &s_len))
return NULL;
return s;
}
@ -725,48 +771,3 @@ BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain)
return (a);
}
LCRYPTO_ALIAS(BN_mpi2bn);
#ifndef OPENSSL_NO_BIO
int
BN_print_fp(FILE *fp, const BIGNUM *a)
{
BIO *b;
int ret;
if ((b = BIO_new(BIO_s_file())) == NULL)
return (0);
BIO_set_fp(b, fp, BIO_NOCLOSE);
ret = BN_print(b, a);
BIO_free(b);
return (ret);
}
LCRYPTO_ALIAS(BN_print_fp);
int
BN_print(BIO *bp, const BIGNUM *a)
{
int i, j, v, z = 0;
int ret = 0;
if ((a->neg) && (BIO_write(bp, "-", 1) != 1))
goto end;
if (BN_is_zero(a) && (BIO_write(bp, "0", 1) != 1))
goto end;
for (i = a->top - 1; i >= 0; i--) {
for (j = BN_BITS2 - 4; j >= 0; j -= 4) {
/* strip leading zeros */
v = ((int)(a->d[i] >> (long)j)) & 0x0f;
if (z || (v != 0)) {
if (BIO_write(bp, &hex_digits[v], 1) != 1)
goto end;
z = 1;
}
}
}
ret = 1;
end:
return (ret);
}
LCRYPTO_ALIAS(BN_print);
#endif

5
lib/libcrypto/bn/bn_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_local.h,v 1.25 2023/07/06 14:37:39 tb Exp $ */
/* $OpenBSD: bn_local.h,v 1.26 2023/07/09 18:27:22 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -327,5 +327,8 @@ int bn_printf(BIO *bio, const BIGNUM *bn, int indent, const char *fmt, ...)
__attribute__((__format__ (printf, 4, 5)))
__attribute__((__nonnull__ (4)));
int bn_bn2hex_nosign(const BIGNUM *bn, char **out, size_t *out_len);
int bn_bn2hex_nibbles(const BIGNUM *bn, char **out, size_t *out_len);
__END_HIDDEN_DECLS
#endif /* !HEADER_BN_LOCAL_H */

13
lib/libcrypto/bn/bn_prime.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_prime.c,v 1.33 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn_prime.c,v 1.34 2023/07/20 06:26:27 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -240,6 +240,8 @@ BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, BN_GENCB *cb)
}
LCRYPTO_ALIAS(BN_is_prime_ex);
#define BN_PRIME_MAXIMUM_BITS (32 * 1024)
int
BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
int do_trial_division, BN_GENCB *cb)
@ -249,6 +251,15 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
if (checks < 0)
return -1;
/*
* Prime numbers this large do not appear in everyday cryptography
* and checking such numbers for primality is very expensive.
*/
if (BN_num_bits(a) > BN_PRIME_MAXIMUM_BITS) {
BNerror(BN_R_BIGNUM_TOO_LONG);
return -1;
}
if (checks == BN_prime_checks)
checks = BN_prime_checks_for_size(BN_num_bits(a));

52
lib/libcrypto/bn/bn_print.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_print.c,v 1.42 2023/07/07 07:04:24 tb Exp $ */
/* $OpenBSD: bn_print.c,v 1.45 2023/07/10 02:29:28 tb Exp $ */
/*
* Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
@ -19,13 +19,14 @@
#include <ctype.h>
#include <limits.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/bio.h>
#include <openssl/bn.h>
#include "bn_local.h"
#include "bytestring.h"
static int
@ -80,17 +81,14 @@ bn_print_bignum(BIO *bio, const BIGNUM *bn, int indent)
if (indent < 0)
indent = 0;
if ((hex = BN_bn2hex(bn)) == NULL)
if (!bn_bn2hex_nosign(bn, &hex, &hex_len))
goto err;
hex_len = strlen(hex);
CBS_init(&cbs, hex, hex_len);
if (BN_is_negative(bn)) {
if (BIO_printf(bio, " (Negative)") <= 0)
goto err;
if (!CBS_skip(&cbs, 1))
goto err;
}
while (CBS_len(&cbs) > 0) {
@ -151,3 +149,45 @@ bn_printf(BIO *bio, const BIGNUM *bn, int indent, const char *fmt, ...)
return bn_print_bignum(bio, bn, indent);
}
int
BN_print(BIO *bio, const BIGNUM *bn)
{
char *hex = NULL;
size_t hex_len = 0;
int ret = 0;
if (!bn_bn2hex_nibbles(bn, &hex, &hex_len))
goto err;
if (BIO_printf(bio, "%s", hex) <= 0)
goto err;
ret = 1;
err:
freezero(hex, hex_len);
return ret;
}
LCRYPTO_ALIAS(BN_print);
int
BN_print_fp(FILE *fp, const BIGNUM *bn)
{
char *hex = NULL;
size_t hex_len = 0;
int ret = 0;
if (!bn_bn2hex_nibbles(bn, &hex, &hex_len))
goto err;
if (fprintf(fp, "%s", hex) < 0)
goto err;
ret = 1;
err:
freezero(hex, hex_len);
return ret;
}
LCRYPTO_ALIAS(BN_print_fp);

89
lib/libcrypto/conf/conf_mod.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: conf_mod.c,v 1.27 2017/01/29 17:49:22 beck Exp $ */
/* $OpenBSD: conf_mod.c,v 1.28 2023/07/20 15:05:30 tb Exp $ */
/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
@ -63,21 +63,11 @@
#include <openssl/conf.h>
#include <openssl/crypto.h>
#include <openssl/dso.h>
#include <openssl/err.h>
#include <openssl/x509.h>
#define DSO_mod_init_name "OPENSSL_init"
#define DSO_mod_finish_name "OPENSSL_finish"
/* This structure contains a data about supported modules.
* entries in this table correspond to either dynamic or
* static modules.
*/
/* This structure contains data about supported modules. */
struct conf_module_st {
/* DSO of this module or NULL if static */
DSO *dso;
/* Name of the module */
char *name;
/* Init function */
@ -110,13 +100,11 @@ static void module_free(CONF_MODULE *md);
static void module_finish(CONF_IMODULE *imod);
static int module_run(const CONF *cnf, char *name, char *value,
unsigned long flags);
static CONF_MODULE *module_add(DSO *dso, const char *name,
conf_init_func *ifunc, conf_finish_func *ffunc);
static CONF_MODULE *module_add(const char *name, conf_init_func *ifunc,
conf_finish_func *ffunc);
static CONF_MODULE *module_find(char *name);
static int module_init(CONF_MODULE *pmod, char *name, char *value,
const CONF *cnf);
static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
unsigned long flags);
/* Main function: load modules from a CONF structure */
@ -203,13 +191,7 @@ module_run(const CONF *cnf, char *name, char *value, unsigned long flags)
CONF_MODULE *md;
int ret;
md = module_find(name);
/* Module not found: try to load DSO */
if (!md && !(flags & CONF_MFLAGS_NO_DSO))
md = module_load_dso(cnf, name, value, flags);
if (!md) {
if ((md = module_find(name)) == NULL) {
if (!(flags & CONF_MFLAGS_SILENT)) {
CONFerror(CONF_R_UNKNOWN_MODULE_NAME);
ERR_asprintf_error_data("module=%s", name);
@ -231,54 +213,9 @@ module_run(const CONF *cnf, char *name, char *value, unsigned long flags)
return ret;
}
/* Load a module from a DSO */
static CONF_MODULE *
module_load_dso(const CONF *cnf, char *name, char *value, unsigned long flags)
{
DSO *dso = NULL;
conf_init_func *ifunc;
conf_finish_func *ffunc;
char *path = NULL;
int errcode = 0;
CONF_MODULE *md;
/* Look for alternative path in module section */
path = NCONF_get_string(cnf, value, "path");
if (!path) {
ERR_clear_error();
path = name;
}
dso = DSO_load(NULL, path, NULL, 0);
if (!dso) {
errcode = CONF_R_ERROR_LOADING_DSO;
goto err;
}
ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
if (!ifunc) {
errcode = CONF_R_MISSING_INIT_FUNCTION;
goto err;
}
ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
/* All OK, add module */
md = module_add(dso, name, ifunc, ffunc);
if (!md)
goto err;
return md;
err:
if (dso)
DSO_free(dso);
CONFerror(errcode);
ERR_asprintf_error_data("module=%s, path=%s", name, path);
return NULL;
}
/* add module to list */
static CONF_MODULE *
module_add(DSO *dso, const char *name, conf_init_func *ifunc,
conf_finish_func *ffunc)
module_add(const char *name, conf_init_func *ifunc, conf_finish_func *ffunc)
{
CONF_MODULE *tmod = NULL;
@ -292,7 +229,6 @@ module_add(DSO *dso, const char *name, conf_init_func *ifunc,
if (tmod == NULL)
return NULL;
tmod->dso = dso;
tmod->name = strdup(name);
tmod->init = ifunc;
tmod->finish = ffunc;
@ -412,8 +348,7 @@ CONF_modules_unload(int all)
/* unload modules in reverse order */
for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) {
md = sk_CONF_MODULE_value(supported_modules, i);
/* If static or in use and 'all' not set ignore it */
if (((md->links > 0) || !md->dso) && !all)
if (!all)
continue;
/* Since we're working in reverse this is OK */
(void)sk_CONF_MODULE_delete(supported_modules, i);
@ -429,8 +364,6 @@ CONF_modules_unload(int all)
static void
module_free(CONF_MODULE *md)
{
if (md->dso)
DSO_free(md->dso);
free(md->name);
free(md);
}
@ -466,13 +399,9 @@ module_finish(CONF_IMODULE *imod)
/* Add a static module to OpenSSL */
int
CONF_module_add(const char *name, conf_init_func *ifunc,
conf_finish_func *ffunc)
CONF_module_add(const char *name, conf_init_func *ifunc, conf_finish_func *ffunc)
{
if (module_add(NULL, name, ifunc, ffunc))
return 1;
else
return 0;
return module_add(name, ifunc, ffunc) != NULL;
}
void

18
lib/libcrypto/ecdh/ecdh.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecdh.c,v 1.4 2023/07/07 13:54:45 beck Exp $ */
/* $OpenBSD: ecdh.c,v 1.5 2023/07/12 08:54:18 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
@ -151,7 +151,7 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
{
BN_CTX *ctx;
BIGNUM *cofactor, *x;
BIGNUM *x;
const BIGNUM *priv_key;
const EC_GROUP *group;
EC_POINT *point = NULL;
@ -172,8 +172,6 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
if ((x = BN_CTX_get(ctx)) == NULL)
goto err;
if ((cofactor = BN_CTX_get(ctx)) == NULL)
goto err;
if ((group = EC_KEY_get0_group(ecdh)) == NULL)
goto err;
@ -191,18 +189,6 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
goto err;
}
if ((EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) != 0) {
if (!EC_GROUP_get_cofactor(group, cofactor, NULL)) {
ECerror(ERR_R_EC_LIB);
goto err;
}
if (!BN_mul(cofactor, cofactor, priv_key, ctx)) {
ECerror(ERR_R_BN_LIB);
goto err;
}
priv_key = cofactor;
}
if (!EC_POINT_mul(group, point, NULL, pub_key, priv_key, ctx)) {
ECerror(EC_R_POINT_ARITHMETIC_FAILURE);
goto err;

8
lib/libcrypto/ecdsa/ecdsa.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecdsa.c,v 1.11 2023/07/07 13:54:45 beck Exp $ */
/* $OpenBSD: ecdsa.c,v 1.12 2023/07/10 19:10:51 tb Exp $ */
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
*
@ -166,17 +166,17 @@ ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
LCRYPTO_ALIAS(ECDSA_SIG_set0);
int
ECDSA_size(const EC_KEY *r)
ECDSA_size(const EC_KEY *key)
{
const EC_GROUP *group;
const BIGNUM *order = NULL;
ECDSA_SIG sig;
int ret = 0;
if (r == NULL)
if (key == NULL)
goto err;
if ((group = EC_KEY_get0_group(r)) == NULL)
if ((group = EC_KEY_get0_group(key)) == NULL)
goto err;
if ((order = EC_GROUP_get0_order(group)) == NULL)

562
lib/libcrypto/engine/eng_aesni.c
View file

@ -1,562 +0,0 @@
/* $OpenBSD: eng_aesni.c,v 1.12 2022/12/26 07:18:51 jmc Exp $ */
/*
* Support for Intel AES-NI instruction set
* Author: Huang Ying <ying.huang@intel.com>
*
* Intel AES-NI is a new set of Single Instruction Multiple Data
* (SIMD) instructions that are going to be introduced in the next
* generation of Intel processor, as of 2009. These instructions
* enable fast and secure data encryption and decryption, using the
* Advanced Encryption Standard (AES), defined by FIPS Publication
* number 197. The architecture introduces six instructions that
* offer full hardware support for AES. Four of them support high
* performance data encryption and decryption, and the other two
* instructions support the AES key expansion procedure.
*
* The white paper can be downloaded from:
* http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
*
* This file is based on engines/e_padlock.c
*/
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AES_NI) && !defined(OPENSSL_NO_AES)
#include <openssl/aes.h>
#include <openssl/dso.h>
#include <openssl/engine.h>
#include <openssl/err.h>
#include <openssl/evp.h>
/* AES-NI is available *ONLY* on some x86 CPUs. Not only that it
doesn't exist elsewhere, but it even can't be compiled on other
platforms! */
#undef COMPILE_HW_AESNI
#if (defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) || \
defined(OPENSSL_IA32_SSE2)) && !defined(OPENSSL_NO_ASM) && !defined(__i386__)
#define COMPILE_HW_AESNI
#include "x86_arch.h"
#endif
static ENGINE *ENGINE_aesni(void);
void ENGINE_load_aesni(void)
{
/* On non-x86 CPUs it just returns. */
#ifdef COMPILE_HW_AESNI
ENGINE *toadd = ENGINE_aesni();
if (toadd == NULL)
return;
ENGINE_add(toadd);
ENGINE_register_complete(toadd);
ENGINE_free(toadd);
ERR_clear_error();
#endif
}
#ifdef COMPILE_HW_AESNI
int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
void aesni_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void aesni_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key, int enc);
void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
/* Function for ENGINE detection and control */
static int aesni_init(ENGINE *e);
/* Cipher Stuff */
static int aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
const int **nids, int nid);
#define AESNI_MIN_ALIGN 16
#define AESNI_ALIGN(x) \
((void *)(((unsigned long)(x)+AESNI_MIN_ALIGN-1)&~(AESNI_MIN_ALIGN-1)))
/* Engine names */
static const char aesni_id[] = "aesni",
aesni_name[] = "Intel AES-NI engine",
no_aesni_name[] = "Intel AES-NI engine (no-aesni)";
/* The input and output encrypted as though 128bit cfb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
*/
static void
aesni_cfb128_encrypt(const unsigned char *in, unsigned char *out,
unsigned int len, const void *key, unsigned char ivec[16], int *num,
int enc)
{
unsigned int n;
size_t l = 0;
n = *num;
if (enc) {
#if !defined(OPENSSL_SMALL_FOOTPRINT)
if (16%sizeof(size_t) == 0) do { /* always true actually */
while (n && len) {
*(out++) = ivec[n] ^= *(in++);
--len;
n = (n + 1) % 16;
}
while (len >= 16) {
aesni_encrypt(ivec, ivec, key);
for (n = 0; n < 16; n += sizeof(size_t)) {
*(size_t*)(out + n) =
*(size_t*)(ivec + n) ^= *(size_t*)(in + n);
}
len -= 16;
out += 16;
in += 16;
}
n = 0;
if (len) {
aesni_encrypt(ivec, ivec, key);
while (len--) {
out[n] = ivec[n] ^= in[n];
++n;
}
}
*num = n;
return;
} while (0);
/* the rest would be commonly eliminated by x86* compiler */
#endif
while (l < len) {
if (n == 0) {
aesni_encrypt(ivec, ivec, key);
}
out[l] = ivec[n] ^= in[l];
++l;
n = (n + 1) % 16;
}
*num = n;
} else {
#if !defined(OPENSSL_SMALL_FOOTPRINT)
if (16%sizeof(size_t) == 0) do { /* always true actually */
while (n && len) {
unsigned char c;
*(out++) = ivec[n] ^ (c = *(in++));
ivec[n] = c;
--len;
n = (n + 1) % 16;
}
while (len >= 16) {
aesni_encrypt(ivec, ivec, key);
for (n = 0; n < 16; n += sizeof(size_t)) {
size_t t = *(size_t*)(in + n);
*(size_t*)(out + n) = *(size_t*)(ivec + n) ^ t;
*(size_t*)(ivec + n) = t;
}
len -= 16;
out += 16;
in += 16;
}
n = 0;
if (len) {
aesni_encrypt(ivec, ivec, key);
while (len--) {
unsigned char c;
out[n] = ivec[n] ^ (c = in[n]);
ivec[n] = c;
++n;
}
}
*num = n;
return;
} while (0);
/* the rest would be commonly eliminated by x86* compiler */
#endif
while (l < len) {
unsigned char c;
if (n == 0) {
aesni_encrypt(ivec, ivec, key);
}
out[l] = ivec[n] ^ (c = in[l]);
ivec[n] = c;
++l;
n = (n + 1) % 16;
}
*num = n;
}
}
/* The input and output encrypted as though 128bit ofb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
*/
static void
aesni_ofb128_encrypt(const unsigned char *in, unsigned char *out,
unsigned int len, const void *key, unsigned char ivec[16], int *num)
{
unsigned int n;
size_t l = 0;
n = *num;
#if !defined(OPENSSL_SMALL_FOOTPRINT)
if (16%sizeof(size_t) == 0) do { /* always true actually */
while (n && len) {
*(out++) = *(in++) ^ ivec[n];
--len;
n = (n + 1) % 16;
}
while (len >= 16) {
aesni_encrypt(ivec, ivec, key);
for (n = 0; n < 16; n += sizeof(size_t))
*(size_t*)(out + n) =
*(size_t*)(in + n) ^ *(size_t*)(ivec + n);
len -= 16;
out += 16;
in += 16;
}
n = 0;
if (len) {
aesni_encrypt(ivec, ivec, key);
while (len--) {
out[n] = in[n] ^ ivec[n];
++n;
}
}
*num = n;
return;
} while (0);
/* the rest would be commonly eliminated by x86* compiler */
#endif
while (l < len) {
if (n == 0) {
aesni_encrypt(ivec, ivec, key);
}
out[l] = in[l] ^ ivec[n];
++l;
n = (n + 1) % 16;
}
*num = n;
}
/* ===== Engine "management" functions ===== */
/* Prepare the ENGINE structure for registration */
static int
aesni_bind_helper(ENGINE *e)
{
int engage;
engage = (OPENSSL_cpu_caps() & CPUCAP_MASK_AESNI) != 0;
/* Register everything or return with an error */
if (!ENGINE_set_id(e, aesni_id) ||
!ENGINE_set_name(e, engage ? aesni_name : no_aesni_name) ||
!ENGINE_set_init_function(e, aesni_init) ||
(engage && !ENGINE_set_ciphers (e, aesni_ciphers)))
return 0;
/* Everything looks good */
return 1;
}
/* Constructor */
static ENGINE *
ENGINE_aesni(void)
{
ENGINE *eng = ENGINE_new();
if (!eng) {
return NULL;
}
if (!aesni_bind_helper(eng)) {
ENGINE_free(eng);
return NULL;
}
return eng;
}
/* Check availability of the engine */
static int
aesni_init(ENGINE *e)
{
return 1;
}
#if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
#define NID_aes_128_cfb NID_aes_128_cfb128
#endif
#if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
#define NID_aes_128_ofb NID_aes_128_ofb128
#endif
#if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
#define NID_aes_192_cfb NID_aes_192_cfb128
#endif
#if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
#define NID_aes_192_ofb NID_aes_192_ofb128
#endif
#if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
#define NID_aes_256_cfb NID_aes_256_cfb128
#endif
#if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
#define NID_aes_256_ofb NID_aes_256_ofb128
#endif
/* List of supported ciphers. */
static int aesni_cipher_nids[] = {
NID_aes_128_ecb,
NID_aes_128_cbc,
NID_aes_128_cfb,
NID_aes_128_ofb,
NID_aes_192_ecb,
NID_aes_192_cbc,
NID_aes_192_cfb,
NID_aes_192_ofb,
NID_aes_256_ecb,
NID_aes_256_cbc,
NID_aes_256_cfb,
NID_aes_256_ofb,
};
static int aesni_cipher_nids_num =
(sizeof(aesni_cipher_nids) / sizeof(aesni_cipher_nids[0]));
typedef struct {
AES_KEY ks;
unsigned int _pad1[3];
} AESNI_KEY;
static int
aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *user_key,
const unsigned char *iv, int enc)
{
int ret;
AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE ||
(ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE ||
enc)
ret = aesni_set_encrypt_key(user_key, ctx->key_len * 8, key);
else
ret = aesni_set_decrypt_key(user_key, ctx->key_len * 8, key);
if (ret < 0) {
EVPerror(EVP_R_AES_KEY_SETUP_FAILED);
return 0;
}
return 1;
}
static int
aesni_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
aesni_ecb_encrypt(in, out, inl, key, ctx->encrypt);
return 1;
}
static int
aesni_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
aesni_cbc_encrypt(in, out, inl, key, ctx->iv, ctx->encrypt);
return 1;
}
static int
aesni_cipher_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
aesni_cfb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num,
ctx->encrypt);
return 1;
}
static int
aesni_cipher_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
aesni_ofb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num);
return 1;
}
#define AES_BLOCK_SIZE 16
#define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE
#define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE
#define EVP_CIPHER_block_size_OFB 1
#define EVP_CIPHER_block_size_CFB 1
/* Declaring so many ciphers by hand would be a pain.
Instead introduce a bit of preprocessor magic :-) */
#define DECLARE_AES_EVP(ksize,lmode,umode) \
static const EVP_CIPHER aesni_##ksize##_##lmode = { \
NID_aes_##ksize##_##lmode, \
EVP_CIPHER_block_size_##umode, \
ksize / 8, \
AES_BLOCK_SIZE, \
0 | EVP_CIPH_##umode##_MODE, \
aesni_init_key, \
aesni_cipher_##lmode, \
NULL, \
sizeof(AESNI_KEY), \
EVP_CIPHER_set_asn1_iv, \
EVP_CIPHER_get_asn1_iv, \
NULL, \
NULL \
}
DECLARE_AES_EVP(128, ecb, ECB);
DECLARE_AES_EVP(128, cbc, CBC);
DECLARE_AES_EVP(128, cfb, CFB);
DECLARE_AES_EVP(128, ofb, OFB);
DECLARE_AES_EVP(192, ecb, ECB);
DECLARE_AES_EVP(192, cbc, CBC);
DECLARE_AES_EVP(192, cfb, CFB);
DECLARE_AES_EVP(192, ofb, OFB);
DECLARE_AES_EVP(256, ecb, ECB);
DECLARE_AES_EVP(256, cbc, CBC);
DECLARE_AES_EVP(256, cfb, CFB);
DECLARE_AES_EVP(256, ofb, OFB);
static int
aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
{
/* No specific cipher => return a list of supported nids ... */
if (!cipher) {
*nids = aesni_cipher_nids;
return aesni_cipher_nids_num;
}
/* ... or the requested "cipher" otherwise */
switch (nid) {
case NID_aes_128_ecb:
*cipher = &aesni_128_ecb;
break;
case NID_aes_128_cbc:
*cipher = &aesni_128_cbc;
break;
case NID_aes_128_cfb:
*cipher = &aesni_128_cfb;
break;
case NID_aes_128_ofb:
*cipher = &aesni_128_ofb;
break;
case NID_aes_192_ecb:
*cipher = &aesni_192_ecb;
break;
case NID_aes_192_cbc:
*cipher = &aesni_192_cbc;
break;
case NID_aes_192_cfb:
*cipher = &aesni_192_cfb;
break;
case NID_aes_192_ofb:
*cipher = &aesni_192_ofb;
break;
case NID_aes_256_ecb:
*cipher = &aesni_256_ecb;
break;
case NID_aes_256_cbc:
*cipher = &aesni_256_cbc;
break;
case NID_aes_256_cfb:
*cipher = &aesni_256_cfb;
break;
case NID_aes_256_ofb:
*cipher = &aesni_256_ofb;
break;
default:
/* Sorry, we don't support this NID */
*cipher = NULL;
return 0;
}
return 1;
}
#endif /* COMPILE_HW_AESNI */
#endif /* !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI) && !defined(OPENSSL_NO_AES) */

3
lib/libcrypto/engine/eng_openssl.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: eng_openssl.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
/* $OpenBSD: eng_openssl.c,v 1.17 2023/07/20 15:08:12 tb Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
@ -67,7 +67,6 @@
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
#include <openssl/dso.h>
#include <openssl/engine.h>
#include <openssl/err.h>
#include <openssl/evp.h>

1129
lib/libcrypto/engine/eng_padlock.c
View file

File diff suppressed because it is too large Load diff

1
lib/libcrypto/engine/eng_padlock.ec
View file

@ -1 +0,0 @@
L PADLOCK eng_padlock_err.h eng_padlock_err.c

62
lib/libcrypto/man/get_rfc3526_prime_8192.3 → lib/libcrypto/man/BN_get_rfc3526_prime_8192.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: get_rfc3526_prime_8192.3,v 1.7 2023/04/02 23:33:42 tb Exp $
.\" $OpenBSD: BN_get_rfc3526_prime_8192.3,v 1.1 2023/07/20 16:26:40 tb Exp $
.\" checked up to: OpenSSL DH_get_1024_160 99d63d46 Oct 26 13:56:48 2016 -0400
.\"
.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
@ -15,18 +15,10 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 2 2023 $
.Dt GET_RFC3526_PRIME_8192 3
.Dd $Mdocdate: July 20 2023 $
.Dt BN_GET_RFC3526_PRIME_8192 3
.Os
.Sh NAME
.Nm get_rfc2409_prime_768 ,
.Nm get_rfc2409_prime_1024 ,
.Nm get_rfc3526_prime_1536 ,
.Nm get_rfc3526_prime_2048 ,
.Nm get_rfc3526_prime_3072 ,
.Nm get_rfc3526_prime_4096 ,
.Nm get_rfc3526_prime_6144 ,
.Nm get_rfc3526_prime_8192 ,
.Nm BN_get_rfc2409_prime_768 ,
.Nm BN_get_rfc2409_prime_1024 ,
.Nm BN_get_rfc3526_prime_1536 ,
@ -39,22 +31,6 @@
.Sh SYNOPSIS
.In openssl/bn.h
.Ft BIGNUM *
.Fn get_rfc2409_prime_768 "BIGNUM *bn"
.Ft BIGNUM *
.Fn get_rfc2409_prime_1024 "BIGNUM *bn"
.Ft BIGNUM *
.Fn get_rfc3526_prime_1536 "BIGNUM *bn"
.Ft BIGNUM *
.Fn get_rfc3526_prime_2048 "BIGNUM *bn"
.Ft BIGNUM *
.Fn get_rfc3526_prime_3072 "BIGNUM *bn"
.Ft BIGNUM *
.Fn get_rfc3526_prime_4096 "BIGNUM *bn"
.Ft BIGNUM *
.Fn get_rfc3526_prime_6144 "BIGNUM *bn"
.Ft BIGNUM *
.Fn get_rfc3526_prime_8192 "BIGNUM *bn"
.Ft BIGNUM *
.Fn BN_get_rfc2409_prime_768 "BIGNUM *bn"
.Ft BIGNUM *
.Fn BN_get_rfc2409_prime_1024 "BIGNUM *bn"
@ -74,9 +50,6 @@
Each of these functions returns one specific constant Sophie Germain
prime number
.Fa p .
The names with the prefix
.Sq BN_
are aliases for the names without that prefix.
.Pp
If
.Fa bn
@ -153,22 +126,23 @@ information about these numbers.
RFC 3526, "More Modular Exponential (MODP) Diffie-Hellman groups
for Internet Key Exchange (IKE)", defines the other six numbers.
.Sh HISTORY
.Fn get_rfc2409_prime_768 ,
.Fn get_rfc2409_prime_1024 ,
.Fn get_rfc3526_prime_1536 ,
.Fn get_rfc3526_prime_2048 ,
.Fn get_rfc3526_prime_3072 ,
.Fn get_rfc3526_prime_4096 ,
.Fn get_rfc3526_prime_6144 ,
.Fn BN_get_rfc2409_prime_768 ,
.Fn BN_get_rfc2409_prime_1024 ,
.Fn BN_get_rfc3526_prime_1536 ,
.Fn BN_get_rfc3526_prime_2048 ,
.Fn BN_get_rfc3526_prime_3072 ,
.Fn BN_get_rfc3526_prime_4096 ,
.Fn BN_get_rfc3526_prime_6144 ,
and
.Fn get_rfc3526_prime_8192
first appeared in OpenSSL 0.9.8a and have been available since
.Ox 4.5 .
.Pp
The
.Sy BN_
aliases first appeared in OpenSSL 1.1.0 and have been available since
.Fn BN_get_rfc3526_prime_8192
first appeared in OpenSSL 1.1.0 and have been available since
.Ox 6.3 .
The same functions without
.Sy BN_
prefix first appeared in OpenSSL 0.9.8a and
.Ox 4.5 ;
they were removed in
.Ox 7.4 .
.Sh CAVEATS
As all the memory needed for storing the numbers is dynamically
allocated, the

6
lib/libcrypto/man/BN_new.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BN_new.3,v 1.28 2023/07/09 06:45:03 tb Exp $
.\" $OpenBSD: BN_new.3,v 1.29 2023/07/20 09:38:45 tb Exp $
.\" full merge up to: OpenSSL man3/BN_new 2457c19d Mar 6 08:43:36 2004 +0000
.\" selective merge up to: man3/BN_new 681acb31 Sep 29 13:10:34 2017 +0200
.\" full merge up to: OpenSSL man7/bn 05ea606a May 20 20:52:46 2016 -0400
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: July 9 2023 $
.Dd $Mdocdate: July 20 2023 $
.Dt BN_NEW 3
.Os
.Sh NAME
@ -155,7 +155,7 @@ and sets an error code that can be obtained by
.Xr BN_swap 3 ,
.Xr BN_zero 3 ,
.Xr crypto 3 ,
.Xr get_rfc3526_prime_8192 3
.Xr BN_get_rfc3526_prime_8192 3
.Sh HISTORY
.Fn BN_new ,
.Fn BN_clear ,

100
lib/libcrypto/man/ECDSA_SIG_new.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: ECDSA_SIG_new.3,v 1.17 2023/03/07 06:12:27 tb Exp $
.\" $OpenBSD: ECDSA_SIG_new.3,v 1.18 2023/07/20 09:28:30 tb Exp $
.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
.\" selective merge up to: OpenSSL da4ea0cf Aug 5 16:13:24 2019 +0100
.\"
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: March 7 2023 $
.Dd $Mdocdate: July 20 2023 $
.Dt ECDSA_SIG_NEW 3
.Os
.Sh NAME
@ -63,12 +63,9 @@
.Nm i2d_ECDSA_SIG ,
.Nm d2i_ECDSA_SIG ,
.Nm ECDSA_size ,
.Nm ECDSA_sign_setup ,
.Nm ECDSA_sign ,
.Nm ECDSA_sign_ex ,
.Nm ECDSA_verify ,
.Nm ECDSA_do_sign ,
.Nm ECDSA_do_sign_ex ,
.Nm ECDSA_do_verify ,
.Nm ECDSA_OpenSSL ,
.Nm ECDSA_get_default_method ,
@ -121,13 +118,6 @@
.Fa "const EC_KEY *eckey"
.Fc
.Ft int
.Fo ECDSA_sign_setup
.Fa "EC_KEY *eckey"
.Fa "BN_CTX *ctx"
.Fa "BIGNUM **kinv"
.Fa "BIGNUM **rp"
.Fc
.Ft int
.Fo ECDSA_sign
.Fa "int type"
.Fa "const unsigned char *dgst"
@ -137,17 +127,6 @@
.Fa "EC_KEY *eckey"
.Fc
.Ft int
.Fo ECDSA_sign_ex
.Fa "int type"
.Fa "const unsigned char *dgst"
.Fa "int dgstlen"
.Fa "unsigned char *sig"
.Fa "unsigned int *siglen"
.Fa "const BIGNUM *kinv"
.Fa "const BIGNUM *rp"
.Fa "EC_KEY *eckey"
.Fc
.Ft int
.Fo ECDSA_verify
.Fa "int type"
.Fa "const unsigned char *dgst"
@ -162,14 +141,6 @@
.Fa "int dgst_len"
.Fa "EC_KEY *eckey"
.Fc
.Ft ECDSA_SIG*
.Fo ECDSA_do_sign_ex
.Fa "const unsigned char *dgst"
.Fa "int dgstlen"
.Fa "const BIGNUM *kinv"
.Fa "const BIGNUM *rp"
.Fa "EC_KEY *eckey"
.Fc
.Ft int
.Fo ECDSA_do_verify
.Fa "const unsigned char *dgst"
@ -284,45 +255,13 @@ returns the maximum length of a DER-encoded ECDSA signature created with
the private EC key
.Fa eckey .
.Pp
.Fn ECDSA_sign_setup
may be used to precompute parts of the signing operation.
.Fa eckey
is the private EC key and
.Fa ctx
is a pointer to a
.Vt BN_CTX
structure (or
.Dv NULL ) .
The precomputed values are returned in
.Fa kinv
and
.Fa rp
and can be used in a later call to
.Fa ECDSA_sign_ex
or
.Fa ECDSA_do_sign_ex .
.Pp
.Fn ECDSA_sign
is a wrapper function for
.Fa ECDSA_sign_ex
with
.Fa kinv
and
.Fa rp
set to
.Dv NULL .
.Pp
.Fn ECDSA_sign_ex
computes a digital signature of the
.Fa dgstlen
bytes hash value
.Fa dgst
using the private EC key
.Fa eckey
and the optional pre-computed values
.Fa kinv
and
.Fa rp .
.Fa eckey .
The DER-encoded signature is stored in
.Fa sig
and its length is returned in
@ -352,26 +291,12 @@ The parameter
is ignored.
.Pp
.Fn ECDSA_do_sign
is a wrapper function for
.Fn ECDSA_do_sign_ex
with
.Fa kinv
and
.Fa rp
set to
.Dv NULL .
.Pp
.Fn ECDSA_do_sign_ex
computes a digital signature of the
.Fa dgst_len
bytes hash value
.Fa dgst
using the private key
.Fa eckey
and the optional pre-computed values
.Fa kinv
and
.Fa rp .
.Fa eckey .
The signature is returned in a newly allocated
.Vt ECDSA_SIG
structure (or
@ -418,17 +343,13 @@ object if it has been set or
.Dv NULL
otherwise.
.Pp
.Fn ECDSA_SIG_set0 ,
.Fn ECDSA_sign ,
.Fn ECDSA_sign_ex ,
.Fn ECDSA_SIG_set0
and
.Fn ECDSA_sign_setup
.Fn ECDSA_sign
return 1 if successful or 0 on error.
.Pp
.Fn ECDSA_do_sign
and
.Fn ECDSA_do_sign_ex
return a pointer to an allocated
returns a pointer to an allocated
.Vt ECDSA_SIG
structure or
.Dv NULL
@ -516,12 +437,12 @@ if (ret == -1) {
.Xr EC_GROUP_new 3 ,
.Xr EC_KEY_METHOD_new 3 ,
.Xr EC_KEY_new 3 ,
.Xr ECDSA_set_ex_data 3 ,
.Xr EC_KEY_set_ex_data 3 ,
.Xr EVP_DigestSignInit 3 ,
.Xr EVP_DigestVerifyInit 3 ,
.Xr RSA_new 3
.Sh STANDARDS
ANSI X9.62, US Federal Information Processing Standard FIPS 186-2
ANSI X9.62, US Federal Information Processing Standard FIPS 186-5
(Digital Signature Standard, DSS)
.Sh HISTORY
.Fn ECDSA_SIG_new ,
@ -529,12 +450,9 @@ ANSI X9.62, US Federal Information Processing Standard FIPS 186-2
.Fn i2d_ECDSA_SIG ,
.Fn d2i_ECDSA_SIG ,
.Fn ECDSA_size ,
.Fn ECDSA_sign_setup ,
.Fn ECDSA_sign ,
.Fn ECDSA_sign_ex ,
.Fn ECDSA_verify ,
.Fn ECDSA_do_sign ,
.Fn ECDSA_do_sign_ex ,
.Fn ECDSA_do_verify ,
.Fn ECDSA_OpenSSL ,
.Fn ECDSA_get_default_method ,

9
lib/libcrypto/man/EC_KEY_METHOD_new.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.1 2019/08/16 16:15:50 schwarze Exp $
.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.2 2023/07/20 09:28:30 tb Exp $
.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
@ -13,7 +13,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: August 16 2019 $
.Dd $Mdocdate: July 20 2023 $
.Dt EC_KEY_METHOD_NEW 3
.Os
.Sh NAME
@ -225,10 +225,9 @@ to selectively retrieve callback function pointers.
and
.Fn EC_KEY_METHOD_get_sign
set and retrieve the functions implementing
.Xr ECDSA_sign_ex 3 ,
.Xr ECDSA_sign_setup 3 ,
.Xr ECDSA_sign 3
and
.Xr ECDSA_do_sign_ex 3 .
.Xr ECDSA_do_sign 3 .
.Pp
.Fn EC_KEY_METHOD_set_verify
and

6
lib/libcrypto/man/ENGINE_get_default_RSA.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: ENGINE_get_default_RSA.3,v 1.2 2018/04/18 03:39:22 schwarze Exp $
.\" $OpenBSD: ENGINE_get_default_RSA.3,v 1.3 2023/07/20 09:28:30 tb Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 18 2018 $
.Dd $Mdocdate: July 20 2023 $
.Dt ENGINE_GET_DEFAULT_RSA 3
.Os
.Sh NAME
@ -107,7 +107,7 @@ they are called automatically when needed, in particular from
.Fn ECDH_set_method ,
.Fn ECDH_compute_key ,
.Xr ECDSA_set_method 3 ,
.Xr ECDSA_do_sign_ex 3 ,
.Xr ECDSA_do_sign 3 ,
.Xr ECDSA_do_verify 3 ,
.Xr DH_new 3 ,
.Xr EVP_CipherInit_ex 3 ,

8
lib/libcrypto/man/ENGINE_set_RSA.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: ENGINE_set_RSA.3,v 1.5 2019/06/06 17:41:43 schwarze Exp $
.\" $OpenBSD: ENGINE_set_RSA.3,v 1.6 2023/07/20 09:28:30 tb Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: June 6 2019 $
.Dd $Mdocdate: July 20 2023 $
.Dt ENGINE_SET_RSA 3
.Os
.Sh NAME
@ -238,8 +238,8 @@ as shown in the following table:
.It Fn ENGINE_get_RSA Ta Xr RSA_new_method 3 , Xr RSA_new 3
.It Fn ENGINE_get_DSA Ta Xr DSA_new_method 3 , Xr DSA_new 3
.It Fn ENGINE_get_ECDH Ta Fn ECDH_set_method , Fn ECDH_compute_key
.It Fn ENGINE_get_ECDSA Ta Xr ECDSA_set_method 3 , Xr ECDSA_sign_setup 3 ,
.Xr ECDSA_do_sign_ex 3 , Xr ECDSA_do_verify 3
.It Fn ENGINE_get_ECDSA Ta Xr ECDSA_set_method 3 ,
.Xr ECDSA_do_sign 3 , Xr ECDSA_do_verify 3
.It Fn ENGINE_get_DH Ta Xr DH_new_method 3 , Xr DH_new 3
.It Fn ENGINE_get_RAND Ta unused
.It Fn ENGINE_get_STORE Ta unused

4
lib/libcrypto/man/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.253 2023/07/09 06:45:03 tb Exp $
# $OpenBSD: Makefile,v 1.254 2023/07/20 16:26:40 tb Exp $
.include <bsd.own.mk>
@ -73,6 +73,7 @@ MAN= \
BN_cmp.3 \
BN_copy.3 \
BN_generate_prime.3 \
BN_get_rfc3526_prime_8192.3 \
BN_kronecker.3 \
BN_mod_inverse.3 \
BN_mod_mul_montgomery.3 \
@ -417,7 +418,6 @@ MAN= \
d2i_X509_SIG.3 \
des_read_pw.3 \
evp.3 \
get_rfc3526_prime_8192.3 \
i2a_ASN1_STRING.3 \
i2d_CMS_bio_stream.3 \
i2d_PKCS7_bio_stream.3 \

143
lib/libcrypto/md4/md4_dgst.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: md4_dgst.c,v 1.20 2023/07/08 10:45:57 beck Exp $ */
/* $OpenBSD: md4_dgst.c,v 1.21 2023/07/15 15:30:43 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -146,16 +146,9 @@ void
md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
{
const unsigned char *data = data_;
unsigned MD32_REG_T A, B,C, D, l;
#ifndef MD32_XARRAY
/* See comment in crypto/sha/sha_locl.h for details. */
unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
# define X(i) XX##i
#else
MD4_LONG XX[MD4_LBLOCK];
# define X(i) XX[i]
#endif
unsigned MD32_REG_T A, B, C, D, l;
unsigned MD32_REG_T X0, X1, X2, X3, X4, X5, X6, X7,
X8, X9, X10, X11, X12, X13, X14, X15;
A = c->A;
B = c->B;
@ -164,88 +157,88 @@ md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
for (; num--; ) {
HOST_c2l(data, l);
X( 0) = l;
X0 = l;
HOST_c2l(data, l);
X( 1) = l;
X1 = l;
/* Round 0 */
R0(A, B,C, D,X( 0), 3, 0);
R0(A, B, C, D, X0, 3, 0);
HOST_c2l(data, l);
X( 2) = l;
R0(D, A,B, C,X( 1), 7, 0);
X2 = l;
R0(D, A, B, C, X1, 7, 0);
HOST_c2l(data, l);
X( 3) = l;
R0(C, D,A, B,X( 2), 11, 0);
X3 = l;
R0(C, D, A, B, X2, 11, 0);
HOST_c2l(data, l);
X( 4) = l;
R0(B, C,D, A,X( 3), 19, 0);
X4 = l;
R0(B, C, D, A, X3, 19, 0);
HOST_c2l(data, l);
X( 5) = l;
R0(A, B,C, D,X( 4), 3, 0);
X5 = l;
R0(A, B, C, D, X4, 3, 0);
HOST_c2l(data, l);
X( 6) = l;
R0(D, A,B, C,X( 5), 7, 0);
X6 = l;
R0(D, A, B, C, X5, 7, 0);
HOST_c2l(data, l);
X( 7) = l;
R0(C, D,A, B,X( 6), 11, 0);
X7 = l;
R0(C, D, A, B, X6, 11, 0);
HOST_c2l(data, l);
X( 8) = l;
R0(B, C,D, A,X( 7), 19, 0);
X8 = l;
R0(B, C, D, A, X7, 19, 0);
HOST_c2l(data, l);
X( 9) = l;
R0(A, B,C, D,X( 8), 3, 0);
X9 = l;
R0(A, B, C, D, X8, 3, 0);
HOST_c2l(data, l);
X(10) = l;
R0(D, A,B, C,X( 9), 7, 0);
X10 = l;
R0(D, A,B, C,X9, 7, 0);
HOST_c2l(data, l);
X(11) = l;
R0(C, D,A, B,X(10), 11, 0);
X11 = l;
R0(C, D,A, B,X10, 11, 0);
HOST_c2l(data, l);
X(12) = l;
R0(B, C,D, A,X(11), 19, 0);
X12 = l;
R0(B, C,D, A,X11, 19, 0);
HOST_c2l(data, l);
X(13) = l;
R0(A, B,C, D,X(12), 3, 0);
X13 = l;
R0(A, B,C, D,X12, 3, 0);
HOST_c2l(data, l);
X(14) = l;
R0(D, A,B, C,X(13), 7, 0);
X14 = l;
R0(D, A,B, C,X13, 7, 0);
HOST_c2l(data, l);
X(15) = l;
R0(C, D,A, B,X(14), 11, 0);
R0(B, C,D, A,X(15), 19, 0);
X15 = l;
R0(C, D,A, B,X14, 11, 0);
R0(B, C,D, A,X15, 19, 0);
/* Round 1 */
R1(A, B,C, D,X( 0), 3, 0x5A827999L);
R1(D, A,B, C,X( 4), 5, 0x5A827999L);
R1(C, D,A, B,X( 8), 9, 0x5A827999L);
R1(B, C,D, A,X(12), 13, 0x5A827999L);
R1(A, B,C, D,X( 1), 3, 0x5A827999L);
R1(D, A,B, C,X( 5), 5, 0x5A827999L);
R1(C, D,A, B,X( 9), 9, 0x5A827999L);
R1(B, C,D, A,X(13), 13, 0x5A827999L);
R1(A, B,C, D,X( 2), 3, 0x5A827999L);
R1(D, A,B, C,X( 6), 5, 0x5A827999L);
R1(C, D,A, B,X(10), 9, 0x5A827999L);
R1(B, C,D, A,X(14), 13, 0x5A827999L);
R1(A, B,C, D,X( 3), 3, 0x5A827999L);
R1(D, A,B, C,X( 7), 5, 0x5A827999L);
R1(C, D,A, B,X(11), 9, 0x5A827999L);
R1(B, C,D, A,X(15), 13, 0x5A827999L);
R1(A, B, C, D, X0, 3, 0x5A827999L);
R1(D, A, B, C, X4, 5, 0x5A827999L);
R1(C, D, A, B, X8, 9, 0x5A827999L);
R1(B, C, D, A, X12, 13, 0x5A827999L);
R1(A, B, C, D, X1, 3, 0x5A827999L);
R1(D, A, B, C, X5, 5, 0x5A827999L);
R1(C, D, A, B, X9, 9, 0x5A827999L);
R1(B, C, D, A, X13, 13, 0x5A827999L);
R1(A, B, C, D, X2, 3, 0x5A827999L);
R1(D, A, B, C, X6, 5, 0x5A827999L);
R1(C, D, A, B, X10, 9, 0x5A827999L);
R1(B, C, D, A, X14, 13, 0x5A827999L);
R1(A, B, C, D, X3, 3, 0x5A827999L);
R1(D, A, B, C, X7, 5, 0x5A827999L);
R1(C, D, A, B, X11, 9, 0x5A827999L);
R1(B, C, D, A, X15, 13, 0x5A827999L);
/* Round 2 */
R2(A, B,C, D,X( 0), 3, 0x6ED9EBA1L);
R2(D, A,B, C,X( 8), 9, 0x6ED9EBA1L);
R2(C, D,A, B,X( 4), 11, 0x6ED9EBA1L);
R2(B, C,D, A,X(12), 15, 0x6ED9EBA1L);
R2(A, B,C, D,X( 2), 3, 0x6ED9EBA1L);
R2(D, A,B, C,X(10), 9, 0x6ED9EBA1L);
R2(C, D,A, B,X( 6), 11, 0x6ED9EBA1L);
R2(B, C,D, A,X(14), 15, 0x6ED9EBA1L);
R2(A, B,C, D,X( 1), 3, 0x6ED9EBA1L);
R2(D, A,B, C,X( 9), 9, 0x6ED9EBA1L);
R2(C, D,A, B,X( 5), 11, 0x6ED9EBA1L);
R2(B, C,D, A,X(13), 15, 0x6ED9EBA1L);
R2(A, B,C, D,X( 3), 3, 0x6ED9EBA1L);
R2(D, A,B, C,X(11), 9, 0x6ED9EBA1L);
R2(C, D,A, B,X( 7), 11, 0x6ED9EBA1L);
R2(B, C,D, A,X(15), 15, 0x6ED9EBA1L);
R2(A, B, C, D, X0, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X8, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X4, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X12, 15, 0x6ED9EBA1L);
R2(A, B, C, D, X2, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X10, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X6, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X14, 15, 0x6ED9EBA1L);
R2(A, B, C, D, X1, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X9, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X5, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X13, 15, 0x6ED9EBA1L);
R2(A, B, C, D, X3, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X11, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X7, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X15, 15, 0x6ED9EBA1L);
A = c->A += A;
B = c->B += B;

175
lib/libcrypto/md5/md5_dgst.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: md5_dgst.c,v 1.18 2023/07/08 10:45:57 beck Exp $ */
/* $OpenBSD: md5_dgst.c,v 1.19 2023/07/15 15:37:05 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -166,16 +166,9 @@ void
md5_block_data_order(MD5_CTX *c, const void *data_, size_t num)
{
const unsigned char *data = data_;
unsigned MD32_REG_T A, B,C, D, l;
#ifndef MD32_XARRAY
/* See comment in crypto/sha/sha_locl.h for details. */
unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
# define X(i) XX##i
#else
MD5_LONG XX[MD5_LBLOCK];
# define X(i) XX[i]
#endif
unsigned MD32_REG_T A, B, C, D, l;
unsigned MD32_REG_T X0, X1, X2, X3, X4, X5, X6, X7,
X8, X9, X10, X11, X12, X13, X14, X15;
A = c->A;
B = c->B;
@ -184,105 +177,105 @@ md5_block_data_order(MD5_CTX *c, const void *data_, size_t num)
for (; num--; ) {
HOST_c2l(data, l);
X( 0) = l;
X0 = l;
HOST_c2l(data, l);
X( 1) = l;
X1 = l;
/* Round 0 */
R0(A, B,C, D,X( 0), 7, 0xd76aa478L);
R0(A, B, C, D, X0, 7, 0xd76aa478L);
HOST_c2l(data, l);
X( 2) = l;
R0(D, A,B, C,X( 1), 12, 0xe8c7b756L);
X2 = l;
R0(D, A, B, C, X1, 12, 0xe8c7b756L);
HOST_c2l(data, l);
X( 3) = l;
R0(C, D,A, B,X( 2), 17, 0x242070dbL);
X3 = l;
R0(C, D, A, B, X2, 17, 0x242070dbL);
HOST_c2l(data, l);
X( 4) = l;
R0(B, C,D, A,X( 3), 22, 0xc1bdceeeL);
X4 = l;
R0(B, C, D, A, X3, 22, 0xc1bdceeeL);
HOST_c2l(data, l);
X( 5) = l;
R0(A, B,C, D,X( 4), 7, 0xf57c0fafL);
X5 = l;
R0(A, B, C, D, X4, 7, 0xf57c0fafL);
HOST_c2l(data, l);
X( 6) = l;
R0(D, A,B, C,X( 5), 12, 0x4787c62aL);
X6 = l;
R0(D, A, B, C, X5, 12, 0x4787c62aL);
HOST_c2l(data, l);
X( 7) = l;
R0(C, D,A, B,X( 6), 17, 0xa8304613L);
X7 = l;
R0(C, D, A, B, X6, 17, 0xa8304613L);
HOST_c2l(data, l);
X( 8) = l;
R0(B, C,D, A,X( 7), 22, 0xfd469501L);
X8 = l;
R0(B, C, D, A, X7, 22, 0xfd469501L);
HOST_c2l(data, l);
X( 9) = l;
R0(A, B,C, D,X( 8), 7, 0x698098d8L);
X9 = l;
R0(A, B, C, D, X8, 7, 0x698098d8L);
HOST_c2l(data, l);
X(10) = l;
R0(D, A,B, C,X( 9), 12, 0x8b44f7afL);
X10 = l;
R0(D, A, B, C, X9, 12, 0x8b44f7afL);
HOST_c2l(data, l);
X(11) = l;
R0(C, D,A, B,X(10), 17, 0xffff5bb1L);
X11 = l;
R0(C, D, A, B, X10, 17, 0xffff5bb1L);
HOST_c2l(data, l);
X(12) = l;
R0(B, C,D, A,X(11), 22, 0x895cd7beL);
X12 = l;
R0(B, C, D, A, X11, 22, 0x895cd7beL);
HOST_c2l(data, l);
X(13) = l;
R0(A, B,C, D,X(12), 7, 0x6b901122L);
X13 = l;
R0(A, B, C, D, X12, 7, 0x6b901122L);
HOST_c2l(data, l);
X(14) = l;
R0(D, A,B, C,X(13), 12, 0xfd987193L);
X14 = l;
R0(D, A, B, C, X13, 12, 0xfd987193L);
HOST_c2l(data, l);
X(15) = l;
R0(C, D,A, B,X(14), 17, 0xa679438eL);
R0(B, C,D, A,X(15), 22, 0x49b40821L);
X15 = l;
R0(C, D, A, B, X14, 17, 0xa679438eL);
R0(B, C, D, A, X15, 22, 0x49b40821L);
/* Round 1 */
R1(A, B,C, D,X( 1), 5, 0xf61e2562L);
R1(D, A,B, C,X( 6), 9, 0xc040b340L);
R1(C, D,A, B,X(11), 14, 0x265e5a51L);
R1(B, C,D, A,X( 0), 20, 0xe9b6c7aaL);
R1(A, B,C, D,X( 5), 5, 0xd62f105dL);
R1(D, A,B, C,X(10), 9, 0x02441453L);
R1(C, D,A, B,X(15), 14, 0xd8a1e681L);
R1(B, C,D, A,X( 4), 20, 0xe7d3fbc8L);
R1(A, B,C, D,X( 9), 5, 0x21e1cde6L);
R1(D, A,B, C,X(14), 9, 0xc33707d6L);
R1(C, D,A, B,X( 3), 14, 0xf4d50d87L);
R1(B, C,D, A,X( 8), 20, 0x455a14edL);
R1(A, B,C, D,X(13), 5, 0xa9e3e905L);
R1(D, A,B, C,X( 2), 9, 0xfcefa3f8L);
R1(C, D,A, B,X( 7), 14, 0x676f02d9L);
R1(B, C,D, A,X(12), 20, 0x8d2a4c8aL);
R1(A, B, C, D, X1, 5, 0xf61e2562L);
R1(D, A, B, C, X6, 9, 0xc040b340L);
R1(C, D, A, B, X11, 14, 0x265e5a51L);
R1(B, C, D, A, X0, 20, 0xe9b6c7aaL);
R1(A, B, C, D, X5, 5, 0xd62f105dL);
R1(D, A, B, C, X10, 9, 0x02441453L);
R1(C, D, A, B, X15, 14, 0xd8a1e681L);
R1(B, C, D, A, X4, 20, 0xe7d3fbc8L);
R1(A, B, C, D, X9, 5, 0x21e1cde6L);
R1(D, A, B, C, X14, 9, 0xc33707d6L);
R1(C, D, A, B, X3, 14, 0xf4d50d87L);
R1(B, C, D, A, X8, 20, 0x455a14edL);
R1(A, B, C, D, X13, 5, 0xa9e3e905L);
R1(D, A, B, C, X2, 9, 0xfcefa3f8L);
R1(C, D, A, B, X7, 14, 0x676f02d9L);
R1(B, C, D, A, X12, 20, 0x8d2a4c8aL);
/* Round 2 */
R2(A, B,C, D,X( 5), 4, 0xfffa3942L);
R2(D, A,B, C,X( 8), 11, 0x8771f681L);
R2(C, D,A, B,X(11), 16, 0x6d9d6122L);
R2(B, C,D, A,X(14), 23, 0xfde5380cL);
R2(A, B,C, D,X( 1), 4, 0xa4beea44L);
R2(D, A,B, C,X( 4), 11, 0x4bdecfa9L);
R2(C, D,A, B,X( 7), 16, 0xf6bb4b60L);
R2(B, C,D, A,X(10), 23, 0xbebfbc70L);
R2(A, B,C, D,X(13), 4, 0x289b7ec6L);
R2(D, A,B, C,X( 0), 11, 0xeaa127faL);
R2(C, D,A, B,X( 3), 16, 0xd4ef3085L);
R2(B, C,D, A,X( 6), 23, 0x04881d05L);
R2(A, B,C, D,X( 9), 4, 0xd9d4d039L);
R2(D, A,B, C,X(12), 11, 0xe6db99e5L);
R2(C, D,A, B,X(15), 16, 0x1fa27cf8L);
R2(B, C,D, A,X( 2), 23, 0xc4ac5665L);
R2(A, B, C, D, X5, 4, 0xfffa3942L);
R2(D, A, B, C, X8, 11, 0x8771f681L);
R2(C, D, A, B, X11, 16, 0x6d9d6122L);
R2(B, C, D, A, X14, 23, 0xfde5380cL);
R2(A, B, C, D, X1, 4, 0xa4beea44L);
R2(D, A, B, C, X4, 11, 0x4bdecfa9L);
R2(C, D, A, B, X7, 16, 0xf6bb4b60L);
R2(B, C, D, A, X10, 23, 0xbebfbc70L);
R2(A, B, C, D, X13, 4, 0x289b7ec6L);
R2(D, A, B, C, X0, 11, 0xeaa127faL);
R2(C, D, A, B, X3, 16, 0xd4ef3085L);
R2(B, C, D, A, X6, 23, 0x04881d05L);
R2(A, B, C, D, X9, 4, 0xd9d4d039L);
R2(D, A, B, C, X12, 11, 0xe6db99e5L);
R2(C, D, A, B, X15, 16, 0x1fa27cf8L);
R2(B, C, D, A, X2, 23, 0xc4ac5665L);
/* Round 3 */
R3(A, B,C, D,X( 0), 6, 0xf4292244L);
R3(D, A,B, C,X( 7), 10, 0x432aff97L);
R3(C, D,A, B,X(14), 15, 0xab9423a7L);
R3(B, C,D, A,X( 5), 21, 0xfc93a039L);
R3(A, B,C, D,X(12), 6, 0x655b59c3L);
R3(D, A,B, C,X( 3), 10, 0x8f0ccc92L);
R3(C, D,A, B,X(10), 15, 0xffeff47dL);
R3(B, C,D, A,X( 1), 21, 0x85845dd1L);
R3(A, B,C, D,X( 8), 6, 0x6fa87e4fL);
R3(D, A,B, C,X(15), 10, 0xfe2ce6e0L);
R3(C, D,A, B,X( 6), 15, 0xa3014314L);
R3(B, C,D, A,X(13), 21, 0x4e0811a1L);
R3(A, B,C, D,X( 4), 6, 0xf7537e82L);
R3(D, A,B, C,X(11), 10, 0xbd3af235L);
R3(C, D,A, B,X( 2), 15, 0x2ad7d2bbL);
R3(B, C,D, A,X( 9), 21, 0xeb86d391L);
R3(A, B, C, D, X0, 6, 0xf4292244L);
R3(D, A, B, C, X7, 10, 0x432aff97L);
R3(C, D, A, B, X14, 15, 0xab9423a7L);
R3(B, C, D, A, X5, 21, 0xfc93a039L);
R3(A, B, C, D, X12, 6, 0x655b59c3L);
R3(D, A, B, C, X3, 10, 0x8f0ccc92L);
R3(C, D, A, B, X10, 15, 0xffeff47dL);
R3(B, C, D, A, X1, 21, 0x85845dd1L);
R3(A, B, C, D, X8, 6, 0x6fa87e4fL);
R3(D, A, B, C, X15, 10, 0xfe2ce6e0L);
R3(C, D, A, B, X6, 15, 0xa3014314L);
R3(B, C, D, A, X13, 21, 0x4e0811a1L);
R3(A, B, C, D, X4, 6, 0xf7537e82L);
R3(D, A, B, C, X11, 10, 0xbd3af235L);
R3(C, D, A, B, X2, 15, 0x2ad7d2bbL);
R3(B, C, D, A, X9, 21, 0xeb86d391L);
A = c->A += A;
B = c->B += B;