cjson
fuzzing
inputs
test1 test10 test11 test2 test3 test3.bu test3.uf test3.uu test4 test5 test6 test7 test8 test9library_config
cJSONConfig.cmake.in cJSONConfigVersion.cmake.in libcjson.pc.in libcjson_utils.pc.in uninstall.cmaketests
inputs
test1 test1.expected test10 test10.expected test11 test11.expected test2 test2.expected test3 test3.expected test4 test4.expected test5 test5.expected test6 test7 test7.expected test8 test8.expected test9 test9.expectedjson-patch-tests
.editorconfig .gitignore .npmignore README.md cjson-utils-tests.json package.json spec_tests.json tests.jsonunity
auto
colour_prompt.rb colour_reporter.rb generate_config.yml generate_module.rb generate_test_runner.rb parse_output.rb stylize_as_junit.rb test_file_filter.rb type_sanitizer.rb unity_test_summary.py unity_test_summary.rb unity_to_junit.pydocs
ThrowTheSwitchCodingStandard.md UnityAssertionsCheatSheetSuitableforPrintingandPossiblyFraming.pdf UnityAssertionsReference.md UnityConfigurationGuide.md UnityGettingStartedGuide.md UnityHelperScriptsGuide.md license.txtexamples
unity_config.hcurl
.github
scripts
cleancmd.pl cmp-config.pl cmp-pkg-config.sh codespell-ignore.words codespell.sh distfiles.sh pyspelling.words pyspelling.yaml randcurl.pl requirements-docs.txt requirements-proselint.txt requirements.txt shellcheck-ci.sh shellcheck.sh spellcheck.curl trimmarkdownheader.pl typos.sh typos.toml verify-examples.pl verify-synopsis.pl yamlcheck.sh yamlcheck.yamlworkflows
appveyor-status.yml checkdocs.yml checksrc.yml checkurls.yml codeql.yml configure-vs-cmake.yml curl-for-win.yml distcheck.yml fuzz.yml http3-linux.yml label.yml linux-old.yml linux.yml macos.yml non-native.yml windows.ymlCMake
CurlSymbolHiding.cmake CurlTests.c FindBrotli.cmake FindCares.cmake FindGSS.cmake FindGnuTLS.cmake FindLDAP.cmake FindLibbacktrace.cmake FindLibgsasl.cmake FindLibidn2.cmake FindLibpsl.cmake FindLibssh.cmake FindLibssh2.cmake FindLibuv.cmake FindMbedTLS.cmake FindNGHTTP2.cmake FindNGHTTP3.cmake FindNGTCP2.cmake FindNettle.cmake FindQuiche.cmake FindRustls.cmake FindWolfSSL.cmake FindZstd.cmake Macros.cmake OtherTests.cmake PickyWarnings.cmake Utilities.cmake cmake_uninstall.in.cmake curl-config.in.cmake unix-cache.cmake win32-cache.cmakedocs
cmdline-opts
.gitignore CMakeLists.txt MANPAGE.md Makefile.am Makefile.inc _AUTHORS.md _BUGS.md _DESCRIPTION.md _ENVIRONMENT.md _EXITCODES.md _FILES.md _GLOBBING.md _NAME.md _OPTIONS.md _OUTPUT.md _PROGRESS.md _PROTOCOLS.md _PROXYPREFIX.md _SEEALSO.md _SYNOPSIS.md _URL.md _VARIABLES.md _VERSION.md _WWW.md abstract-unix-socket.md alt-svc.md anyauth.md append.md aws-sigv4.md basic.md ca-native.md cacert.md capath.md cert-status.md cert-type.md cert.md ciphers.md compressed-ssh.md compressed.md config.md connect-timeout.md connect-to.md continue-at.md cookie-jar.md cookie.md create-dirs.md create-file-mode.md crlf.md crlfile.md curves.md data-ascii.md data-binary.md data-raw.md data-urlencode.md data.md delegation.md digest.md disable-eprt.md disable-epsv.md disable.md disallow-username-in-url.md dns-interface.md dns-ipv4-addr.md dns-ipv6-addr.md dns-servers.md doh-cert-status.md doh-insecure.md doh-url.md dump-ca-embed.md dump-header.md ech.md egd-file.md engine.md etag-compare.md etag-save.md expect100-timeout.md fail-early.md fail-with-body.md fail.md false-start.md follow.md form-escape.md form-string.md form.md ftp-account.md ftp-alternative-to-user.md ftp-create-dirs.md ftp-method.md ftp-pasv.md ftp-port.md ftp-pret.md ftp-skip-pasv-ip.md ftp-ssl-ccc-mode.md ftp-ssl-ccc.md ftp-ssl-control.md get.md globoff.md happy-eyeballs-timeout-ms.md haproxy-clientip.md haproxy-protocol.md head.md header.md help.md hostpubmd5.md hostpubsha256.md hsts.md http0.9.md http1.0.md http1.1.md http2-prior-knowledge.md http2.md http3-only.md http3.md ignore-content-length.md insecure.md interface.md ip-tos.md ipfs-gateway.md ipv4.md ipv6.md json.md junk-session-cookies.md keepalive-cnt.md keepalive-time.md key-type.md key.md knownhosts.md krb.md libcurl.md limit-rate.md list-only.md local-port.md location-trusted.md location.md login-options.md mail-auth.md mail-from.md mail-rcpt-allowfails.md mail-rcpt.md mainpage.idx manual.md max-filesize.md max-redirs.md max-time.md metalink.md mptcp.md negotiate.md netrc-file.md netrc-optional.md netrc.md next.md no-alpn.md no-buffer.md no-clobber.md no-keepalive.md no-npn.md no-progress-meter.md no-sessionid.md noproxy.md ntlm-wb.md ntlm.md oauth2-bearer.md out-null.md output-dir.md output.md parallel-immediate.md parallel-max-host.md parallel-max.md parallel.md pass.md path-as-is.md pinnedpubkey.md post301.md post302.md post303.md preproxy.md progress-bar.md proto-default.md proto-redir.md proto.md proxy-anyauth.md proxy-basic.md proxy-ca-native.md proxy-cacert.md proxy-capath.md proxy-cert-type.md proxy-cert.md proxy-ciphers.md proxy-crlfile.md proxy-digest.md proxy-header.md proxy-http2.md proxy-insecure.md proxy-key-type.md proxy-key.md proxy-negotiate.md proxy-ntlm.md proxy-pass.md proxy-pinnedpubkey.md proxy-service-name.md proxy-ssl-allow-beast.md proxy-ssl-auto-client-cert.md proxy-tls13-ciphers.md proxy-tlsauthtype.md proxy-tlspassword.md proxy-tlsuser.md proxy-tlsv1.md proxy-user.md proxy.md proxy1.0.md proxytunnel.md pubkey.md quote.md random-file.md range.md rate.md raw.md referer.md remote-header-name.md remote-name-all.md remote-name.md remote-time.md remove-on-error.md request-target.md request.md resolve.md retry-all-errors.md retry-connrefused.md retry-delay.md retry-max-time.md retry.md sasl-authzid.md sasl-ir.md service-name.md show-error.md show-headers.md sigalgs.md silent.md skip-existing.md socks4.md socks4a.md socks5-basic.md socks5-gssapi-nec.md socks5-gssapi-service.md socks5-gssapi.md socks5-hostname.md socks5.md speed-limit.md speed-time.md ssl-allow-beast.md ssl-auto-client-cert.md ssl-no-revoke.md ssl-reqd.md ssl-revoke-best-effort.md ssl-sessions.md ssl.md sslv2.md sslv3.md stderr.md styled-output.md suppress-connect-headers.md tcp-fastopen.md tcp-nodelay.md telnet-option.md tftp-blksize.md tftp-no-options.md time-cond.md tls-earlydata.md tls-max.md tls13-ciphers.md tlsauthtype.md tlspassword.md tlsuser.md tlsv1.0.md tlsv1.1.md tlsv1.2.md tlsv1.3.md tlsv1.md tr-encoding.md trace-ascii.md trace-config.md trace-ids.md trace-time.md trace.md unix-socket.md upload-file.md upload-flags.md url-query.md url.md use-ascii.md user-agent.md user.md variable.md verbose.md version.md vlan-priority.md write-out.md xattr.mdexamples
.checksrc .gitignore 10-at-a-time.c CMakeLists.txt Makefile.am Makefile.example Makefile.inc README.md adddocsref.pl address-scope.c altsvc.c anyauthput.c block_ip.c cacertinmem.c certinfo.c chkspeed.c connect-to.c cookie_interface.c crawler.c debug.c default-scheme.c ephiperfifo.c evhiperfifo.c externalsocket.c fileupload.c ftp-delete.c ftp-wildcard.c ftpget.c ftpgetinfo.c ftpgetresp.c ftpsget.c ftpupload.c ftpuploadfrommem.c ftpuploadresume.c getinfo.c getinmemory.c getredirect.c getreferrer.c ghiper.c headerapi.c hiperfifo.c hsts-preload.c htmltidy.c htmltitle.cpp http-options.c http-post.c http2-download.c http2-pushinmemory.c http2-serverpush.c http2-upload.c http3-present.c http3.c httpcustomheader.c httpput-postfields.c httpput.c https.c imap-append.c imap-authzid.c imap-copy.c imap-create.c imap-delete.c imap-examine.c imap-fetch.c imap-list.c imap-lsub.c imap-multi.c imap-noop.c imap-search.c imap-ssl.c imap-store.c imap-tls.c interface.c ipv6.c keepalive.c localport.c log_failed_transfers.c maxconnects.c multi-app.c multi-debugcallback.c multi-double.c multi-event.c multi-formadd.c multi-legacy.c multi-post.c multi-single.c multi-uv.c netrc.c parseurl.c persistent.c pop3-authzid.c pop3-dele.c pop3-list.c pop3-multi.c pop3-noop.c pop3-retr.c pop3-ssl.c pop3-stat.c pop3-tls.c pop3-top.c pop3-uidl.c post-callback.c postinmemory.c postit2-formadd.c postit2.c progressfunc.c protofeats.c range.c resolve.c rtsp-options.c sendrecv.c sepheaders.c sessioninfo.c sftpget.c sftpuploadresume.c shared-connection-cache.c simple.c simplepost.c simplessl.c smooth-gtk-thread.c smtp-authzid.c smtp-expn.c smtp-mail.c smtp-mime.c smtp-multi.c smtp-ssl.c smtp-tls.c smtp-vrfy.c sslbackend.c synctime.c threaded.c unixsocket.c url2file.c urlapi.c usercertinmem.c version-check.pl websocket-cb.c websocket-updown.c websocket.c xmlstream.cinternals
BUFQ.md BUFREF.md CHECKSRC.md CLIENT-READERS.md CLIENT-WRITERS.md CODE_STYLE.md CONNECTION-FILTERS.md CREDENTIALS.md CURLX.md DYNBUF.md HASH.md LLIST.md MID.md MQTT.md MULTI-EV.md NEW-PROTOCOL.md PEERS.md PORTING.md RATELIMITS.md README.md SCORECARD.md SPLAY.md STRPARSE.md THRDPOOL-AND-QUEUE.md TIME-KEEPING.md TLS-SESSIONS.md UINT_SETS.md WEBSOCKET.mdlibcurl
opts
CMakeLists.txt CURLINFO_ACTIVESOCKET.md CURLINFO_APPCONNECT_TIME.md CURLINFO_APPCONNECT_TIME_T.md CURLINFO_CAINFO.md CURLINFO_CAPATH.md CURLINFO_CERTINFO.md CURLINFO_CONDITION_UNMET.md CURLINFO_CONNECT_TIME.md CURLINFO_CONNECT_TIME_T.md CURLINFO_CONN_ID.md CURLINFO_CONTENT_LENGTH_DOWNLOAD.md CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md CURLINFO_CONTENT_LENGTH_UPLOAD.md CURLINFO_CONTENT_LENGTH_UPLOAD_T.md CURLINFO_CONTENT_TYPE.md CURLINFO_COOKIELIST.md CURLINFO_EARLYDATA_SENT_T.md CURLINFO_EFFECTIVE_METHOD.md CURLINFO_EFFECTIVE_URL.md CURLINFO_FILETIME.md CURLINFO_FILETIME_T.md CURLINFO_FTP_ENTRY_PATH.md CURLINFO_HEADER_SIZE.md CURLINFO_HTTPAUTH_AVAIL.md CURLINFO_HTTPAUTH_USED.md CURLINFO_HTTP_CONNECTCODE.md CURLINFO_HTTP_VERSION.md CURLINFO_LASTSOCKET.md CURLINFO_LOCAL_IP.md CURLINFO_LOCAL_PORT.md CURLINFO_NAMELOOKUP_TIME.md CURLINFO_NAMELOOKUP_TIME_T.md CURLINFO_NUM_CONNECTS.md CURLINFO_OS_ERRNO.md CURLINFO_POSTTRANSFER_TIME_T.md CURLINFO_PRETRANSFER_TIME.md CURLINFO_PRETRANSFER_TIME_T.md CURLINFO_PRIMARY_IP.md CURLINFO_PRIMARY_PORT.md CURLINFO_PRIVATE.md CURLINFO_PROTOCOL.md CURLINFO_PROXYAUTH_AVAIL.md CURLINFO_PROXYAUTH_USED.md CURLINFO_PROXY_ERROR.md CURLINFO_PROXY_SSL_VERIFYRESULT.md CURLINFO_QUEUE_TIME_T.md CURLINFO_REDIRECT_COUNT.md CURLINFO_REDIRECT_TIME.md CURLINFO_REDIRECT_TIME_T.md CURLINFO_REDIRECT_URL.md CURLINFO_REFERER.md CURLINFO_REQUEST_SIZE.md CURLINFO_RESPONSE_CODE.md CURLINFO_RETRY_AFTER.md CURLINFO_RTSP_CLIENT_CSEQ.md CURLINFO_RTSP_CSEQ_RECV.md CURLINFO_RTSP_SERVER_CSEQ.md CURLINFO_RTSP_SESSION_ID.md CURLINFO_SCHEME.md CURLINFO_SIZE_DELIVERED.md CURLINFO_SIZE_DOWNLOAD.md CURLINFO_SIZE_DOWNLOAD_T.md CURLINFO_SIZE_UPLOAD.md CURLINFO_SIZE_UPLOAD_T.md CURLINFO_SPEED_DOWNLOAD.md CURLINFO_SPEED_DOWNLOAD_T.md CURLINFO_SPEED_UPLOAD.md CURLINFO_SPEED_UPLOAD_T.md CURLINFO_SSL_ENGINES.md CURLINFO_SSL_VERIFYRESULT.md CURLINFO_STARTTRANSFER_TIME.md CURLINFO_STARTTRANSFER_TIME_T.md CURLINFO_TLS_SESSION.md CURLINFO_TLS_SSL_PTR.md CURLINFO_TOTAL_TIME.md CURLINFO_TOTAL_TIME_T.md CURLINFO_USED_PROXY.md CURLINFO_XFER_ID.md CURLMINFO_XFERS_ADDED.md CURLMINFO_XFERS_CURRENT.md CURLMINFO_XFERS_DONE.md CURLMINFO_XFERS_PENDING.md CURLMINFO_XFERS_RUNNING.md CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.md CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.md CURLMOPT_MAXCONNECTS.md CURLMOPT_MAX_CONCURRENT_STREAMS.md CURLMOPT_MAX_HOST_CONNECTIONS.md CURLMOPT_MAX_PIPELINE_LENGTH.md CURLMOPT_MAX_TOTAL_CONNECTIONS.md CURLMOPT_NETWORK_CHANGED.md CURLMOPT_NOTIFYDATA.md CURLMOPT_NOTIFYFUNCTION.md CURLMOPT_PIPELINING.md CURLMOPT_PIPELINING_SERVER_BL.md CURLMOPT_PIPELINING_SITE_BL.md CURLMOPT_PUSHDATA.md CURLMOPT_PUSHFUNCTION.md CURLMOPT_QUICK_EXIT.md CURLMOPT_RESOLVE_THREADS_MAX.md CURLMOPT_SOCKETDATA.md CURLMOPT_SOCKETFUNCTION.md CURLMOPT_TIMERDATA.md CURLMOPT_TIMERFUNCTION.md CURLOPT_ABSTRACT_UNIX_SOCKET.md CURLOPT_ACCEPTTIMEOUT_MS.md CURLOPT_ACCEPT_ENCODING.md CURLOPT_ADDRESS_SCOPE.md CURLOPT_ALTSVC.md CURLOPT_ALTSVC_CTRL.md CURLOPT_APPEND.md CURLOPT_AUTOREFERER.md CURLOPT_AWS_SIGV4.md CURLOPT_BUFFERSIZE.md CURLOPT_CAINFO.md CURLOPT_CAINFO_BLOB.md CURLOPT_CAPATH.md CURLOPT_CA_CACHE_TIMEOUT.md CURLOPT_CERTINFO.md CURLOPT_CHUNK_BGN_FUNCTION.md CURLOPT_CHUNK_DATA.md CURLOPT_CHUNK_END_FUNCTION.md CURLOPT_CLOSESOCKETDATA.md CURLOPT_CLOSESOCKETFUNCTION.md CURLOPT_CONNECTTIMEOUT.md CURLOPT_CONNECTTIMEOUT_MS.md CURLOPT_CONNECT_ONLY.md CURLOPT_CONNECT_TO.md CURLOPT_CONV_FROM_NETWORK_FUNCTION.md CURLOPT_CONV_FROM_UTF8_FUNCTION.md CURLOPT_CONV_TO_NETWORK_FUNCTION.md CURLOPT_COOKIE.md CURLOPT_COOKIEFILE.md CURLOPT_COOKIEJAR.md CURLOPT_COOKIELIST.md CURLOPT_COOKIESESSION.md CURLOPT_COPYPOSTFIELDS.md CURLOPT_CRLF.md CURLOPT_CRLFILE.md CURLOPT_CURLU.md CURLOPT_CUSTOMREQUEST.md CURLOPT_DEBUGDATA.md CURLOPT_DEBUGFUNCTION.md CURLOPT_DEFAULT_PROTOCOL.md CURLOPT_DIRLISTONLY.md CURLOPT_DISALLOW_USERNAME_IN_URL.md CURLOPT_DNS_CACHE_TIMEOUT.md CURLOPT_DNS_INTERFACE.md CURLOPT_DNS_LOCAL_IP4.md CURLOPT_DNS_LOCAL_IP6.md CURLOPT_DNS_SERVERS.md CURLOPT_DNS_SHUFFLE_ADDRESSES.md CURLOPT_DNS_USE_GLOBAL_CACHE.md CURLOPT_DOH_SSL_VERIFYHOST.md CURLOPT_DOH_SSL_VERIFYPEER.md CURLOPT_DOH_SSL_VERIFYSTATUS.md CURLOPT_DOH_URL.md CURLOPT_ECH.md CURLOPT_EGDSOCKET.md CURLOPT_ERRORBUFFER.md CURLOPT_EXPECT_100_TIMEOUT_MS.md CURLOPT_FAILONERROR.md CURLOPT_FILETIME.md CURLOPT_FNMATCH_DATA.md CURLOPT_FNMATCH_FUNCTION.md CURLOPT_FOLLOWLOCATION.md CURLOPT_FORBID_REUSE.md CURLOPT_FRESH_CONNECT.md CURLOPT_FTPPORT.md CURLOPT_FTPSSLAUTH.md CURLOPT_FTP_ACCOUNT.md CURLOPT_FTP_ALTERNATIVE_TO_USER.md CURLOPT_FTP_CREATE_MISSING_DIRS.md CURLOPT_FTP_FILEMETHOD.md CURLOPT_FTP_SKIP_PASV_IP.md CURLOPT_FTP_SSL_CCC.md CURLOPT_FTP_USE_EPRT.md CURLOPT_FTP_USE_EPSV.md CURLOPT_FTP_USE_PRET.md CURLOPT_GSSAPI_DELEGATION.md CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.md CURLOPT_HAPROXYPROTOCOL.md CURLOPT_HAPROXY_CLIENT_IP.md CURLOPT_HEADER.md CURLOPT_HEADERDATA.md CURLOPT_HEADERFUNCTION.md CURLOPT_HEADEROPT.md CURLOPT_HSTS.md CURLOPT_HSTSREADDATA.md CURLOPT_HSTSREADFUNCTION.md CURLOPT_HSTSWRITEDATA.md CURLOPT_HSTSWRITEFUNCTION.md CURLOPT_HSTS_CTRL.md CURLOPT_HTTP09_ALLOWED.md CURLOPT_HTTP200ALIASES.md CURLOPT_HTTPAUTH.md CURLOPT_HTTPGET.md CURLOPT_HTTPHEADER.md CURLOPT_HTTPPOST.md CURLOPT_HTTPPROXYTUNNEL.md CURLOPT_HTTP_CONTENT_DECODING.md CURLOPT_HTTP_TRANSFER_DECODING.md CURLOPT_HTTP_VERSION.md CURLOPT_IGNORE_CONTENT_LENGTH.md CURLOPT_INFILESIZE.md CURLOPT_INFILESIZE_LARGE.md CURLOPT_INTERFACE.md CURLOPT_INTERLEAVEDATA.md CURLOPT_INTERLEAVEFUNCTION.md CURLOPT_IOCTLDATA.md CURLOPT_IOCTLFUNCTION.md CURLOPT_IPRESOLVE.md CURLOPT_ISSUERCERT.md CURLOPT_ISSUERCERT_BLOB.md CURLOPT_KEEP_SENDING_ON_ERROR.md CURLOPT_KEYPASSWD.md CURLOPT_KRBLEVEL.md CURLOPT_LOCALPORT.md CURLOPT_LOCALPORTRANGE.md CURLOPT_LOGIN_OPTIONS.md CURLOPT_LOW_SPEED_LIMIT.md CURLOPT_LOW_SPEED_TIME.md CURLOPT_MAIL_AUTH.md CURLOPT_MAIL_FROM.md CURLOPT_MAIL_RCPT.md CURLOPT_MAIL_RCPT_ALLOWFAILS.md CURLOPT_MAXAGE_CONN.md CURLOPT_MAXCONNECTS.md CURLOPT_MAXFILESIZE.md CURLOPT_MAXFILESIZE_LARGE.md CURLOPT_MAXLIFETIME_CONN.md CURLOPT_MAXREDIRS.md CURLOPT_MAX_RECV_SPEED_LARGE.md CURLOPT_MAX_SEND_SPEED_LARGE.md CURLOPT_MIMEPOST.md CURLOPT_MIME_OPTIONS.md CURLOPT_NETRC.md CURLOPT_NETRC_FILE.md CURLOPT_NEW_DIRECTORY_PERMS.md CURLOPT_NEW_FILE_PERMS.md CURLOPT_NOBODY.md CURLOPT_NOPROGRESS.md CURLOPT_NOPROXY.md CURLOPT_NOSIGNAL.md CURLOPT_OPENSOCKETDATA.md CURLOPT_OPENSOCKETFUNCTION.md CURLOPT_PASSWORD.md CURLOPT_PATH_AS_IS.md CURLOPT_PINNEDPUBLICKEY.md CURLOPT_PIPEWAIT.md CURLOPT_PORT.md CURLOPT_POST.md CURLOPT_POSTFIELDS.md CURLOPT_POSTFIELDSIZE.md CURLOPT_POSTFIELDSIZE_LARGE.md CURLOPT_POSTQUOTE.md CURLOPT_POSTREDIR.md CURLOPT_PREQUOTE.md CURLOPT_PREREQDATA.md CURLOPT_PREREQFUNCTION.md CURLOPT_PRE_PROXY.md CURLOPT_PRIVATE.md CURLOPT_PROGRESSDATA.md CURLOPT_PROGRESSFUNCTION.md CURLOPT_PROTOCOLS.md CURLOPT_PROTOCOLS_STR.md CURLOPT_PROXY.md CURLOPT_PROXYAUTH.md CURLOPT_PROXYHEADER.md CURLOPT_PROXYPASSWORD.md CURLOPT_PROXYPORT.md CURLOPT_PROXYTYPE.md CURLOPT_PROXYUSERNAME.md CURLOPT_PROXYUSERPWD.md CURLOPT_PROXY_CAINFO.md CURLOPT_PROXY_CAINFO_BLOB.md CURLOPT_PROXY_CAPATH.md CURLOPT_PROXY_CRLFILE.md CURLOPT_PROXY_ISSUERCERT.md CURLOPT_PROXY_ISSUERCERT_BLOB.md CURLOPT_PROXY_KEYPASSWD.md CURLOPT_PROXY_PINNEDPUBLICKEY.md CURLOPT_PROXY_SERVICE_NAME.md CURLOPT_PROXY_SSLCERT.md CURLOPT_PROXY_SSLCERTTYPE.md CURLOPT_PROXY_SSLCERT_BLOB.md CURLOPT_PROXY_SSLKEY.md CURLOPT_PROXY_SSLKEYTYPE.md CURLOPT_PROXY_SSLKEY_BLOB.md CURLOPT_PROXY_SSLVERSION.md CURLOPT_PROXY_SSL_CIPHER_LIST.md CURLOPT_PROXY_SSL_OPTIONS.md CURLOPT_PROXY_SSL_VERIFYHOST.md CURLOPT_PROXY_SSL_VERIFYPEER.md CURLOPT_PROXY_TLS13_CIPHERS.md CURLOPT_PROXY_TLSAUTH_PASSWORD.md CURLOPT_PROXY_TLSAUTH_TYPE.md CURLOPT_PROXY_TLSAUTH_USERNAME.md CURLOPT_PROXY_TRANSFER_MODE.md CURLOPT_PUT.md CURLOPT_QUICK_EXIT.md CURLOPT_QUOTE.md CURLOPT_RANDOM_FILE.md CURLOPT_RANGE.md CURLOPT_READDATA.md CURLOPT_READFUNCTION.md CURLOPT_REDIR_PROTOCOLS.md CURLOPT_REDIR_PROTOCOLS_STR.md CURLOPT_REFERER.md CURLOPT_REQUEST_TARGET.md CURLOPT_RESOLVE.md CURLOPT_RESOLVER_START_DATA.md CURLOPT_RESOLVER_START_FUNCTION.md CURLOPT_RESUME_FROM.md CURLOPT_RESUME_FROM_LARGE.md CURLOPT_RTSP_CLIENT_CSEQ.md CURLOPT_RTSP_REQUEST.md CURLOPT_RTSP_SERVER_CSEQ.md CURLOPT_RTSP_SESSION_ID.md CURLOPT_RTSP_STREAM_URI.md CURLOPT_RTSP_TRANSPORT.md CURLOPT_SASL_AUTHZID.md CURLOPT_SASL_IR.md CURLOPT_SEEKDATA.md CURLOPT_SEEKFUNCTION.md CURLOPT_SERVER_RESPONSE_TIMEOUT.md CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md CURLOPT_SERVICE_NAME.md CURLOPT_SHARE.md CURLOPT_SOCKOPTDATA.md CURLOPT_SOCKOPTFUNCTION.md CURLOPT_SOCKS5_AUTH.md CURLOPT_SOCKS5_GSSAPI_NEC.md CURLOPT_SOCKS5_GSSAPI_SERVICE.md CURLOPT_SSH_AUTH_TYPES.md CURLOPT_SSH_COMPRESSION.md CURLOPT_SSH_HOSTKEYDATA.md CURLOPT_SSH_HOSTKEYFUNCTION.md CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.md CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256.md CURLOPT_SSH_KEYDATA.md CURLOPT_SSH_KEYFUNCTION.md CURLOPT_SSH_KNOWNHOSTS.md CURLOPT_SSH_PRIVATE_KEYFILE.md CURLOPT_SSH_PUBLIC_KEYFILE.md CURLOPT_SSLCERT.md CURLOPT_SSLCERTTYPE.md CURLOPT_SSLCERT_BLOB.md CURLOPT_SSLENGINE.md CURLOPT_SSLENGINE_DEFAULT.md CURLOPT_SSLKEY.md CURLOPT_SSLKEYTYPE.md CURLOPT_SSLKEY_BLOB.md CURLOPT_SSLVERSION.md CURLOPT_SSL_CIPHER_LIST.md CURLOPT_SSL_CTX_DATA.md CURLOPT_SSL_CTX_FUNCTION.md CURLOPT_SSL_EC_CURVES.md CURLOPT_SSL_ENABLE_ALPN.md CURLOPT_SSL_ENABLE_NPN.md CURLOPT_SSL_FALSESTART.md CURLOPT_SSL_OPTIONS.md CURLOPT_SSL_SESSIONID_CACHE.md CURLOPT_SSL_SIGNATURE_ALGORITHMS.md CURLOPT_SSL_VERIFYHOST.md CURLOPT_SSL_VERIFYPEER.md CURLOPT_SSL_VERIFYSTATUS.md CURLOPT_STDERR.md CURLOPT_STREAM_DEPENDS.md CURLOPT_STREAM_DEPENDS_E.md CURLOPT_STREAM_WEIGHT.md CURLOPT_SUPPRESS_CONNECT_HEADERS.md CURLOPT_TCP_FASTOPEN.md CURLOPT_TCP_KEEPALIVE.md CURLOPT_TCP_KEEPCNT.md CURLOPT_TCP_KEEPIDLE.md CURLOPT_TCP_KEEPINTVL.md CURLOPT_TCP_NODELAY.md CURLOPT_TELNETOPTIONS.md CURLOPT_TFTP_BLKSIZE.md CURLOPT_TFTP_NO_OPTIONS.md CURLOPT_TIMECONDITION.md CURLOPT_TIMEOUT.md CURLOPT_TIMEOUT_MS.md CURLOPT_TIMEVALUE.md CURLOPT_TIMEVALUE_LARGE.md CURLOPT_TLS13_CIPHERS.md CURLOPT_TLSAUTH_PASSWORD.md CURLOPT_TLSAUTH_TYPE.md CURLOPT_TLSAUTH_USERNAME.md CURLOPT_TRAILERDATA.md CURLOPT_TRAILERFUNCTION.md CURLOPT_TRANSFERTEXT.md CURLOPT_TRANSFER_ENCODING.md CURLOPT_UNIX_SOCKET_PATH.md CURLOPT_UNRESTRICTED_AUTH.md CURLOPT_UPKEEP_INTERVAL_MS.md CURLOPT_UPLOAD.md CURLOPT_UPLOAD_BUFFERSIZE.md CURLOPT_UPLOAD_FLAGS.md CURLOPT_URL.md CURLOPT_USERAGENT.md CURLOPT_USERNAME.md CURLOPT_USERPWD.md CURLOPT_USE_SSL.md CURLOPT_VERBOSE.md CURLOPT_WILDCARDMATCH.md CURLOPT_WRITEDATA.md CURLOPT_WRITEFUNCTION.md CURLOPT_WS_OPTIONS.md CURLOPT_XFERINFODATA.md CURLOPT_XFERINFOFUNCTION.md CURLOPT_XOAUTH2_BEARER.md CURLSHOPT_LOCKFUNC.md CURLSHOPT_SHARE.md CURLSHOPT_UNLOCKFUNC.md CURLSHOPT_UNSHARE.md CURLSHOPT_USERDATA.md Makefile.am Makefile.incinclude
curl
Makefile.am curl.h curlver.h easy.h header.h mprintf.h multi.h options.h stdcheaders.h system.h typecheck-gcc.h urlapi.h websockets.hlib
curlx
base64.c base64.h basename.c basename.h dynbuf.c dynbuf.h fopen.c fopen.h inet_ntop.c inet_ntop.h inet_pton.c inet_pton.h multibyte.c multibyte.h nonblock.c nonblock.h snprintf.c snprintf.h strcopy.c strcopy.h strdup.c strdup.h strerr.c strerr.h strparse.c strparse.h timediff.c timediff.h timeval.c timeval.h version_win32.c version_win32.h wait.c wait.h warnless.c warnless.h winapi.c winapi.hvauth
cleartext.c cram.c digest.c digest.h digest_sspi.c gsasl.c krb5_gssapi.c krb5_sspi.c ntlm.c ntlm_sspi.c oauth2.c spnego_gssapi.c spnego_sspi.c vauth.c vauth.hvquic
curl_ngtcp2.c curl_ngtcp2.h curl_quiche.c curl_quiche.h vquic-tls.c vquic-tls.h vquic.c vquic.h vquic_int.hvtls
apple.c apple.h cipher_suite.c cipher_suite.h gtls.c gtls.h hostcheck.c hostcheck.h keylog.c keylog.h mbedtls.c mbedtls.h openssl.c openssl.h rustls.c rustls.h schannel.c schannel.h schannel_int.h schannel_verify.c vtls.c vtls.h vtls_int.h vtls_scache.c vtls_scache.h vtls_spack.c vtls_spack.h wolfssl.c wolfssl.h x509asn1.c x509asn1.hm4
.gitignore curl-amissl.m4 curl-apple-sectrust.m4 curl-compilers.m4 curl-confopts.m4 curl-functions.m4 curl-gnutls.m4 curl-mbedtls.m4 curl-openssl.m4 curl-override.m4 curl-reentrant.m4 curl-rustls.m4 curl-schannel.m4 curl-sysconfig.m4 curl-wolfssl.m4 xc-am-iface.m4 xc-cc-check.m4 xc-lt-iface.m4 xc-val-flgs.m4 zz40-xc-ovr.m4 zz50-xc-ovr.m4projects
OS400
.checksrc README.OS400 ccsidcurl.c ccsidcurl.h config400.default curl.cmd curl.inc.in curlcl.c curlmain.c initscript.sh make-docs.sh make-include.sh make-lib.sh make-src.sh make-tests.sh makefile.sh os400sys.c os400sys.hWindows
tmpl
.gitattributes README.txt curl-all.sln curl.sln curl.vcxproj curl.vcxproj.filters libcurl.sln libcurl.vcxproj libcurl.vcxproj.filtersvms
Makefile.am backup_gnv_curl_src.com build_curl-config_script.com build_gnv_curl.com build_gnv_curl_pcsi_desc.com build_gnv_curl_pcsi_text.com build_gnv_curl_release_notes.com build_libcurl_pc.com build_vms.com clean_gnv_curl.com compare_curl_source.com config_h.com curl_crtl_init.c curl_gnv_build_steps.txt curl_release_note_start.txt curl_startup.com curlmsg.h curlmsg.msg curlmsg.sdl curlmsg_vms.h generate_config_vms_h_curl.com generate_vax_transfer.com gnv_conftest.c_first gnv_curl_configure.sh gnv_libcurl_symbols.opt gnv_link_curl.com macro32_exactcase.patch make_gnv_curl_install.sh make_pcsi_curl_kit_name.com pcsi_gnv_curl_file_list.txt pcsi_product_gnv_curl.com readme report_openssl_version.c setup_gnv_curl_build.com stage_curl_install.com vms_eco_level.hscripts
.checksrc CMakeLists.txt Makefile.am badwords badwords-all badwords.txt cd2cd cd2nroff cdall checksrc-all.pl checksrc.pl cmakelint.sh completion.pl contributors.sh contrithanks.sh coverage.sh delta dmaketgz extract-unit-protos firefox-db2pem.sh installcheck.sh maketgz managen mdlinkcheck mk-ca-bundle.pl mk-unity.pl nroff2cd perlcheck.sh pythonlint.sh randdisable release-notes.pl release-tools.sh schemetable.c singleuse.pl spacecheck.pl top-complexity top-length verify-release wcurlsrc
.checksrc .gitignore CMakeLists.txt Makefile.am Makefile.inc config2setopts.c config2setopts.h curl.rc curlinfo.c mk-file-embed.pl mkhelp.pl slist_wc.c slist_wc.h terminal.c terminal.h tool_cb_dbg.c tool_cb_dbg.h tool_cb_hdr.c tool_cb_hdr.h tool_cb_prg.c tool_cb_prg.h tool_cb_rea.c tool_cb_rea.h tool_cb_see.c tool_cb_see.h tool_cb_soc.c tool_cb_soc.h tool_cb_wrt.c tool_cb_wrt.h tool_cfgable.c tool_cfgable.h tool_dirhie.c tool_dirhie.h tool_doswin.c tool_doswin.h tool_easysrc.c tool_easysrc.h tool_filetime.c tool_filetime.h tool_findfile.c tool_findfile.h tool_formparse.c tool_formparse.h tool_getparam.c tool_getparam.h tool_getpass.c tool_getpass.h tool_help.c tool_help.h tool_helpers.c tool_helpers.h tool_hugehelp.h tool_ipfs.c tool_ipfs.h tool_libinfo.c tool_libinfo.h tool_listhelp.c tool_main.c tool_main.h tool_msgs.c tool_msgs.h tool_operate.c tool_operate.h tool_operhlp.c tool_operhlp.h tool_paramhlp.c tool_paramhlp.h tool_parsecfg.c tool_parsecfg.h tool_progress.c tool_progress.h tool_sdecls.h tool_setopt.c tool_setopt.h tool_setup.h tool_ssls.c tool_ssls.h tool_stderr.c tool_stderr.h tool_urlglob.c tool_urlglob.h tool_util.c tool_util.h tool_version.h tool_vms.c tool_vms.h tool_writeout.c tool_writeout.h tool_writeout_json.c tool_writeout_json.h tool_xattr.c tool_xattr.h var.c var.htests
certs
.gitignore CMakeLists.txt Makefile.am Makefile.inc genserv.pl srp-verifier-conf srp-verifier-db test-ca.cnf test-ca.prm test-client-cert.prm test-client-eku-only.prm test-localhost-san-first.prm test-localhost-san-last.prm test-localhost.nn.prm test-localhost.prm test-localhost0h.prmdata
.gitignore DISABLED Makefile.am data-xml1 data1400.c data1401.c data1402.c data1403.c data1404.c data1405.c data1406.c data1407.c data1420.c data1461.txt data1463.txt data1465.c data1481.c data1705-1.md data1705-2.md data1705-3.md data1705-4.md data1705-stdout.1 data1706-1.md data1706-2.md data1706-3.md data1706-4.md data1706-stdout.txt data320.html test1 test10 test100 test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 test1008 test1009 test101 test1010 test1011 test1012 test1013 test1014 test1015 test1016 test1017 test1018 test1019 test102 test1020 test1021 test1022 test1023 test1024 test1025 test1026 test1027 test1028 test1029 test103 test1030 test1031 test1032 test1033 test1034 test1035 test1036 test1037 test1038 test1039 test104 test1040 test1041 test1042 test1043 test1044 test1045 test1046 test1047 test1048 test1049 test105 test1050 test1051 test1052 test1053 test1054 test1055 test1056 test1057 test1058 test1059 test106 test1060 test1061 test1062 test1063 test1064 test1065 test1066 test1067 test1068 test1069 test107 test1070 test1071 test1072 test1073 test1074 test1075 test1076 test1077 test1078 test1079 test108 test1080 test1081 test1082 test1083 test1084 test1085 test1086 test1087 test1088 test1089 test109 test1090 test1091 test1092 test1093 test1094 test1095 test1096 test1097 test1098 test1099 test11 test110 test1100 test1101 test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109 test111 test1110 test1111 test1112 test1113 test1114 test1115 test1116 test1117 test1118 test1119 test112 test1120 test1121 test1122 test1123 test1124 test1125 test1126 test1127 test1128 test1129 test113 test1130 test1131 test1132 test1133 test1134 test1135 test1136 test1137 test1138 test1139 test114 test1140 test1141 test1142 test1143 test1144 test1145 test1146 test1147 test1148 test1149 test115 test1150 test1151 test1152 test1153 test1154 test1155 test1156 test1157 test1158 test1159 test116 test1160 test1161 test1162 test1163 test1164 test1165 test1166 test1167 test1168 test1169 test117 test1170 test1171 test1172 test1173 test1174 test1175 test1176 test1177 test1178 test1179 test118 test1180 test1181 test1182 test1183 test1184 test1185 test1186 test1187 test1188 test1189 test119 test1190 test1191 test1192 test1193 test1194 test1195 test1196 test1197 test1198 test1199 test12 test120 test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 test1208 test1209 test121 test1210 test1211 test1212 test1213 test1214 test1215 test1216 test1217 test1218 test1219 test122 test1220 test1221 test1222 test1223 test1224 test1225 test1226 test1227 test1228 test1229 test123 test1230 test1231 test1232 test1233 test1234 test1235 test1236 test1237 test1238 test1239 test124 test1240 test1241 test1242 test1243 test1244 test1245 test1246 test1247 test1248 test1249 test125 test1250 test1251 test1252 test1253 test1254 test1255 test1256 test1257 test1258 test1259 test126 test1260 test1261 test1262 test1263 test1264 test1265 test1266 test1267 test1268 test1269 test127 test1270 test1271 test1272 test1273 test1274 test1275 test1276 test1277 test1278 test1279 test128 test1280 test1281 test1282 test1283 test1284 test1285 test1286 test1287 test1288 test1289 test129 test1290 test1291 test1292 test1293 test1294 test1295 test1296 test1297 test1298 test1299 test13 test130 test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 test1308 test1309 test131 test1310 test1311 test1312 test1313 test1314 test1315 test1316 test1317 test1318 test1319 test132 test1320 test1321 test1322 test1323 test1324 test1325 test1326 test1327 test1328 test1329 test133 test1330 test1331 test1332 test1333 test1334 test1335 test1336 test1337 test1338 test1339 test134 test1340 test1341 test1342 test1343 test1344 test1345 test1346 test1347 test1348 test1349 test135 test1350 test1351 test1352 test1353 test1354 test1355 test1356 test1357 test1358 test1359 test136 test1360 test1361 test1362 test1363 test1364 test1365 test1366 test1367 test1368 test1369 test137 test1370 test1371 test1372 test1373 test1374 test1375 test1376 test1377 test1378 test1379 test138 test1380 test1381 test1382 test1383 test1384 test1385 test1386 test1387 test1388 test1389 test139 test1390 test1391 test1392 test1393 test1394 test1395 test1396 test1397 test1398 test1399 test14 test140 test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 test1408 test1409 test141 test1410 test1411 test1412 test1413 test1414 test1415 test1416 test1417 test1418 test1419 test142 test1420 test1421 test1422 test1423 test1424 test1425 test1426 test1427 test1428 test1429 test143 test1430 test1431 test1432 test1433 test1434 test1435 test1436 test1437 test1438 test1439 test144 test1440 test1441 test1442 test1443 test1444 test1445 test1446 test1447 test1448 test1449 test145 test1450 test1451 test1452 test1453 test1454 test1455 test1456 test1457 test1458 test1459 test146 test1460 test1461 test1462 test1463 test1464 test1465 test1466 test1467 test1468 test1469 test147 test1470 test1471 test1472 test1473 test1474 test1475 test1476 test1477 test1478 test1479 test148 test1480 test1481 test1482 test1483 test1484 test1485 test1486 test1487 test1488 test1489 test149 test1490 test1491 test1492 test1493 test1494 test1495 test1496 test1497 test1498 test1499 test15 test150 test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 test1508 test1509 test151 test1510 test1511 test1512 test1513 test1514 test1515 test1516 test1517 test1518 test1519 test152 test1520 test1521 test1522 test1523 test1524 test1525 test1526 test1527 test1528 test1529 test153 test1530 test1531 test1532 test1533 test1534 test1535 test1536 test1537 test1538 test1539 test154 test1540 test1541 test1542 test1543 test1544 test1545 test1546 test1547 test1548 test1549 test155 test1550 test1551 test1552 test1553 test1554 test1555 test1556 test1557 test1558 test1559 test156 test1560 test1561 test1562 test1563 test1564 test1565 test1566 test1567 test1568 test1569 test157 test1570 test1571 test1572 test1573 test1574 test1575 test1576 test1577 test1578 test1579 test158 test1580 test1581 test1582 test1583 test1584 test1585 test1586 test1587 test1588 test1589 test159 test1590 test1591 test1592 test1593 test1594 test1595 test1596 test1597 test1598 test1599 test16 test160 test1600 test1601 test1602 test1603 test1604 test1605 test1606 test1607 test1608 test1609 test161 test1610 test1611 test1612 test1613 test1614 test1615 test1616 test1617 test1618 test1619 test162 test1620 test1621 test1622 test1623 test1624 test1625 test1626 test1627 test1628 test1629 test163 test1630 test1631 test1632 test1633 test1634 test1635 test1636 test1637 test1638 test1639 test164 test1640 test1641 test1642 test1643 test1644 test1645 test165 test1650 test1651 test1652 test1653 test1654 test1655 test1656 test1657 test1658 test1659 test166 test1660 test1661 test1662 test1663 test1664 test1665 test1666 test1667 test1668 test1669 test167 test1670 test1671 test1672 test1673 test1674 test1675 test1676 test168 test1680 test1681 test1682 test1683 test1684 test1685 test169 test17 test170 test1700 test1701 test1702 test1703 test1704 test1705 test1706 test1707 test1708 test1709 test171 test1710 test1711 test1712 test1713 test1714 test1715 test172 test1720 test1721 test173 test174 test175 test176 test177 test178 test179 test18 test180 test1800 test1801 test1802 test181 test182 test183 test184 test1847 test1848 test1849 test185 test1850 test1851 test186 test187 test188 test189 test19 test190 test1900 test1901 test1902 test1903 test1904 test1905 test1906 test1907 test1908 test1909 test191 test1910 test1911 test1912 test1913 test1914 test1915 test1916 test1917 test1918 test1919 test192 test1920 test1921 test193 test1933 test1934 test1935 test1936 test1937 test1938 test1939 test194 test1940 test1941 test1942 test1943 test1944 test1945 test1946 test1947 test1948 test195 test1955 test1956 test1957 test1958 test1959 test196 test1960 test1964 test1965 test1966 test197 test1970 test1971 test1972 test1973 test1974 test1975 test1976 test1977 test1978 test1979 test198 test1980 test1981 test1982 test1983 test1984 test199 test2 test20 test200 test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 test2008 test2009 test201 test2010 test2011 test2012 test2013 test2014 test202 test2023 test2024 test2025 test2026 test2027 test2028 test2029 test203 test2030 test2031 test2032 test2033 test2034 test2035 test2037 test2038 test2039 test204 test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 test2048 test2049 test205 test2050 test2051 test2052 test2053 test2054 test2055 test2056 test2057 test2058 test2059 test206 test2060 test2061 test2062 test2063 test2064 test2065 test2066 test2067 test2068 test2069 test207 test2070 test2071 test2072 test2073 test2074 test2075 test2076 test2077 test2078 test2079 test208 test2080 test2081 test2082 test2083 test2084 test2085 test2086 test2087 test2088 test2089 test209 test2090 test2091 test2092 test21 test210 test2100 test2101 test2102 test2103 test2104 test211 test212 test213 test214 test215 test216 test217 test218 test219 test22 test220 test2200 test2201 test2202 test2203 test2204 test2205 test2206 test2207 test221 test222 test223 test224 test225 test226 test227 test228 test229 test23 test230 test2300 test2301 test2302 test2303 test2304 test2306 test2307 test2308 test2309 test231 test232 test233 test234 test235 test236 test237 test238 test239 test24 test240 test2400 test2401 test2402 test2403 test2404 test2405 test2406 test2407 test2408 test2409 test241 test2410 test2411 test242 test243 test244 test245 test246 test247 test248 test249 test25 test250 test2500 test2501 test2502 test2503 test2504 test2505 test2506 test251 test252 test253 test254 test255 test256 test257 test258 test259 test26 test260 test2600 test2601 test2602 test2603 test2604 test2605 test261 test262 test263 test264 test265 test266 test267 test268 test269 test27 test270 test2700 test2701 test2702 test2703 test2704 test2705 test2706 test2707 test2708 test2709 test271 test2710 test2711 test2712 test2713 test2714 test2715 test2716 test2717 test2718 test2719 test272 test2720 test2721 test2722 test2723 test273 test274 test275 test276 test277 test278 test279 test28 test280 test281 test282 test283 test284 test285 test286 test287 test288 test289 test29 test290 test291 test292 test293 test294 test295 test296 test297 test298 test299 test3 test30 test300 test3000 test3001 test3002 test3003 test3004 test3005 test3006 test3007 test3008 test3009 test301 test3010 test3011 test3012 test3013 test3014 test3015 test3016 test3017 test3018 test3019 test302 test3020 test3021 test3022 test3023 test3024 test3025 test3026 test3027 test3028 test3029 test303 test3030 test3031 test3032 test3033 test3034 test3035 test3036 test304 test305 test306 test307 test308 test309 test31 test310 test3100 test3101 test3102 test3103 test3104 test3105 test3106 test311 test312 test313 test314 test315 test316 test317 test318 test319 test32 test320 test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208 test3209 test321 test3210 test3211 test3212 test3213 test3214 test3215 test3216 test3217 test3218 test3219 test322 test3220 test323 test324 test325 test326 test327 test328 test329 test33 test330 test3300 test3301 test3302 test331 test332 test333 test334 test335 test336 test337 test338 test339 test34 test340 test341 test342 test343 test344 test345 test346 test347 test348 test349 test35 test350 test351 test352 test353 test354 test355 test356 test357 test358 test359 test36 test360 test361 test362 test363 test364 test365 test366 test367 test368 test369 test37 test370 test371 test372 test373 test374 test375 test376 test378 test379 test38 test380 test381 test383 test384 test385 test386 test387 test388 test389 test39 test390 test391 test392 test393 test394 test395 test396 test397 test398 test399 test4 test40 test400 test4000 test4001 test401 test402 test403 test404 test405 test406 test407 test408 test409 test41 test410 test411 test412 test413 test414 test415 test416 test417 test418 test419 test42 test420 test421 test422 test423 test424 test425 test426 test427 test428 test429 test43 test430 test431 test432 test433 test434 test435 test436 test437 test438 test439 test44 test440 test441 test442 test443 test444 test445 test446 test447 test448 test449 test45 test450 test451 test452 test453 test454 test455 test456 test457 test458 test459 test46 test460 test461 test462 test463 test467 test468 test469 test47 test470 test471 test472 test473 test474 test475 test476 test477 test478 test479 test48 test480 test481 test482 test483 test484 test485 test486 test487 test488 test489 test49 test490 test491 test492 test493 test494 test495 test496 test497 test498 test499 test5 test50 test500 test501 test502 test503 test504 test505 test506 test507 test508 test509 test51 test510 test511 test512 test513 test514 test515 test516 test517 test518 test519 test52 test520 test521 test522 test523 test524 test525 test526 test527 test528 test529 test53 test530 test531 test532 test533 test534 test535 test536 test537 test538 test539 test54 test540 test541 test542 test543 test544 test545 test546 test547 test548 test549 test55 test550 test551 test552 test553 test554 test555 test556 test557 test558 test559 test56 test560 test561 test562 test563 test564 test565 test566 test567 test568 test569 test57 test570 test571 test572 test573 test574 test575 test576 test577 test578 test579 test58 test580 test581 test582 test583 test584 test585 test586 test587 test588 test589 test59 test590 test591 test592 test593 test594 test595 test596 test597 test598 test599 test6 test60 test600 test601 test602 test603 test604 test605 test606 test607 test608 test609 test61 test610 test611 test612 test613 test614 test615 test616 test617 test618 test619 test62 test620 test621 test622 test623 test624 test625 test626 test627 test628 test629 test63 test630 test631 test632 test633 test634 test635 test636 test637 test638 test639 test64 test640 test641 test642 test643 test644 test645 test646 test647 test648 test649 test65 test650 test651 test652 test653 test654 test655 test656 test658 test659 test66 test660 test661 test662 test663 test664 test665 test666 test667 test668 test669 test67 test670 test671 test672 test673 test674 test675 test676 test677 test678 test679 test68 test680 test681 test682 test683 test684 test685 test686 test687 test688 test689 test69 test690 test691 test692 test693 test694 test695 test696 test697 test698 test699 test7 test70 test700 test701 test702 test703 test704 test705 test706 test707 test708 test709 test71 test710 test711 test712 test713 test714 test715 test716 test717 test718 test719 test72 test720 test721 test722 test723 test724 test725 test726 test727 test728 test729 test73 test730 test731 test732 test733 test734 test735 test736 test737 test738 test739 test74 test740 test741 test742 test743 test744 test745 test746 test747 test748 test749 test75 test750 test751 test752 test753 test754 test755 test756 test757 test758 test759 test76 test760 test761 test762 test763 test764 test765 test766 test767 test768 test769 test77 test770 test771 test772 test773 test774 test775 test776 test777 test778 test779 test78 test780 test781 test782 test783 test784 test785 test786 test787 test788 test789 test79 test790 test791 test792 test793 test794 test795 test796 test797 test798 test799 test8 test80 test800 test801 test802 test803 test804 test805 test806 test807 test808 test809 test81 test810 test811 test812 test813 test814 test815 test816 test817 test818 test819 test82 test820 test821 test822 test823 test824 test825 test826 test827 test828 test829 test83 test830 test831 test832 test833 test834 test835 test836 test837 test838 test839 test84 test840 test841 test842 test843 test844 test845 test846 test847 test848 test849 test85 test850 test851 test852 test853 test854 test855 test856 test857 test858 test859 test86 test860 test861 test862 test863 test864 test865 test866 test867 test868 test869 test87 test870 test871 test872 test873 test874 test875 test876 test877 test878 test879 test88 test880 test881 test882 test883 test884 test885 test886 test887 test888 test889 test89 test890 test891 test892 test893 test894 test895 test896 test897 test898 test899 test9 test90 test900 test901 test902 test903 test904 test905 test906 test907 test908 test909 test91 test910 test911 test912 test913 test914 test915 test916 test917 test918 test919 test92 test920 test921 test922 test923 test924 test925 test926 test927 test928 test929 test93 test930 test931 test932 test933 test934 test935 test936 test937 test938 test939 test94 test940 test941 test942 test943 test944 test945 test946 test947 test948 test949 test95 test950 test951 test952 test953 test954 test955 test956 test957 test958 test959 test96 test960 test961 test962 test963 test964 test965 test966 test967 test968 test969 test97 test970 test971 test972 test973 test974 test975 test976 test977 test978 test979 test98 test980 test981 test982 test983 test984 test985 test986 test987 test988 test989 test99 test990 test991 test992 test993 test994 test995 test996 test997 test998 test999http
testenv
__init__.py caddy.py certs.py client.py curl.py dante.py dnsd.py env.py httpd.py nghttpx.py ports.py sshd.py vsftpd.py ws_echo_server.pylibtest
.gitignore CMakeLists.txt Makefile.am Makefile.inc cli_ftp_upload.c cli_h2_pausing.c cli_h2_serverpush.c cli_h2_upgrade_extreme.c cli_hx_download.c cli_hx_upload.c cli_tls_session_reuse.c cli_upload_pausing.c cli_ws_data.c cli_ws_pingpong.c first.c first.h lib1156.c lib1301.c lib1308.c lib1485.c lib1500.c lib1501.c lib1502.c lib1506.c lib1507.c lib1508.c lib1509.c lib1510.c lib1511.c lib1512.c lib1513.c lib1514.c lib1515.c lib1517.c lib1518.c lib1520.c lib1522.c lib1523.c lib1525.c lib1526.c lib1527.c lib1528.c lib1529.c lib1530.c lib1531.c lib1532.c lib1533.c lib1534.c lib1535.c lib1536.c lib1537.c lib1538.c lib1540.c lib1541.c lib1542.c lib1545.c lib1549.c lib1550.c lib1551.c lib1552.c lib1553.c lib1554.c lib1555.c lib1556.c lib1557.c lib1558.c lib1559.c lib1560.c lib1564.c lib1565.c lib1567.c lib1568.c lib1569.c lib1571.c lib1576.c lib1582.c lib1587.c lib1588.c lib1589.c lib1591.c lib1592.c lib1593.c lib1594.c lib1597.c lib1598.c lib1599.c lib1662.c lib1900.c lib1901.c lib1902.c lib1903.c lib1905.c lib1906.c lib1907.c lib1908.c lib1910.c lib1911.c lib1912.c lib1913.c lib1915.c lib1916.c lib1918.c lib1919.c lib1920.c lib1921.c lib1933.c lib1934.c lib1935.c lib1936.c lib1937.c lib1938.c lib1939.c lib1940.c lib1945.c lib1947.c lib1948.c lib1955.c lib1956.c lib1957.c lib1958.c lib1959.c lib1960.c lib1964.c lib1965.c lib1970.c lib1971.c lib1972.c lib1973.c lib1974.c lib1975.c lib1977.c lib1978.c lib2023.c lib2032.c lib2082.c lib2301.c lib2302.c lib2304.c lib2306.c lib2308.c lib2309.c lib2402.c lib2404.c lib2405.c lib2502.c lib2504.c lib2505.c lib2506.c lib2700.c lib3010.c lib3025.c lib3026.c lib3027.c lib3033.c lib3034.c lib3100.c lib3101.c lib3102.c lib3103.c lib3104.c lib3105.c lib3207.c lib3208.c lib500.c lib501.c lib502.c lib503.c lib504.c lib505.c lib506.c lib507.c lib508.c lib509.c lib510.c lib511.c lib512.c lib513.c lib514.c lib515.c lib516.c lib517.c lib518.c lib519.c lib520.c lib521.c lib523.c lib524.c lib525.c lib526.c lib530.c lib533.c lib536.c lib537.c lib539.c lib540.c lib541.c lib542.c lib543.c lib544.c lib547.c lib549.c lib552.c lib553.c lib554.c lib555.c lib556.c lib557.c lib558.c lib559.c lib560.c lib562.c lib564.c lib566.c lib567.c lib568.c lib569.c lib570.c lib571.c lib572.c lib573.c lib574.c lib575.c lib576.c lib578.c lib579.c lib582.c lib583.c lib586.c lib589.c lib590.c lib591.c lib597.c lib598.c lib599.c lib643.c lib650.c lib651.c lib652.c lib653.c lib654.c lib655.c lib658.c lib659.c lib661.c lib666.c lib667.c lib668.c lib670.c lib674.c lib676.c lib677.c lib678.c lib694.c lib695.c lib751.c lib753.c lib757.c lib758.c lib766.c memptr.c mk-lib1521.pl test1013.pl test1022.pl test307.pl test610.pl test613.pl testtrace.c testtrace.h testutil.c testutil.h unitcheck.hserver
.checksrc .gitignore CMakeLists.txt Makefile.am Makefile.inc dnsd.c first.c first.h getpart.c mqttd.c resolve.c rtspd.c sockfilt.c socksd.c sws.c tftpd.c util.ctunit
.gitignore CMakeLists.txt Makefile.am Makefile.inc README.md tool1394.c tool1604.c tool1621.c tool1622.c tool1623.c tool1720.cunit
.gitignore CMakeLists.txt Makefile.am Makefile.inc README.md unit1300.c unit1302.c unit1303.c unit1304.c unit1305.c unit1307.c unit1309.c unit1323.c unit1330.c unit1395.c unit1396.c unit1397.c unit1398.c unit1399.c unit1600.c unit1601.c unit1602.c unit1603.c unit1605.c unit1606.c unit1607.c unit1608.c unit1609.c unit1610.c unit1611.c unit1612.c unit1614.c unit1615.c unit1616.c unit1620.c unit1625.c unit1626.c unit1627.c unit1636.c unit1650.c unit1651.c unit1652.c unit1653.c unit1654.c unit1655.c unit1656.c unit1657.c unit1658.c unit1660.c unit1661.c unit1663.c unit1664.c unit1666.c unit1667.c unit1668.c unit1669.c unit1674.c unit1675.c unit1676.c unit1979.c unit1980.c unit2600.c unit2601.c unit2602.c unit2603.c unit2604.c unit2605.c unit3200.c unit3205.c unit3211.c unit3212.c unit3213.c unit3214.c unit3216.c unit3219.c unit3300.c unit3301.c unit3302.cexamples
.env config.ini crypto_test.lua env_test.lua fs_example.lua http_server.lua https_test.lua ini_example.lua json.lua log.lua path_fs_example.lua process_example.lua request_download.lua request_test.lua run_all.lua sqlite_example.lua sqlite_http_template.lua stash_test.lua template_test.lua timer.lua websocket.luainiparser
example
iniexample.c iniwrite.c parse.c twisted-errors.ini twisted-genhuge.py twisted-ofkey.ini twisted-ofval.ini twisted.initest
CMakeLists.txt test_dictionary.c test_iniparser.c unity-config.yml unity_config.hjinjac
libjinjac
src
CMakeLists.txt ast.c ast.h block_statement.c block_statement.h buffer.c buffer.h buildin.c buildin.h common.h convert.c convert.h flex_decl.h jfunction.c jfunction.h jinja_expression.l jinja_expression.y jinjac_parse.c jinjac_parse.h jinjac_stream.c jinjac_stream.h jlist.c jlist.h jobject.c jobject.h parameter.c parameter.h str_obj.c str_obj.h trace.c trace.htest
.gitignore CMakeLists.txt autotest.rb test_01.expected test_01.jinja test_01b.expected test_01b.jinja test_01c.expected test_01c.jinja test_01d.expected test_01d.jinja test_02.expected test_02.jinja test_03.expected test_03.jinja test_04.expected test_04.jinja test_05.expected test_05.jinja test_06.expected test_06.jinja test_07.expected test_07.jinja test_08.expected test_08.jinja test_08b.expected test_08b.jinja test_09.expected test_09.jinja test_10.expected test_10.jinja test_11.expected test_11.jinja test_12.expected test_12.jinja test_13.expected test_13.jinja test_14.expected test_14.jinja test_15.expected test_15.jinja test_16.expected test_16.jinja test_17.expected test_17.jinja test_18.expected test_18.jinja test_18b.expected test_18b.jinja test_18c.expected test_18c.jinja test_19.expected test_19.jinja test_19b.expected test_19b.jinja test_19c.expected test_19c.jinja test_19d.expected test_19d.jinja test_19e.expected test_19e.jinja test_19f.expected test_19f.jinja test_20.expected test_20.jinja test_21.expected test_21.jinja test_22.expected test_22.jinja test_22a.expected test_22a.jinja test_22b.expected test_22b.jinja test_23.expected test_23.jinja test_24.expected test_24.jinjalibev
Changes LICENSE Makefile Makefile.am Makefile.in README Symbols.ev Symbols.event aclocal.m4 autogen.sh compile config.guess config.h config.h.in config.status config.sub configure configure.ac depcomp ev++.h ev.3 ev.c ev.h ev.pod ev_epoll.c ev_kqueue.c ev_poll.c ev_port.c ev_select.c ev_vars.h ev_win32.c ev_wrap.h event.c event.h install-sh libev.m4 libtool ltmain.sh missing mkinstalldirs stamp-h1luajit
doc
bluequad-print.css bluequad.css contact.html ext_buffer.html ext_c_api.html ext_ffi.html ext_ffi_api.html ext_ffi_semantics.html ext_ffi_tutorial.html ext_jit.html ext_profiler.html extensions.html install.html luajit.html running.html
dynasm
dasm_arm.h dasm_arm.lua dasm_arm64.h dasm_arm64.lua dasm_mips.h dasm_mips.lua dasm_mips64.lua dasm_ppc.h dasm_ppc.lua dasm_proto.h dasm_x64.lua dasm_x86.h dasm_x86.lua dynasm.luasrc
host
.gitignore README buildvm.c buildvm.h buildvm_asm.c buildvm_fold.c buildvm_lib.c buildvm_libbc.h buildvm_peobj.c genlibbc.lua genminilua.lua genversion.lua minilua.cjit
.gitignore bc.lua bcsave.lua dis_arm.lua dis_arm64.lua dis_arm64be.lua dis_mips.lua dis_mips64.lua dis_mips64el.lua dis_mips64r6.lua dis_mips64r6el.lua dis_mipsel.lua dis_ppc.lua dis_x64.lua dis_x86.lua dump.lua p.lua v.lua zone.luawolfssl
.github
workflows
ada.yml arduino.yml async-examples.yml async.yml atecc608-sim.yml bind.yml cmake-autoconf.yml cmake.yml codespell.yml coverity-scan-fixes.yml cryptocb-only.yml curl.yml cyrus-sasl.yml disable-pk-algs.yml docker-Espressif.yml docker-OpenWrt.yml emnet-nonblock.yml fil-c.yml freertos-mem-track.yml gencertbuf.yml grpc.yml haproxy.yml hostap-vm.yml intelasm-c-fallback.yml ipmitool.yml jwt-cpp.yml krb5.yml libspdm.yml libssh2.yml libvncserver.yml linuxkm.yml macos-apple-native-cert-validation.yml mbedtls.sh mbedtls.yml membrowse-comment.yml membrowse-onboard.yml membrowse-report.yml memcached.sh memcached.yml mono.yml mosquitto.yml msmtp.yml msys2.yml multi-arch.yml multi-compiler.yml net-snmp.yml nginx.yml no-malloc.yml no-tls.yml nss.sh nss.yml ntp.yml ocsp.yml openldap.yml openssh.yml openssl-ech.yml opensslcoexist.yml openvpn.yml os-check.yml packaging.yml pam-ipmi.yml pq-all.yml pr-commit-check.yml psk.yml puf.yml python.yml rng-tools.yml rust-wrapper.yml se050-sim.yml smallStackSize.yml socat.yml softhsm.yml sssd.yml stm32-sim.yml stsafe-a120-sim.yml stunnel.yml symbol-prefixes.yml threadx.yml tls-anvil.yml trackmemory.yml watcomc.yml win-csharp-test.yml wolfCrypt-Wconversion.yml wolfboot-integration.yml wolfsm.yml xcode.yml zephyr-4.x.yml zephyr.ymlIDE
ARDUINO
Arduino_README_prepend.md README.md include.am keywords.txt library.properties.template wolfssl-arduino.cpp wolfssl-arduino.sh wolfssl.hECLIPSE
Espressif
ESP-IDF
examples
template
CMakeLists.txt Makefile README.md partitions_singleapp_large.csv sdkconfig.defaults sdkconfig.defaults.esp8266wolfssl_benchmark
VisualGDB
wolfssl_benchmark_IDF_v4.4_ESP32.sln wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj wolfssl_benchmark_IDF_v5_ESP32.sln wolfssl_benchmark_IDF_v5_ESP32.vgdbproj wolfssl_benchmark_IDF_v5_ESP32C3.sln wolfssl_benchmark_IDF_v5_ESP32C3.vgdbproj wolfssl_benchmark_IDF_v5_ESP32S3.sln wolfssl_benchmark_IDF_v5_ESP32S3.vgdbprojwolfssl_client
CMakeLists.txt Makefile README.md README_server_sm.md partitions_singleapp_large.csv sdkconfig.defaults sdkconfig.defaults.esp32c2 sdkconfig.defaults.esp8266 wolfssl_client_ESP8266.vgdbprojwolfssl_server
CMakeLists.txt Makefile README.md README_server_sm.md partitions_singleapp_large.csv sdkconfig.defaults sdkconfig.defaults.esp32c2 sdkconfig.defaults.esp8266 wolfssl_server_ESP8266.vgdbprojwolfssl_test
VisualGDB
wolfssl_test-IDF_v5_ESP32.sln wolfssl_test-IDF_v5_ESP32.vgdbproj wolfssl_test-IDF_v5_ESP32C3.sln wolfssl_test-IDF_v5_ESP32C3.vgdbproj wolfssl_test-IDF_v5_ESP32C6.sln wolfssl_test-IDF_v5_ESP32C6.vgdbproj wolfssl_test_IDF_v5_ESP32S3.sln wolfssl_test_IDF_v5_ESP32S3.vgdbprojGCC-ARM
Makefile Makefile.bench Makefile.client Makefile.common Makefile.server Makefile.static Makefile.test README.md include.am linker.ld linker_fips.ldIAR-EWARM
embOS
SAMV71_XULT
embOS_SAMV71_XULT_user_settings
user_settings.h user_settings_simple_example.h user_settings_verbose_example.hembOS_wolfcrypt_benchmark_SAMV71_XULT
README_wolfcrypt_benchmark wolfcrypt_benchmark.ewd wolfcrypt_benchmark.ewpINTIME-RTOS
Makefile README.md include.am libwolfssl.c libwolfssl.vcxproj user_settings.h wolfExamples.c wolfExamples.h wolfExamples.sln wolfExamples.vcxproj wolfssl-lib.sln wolfssl-lib.vcxprojMQX
Makefile README-jp.md README.md client-tls.c include.am server-tls.c user_config.h user_settings.hMSVS-2019-AZSPHERE
wolfssl_new_azsphere
.gitignore CMakeLists.txt CMakeSettings.json app_manifest.json applibs_versions.h launch.vs.json main.cNETOS
Makefile.wolfcrypt.inc README.md include.am user_settings.h user_settings.h-cert2425 user_settings.h-cert3389 wolfssl_netos_custom.cPlatformIO
examples
wolfssl_benchmark
CMakeLists.txt README.md platformio.ini sdkconfig.defaults wolfssl_benchmark.code-workspaceROWLEY-CROSSWORKS-ARM
Kinetis_FlashPlacement.xml README.md arm_startup.c benchmark_main.c hw.h include.am kinetis_hw.c retarget.c test_main.c user_settings.h wolfssl.hzp wolfssl_ltc.hzpRenesas
e2studio
RA6M3
README.md README_APRA6M_en.md README_APRA6M_jp.md include.amRX72N
EnvisionKit
Simple
README_EN.md README_JP.mdwolfssl_demo
key_data.c key_data.h user_settings.h wolfssl_demo.c wolfssl_demo.h wolfssl_tsip_unit_test.cSTM32Cube
README.md STM32_Benchmarks.md default_conf.ftl include.am main.c wolfssl_example.c wolfssl_example.hWIN
README.txt include.am test.vcxproj user_settings.h user_settings_dtls.h wolfssl-fips.sln wolfssl-fips.vcxprojWIN-SRTP-KDF-140-3
README.txt include.am resource.h test.vcxproj user_settings.h wolfssl-fips.rc wolfssl-fips.sln wolfssl-fips.vcxprojWIN10
README.txt include.am resource.h test.vcxproj user_settings.h wolfssl-fips.rc wolfssl-fips.sln wolfssl-fips.vcxprojXCODE
Benchmark
include.amXilinxSDK
README.md bench.sh combine.sh eclipse_formatter_profile.xml graph.sh include.am user_settings.h wolfssl_example.capple-universal
wolfssl-multiplatform
iotsafe
Makefile README.md ca-cert.c devices.c devices.h include.am main.c memory-tls.c startup.c target.ld user_settings.hmynewt
README.md apps.wolfcrypttest.pkg.yml crypto.wolfssl.pkg.yml crypto.wolfssl.syscfg.yml include.am setup.shcerts
1024
ca-cert.der ca-cert.pem ca-key.der ca-key.pem client-cert.der client-cert.pem client-key.der client-key.pem client-keyPub.der dh1024.der dh1024.pem dsa-pub-1024.pem dsa1024.der dsa1024.pem include.am rsa1024.der server-cert.der server-cert.pem server-key.der server-key.pemcrl
extra-crls
ca-int-cert-revoked.pem claim-root.pem crl_critical_entry.pem crlnum_57oct.pem crlnum_64oct.pem general-server-crl.pem large_crlnum.pem large_crlnum2.pemdilithium
bench_dilithium_level2_key.der bench_dilithium_level3_key.der bench_dilithium_level5_key.der include.amecc
bp256r1-key.der bp256r1-key.pem ca-secp256k1-cert.pem ca-secp256k1-key.pem client-bp256r1-cert.der client-bp256r1-cert.pem client-secp256k1-cert.der client-secp256k1-cert.pem genecc.sh include.am secp256k1-key.der secp256k1-key.pem secp256k1-param.pem secp256k1-privkey.der secp256k1-privkey.pem server-bp256r1-cert.der server-bp256r1-cert.pem server-secp256k1-cert.der server-secp256k1-cert.pem server2-secp256k1-cert.der server2-secp256k1-cert.pem wolfssl.cnf wolfssl_384.cnfed25519
ca-ed25519-key.der ca-ed25519-key.pem ca-ed25519-priv.der ca-ed25519-priv.pem ca-ed25519.der ca-ed25519.pem client-ed25519-key.der client-ed25519-key.pem client-ed25519-priv.der client-ed25519-priv.pem client-ed25519.der client-ed25519.pem eddsa-ed25519.der eddsa-ed25519.pem gen-ed25519-certs.sh gen-ed25519-keys.sh gen-ed25519.sh include.am root-ed25519-key.der root-ed25519-key.pem root-ed25519-priv.der root-ed25519-priv.pem root-ed25519.der root-ed25519.pem server-ed25519-cert.pem server-ed25519-key.der server-ed25519-key.pem server-ed25519-priv.der server-ed25519-priv.pem server-ed25519.der server-ed25519.pemed448
ca-ed448-key.der ca-ed448-key.pem ca-ed448-priv.der ca-ed448-priv.pem ca-ed448.der ca-ed448.pem client-ed448-key.der client-ed448-key.pem client-ed448-priv.der client-ed448-priv.pem client-ed448.der client-ed448.pem gen-ed448-certs.sh gen-ed448-keys.sh include.am root-ed448-key.der root-ed448-key.pem root-ed448-priv.der root-ed448-priv.pem root-ed448.der root-ed448.pem server-ed448-cert.pem server-ed448-key.der server-ed448-key.pem server-ed448-priv.der server-ed448-priv.pem server-ed448.der server-ed448.pemexternal
DigiCertGlobalRootCA.pem README.txt ca-digicert-ev.pem ca-globalsign-root.pem ca-google-root.pem ca_collection.pem include.amintermediate
ca_false_intermediate
gentestcert.sh int_ca.key server.key test_ca.key test_ca.pem test_int_not_cacert.pem test_sign_bynoca_srv.pem wolfssl_base.conf wolfssl_srv.conflms
bc_hss_L2_H5_W8_root.der bc_hss_L3_H5_W4_root.der bc_lms_chain_ca.der bc_lms_chain_leaf.der bc_lms_native_bc_root.der bc_lms_sha256_h10_w8_root.der bc_lms_sha256_h5_w4_root.der include.ammldsa
README.txt include.am mldsa44-cert.der mldsa44-cert.pem mldsa44-key.pem mldsa44_bare-priv.der mldsa44_bare-seed.der mldsa44_oqskeypair.der mldsa44_priv-only.der mldsa44_pub-spki.der mldsa44_seed-only.der mldsa44_seed-priv.der mldsa65-cert.der mldsa65-cert.pem mldsa65-key.pem mldsa65_bare-priv.der mldsa65_bare-seed.der mldsa65_oqskeypair.der mldsa65_priv-only.der mldsa65_pub-spki.der mldsa65_seed-only.der mldsa65_seed-priv.der mldsa87-cert.der mldsa87-cert.pem mldsa87-key.pem mldsa87_bare-priv.der mldsa87_bare-seed.der mldsa87_oqskeypair.der mldsa87_priv-only.der mldsa87_pub-spki.der mldsa87_seed-only.der mldsa87_seed-priv.derocsp
imposter-root-ca-cert.der imposter-root-ca-cert.pem imposter-root-ca-key.der imposter-root-ca-key.pem include.am index-ca-and-intermediate-cas.txt index-ca-and-intermediate-cas.txt.attr index-intermediate1-ca-issued-certs.txt index-intermediate1-ca-issued-certs.txt.attr index-intermediate2-ca-issued-certs.txt index-intermediate2-ca-issued-certs.txt.attr index-intermediate3-ca-issued-certs.txt index-intermediate3-ca-issued-certs.txt.attr intermediate1-ca-cert.der intermediate1-ca-cert.pem intermediate1-ca-key.der intermediate1-ca-key.pem intermediate2-ca-cert.der intermediate2-ca-cert.pem intermediate2-ca-key.der intermediate2-ca-key.pem intermediate3-ca-cert.der intermediate3-ca-cert.pem intermediate3-ca-key.der intermediate3-ca-key.pem ocsp-responder-cert.der ocsp-responder-cert.pem ocsp-responder-key.der ocsp-responder-key.pem openssl.cnf renewcerts-for-test.sh renewcerts.sh root-ca-cert.der root-ca-cert.pem root-ca-crl.pem root-ca-key.der root-ca-key.pem server1-cert.der server1-cert.pem server1-chain-noroot.pem server1-key.der server1-key.pem server2-cert.der server2-cert.pem server2-key.der server2-key.pem server3-cert.der server3-cert.pem server3-key.der server3-key.pem server4-cert.der server4-cert.pem server4-key.der server4-key.pem server5-cert.der server5-cert.pem server5-key.der server5-key.pem test-leaf-response.der test-multi-response.der test-response-nointern.der test-response-rsapss.der test-response.derp521
ca-p521-key.der ca-p521-key.pem ca-p521-priv.der ca-p521-priv.pem ca-p521.der ca-p521.pem client-p521-key.der client-p521-key.pem client-p521-priv.der client-p521-priv.pem client-p521.der client-p521.pem gen-p521-certs.sh gen-p521-keys.sh include.am root-p521-key.der root-p521-key.pem root-p521-priv.der root-p521-priv.pem root-p521.der root-p521.pem server-p521-cert.pem server-p521-key.der server-p521-key.pem server-p521-priv.der server-p521-priv.pem server-p521.der server-p521.pemrpk
client-cert-rpk.der client-ecc-cert-rpk.der include.am server-cert-rpk.der server-ecc-cert-rpk.derrsapss
ca-3072-rsapss-key.der ca-3072-rsapss-key.pem ca-3072-rsapss-priv.der ca-3072-rsapss-priv.pem ca-3072-rsapss.der ca-3072-rsapss.pem ca-rsapss-key.der ca-rsapss-key.pem ca-rsapss-priv.der ca-rsapss-priv.pem ca-rsapss.der ca-rsapss.pem client-3072-rsapss-key.der client-3072-rsapss-key.pem client-3072-rsapss-priv.der client-3072-rsapss-priv.pem client-3072-rsapss.der client-3072-rsapss.pem client-rsapss-key.der client-rsapss-key.pem client-rsapss-priv.der client-rsapss-priv.pem client-rsapss.der client-rsapss.pem gen-rsapss-keys.sh include.am renew-rsapss-certs.sh root-3072-rsapss-key.der root-3072-rsapss-key.pem root-3072-rsapss-priv.der root-3072-rsapss-priv.pem root-3072-rsapss.der root-3072-rsapss.pem root-rsapss-key.der root-rsapss-key.pem root-rsapss-priv.der root-rsapss-priv.pem root-rsapss.der root-rsapss.pem server-3072-rsapss-cert.pem server-3072-rsapss-key.der server-3072-rsapss-key.pem server-3072-rsapss-priv.der server-3072-rsapss-priv.pem server-3072-rsapss.der server-3072-rsapss.pem server-mix-rsapss-cert.pem server-rsapss-cert.pem server-rsapss-key.der server-rsapss-key.pem server-rsapss-priv.der server-rsapss-priv.pem server-rsapss.der server-rsapss.pemslhdsa
bench_slhdsa_sha2_128f_key.der bench_slhdsa_sha2_128s_key.der bench_slhdsa_sha2_192f_key.der bench_slhdsa_sha2_192s_key.der bench_slhdsa_sha2_256f_key.der bench_slhdsa_sha2_256s_key.der bench_slhdsa_shake128f_key.der bench_slhdsa_shake128s_key.der bench_slhdsa_shake192f_key.der bench_slhdsa_shake192s_key.der bench_slhdsa_shake256f_key.der bench_slhdsa_shake256s_key.der client-mldsa44-priv.pem client-mldsa44-sha2.der client-mldsa44-sha2.pem client-mldsa44-shake.der client-mldsa44-shake.pem gen-slhdsa-mldsa-certs.sh include.am root-slhdsa-sha2-128s-priv.der root-slhdsa-sha2-128s-priv.pem root-slhdsa-sha2-128s.der root-slhdsa-sha2-128s.pem root-slhdsa-shake-128s-priv.der root-slhdsa-shake-128s-priv.pem root-slhdsa-shake-128s.der root-slhdsa-shake-128s.pem server-mldsa44-priv.pem server-mldsa44-sha2.der server-mldsa44-sha2.pem server-mldsa44-shake.der server-mldsa44-shake.pemsm2
ca-sm2-key.der ca-sm2-key.pem ca-sm2-priv.der ca-sm2-priv.pem ca-sm2.der ca-sm2.pem client-sm2-key.der client-sm2-key.pem client-sm2-priv.der client-sm2-priv.pem client-sm2.der client-sm2.pem fix_sm2_spki.py gen-sm2-certs.sh gen-sm2-keys.sh include.am root-sm2-key.der root-sm2-key.pem root-sm2-priv.der root-sm2-priv.pem root-sm2.der root-sm2.pem self-sm2-cert.pem self-sm2-key.pem self-sm2-priv.pem server-sm2-cert.der server-sm2-cert.pem server-sm2-key.der server-sm2-key.pem server-sm2-priv.der server-sm2-priv.pem server-sm2.der server-sm2.pemstatickeys
dh-ffdhe2048-params.pem dh-ffdhe2048-pub.der dh-ffdhe2048-pub.pem dh-ffdhe2048.der dh-ffdhe2048.pem ecc-secp256r1.der ecc-secp256r1.pem gen-static.sh include.am x25519-pub.der x25519-pub.pem x25519.der x25519.pemtest
catalog.txt cert-bad-neg-int.der cert-bad-oid.der cert-bad-utf8.der cert-ext-ia.cfg cert-ext-ia.der cert-ext-ia.pem cert-ext-joi.cfg cert-ext-joi.der cert-ext-joi.pem cert-ext-mnc.der cert-ext-multiple.cfg cert-ext-multiple.der cert-ext-multiple.pem cert-ext-nc-combined.der cert-ext-nc-combined.pem cert-ext-nc.cfg cert-ext-nc.der cert-ext-nc.pem cert-ext-ncdns.der cert-ext-ncdns.pem cert-ext-ncip.der cert-ext-ncip.pem cert-ext-ncmixed.der cert-ext-ncmulti.der cert-ext-ncmulti.pem cert-ext-ncrid.der cert-ext-ncrid.pem cert-ext-nct.cfg cert-ext-nct.der cert-ext-nct.pem cert-ext-ndir-exc.cfg cert-ext-ndir-exc.der cert-ext-ndir-exc.pem cert-ext-ndir.cfg cert-ext-ndir.der cert-ext-ndir.pem cert-ext-ns.der cert-over-max-altnames.cfg cert-over-max-altnames.der cert-over-max-altnames.pem cert-over-max-nc.cfg cert-over-max-nc.der cert-over-max-nc.pem client-ecc-cert-ski.hex cn-ip-literal.der cn-ip-wildcard.der crit-cert.pem crit-key.pem dh1024.der dh1024.pem dh512.der dh512.pem digsigku.pem encrypteddata.msg gen-badsig.sh gen-ext-certs.sh gen-testcerts.sh include.am kari-keyid-cms.msg ktri-keyid-cms.msg ossl-trusted-cert.pem server-badaltname.der server-badaltname.pem server-badaltnull.der server-badaltnull.pem server-badcn.der server-badcn.pem server-badcnnull.der server-badcnnull.pem server-cert-ecc-badsig.der server-cert-ecc-badsig.pem server-cert-rsa-badsig.der server-cert-rsa-badsig.pem server-duplicate-policy.pem server-garbage.der server-garbage.pem server-goodalt.der server-goodalt.pem server-goodaltwild.der server-goodaltwild.pem server-goodcn.der server-goodcn.pem server-goodcnwild.der server-goodcnwild.pem server-localhost.der server-localhost.pem smime-test-canon.p7s smime-test-multipart-badsig.p7s smime-test-multipart.p7s smime-test.p7stest-pathlen
assemble-chains.sh chainA-ICA1-key.pem chainA-ICA1-pathlen0.pem chainA-assembled.pem chainA-entity-key.pem chainA-entity.pem chainB-ICA1-key.pem chainB-ICA1-pathlen0.pem chainB-ICA2-key.pem chainB-ICA2-pathlen1.pem chainB-assembled.pem chainB-entity-key.pem chainB-entity.pem chainC-ICA1-key.pem chainC-ICA1-pathlen1.pem chainC-assembled.pem chainC-entity-key.pem chainC-entity.pem chainD-ICA1-key.pem chainD-ICA1-pathlen127.pem chainD-assembled.pem chainD-entity-key.pem chainD-entity.pem chainE-ICA1-key.pem chainE-ICA1-pathlen128.pem chainE-assembled.pem chainE-entity-key.pem chainE-entity.pem chainF-ICA1-key.pem chainF-ICA1-pathlen1.pem chainF-ICA2-key.pem chainF-ICA2-pathlen0.pem chainF-assembled.pem chainF-entity-key.pem chainF-entity.pem chainG-ICA1-key.pem chainG-ICA1-pathlen0.pem chainG-ICA2-key.pem chainG-ICA2-pathlen1.pem chainG-ICA3-key.pem chainG-ICA3-pathlen99.pem chainG-ICA4-key.pem chainG-ICA4-pathlen5.pem chainG-ICA5-key.pem chainG-ICA5-pathlen20.pem chainG-ICA6-key.pem chainG-ICA6-pathlen10.pem chainG-ICA7-key.pem chainG-ICA7-pathlen100.pem chainG-assembled.pem chainG-entity-key.pem chainG-entity.pem chainH-ICA1-key.pem chainH-ICA1-pathlen0.pem chainH-ICA2-key.pem chainH-ICA2-pathlen2.pem chainH-ICA3-key.pem chainH-ICA3-pathlen2.pem chainH-ICA4-key.pem chainH-ICA4-pathlen2.pem chainH-assembled.pem chainH-entity-key.pem chainH-entity.pem chainI-ICA1-key.pem chainI-ICA1-no_pathlen.pem chainI-ICA2-key.pem chainI-ICA2-no_pathlen.pem chainI-ICA3-key.pem chainI-ICA3-pathlen2.pem chainI-assembled.pem chainI-entity-key.pem chainI-entity.pem chainJ-ICA1-key.pem chainJ-ICA1-no_pathlen.pem chainJ-ICA2-key.pem chainJ-ICA2-no_pathlen.pem chainJ-ICA3-key.pem chainJ-ICA3-no_pathlen.pem chainJ-ICA4-key.pem chainJ-ICA4-pathlen2.pem chainJ-assembled.pem chainJ-entity-key.pem chainJ-entity.pem include.am refreshkeys.shtest-serial0
ee_normal.pem ee_serial0.pem generate_certs.sh include.am intermediate_serial0.pem root_serial0.pem root_serial0_key.pem selfsigned_nonca_serial0.pemxmss
bc_xmss_chain_ca.der bc_xmss_chain_leaf.der bc_xmss_sha2_10_256_root.der bc_xmss_sha2_16_256_root.der bc_xmssmt_sha2_20_2_256_root.der bc_xmssmt_sha2_20_4_256_root.der bc_xmssmt_sha2_40_8_256_root.der include.amcmake
Config.cmake.in README.md config.in functions.cmake include.am options.h.in wolfssl-config-version.cmake.in wolfssl-targets.cmake.indebian
changelog.in control.in copyright include.am libwolfssl-dev.install libwolfssl.install rules.indoc
dox_comments
header_files
aes.h arc4.h ascon.h asn.h asn_public.h blake2.h bn.h camellia.h chacha.h chacha20_poly1305.h cmac.h coding.h compress.h cryptocb.h curve25519.h curve448.h des3.h dh.h doxygen_groups.h doxygen_pages.h dsa.h ecc.h eccsi.h ed25519.h ed448.h error-crypt.h evp.h hash.h hmac.h iotsafe.h kdf.h logging.h md2.h md4.h md5.h memory.h ocsp.h pem.h pkcs11.h pkcs7.h poly1305.h psa.h puf.h pwdbased.h quic.h random.h ripemd.h rsa.h sakke.h sha.h sha256.h sha3.h sha512.h signature.h siphash.h srp.h ssl.h tfm.h types.h wc_encrypt.h wc_port.h wc_she.h wc_slhdsa.h wolfio.hheader_files-ja
aes.h arc4.h ascon.h asn.h asn_public.h blake2.h bn.h camellia.h chacha.h chacha20_poly1305.h cmac.h coding.h compress.h cryptocb.h curve25519.h curve448.h des3.h dh.h doxygen_groups.h doxygen_pages.h dsa.h ecc.h eccsi.h ed25519.h ed448.h error-crypt.h evp.h hash.h hmac.h iotsafe.h kdf.h logging.h md2.h md4.h md5.h memory.h ocsp.h pem.h pkcs11.h pkcs7.h poly1305.h psa.h pwdbased.h quic.h random.h ripemd.h rsa.h sakke.h sha.h sha256.h sha3.h sha512.h signature.h siphash.h srp.h ssl.h tfm.h types.h wc_encrypt.h wc_port.h wolfio.h
examples
async
Makefile README.md async_client.c async_server.c async_tls.c async_tls.h include.am user_settings.hconfigs
README.md include.am user_settings_EBSnet.h user_settings_all.h user_settings_arduino.h user_settings_baremetal.h user_settings_ca.h user_settings_curve25519nonblock.h user_settings_dtls13.h user_settings_eccnonblock.h user_settings_espressif.h user_settings_fipsv2.h user_settings_fipsv5.h user_settings_min_ecc.h user_settings_openssl_compat.h user_settings_pkcs7.h user_settings_platformio.h user_settings_pq.h user_settings_rsa_only.h user_settings_stm32.h user_settings_template.h user_settings_tls12.h user_settings_tls13.h user_settings_wolfboot_keytools.h user_settings_wolfssh.h user_settings_wolftpm.hechoclient
echoclient.c echoclient.h echoclient.sln echoclient.vcproj echoclient.vcxproj include.am quitlinuxkm
Kbuild Makefile README.md get_thread_size.c include.am linuxkm-fips-hash-wrapper.sh linuxkm-fips-hash.c linuxkm_memory.c linuxkm_memory.h linuxkm_wc_port.h lkcapi_aes_glue.c lkcapi_dh_glue.c lkcapi_ecdh_glue.c lkcapi_ecdsa_glue.c lkcapi_glue.c lkcapi_rsa_glue.c lkcapi_sha_glue.c module_exports.c.template module_hooks.c pie_redirect_table.c wolfcrypt.lds x86_vector_register_glue.cm4
ax_add_am_macro.m4 ax_am_jobserver.m4 ax_am_macros.m4 ax_append_compile_flags.m4 ax_append_flag.m4 ax_append_link_flags.m4 ax_append_to_file.m4 ax_atomic.m4 ax_bsdkm.m4 ax_check_compile_flag.m4 ax_check_link_flag.m4 ax_compiler_version.m4 ax_count_cpus.m4 ax_create_generic_config.m4 ax_debug.m4 ax_file_escapes.m4 ax_harden_compiler_flags.m4 ax_linuxkm.m4 ax_print_to_file.m4 ax_pthread.m4 ax_require_defined.m4 ax_tls.m4 ax_vcs_checkout.m4 hexversion.m4 lib_socket_nsl.m4 visibility.m4mqx
wolfcrypt_benchmark
ReferencedRSESystems.xml wolfcrypt_benchmark_twrk70f120m_Int_Flash_DDRData_Debug_PnE_U-MultiLink.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_DDRData_Release_PnE_U-MultiLink.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Debug_JTrace.jlink wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Debug_JTrace.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launchwolfcrypt_test
ReferencedRSESystems.xml wolfcrypt_test_twrk70f120m_Int_Flash_DDRData_Debug_PnE_U-MultiLink.launch wolfcrypt_test_twrk70f120m_Int_Flash_DDRData_Release_PnE_U-MultiLink.launch wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Debug_JTrace.jlink wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Debug_JTrace.launch wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launchwolfssl_client
ReferencedRSESystems.xml wolfssl_client_twrk70f120m_Int_Flash_DDRData_Debug_PnE_U-MultiLink.launch wolfssl_client_twrk70f120m_Int_Flash_DDRData_Release_PnE_U-MultiLink.launch wolfssl_client_twrk70f120m_Int_Flash_SramData_Debug_JTrace.jlink wolfssl_client_twrk70f120m_Int_Flash_SramData_Debug_JTrace.launch wolfssl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch wolfssl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launchscripts
aria-cmake-build-test.sh asn1_oid_sum.pl benchmark.test benchmark_compare.sh cleanup_testfiles.sh crl-gen-openssl.test crl-revoked.test dertoc.pl dtls.test dtlscid.test external.test google.test include.am makedistsmall.sh memtest.sh ocsp-responder-openssl-interop.test ocsp-stapling-with-ca-as-responder.test ocsp-stapling-with-wolfssl-responder.test ocsp-stapling.test ocsp-stapling2.test ocsp-stapling_tls13multi.test ocsp.test openssl.test openssl_srtp.test pem.test ping.test pkcallbacks.test psk.test resume.test rsapss.test sniffer-gen.sh sniffer-ipv6.pcap sniffer-static-rsa.pcap sniffer-testsuite.test sniffer-tls12-keylog.out sniffer-tls12-keylog.pcap sniffer-tls12-keylog.sslkeylog sniffer-tls13-dh-resume.pcap sniffer-tls13-dh.pcap sniffer-tls13-ecc-resume.pcap sniffer-tls13-ecc.pcap sniffer-tls13-hrr.pcap sniffer-tls13-keylog.out sniffer-tls13-keylog.pcap sniffer-tls13-keylog.sslkeylog sniffer-tls13-x25519-resume.pcap sniffer-tls13-x25519.pcap stm32l4-v4_0_1_build.sh tls13.test trusted_peer.test unit.test.in user_settings_asm.shsrc
bio.c conf.c crl.c dtls.c dtls13.c include.am internal.c keys.c ocsp.c pk.c pk_ec.c pk_rsa.c quic.c sniffer.c ssl.c ssl_api_cert.c ssl_api_crl_ocsp.c ssl_api_pk.c ssl_asn1.c ssl_bn.c ssl_certman.c ssl_crypto.c ssl_ech.c ssl_load.c ssl_misc.c ssl_p7p12.c ssl_sess.c ssl_sk.c tls.c tls13.c wolfio.c x509.c x509_str.ctests
api
api.h api_decl.h create_ocsp_test_blobs.py include.am test_aes.c test_aes.h test_arc4.c test_arc4.h test_ascon.c test_ascon.h test_ascon_kats.h test_asn.c test_asn.h test_blake2.c test_blake2.h test_camellia.c test_camellia.h test_certman.c test_certman.h test_chacha.c test_chacha.h test_chacha20_poly1305.c test_chacha20_poly1305.h test_cmac.c test_cmac.h test_curve25519.c test_curve25519.h test_curve448.c test_curve448.h test_des3.c test_des3.h test_dh.c test_dh.h test_digest.h test_dsa.c test_dsa.h test_dtls.c test_dtls.h test_ecc.c test_ecc.h test_ed25519.c test_ed25519.h test_ed448.c test_ed448.h test_evp.c test_evp.h test_evp_cipher.c test_evp_cipher.h test_evp_digest.c test_evp_digest.h test_evp_pkey.c test_evp_pkey.h test_hash.c test_hash.h test_hmac.c test_hmac.h test_md2.c test_md2.h test_md4.c test_md4.h test_md5.c test_md5.h test_mldsa.c test_mldsa.h test_mlkem.c test_mlkem.h test_ocsp.c test_ocsp.h test_ocsp_test_blobs.h test_ossl_asn1.c test_ossl_asn1.h test_ossl_bio.c test_ossl_bio.h test_ossl_bn.c test_ossl_bn.h test_ossl_cipher.c test_ossl_cipher.h test_ossl_dgst.c test_ossl_dgst.h test_ossl_dh.c test_ossl_dh.h test_ossl_dsa.c test_ossl_dsa.h test_ossl_ec.c test_ossl_ec.h test_ossl_ecx.c test_ossl_ecx.h test_ossl_mac.c test_ossl_mac.h test_ossl_obj.c test_ossl_obj.h test_ossl_p7p12.c test_ossl_p7p12.h test_ossl_pem.c test_ossl_pem.h test_ossl_rand.c test_ossl_rand.h test_ossl_rsa.c test_ossl_rsa.h test_ossl_sk.c test_ossl_sk.h test_ossl_x509.c test_ossl_x509.h test_ossl_x509_acert.c test_ossl_x509_acert.h test_ossl_x509_crypto.c test_ossl_x509_crypto.h test_ossl_x509_ext.c test_ossl_x509_ext.h test_ossl_x509_info.c test_ossl_x509_info.h test_ossl_x509_io.c test_ossl_x509_io.h test_ossl_x509_lu.c test_ossl_x509_lu.h test_ossl_x509_name.c test_ossl_x509_name.h test_ossl_x509_pk.c test_ossl_x509_pk.h test_ossl_x509_str.c test_ossl_x509_str.h test_ossl_x509_vp.c test_ossl_x509_vp.h test_pkcs12.c test_pkcs12.h test_pkcs7.c test_pkcs7.h test_poly1305.c test_poly1305.h test_random.c test_random.h test_rc2.c test_rc2.h test_ripemd.c test_ripemd.h test_rsa.c test_rsa.h test_sha.c test_sha.h test_sha256.c test_sha256.h test_sha3.c test_sha3.h test_sha512.c test_sha512.h test_she.c test_she.h test_signature.c test_signature.h test_slhdsa.c test_slhdsa.h test_sm2.c test_sm2.h test_sm3.c test_sm3.h test_sm4.c test_sm4.h test_tls.c test_tls.h test_tls13.c test_tls13.h test_tls_ext.c test_tls_ext.h test_wc_encrypt.c test_wc_encrypt.h test_wolfmath.c test_wolfmath.h test_x509.c test_x509.hwolfcrypt
benchmark
README.md benchmark-VS2022.sln benchmark-VS2022.vcxproj benchmark-VS2022.vcxproj.user benchmark.c benchmark.h benchmark.sln benchmark.vcproj benchmark.vcxproj include.amsrc
port
Espressif
esp_crt_bundle
README.md cacrt_all.pem cacrt_deprecated.pem cacrt_local.pem esp_crt_bundle.c gen_crt_bundle.py pio_install_cryptography.pyRenesas
README.md renesas_common.c renesas_fspsm_aes.c renesas_fspsm_rsa.c renesas_fspsm_sha.c renesas_fspsm_util.c renesas_rx64_hw_sha.c renesas_rx64_hw_util.c renesas_tsip_aes.c renesas_tsip_rsa.c renesas_tsip_sha.c renesas_tsip_util.carm
armv8-32-aes-asm.S armv8-32-aes-asm_c.c armv8-32-chacha-asm.S armv8-32-chacha-asm_c.c armv8-32-curve25519.S armv8-32-curve25519_c.c armv8-32-mlkem-asm.S armv8-32-mlkem-asm_c.c armv8-32-poly1305-asm.S armv8-32-poly1305-asm_c.c armv8-32-sha256-asm.S armv8-32-sha256-asm_c.c armv8-32-sha3-asm.S armv8-32-sha3-asm_c.c armv8-32-sha512-asm.S armv8-32-sha512-asm_c.c armv8-aes-asm.S armv8-aes-asm_c.c armv8-aes.c armv8-chacha-asm.S armv8-chacha-asm_c.c armv8-curve25519.S armv8-curve25519_c.c armv8-mlkem-asm.S armv8-mlkem-asm_c.c armv8-poly1305-asm.S armv8-poly1305-asm_c.c armv8-sha256-asm.S armv8-sha256-asm_c.c armv8-sha256.c armv8-sha3-asm.S armv8-sha3-asm_c.c armv8-sha512-asm.S armv8-sha512-asm_c.c armv8-sha512.c cryptoCell.c cryptoCellHash.c thumb2-aes-asm.S thumb2-aes-asm_c.c thumb2-chacha-asm.S thumb2-chacha-asm_c.c thumb2-curve25519.S thumb2-curve25519_c.c thumb2-mlkem-asm.S thumb2-mlkem-asm_c.c thumb2-poly1305-asm.S thumb2-poly1305-asm_c.c thumb2-sha256-asm.S thumb2-sha256-asm_c.c thumb2-sha3-asm.S thumb2-sha3-asm_c.c thumb2-sha512-asm.S thumb2-sha512-asm_c.ccaam
README.md caam_aes.c caam_doc.pdf caam_driver.c caam_error.c caam_integrity.c caam_qnx.c caam_sha.c wolfcaam_aes.c wolfcaam_cmac.c wolfcaam_ecdsa.c wolfcaam_fsl_nxp.c wolfcaam_hash.c wolfcaam_hmac.c wolfcaam_init.c wolfcaam_qnx.c wolfcaam_rsa.c wolfcaam_seco.c wolfcaam_x25519.cdevcrypto
README.md devcrypto_aes.c devcrypto_ecdsa.c devcrypto_hash.c devcrypto_hmac.c devcrypto_rsa.c devcrypto_x25519.c wc_devcrypto.criscv
riscv-64-aes.c riscv-64-chacha.c riscv-64-poly1305.c riscv-64-sha256.c riscv-64-sha3.c riscv-64-sha512.cwolfssl
openssl
aes.h asn1.h asn1t.h bio.h bn.h buffer.h camellia.h cmac.h cms.h compat_types.h conf.h crypto.h des.h dh.h dsa.h ec.h ec25519.h ec448.h ecdh.h ecdsa.h ed25519.h ed448.h engine.h err.h evp.h fips_rand.h hmac.h include.am kdf.h lhash.h md4.h md5.h modes.h obj_mac.h objects.h ocsp.h opensslconf.h opensslv.h ossl_typ.h pem.h pkcs12.h pkcs7.h rand.h rc4.h ripemd.h rsa.h safestack.h sha.h sha3.h srp.h ssl.h ssl23.h stack.h tls1.h txt_db.h ui.h x509.h x509_vfy.h x509v3.hwolfcrypt
port
Renesas
renesas-fspsm-crypt.h renesas-fspsm-types.h renesas-rx64-hw-crypt.h renesas-tsip-crypt.h renesas_cmn.h renesas_fspsm_internal.h renesas_sync.h renesas_tsip_internal.h renesas_tsip_types.hcaam
caam_driver.h caam_error.h caam_qnx.h wolfcaam.h wolfcaam_aes.h wolfcaam_cmac.h wolfcaam_ecdsa.h wolfcaam_fsl_nxp.h wolfcaam_hash.h wolfcaam_qnx.h wolfcaam_rsa.h wolfcaam_seco.h wolfcaam_sha.h wolfcaam_x25519.hwrapper
Ada
examples
src
aes_verify_main.adb rsa_verify_main.adb sha256_main.adb spark_sockets.adb spark_sockets.ads spark_terminal.adb spark_terminal.ads tls_client.adb tls_client.ads tls_client_main.adb tls_server.adb tls_server.ads tls_server_main.adbtests
src
aes_bindings_tests.adb aes_bindings_tests.ads rsa_verify_bindings_tests.adb rsa_verify_bindings_tests.ads sha256_bindings_tests.adb sha256_bindings_tests.ads tests.adbCSharp
wolfSSL-Example-IOCallbacks
App.config wolfSSL-Example-IOCallbacks.cs wolfSSL-Example-IOCallbacks.csprojwolfSSL-TLS-ServerThreaded
App.config wolfSSL-TLS-ServerThreaded.cs wolfSSL-TLS-ServerThreaded.csprojrust
wolfssl-wolfcrypt
src
aes.rs blake2.rs chacha20_poly1305.rs cmac.rs cmac_mac.rs curve25519.rs dh.rs dilithium.rs ecc.rs ecdsa.rs ed25519.rs ed448.rs fips.rs hkdf.rs hmac.rs hmac_mac.rs kdf.rs lib.rs lms.rs mlkem.rs mlkem_kem.rs pbkdf2_password_hash.rs prf.rs random.rs rsa.rs rsa_pkcs1v15.rs sha.rs sha_digest.rs sys.rstests
test_aes.rs test_blake2.rs test_chacha20_poly1305.rs test_cmac.rs test_cmac_mac.rs test_curve25519.rs test_dh.rs test_dilithium.rs test_ecc.rs test_ecdsa.rs test_ed25519.rs test_ed448.rs test_hkdf.rs test_hmac.rs test_hmac_mac.rs test_kdf.rs test_lms.rs test_mlkem.rs test_mlkem_kem.rs test_pbkdf2_password_hash.rs test_prf.rs test_random.rs test_rsa.rs test_rsa_pkcs1v15.rs test_sha.rs test_sha_digest.rs test_wolfcrypt.rszephyr
samples
wolfssl_benchmark
CMakeLists.txt README install_test.sh prj.conf sample.yaml zephyr_legacy.conf zephyr_v4.1.confwolfssl_test
CMakeLists.txt README install_test.sh prj-no-malloc.conf prj.conf sample.yaml zephyr_legacy.conf zephyr_v4.1.conf
wolfssl/wolfcrypt/src/dh.c
raw
1/* dh.c
2 *
3 * Copyright (C) 2006-2026 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
23
24#ifndef NO_DH
25
26#if defined(HAVE_FIPS) && \
27 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
28
29 /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
30 #define FIPS_NO_WRAPPERS
31
32 #ifdef USE_WINDOWS_API
33 #pragma code_seg(".fipsA$e")
34 #pragma const_seg(".fipsB$e")
35 #endif
36#endif
37
38#include <wolfssl/wolfcrypt/dh.h>
39
40#ifdef WOLFSSL_HAVE_SP_DH
41#include <wolfssl/wolfcrypt/sp.h>
42#endif
43
44#ifdef NO_INLINE
45 #include <wolfssl/wolfcrypt/misc.h>
46#else
47 #define WOLFSSL_MISC_INCLUDED
48 #include <wolfcrypt/src/misc.c>
49#endif
50
51#if FIPS_VERSION3_GE(6,0,0)
52 const unsigned int wolfCrypt_FIPS_dh_ro_sanity[2] =
53 { 0x1a2b3c4d, 0x00000004 };
54 int wolfCrypt_FIPS_DH_sanity(void)
55 {
56 return 0;
57 }
58#endif
59
60#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && !defined(WOLFSSL_SP_ASM)
61 /* force off unneeded vector register save/restore. */
62 #undef SAVE_VECTOR_REGISTERS
63 #define SAVE_VECTOR_REGISTERS(fail_clause) SAVE_NO_VECTOR_REGISTERS(fail_clause)
64 #undef RESTORE_VECTOR_REGISTERS
65 #define RESTORE_VECTOR_REGISTERS() RESTORE_NO_VECTOR_REGISTERS()
66#endif
67
68/*
69Possible DH enable options:
70 * NO_RSA: Overall control of DH default: on (not defined)
71 * WOLFSSL_OLD_PRIME_CHECK: Disables the new prime number check. It does not
72 directly effect this file, but it does speed up DH
73 removing the testing. It is not recommended to
74 disable the prime checking. default: off
75 * WOLFSSL_VALIDATE_DH_KEYGEN: Enable DH key gen consistency checking
76 * (on for FIPS 140-3 or later) default: off
77*/
78
79
80#if !defined(USER_MATH_LIB) && !defined(WOLFSSL_DH_CONST)
81 #include <math.h>
82 #define XPOW(x,y) pow((x),(y))
83 #define XLOG(x) log((x))
84#else
85 /* user's own math lib */
86#endif
87
88#ifdef HAVE_FFDHE_2048
89static const byte dh_ffdhe2048_p[] = {
90 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
91 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
92 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
93 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
94 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
95 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
96 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
97 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
98 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
99 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
100 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
101 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
102 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
103 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
104 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
105 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
106 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
107 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
108 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
109 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
110 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
111 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
112 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
113 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
114 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
115 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
116 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
117 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
118 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
119 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
120 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97,
121 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
122};
123static const byte dh_ffdhe2048_g[] = { 0x02 };
124#ifdef HAVE_FFDHE_Q
125static const byte dh_ffdhe2048_q[] = {
126 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
127 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
128 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
129 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
130 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
131 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
132 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
133 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
134 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
135 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
136 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
137 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
138 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
139 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
140 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
141 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
142 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
143 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
144 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
145 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
146 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
147 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
148 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
149 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
150 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
151 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
152 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
153 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
154 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
155 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
156 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x94, 0x2E, 0x4B,
157 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
158};
159#endif /* HAVE_FFDHE_Q */
160
161#ifdef HAVE_PUBLIC_FFDHE
162const DhParams* wc_Dh_ffdhe2048_Get(void)
163{
164 static const DhParams ffdhe2048 = {
165 #ifdef HAVE_FFDHE_Q
166 dh_ffdhe2048_q, sizeof(dh_ffdhe2048_q),
167 #endif /* HAVE_FFDHE_Q */
168 dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p),
169 dh_ffdhe2048_g, sizeof(dh_ffdhe2048_g)
170 };
171 return &ffdhe2048;
172}
173#endif
174#endif
175
176#ifdef HAVE_FFDHE_3072
177static const byte dh_ffdhe3072_p[] = {
178 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
179 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
180 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
181 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
182 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
183 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
184 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
185 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
186 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
187 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
188 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
189 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
190 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
191 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
192 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
193 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
194 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
195 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
196 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
197 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
198 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
199 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
200 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
201 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
202 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
203 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
204 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
205 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
206 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
207 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
208 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
209 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
210 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
211 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
212 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
213 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
214 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
215 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
216 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
217 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
218 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
219 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
220 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
221 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
222 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
223 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
224 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37,
225 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
226};
227static const byte dh_ffdhe3072_g[] = { 0x02 };
228#ifdef HAVE_FFDHE_Q
229static const byte dh_ffdhe3072_q[] = {
230 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
231 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
232 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
233 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
234 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
235 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
236 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
237 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
238 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
239 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
240 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
241 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
242 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
243 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
244 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
245 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
246 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
247 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
248 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
249 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
250 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
251 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
252 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
253 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
254 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
255 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
256 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
257 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
258 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
259 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
260 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
261 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
262 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
263 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
264 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
265 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
266 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
267 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
268 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
269 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
270 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
271 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
272 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
273 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
274 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
275 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
276 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x63, 0x17, 0x1B,
277 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
278};
279#endif /* HAVE_FFDHE_Q */
280
281#ifdef HAVE_PUBLIC_FFDHE
282const DhParams* wc_Dh_ffdhe3072_Get(void)
283{
284 static const DhParams ffdhe3072 = {
285 #ifdef HAVE_FFDHE_Q
286 dh_ffdhe3072_q, sizeof(dh_ffdhe3072_q),
287 #endif /* HAVE_FFDHE_Q */
288 dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p),
289 dh_ffdhe3072_g, sizeof(dh_ffdhe3072_g)
290 };
291 return &ffdhe3072;
292}
293#endif
294#endif
295
296#ifdef HAVE_FFDHE_4096
297static const byte dh_ffdhe4096_p[] = {
298 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
299 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
300 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
301 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
302 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
303 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
304 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
305 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
306 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
307 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
308 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
309 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
310 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
311 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
312 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
313 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
314 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
315 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
316 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
317 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
318 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
319 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
320 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
321 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
322 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
323 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
324 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
325 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
326 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
327 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
328 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
329 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
330 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
331 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
332 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
333 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
334 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
335 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
336 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
337 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
338 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
339 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
340 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
341 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
342 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
343 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
344 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
345 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
346 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
347 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
348 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
349 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
350 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
351 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
352 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
353 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
354 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
355 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
356 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
357 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
358 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
359 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
360 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A,
361 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
362};
363static const byte dh_ffdhe4096_g[] = { 0x02 };
364#ifdef HAVE_FFDHE_Q
365static const byte dh_ffdhe4096_q[] = {
366 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
367 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
368 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
369 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
370 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
371 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
372 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
373 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
374 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
375 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
376 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
377 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
378 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
379 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
380 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
381 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
382 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
383 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
384 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
385 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
386 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
387 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
388 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
389 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
390 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
391 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
392 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
393 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
394 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
395 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
396 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
397 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
398 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
399 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
400 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
401 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
402 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
403 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
404 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
405 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
406 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
407 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
408 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
409 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
410 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
411 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
412 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
413 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
414 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
415 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
416 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
417 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
418 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
419 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
420 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
421 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
422 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
423 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
424 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
425 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
426 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
427 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
428 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x32, 0xAF, 0xB5,
429 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
430};
431#endif /* HAVE_FFDHE_Q */
432
433#ifdef HAVE_PUBLIC_FFDHE
434const DhParams* wc_Dh_ffdhe4096_Get(void)
435{
436 static const DhParams ffdhe4096 = {
437 #ifdef HAVE_FFDHE_Q
438 dh_ffdhe4096_q, sizeof(dh_ffdhe4096_q),
439 #endif /* HAVE_FFDHE_Q */
440 dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p),
441 dh_ffdhe4096_g, sizeof(dh_ffdhe4096_g)
442 };
443 return &ffdhe4096;
444}
445#endif
446#endif
447
448#ifdef HAVE_FFDHE_6144
449static const byte dh_ffdhe6144_p[] = {
450 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
451 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
452 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
453 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
454 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
455 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
456 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
457 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
458 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
459 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
460 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
461 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
462 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
463 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
464 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
465 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
466 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
467 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
468 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
469 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
470 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
471 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
472 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
473 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
474 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
475 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
476 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
477 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
478 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
479 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
480 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
481 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
482 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
483 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
484 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
485 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
486 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
487 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
488 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
489 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
490 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
491 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
492 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
493 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
494 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
495 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
496 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
497 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
498 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
499 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
500 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
501 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
502 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
503 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
504 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
505 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
506 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
507 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
508 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
509 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
510 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
511 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
512 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
513 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
514 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
515 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
516 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
517 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
518 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
519 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
520 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
521 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
522 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
523 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
524 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
525 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
526 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
527 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
528 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
529 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
530 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
531 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
532 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
533 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
534 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
535 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
536 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
537 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
538 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
539 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
540 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
541 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
542 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
543 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
544 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65,
545 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
546};
547static const byte dh_ffdhe6144_g[] = { 0x02 };
548#ifdef HAVE_FFDHE_Q
549static const byte dh_ffdhe6144_q[] = {
550 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
551 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
552 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
553 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
554 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
555 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
556 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
557 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
558 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
559 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
560 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
561 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
562 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
563 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
564 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
565 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
566 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
567 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
568 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
569 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
570 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
571 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
572 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
573 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
574 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
575 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
576 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
577 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
578 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
579 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
580 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
581 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
582 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
583 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
584 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
585 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
586 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
587 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
588 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
589 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
590 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
591 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
592 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
593 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
594 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
595 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
596 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
597 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
598 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
599 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
600 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
601 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
602 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
603 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
604 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
605 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
606 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
607 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
608 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
609 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
610 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
611 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
612 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
613 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D,
614 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D,
615 0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53,
616 0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64,
617 0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6,
618 0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D,
619 0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
620 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F,
621 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B,
622 0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88,
623 0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C,
624 0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1,
625 0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37,
626 0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
627 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA,
628 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0,
629 0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9,
630 0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB,
631 0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41,
632 0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F,
633 0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
634 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF,
635 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23,
636 0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5,
637 0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B,
638 0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01,
639 0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82,
640 0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
641 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34,
642 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0,
643 0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A,
644 0x52, 0x07, 0x19, 0x4E, 0x68, 0x72, 0x07, 0x32,
645 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
646};
647#endif /* HAVE_FFDHE_Q */
648
649#ifdef HAVE_PUBLIC_FFDHE
650const DhParams* wc_Dh_ffdhe6144_Get(void)
651{
652 static const DhParams ffdhe6144 = {
653 #ifdef HAVE_FFDHE_Q
654 dh_ffdhe6144_q, sizeof(dh_ffdhe6144_q),
655 #endif /* HAVE_FFDHE_Q */
656 dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p),
657 dh_ffdhe6144_g, sizeof(dh_ffdhe6144_g)
658 };
659 return &ffdhe6144;
660}
661#endif
662#endif
663
664#ifdef HAVE_FFDHE_8192
665static const byte dh_ffdhe8192_p[] = {
666 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
667 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
668 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
669 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
670 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
671 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
672 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
673 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
674 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
675 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
676 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
677 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
678 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
679 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
680 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
681 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
682 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
683 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
684 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
685 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
686 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
687 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
688 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
689 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
690 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
691 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
692 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
693 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
694 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
695 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
696 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
697 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
698 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
699 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
700 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
701 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
702 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
703 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
704 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
705 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
706 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
707 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
708 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
709 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
710 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
711 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
712 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
713 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
714 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
715 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
716 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
717 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
718 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
719 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
720 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
721 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
722 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
723 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
724 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
725 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
726 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
727 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
728 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
729 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
730 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
731 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
732 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
733 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
734 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
735 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
736 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
737 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
738 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
739 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
740 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
741 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
742 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
743 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
744 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
745 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
746 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
747 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
748 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
749 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
750 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
751 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
752 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
753 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
754 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
755 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
756 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
757 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
758 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
759 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
760 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA,
761 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38,
762 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64,
763 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43,
764 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E,
765 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF,
766 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29,
767 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65,
768 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02,
769 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4,
770 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82,
771 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C,
772 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51,
773 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22,
774 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74,
775 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE,
776 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C,
777 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC,
778 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B,
779 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9,
780 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0,
781 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31,
782 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57,
783 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8,
784 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E,
785 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30,
786 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E,
787 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE,
788 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D,
789 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D,
790 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E,
791 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C,
792 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C,
793 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
794};
795static const byte dh_ffdhe8192_g[] = { 0x02 };
796#ifdef HAVE_FFDHE_Q
797static const byte dh_ffdhe8192_q[] = {
798 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
799 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
800 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
801 0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
802 0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
803 0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
804 0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
805 0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
806 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
807 0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
808 0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
809 0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
810 0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
811 0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
812 0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
813 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
814 0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
815 0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
816 0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
817 0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
818 0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
819 0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
820 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
821 0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
822 0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
823 0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
824 0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
825 0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
826 0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
827 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
828 0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
829 0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
830 0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
831 0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
832 0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
833 0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
834 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
835 0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
836 0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
837 0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
838 0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
839 0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
840 0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
841 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
842 0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
843 0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
844 0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
845 0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
846 0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
847 0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
848 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
849 0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
850 0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
851 0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
852 0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
853 0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
854 0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
855 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
856 0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
857 0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
858 0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
859 0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
860 0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
861 0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D,
862 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D,
863 0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53,
864 0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64,
865 0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6,
866 0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D,
867 0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
868 0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F,
869 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B,
870 0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88,
871 0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C,
872 0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1,
873 0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37,
874 0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
875 0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA,
876 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0,
877 0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9,
878 0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB,
879 0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41,
880 0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F,
881 0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
882 0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF,
883 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23,
884 0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5,
885 0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B,
886 0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01,
887 0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82,
888 0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
889 0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34,
890 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0,
891 0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A,
892 0x52, 0x07, 0x19, 0x4E, 0x67, 0xFA, 0x35, 0x55,
893 0x1B, 0x56, 0x80, 0x26, 0x7B, 0x00, 0x64, 0x1C,
894 0x0F, 0x21, 0x2D, 0x18, 0xEC, 0xA8, 0xD7, 0x32,
895 0x7E, 0xD9, 0x1F, 0xE7, 0x64, 0xA8, 0x4E, 0xA1,
896 0xB4, 0x3F, 0xF5, 0xB4, 0xF6, 0xE8, 0xE6, 0x2F,
897 0x05, 0xC6, 0x61, 0xDE, 0xFB, 0x25, 0x88, 0x77,
898 0xC3, 0x5B, 0x18, 0xA1, 0x51, 0xD5, 0xC4, 0x14,
899 0xAA, 0xAD, 0x97, 0xBA, 0x3E, 0x49, 0x93, 0x32,
900 0xE5, 0x96, 0x07, 0x8E, 0x60, 0x0D, 0xEB, 0x81,
901 0x14, 0x9C, 0x44, 0x1C, 0xE9, 0x57, 0x82, 0xF2,
902 0x2A, 0x28, 0x25, 0x63, 0xC5, 0xBA, 0xC1, 0x41,
903 0x14, 0x23, 0x60, 0x5D, 0x1A, 0xE1, 0xAF, 0xAE,
904 0x2C, 0x8B, 0x06, 0x60, 0x23, 0x7E, 0xC1, 0x28,
905 0xAA, 0x0F, 0xE3, 0x46, 0x4E, 0x43, 0x58, 0x11,
906 0x5D, 0xB8, 0x4C, 0xC3, 0xB5, 0x23, 0x07, 0x3A,
907 0x28, 0xD4, 0x54, 0x98, 0x84, 0xB8, 0x1F, 0xF7,
908 0x0E, 0x10, 0xBF, 0x36, 0x1C, 0x13, 0x72, 0x96,
909 0x28, 0xD5, 0x34, 0x8F, 0x07, 0x21, 0x1E, 0x7E,
910 0x4C, 0xF4, 0xF1, 0x8B, 0x28, 0x60, 0x90, 0xBD,
911 0xB1, 0x24, 0x0B, 0x66, 0xD6, 0xCD, 0x4A, 0xFC,
912 0xEA, 0xDC, 0x00, 0xCA, 0x44, 0x6C, 0xE0, 0x50,
913 0x50, 0xFF, 0x18, 0x3A, 0xD2, 0xBB, 0xF1, 0x18,
914 0xC1, 0xFC, 0x0E, 0xA5, 0x1F, 0x97, 0xD2, 0x2B,
915 0x8F, 0x7E, 0x46, 0x70, 0x5D, 0x45, 0x27, 0xF4,
916 0x5B, 0x42, 0xAE, 0xFF, 0x39, 0x58, 0x53, 0x37,
917 0x6F, 0x69, 0x7D, 0xD5, 0xFD, 0xF2, 0xC5, 0x18,
918 0x7D, 0x7D, 0x5F, 0x0E, 0x2E, 0xB8, 0xD4, 0x3F,
919 0x17, 0xBA, 0x0F, 0x7C, 0x60, 0xFF, 0x43, 0x7F,
920 0x53, 0x5D, 0xFE, 0xF2, 0x98, 0x33, 0xBF, 0x86,
921 0xCB, 0xE8, 0x8E, 0xA4, 0xFB, 0xD4, 0x22, 0x1E,
922 0x84, 0x11, 0x72, 0x83, 0x54, 0xFA, 0x30, 0xA7,
923 0x00, 0x8F, 0x15, 0x4A, 0x41, 0xC7, 0xFC, 0x46,
924 0x6B, 0x46, 0x45, 0xDB, 0xE2, 0xE3, 0x21, 0x26,
925 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
926};
927#endif /* HAVE_FFDHE_Q */
928
929#ifdef HAVE_PUBLIC_FFDHE
930const DhParams* wc_Dh_ffdhe8192_Get(void)
931{
932 static const DhParams ffdhe8192 = {
933 #ifdef HAVE_FFDHE_Q
934 dh_ffdhe8192_q, sizeof(dh_ffdhe8192_q),
935 #endif /* HAVE_FFDHE_Q */
936 dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p),
937 dh_ffdhe8192_g, sizeof(dh_ffdhe8192_g)
938 };
939 return &ffdhe8192;
940}
941#endif
942#endif
943
944int wc_InitDhKey_ex(DhKey* key, void* heap, int devId)
945{
946 int ret = 0;
947
948 if (key == NULL)
949 return BAD_FUNC_ARG;
950
951 key->heap = heap; /* for XMALLOC/XFREE in future */
952 key->trustedGroup = 0;
953
954#ifdef WOLFSSL_DH_EXTRA
955 if (mp_init_multi(&key->p, &key->g, &key->q, &key->pub, &key->priv, NULL) != MP_OKAY)
956#else
957 if (mp_init_multi(&key->p, &key->g, &key->q, NULL, NULL, NULL) != MP_OKAY)
958#endif
959 return MEMORY_E;
960
961#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
962 /* handle as async */
963 ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH,
964 key->heap, devId);
965#else
966 (void)devId;
967#endif
968
969 key->trustedGroup = 0;
970
971#ifdef WOLFSSL_KCAPI_DH
972 key->handle = NULL;
973#endif
974
975#ifdef WC_DH_NONBLOCK
976 key->nb = NULL;
977#endif
978
979 return ret;
980}
981
982int wc_InitDhKey(DhKey* key)
983{
984 return wc_InitDhKey_ex(key, NULL, INVALID_DEVID);
985}
986
987#ifdef WC_DH_NONBLOCK
988int wc_DhSetNonBlock(DhKey* key, DhNb* nb)
989{
990 if (key == NULL)
991 return BAD_FUNC_ARG;
992
993 if (nb != NULL) {
994 XMEMSET(nb, 0, sizeof(DhNb));
995 }
996
997 /* Pass NULL to disable non-blocking mode. */
998 key->nb = nb;
999
1000 return 0;
1001}
1002#endif
1003
1004
1005int wc_FreeDhKey(DhKey* key)
1006{
1007 if (key) {
1008 mp_clear(&key->p);
1009 mp_clear(&key->g);
1010 mp_clear(&key->q);
1011 #ifdef WOLFSSL_DH_EXTRA
1012 mp_clear(&key->pub);
1013 mp_forcezero(&key->priv);
1014 #endif
1015
1016 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
1017 wolfAsync_DevCtxFree(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH);
1018 #endif
1019 #ifdef WOLFSSL_KCAPI_DH
1020 KcapiDh_Free(key);
1021 #endif
1022 }
1023 return 0;
1024}
1025
1026
1027static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
1028 const byte* prime, word32 primeSz, int partial);
1029#if FIPS_VERSION_GE(5,0) || defined(WOLFSSL_VALIDATE_DH_KEYGEN)
1030static int _ffc_pairwise_consistency_test(DhKey* key,
1031 const byte* pub, word32 pubSz, const byte* priv, word32 privSz);
1032#endif
1033
1034#ifndef WOLFSSL_KCAPI_DH
1035
1036#ifndef WC_NO_RNG
1037/* if defined to not use floating point values do not compile in */
1038#ifndef WOLFSSL_DH_CONST
1039 static word32 DiscreteLogWorkFactor(word32 n)
1040 {
1041 /* assuming discrete log takes about the same time as factoring */
1042 if (n < 5)
1043 return 0;
1044 else
1045 return (word32)((double)2.4 * XPOW((double)n, 1.0/3.0) *
1046 XPOW(XLOG((double)n), 2.0/3.0) - 5);
1047 }
1048#endif /* WOLFSSL_DH_CONST*/
1049
1050
1051/* if not using fixed points use DiscreteLogWorkFactor function for unusual size
1052 otherwise round up on size needed */
1053#ifndef WOLFSSL_DH_CONST
1054 #define WOLFSSL_DH_ROUND(x) WC_DO_NOTHING
1055#else
1056 #define WOLFSSL_DH_ROUND(x) \
1057 do { \
1058 if ((x) % 128) { \
1059 (x) &= 0xffffff80;\
1060 (x) += 128; \
1061 } \
1062 } \
1063 while (0)
1064#endif
1065
1066
1067#ifndef WOLFSSL_NO_DH186
1068/* validate that (L,N) match allowed sizes from SP 800-56A, Section 5.5.1.1.
1069 * modLen - represents L, the size of p in bits
1070 * divLen - represents N, the size of q in bits
1071 * return 0 on success, -1 on error */
1072static int CheckDhLN(word32 modLen, word32 divLen)
1073{
1074 int ret = -1;
1075
1076 switch (modLen) {
1077 /* FA */
1078 case 1024:
1079 if (divLen == 160)
1080 ret = 0;
1081 break;
1082 /* FB, FC */
1083 case 2048:
1084 if (divLen == 224 || divLen == 256)
1085 ret = 0;
1086 break;
1087 /* Per SP 800-56Ar3 Table 2 */
1088 case 3072:
1089 if (divLen == 256)
1090 ret = 0;
1091 break;
1092 default:
1093 break;
1094 }
1095
1096 return ret;
1097}
1098
1099
1100/* Create DH private key
1101 *
1102 * Based on NIST SP 800-56Ar3
1103 * "5.6.1.1.3 Key Pair Generation Using Extra Random Bits"
1104 *
1105 * dh - pointer to initialized DhKey structure, needs to have dh->q
1106 * rng - pointer to initialized WC_RNG structure
1107 * priv - output location for generated private key
1108 * privSz - IN/OUT, size of priv buffer, size of generated private key
1109 *
1110 * return 0 on success, negative on error */
1111static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
1112 word32* privSz)
1113{
1114 word32 qSz, pSz, cSz;
1115 int err;
1116#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1117 mp_int* tmpQ = NULL;
1118 mp_int* tmpX = NULL;
1119 byte* cBuf = NULL;
1120#else
1121 mp_int tmpQ[1], tmpX[1];
1122 byte cBuf[DH_MAX_SIZE + 64 / WOLFSSL_BIT_SIZE];
1123#endif
1124
1125 /* Parameters validated in calling functions. */
1126
1127 if (mp_iszero(&key->q) == MP_YES) {
1128 WOLFSSL_MSG("DH q parameter needed for FIPS 186-4 key generation");
1129 return BAD_FUNC_ARG;
1130 }
1131
1132 qSz = (word32)mp_unsigned_bin_size(&key->q);
1133 pSz = (word32)mp_unsigned_bin_size(&key->p);
1134
1135 /* verify (L,N) pair bit lengths */
1136 /* Trusted primes don't need to be checked. */
1137 if (!key->trustedGroup &&
1138 CheckDhLN(pSz * WOLFSSL_BIT_SIZE, qSz * WOLFSSL_BIT_SIZE) != 0) {
1139 WOLFSSL_MSG("DH param sizes do not match SP 800-56A requirements");
1140 return BAD_FUNC_ARG;
1141 }
1142
1143 /* generate extra 64 bits so that bias from mod function is negligible */
1144 cSz = *privSz + (64 / WOLFSSL_BIT_SIZE);
1145#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1146 cBuf = (byte*)XMALLOC(cSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
1147 if (cBuf == NULL) {
1148 return MEMORY_E;
1149 }
1150 tmpQ = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1151 if (tmpQ == NULL) {
1152 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
1153 return MEMORY_E;
1154 }
1155 tmpX = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1156 if (tmpX == NULL) {
1157 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
1158 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
1159 return MEMORY_E;
1160 }
1161#endif
1162
1163
1164 if ((err = mp_init_multi(tmpX, tmpQ, NULL, NULL, NULL, NULL))
1165 != MP_OKAY) {
1166#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1167 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
1168 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
1169 XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
1170#endif
1171 return err;
1172 }
1173
1174#ifdef WOLFSSL_CHECK_MEM_ZERO
1175 wc_MemZero_Add("GeneratePrivateDh186 cBuf", cBuf, cSz); /* cppcheck-suppress uninitvar */
1176 mp_memzero_add("GeneratePrivateDh186 tmpX", tmpX);
1177#endif
1178 do {
1179 /* generate N+64 bits (c) from RBG into tmpX, making sure positive.
1180 * Hash_DRBG uses SHA-256 which matches maximum
1181 * requested_security_strength of (L,N) */
1182 err = wc_RNG_GenerateBlock(rng, cBuf, cSz);
1183 if (err == MP_OKAY)
1184 err = mp_read_unsigned_bin(tmpX, cBuf, cSz);
1185 if (err != MP_OKAY) {
1186 mp_forcezero(tmpX);
1187 mp_clear(tmpQ);
1188 ForceZero(cBuf, cSz);
1189#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1190 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
1191 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
1192 XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
1193#endif
1194 return err;
1195 }
1196 } while (mp_cmp_d(tmpX, 1) != MP_GT);
1197
1198 ForceZero(cBuf, cSz);
1199#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1200 XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
1201#elif defined(WOLFSSL_CHECK_MEM_ZERO)
1202 wc_MemZero_Check(cBuf, cSz);
1203#endif
1204
1205 /* tmpQ: M = min(2^N,q) - 1 */
1206 if (err == MP_OKAY)
1207 err = mp_2expt(tmpQ, (int)*privSz * 8);
1208
1209 if (err == MP_OKAY) {
1210 if (mp_cmp(tmpQ, &key->q) == MP_GT) {
1211 err = mp_copy(&key->q, tmpQ);
1212 }
1213 }
1214
1215 if (err == MP_OKAY)
1216 err = mp_sub_d(tmpQ, 1, tmpQ);
1217
1218 /* x = c mod (M), tmpX holds c */
1219 if (err == MP_OKAY)
1220 err = mp_mod(tmpX, tmpQ, tmpX);
1221
1222 /* x = c mod (M) + 1 */
1223 if (err == MP_OKAY)
1224 err = mp_add_d(tmpX, 1, tmpX);
1225
1226 /* copy tmpX into priv */
1227 if (err == MP_OKAY) {
1228 pSz = (word32)mp_unsigned_bin_size(tmpX);
1229 if (pSz > *privSz) {
1230 WOLFSSL_MSG("DH private key output buffer too small");
1231 err = BAD_FUNC_ARG;
1232 } else {
1233 *privSz = pSz;
1234 err = mp_to_unsigned_bin(tmpX, priv);
1235 }
1236 }
1237
1238 mp_forcezero(tmpX);
1239 mp_clear(tmpQ);
1240#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1241 XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
1242 XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
1243#elif defined(WOLFSSL_CHECK_MEM_ZERO)
1244 mp_memzero_check(tmpX);
1245#endif
1246
1247 return err;
1248}
1249#endif /* WOLFSSL_NO_DH186 */
1250#endif /* !WC_NO_RNG */
1251
1252static int GeneratePrivateDh(DhKey* key, WC_RNG* rng, byte* priv,
1253 word32* privSz)
1254{
1255#ifndef WC_NO_RNG
1256 int ret = 0;
1257 word32 sz = 0;
1258
1259 if (mp_iseven(&key->p) == MP_YES) {
1260 ret = MP_VAL;
1261 }
1262 else
1263#ifndef WOLFSSL_NO_DH186
1264 if (mp_iszero(&key->q) == MP_NO) {
1265
1266 /* q param available, use NIST SP 800-56Ar3, "5.6.1.1.3 Key Pair
1267 * Generation Using Extra Random Bits" */
1268 ret = GeneratePrivateDh186(key, rng, priv, privSz);
1269
1270 }
1271 else
1272#endif
1273 {
1274
1275 sz = (word32)mp_unsigned_bin_size(&key->p);
1276
1277 /* Table of predetermined values from the operation
1278 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) /
1279 WOLFSSL_BIT_SIZE + 1
1280 Sizes in table checked against RFC 3526
1281 */
1282 WOLFSSL_DH_ROUND(sz); /* if using fixed points only, then round up */
1283 switch (sz) {
1284 case 128: sz = 21; break;
1285 case 256: sz = 29; break;
1286 case 384: sz = 34; break;
1287 case 512: sz = 39; break;
1288 case 640: sz = 42; break;
1289 case 768: sz = 46; break;
1290 case 896: sz = 49; break;
1291 case 1024: sz = 52; break;
1292 default:
1293 #ifndef WOLFSSL_DH_CONST
1294 /* if using floating points and size of p is not in table */
1295 sz = min(sz, 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) /
1296 WOLFSSL_BIT_SIZE + 1);
1297 break;
1298 #else
1299 return BAD_FUNC_ARG;
1300 #endif
1301 }
1302
1303 if (sz > *privSz)
1304 ret = WC_KEY_SIZE_E;
1305
1306 if (ret == 0)
1307 ret = wc_RNG_GenerateBlock(rng, priv, sz);
1308
1309 if (ret == 0) {
1310 priv[0] |= 0x0C;
1311 *privSz = sz;
1312 }
1313 }
1314
1315 return ret;
1316#else
1317 (void)key;
1318 (void)rng;
1319 (void)priv;
1320 (void)privSz;
1321 return NOT_COMPILED_IN;
1322#endif /* WC_NO_RNG */
1323}
1324
1325
1326static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
1327 byte* pub, word32* pubSz)
1328{
1329 int ret = 0;
1330#ifndef WOLFSSL_SP_MATH
1331#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1332 mp_int* x;
1333 mp_int* y;
1334#else
1335 mp_int x[1];
1336 mp_int y[1];
1337#endif
1338#endif
1339
1340 if (*pubSz < (word32)mp_unsigned_bin_size(&key->p)) {
1341 return WC_KEY_SIZE_E;
1342 }
1343
1344#ifdef WOLFSSL_HAVE_SP_DH
1345#ifndef WOLFSSL_SP_NO_2048
1346 if (mp_count_bits(&key->p) == 2048)
1347 return sp_DhExp_2048(&key->g, priv, privSz, &key->p, pub, pubSz);
1348#endif
1349#ifndef WOLFSSL_SP_NO_3072
1350 if (mp_count_bits(&key->p) == 3072)
1351 return sp_DhExp_3072(&key->g, priv, privSz, &key->p, pub, pubSz);
1352#endif
1353#ifdef WOLFSSL_SP_4096
1354 if (mp_count_bits(&key->p) == 4096)
1355 return sp_DhExp_4096(&key->g, priv, privSz, &key->p, pub, pubSz);
1356#endif
1357#endif
1358
1359#if !defined(WOLFSSL_SP_MATH)
1360#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1361 x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1362 if (x == NULL)
1363 return MEMORY_E;
1364 y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1365 if (y == NULL) {
1366 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
1367 return MEMORY_E;
1368 }
1369#endif
1370 if (mp_init_multi(x, y, 0, 0, 0, 0) != MP_OKAY) {
1371 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1372 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
1373 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
1374 #endif
1375 return MP_INIT_E;
1376 }
1377
1378 if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
1379 ret = MP_READ_E;
1380
1381 if (ret == 0 && mp_exptmod(&key->g, x, &key->p, y) != MP_OKAY)
1382 ret = MP_EXPTMOD_E;
1383
1384 if (ret == 0 && mp_to_unsigned_bin(y, pub) != MP_OKAY)
1385 ret = MP_TO_E;
1386
1387 if (ret == 0)
1388 *pubSz = (word32)mp_unsigned_bin_size(y);
1389
1390 mp_clear(y);
1391 mp_forcezero(x);
1392#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1393 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
1394 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
1395#endif
1396#else
1397 ret = WC_KEY_SIZE_E;
1398#endif
1399
1400 return ret;
1401}
1402
1403/**
1404 * Given a DhKey with set params and a priv key, generate the corresponding
1405 * public key. If fips, does pub key validation.
1406 * */
1407int wc_DhGeneratePublic(DhKey* key, byte* priv, word32 privSz,
1408 byte* pub, word32* pubSz)
1409{
1410 int ret = 0;
1411
1412 if (key == NULL || priv == NULL || privSz == 0 ||
1413 pub == NULL || pubSz == NULL) {
1414 return BAD_FUNC_ARG;
1415 }
1416
1417 SAVE_VECTOR_REGISTERS(return _svr_ret;);
1418
1419 ret = GeneratePublicDh(key, priv, privSz, pub, pubSz);
1420
1421 #if FIPS_VERSION_GE(5,0) || defined(WOLFSSL_VALIDATE_DH_KEYGEN)
1422 if (ret == 0)
1423 ret = _ffc_validate_public_key(key, pub, *pubSz, NULL, 0, 0);
1424 if (ret == 0)
1425 ret = _ffc_pairwise_consistency_test(key, pub, *pubSz, priv, privSz);
1426 #endif /* FIPS V5 or later || WOLFSSL_VALIDATE_DH_KEYGEN */
1427
1428 RESTORE_VECTOR_REGISTERS();
1429
1430 return ret;
1431}
1432
1433static int wc_DhGenerateKeyPair_Sync(DhKey* key, WC_RNG* rng,
1434 byte* priv, word32* privSz, byte* pub, word32* pubSz)
1435{
1436 int ret;
1437
1438 if (key == NULL || rng == NULL || priv == NULL || privSz == NULL ||
1439 pub == NULL || pubSz == NULL) {
1440 return BAD_FUNC_ARG;
1441 }
1442
1443 SAVE_VECTOR_REGISTERS(return _svr_ret;);
1444
1445 ret = GeneratePrivateDh(key, rng, priv, privSz);
1446
1447 if (ret == 0)
1448 ret = GeneratePublicDh(key, priv, *privSz, pub, pubSz);
1449#if FIPS_VERSION_GE(5,0) || defined(WOLFSSL_VALIDATE_DH_KEYGEN)
1450 if (ret == 0)
1451 ret = _ffc_validate_public_key(key, pub, *pubSz, NULL, 0, 0);
1452 if (ret == 0)
1453 ret = _ffc_pairwise_consistency_test(key, pub, *pubSz, priv, *privSz);
1454#endif /* FIPS V5 or later || WOLFSSL_VALIDATE_DH_KEYGEN */
1455
1456
1457 RESTORE_VECTOR_REGISTERS();
1458
1459 return ret;
1460}
1461#endif /* !WOLFSSL_KCAPI_DH */
1462
1463#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
1464static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng,
1465 byte* priv, word32* privSz, byte* pub, word32* pubSz)
1466{
1467 int ret;
1468
1469#if defined(HAVE_INTEL_QA)
1470 word32 pBits;
1471
1472 /* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */
1473 pBits = mp_unsigned_bin_size(&key->p) * 8;
1474 if (pBits == 768 || pBits == 1024 || pBits == 1536 ||
1475 pBits == 2048 || pBits == 3072 || pBits == 4096) {
1476 mp_int x;
1477
1478 ret = mp_init(&x);
1479 if (ret != MP_OKAY)
1480 return ret;
1481
1482 ret = GeneratePrivateDh(key, rng, priv, privSz);
1483 if (ret == 0)
1484 ret = mp_read_unsigned_bin(&x, priv, *privSz);
1485 if (ret == MP_OKAY)
1486 ret = wc_mp_to_bigint(&x, &x.raw);
1487 if (ret == MP_OKAY)
1488 ret = wc_mp_to_bigint(&key->p, &key->p.raw);
1489 if (ret == MP_OKAY)
1490 ret = wc_mp_to_bigint(&key->g, &key->g.raw);
1491 if (ret == MP_OKAY)
1492 ret = IntelQaDhKeyGen(&key->asyncDev, &key->p.raw, &key->g.raw,
1493 &x.raw, pub, pubSz);
1494 mp_forcezero(&x);
1495
1496 return ret;
1497 }
1498
1499#elif defined(HAVE_CAVIUM)
1500 /* TODO: Not implemented - use software for now */
1501
1502#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
1503 if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_GEN)) {
1504 WC_ASYNC_SW* sw = &key->asyncDev.sw;
1505 sw->dhGen.key = key;
1506 sw->dhGen.rng = rng;
1507 sw->dhGen.priv = priv;
1508 sw->dhGen.privSz = privSz;
1509 sw->dhGen.pub = pub;
1510 sw->dhGen.pubSz = pubSz;
1511 return WC_PENDING_E;
1512 }
1513#endif
1514
1515 /* otherwise use software DH */
1516 ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz);
1517
1518 return ret;
1519}
1520#endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_DH */
1521
1522
1523/* Check DH Public Key for invalid numbers, optionally allowing
1524 * the public key to be checked against the large prime (q).
1525 * If q is NULL, the q value of key is used.
1526 * Check per process in SP 800-56Ar3, section 5.6.2.3.1 or 2.
1527 *
1528 * key DH key group parameters.
1529 * pub Public Key.
1530 * pubSz Public Key size.
1531 * prime Large prime (q), optionally NULL to skip check
1532 * primeSz Size of large prime
1533 * partial Do the partial test process. (section 5.6.2.3.2)
1534 *
1535 * returns 0 on success or error code
1536 */
1537static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
1538 const byte* prime, word32 primeSz, int partial)
1539{
1540 int ret = 0;
1541#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1542 mp_int* y = NULL;
1543 mp_int* p = NULL;
1544 mp_int* q = NULL;
1545#else
1546 mp_int y[1];
1547 mp_int p[1];
1548 mp_int q[1];
1549#endif
1550
1551 if (key == NULL || pub == NULL) {
1552 return BAD_FUNC_ARG;
1553 }
1554
1555#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1556 y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1557 if (y == NULL)
1558 return MEMORY_E;
1559 p = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1560 if (p == NULL) {
1561 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
1562 return MEMORY_E;
1563 }
1564 q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1565 if (q == NULL) {
1566 XFREE(p, key->heap, DYNAMIC_TYPE_DH);
1567 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
1568 return MEMORY_E;
1569 }
1570#endif
1571
1572 if (mp_init_multi(y, p, q, NULL, NULL, NULL) != MP_OKAY) {
1573 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1574 XFREE(q, key->heap, DYNAMIC_TYPE_DH);
1575 XFREE(p, key->heap, DYNAMIC_TYPE_DH);
1576 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
1577 #endif
1578 return MP_INIT_E;
1579 }
1580
1581 SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
1582
1583 if (mp_read_unsigned_bin(y, pub, pubSz) != MP_OKAY) {
1584 ret = MP_READ_E;
1585 }
1586
1587 if (ret == 0 && prime != NULL) {
1588 if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
1589 ret = MP_READ_E;
1590
1591 } else if (mp_iszero(&key->q) == MP_NO) {
1592 /* use q available in DhKey */
1593 if (mp_copy(&key->q, q) != MP_OKAY)
1594 ret = MP_INIT_E;
1595 }
1596
1597 /* SP 800-56Ar3, section 5.6.2.3.2 */
1598 /* pub (y) should not be 0 or 1 */
1599 if (ret == 0 && mp_cmp_d(y, 2) == MP_LT) {
1600 ret = MP_CMP_E;
1601 }
1602
1603 /* pub (y) shouldn't be greater than or equal to p - 1 */
1604 if (ret == 0 && mp_copy(&key->p, p) != MP_OKAY) {
1605 ret = MP_INIT_E;
1606 }
1607 if (ret == 0 && mp_sub_d(p, 2, p) != MP_OKAY) {
1608 ret = MP_SUB_E;
1609 }
1610 if (ret == 0 && mp_cmp(y, p) == MP_GT) {
1611 ret = MP_CMP_E;
1612 }
1613
1614 if (!partial) {
1615 if (ret == 0 && (prime != NULL || (mp_iszero(&key->q) == MP_NO) )) {
1616
1617 /* restore key->p into p */
1618 if (mp_copy(&key->p, p) != MP_OKAY)
1619 ret = MP_INIT_E;
1620 }
1621
1622 /* SP 800-56Ar3, section 5.6.2.3.1, process step 2 */
1623 if (ret == 0 && prime != NULL) {
1624#ifdef WOLFSSL_HAVE_SP_DH
1625#ifndef WOLFSSL_SP_NO_2048
1626 if (mp_count_bits(&key->p) == 2048) {
1627 ret = sp_ModExp_2048(y, q, p, y);
1628 if (ret != 0)
1629 ret = MP_EXPTMOD_E;
1630 }
1631 else
1632#endif
1633#ifndef WOLFSSL_SP_NO_3072
1634 if (mp_count_bits(&key->p) == 3072) {
1635 ret = sp_ModExp_3072(y, q, p, y);
1636 if (ret != 0)
1637 ret = MP_EXPTMOD_E;
1638 }
1639 else
1640#endif
1641#ifdef WOLFSSL_SP_4096
1642 if (mp_count_bits(&key->p) == 4096) {
1643 ret = sp_ModExp_4096(y, q, p, y);
1644 if (ret != 0)
1645 ret = MP_EXPTMOD_E;
1646 }
1647 else
1648#endif
1649#endif
1650
1651 {
1652#if !defined(WOLFSSL_SP_MATH)
1653 /* calculate (y^q) mod(p), store back into y */
1654 if (mp_exptmod(y, q, p, y) != MP_OKAY)
1655 ret = MP_EXPTMOD_E;
1656#else
1657 ret = WC_KEY_SIZE_E;
1658#endif
1659 }
1660
1661 /* verify above == 1 */
1662 if (ret == 0 && mp_cmp_d(y, 1) != MP_EQ)
1663 ret = MP_CMP_E;
1664 }
1665 }
1666
1667 mp_clear(y);
1668 mp_clear(p);
1669 mp_clear(q);
1670
1671 RESTORE_VECTOR_REGISTERS();
1672
1673#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1674 XFREE(q, key->heap, DYNAMIC_TYPE_DH);
1675 XFREE(p, key->heap, DYNAMIC_TYPE_DH);
1676 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
1677#endif
1678
1679 return ret;
1680}
1681
1682
1683/* Performs a full public-key validation routine. */
1684int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
1685 const byte* prime, word32 primeSz)
1686{
1687 return _ffc_validate_public_key(key, pub, pubSz, prime, primeSz, 0);
1688}
1689
1690
1691/* Check DH Public Key for invalid numbers. Performs a partial public-key
1692 * validation routine.
1693 *
1694 * key DH key group parameters.
1695 * pub Public Key.
1696 * pubSz Public Key size.
1697 *
1698 * returns 0 on success or error code
1699 */
1700int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz)
1701{
1702 return _ffc_validate_public_key(key, pub, pubSz, NULL, 0, 1);
1703}
1704
1705
1706/**
1707 * Quick validity check of public key value against prime.
1708 * Checks are:
1709 * - Public key not 0 or 1
1710 * - Public key not equal to prime or prime - 1
1711 * - Public key not bigger than prime.
1712 *
1713 * prime Big-endian encoding of prime in bytes.
1714 * primeSz Size of prime in bytes.
1715 * pub Big-endian encoding of public key in bytes.
1716 * pubSz Size of public key in bytes.
1717 */
1718int wc_DhCheckPubValue(const byte* prime, word32 primeSz, const byte* pub,
1719 word32 pubSz)
1720{
1721 int ret = 0;
1722 word32 i;
1723
1724 for (i = 0; i < pubSz && pub[i] == 0; i++) {
1725 }
1726 pubSz -= i;
1727 pub += i;
1728
1729 if (pubSz == 0 || (pubSz == 1 && pub[0] == 1))
1730 ret = MP_VAL;
1731 else if (pubSz == primeSz) {
1732 for (i = 0; i < pubSz-1 && pub[i] == prime[i]; i++) {
1733 }
1734 if (i == pubSz-1 && (pub[i] == prime[i] || pub[i] == prime[i] - 1))
1735 ret = MP_VAL;
1736 else if (pub[i] > prime[i])
1737 ret = MP_VAL;
1738 }
1739 else if (pubSz > primeSz)
1740 ret = MP_VAL;
1741
1742 return ret;
1743}
1744
1745
1746/* Check DH Private Key for invalid numbers, optionally allowing
1747 * the private key to be checked against the large prime (q).
1748 * Check per process in SP 800-56Ar3, section 5.6.2.1.2.
1749 *
1750 * key DH key group parameters.
1751 * priv Private Key.
1752 * privSz Private Key size.
1753 * prime Large prime (q), optionally NULL to skip check
1754 * primeSz Size of large prime
1755 *
1756 * returns 0 on success or error code
1757 */
1758int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
1759 const byte* prime, word32 primeSz)
1760{
1761 int ret = 0;
1762#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1763 mp_int* x = NULL;
1764 mp_int* q = NULL;
1765#else
1766 mp_int x[1];
1767 mp_int q[1];
1768#endif
1769
1770 if (key == NULL || priv == NULL) {
1771 return BAD_FUNC_ARG;
1772 }
1773
1774#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1775 x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1776 if (x == NULL)
1777 return MEMORY_E;
1778 q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1779 if (q == NULL) {
1780 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
1781 return MEMORY_E;
1782 }
1783#endif
1784
1785 if (mp_init_multi(x, q, NULL, NULL, NULL, NULL) != MP_OKAY) {
1786 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1787 XFREE(q, key->heap, DYNAMIC_TYPE_DH);
1788 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
1789 #endif
1790 return MP_INIT_E;
1791 }
1792
1793 if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY) {
1794 ret = MP_READ_E;
1795 }
1796
1797 if (ret == 0) {
1798 #ifdef WOLFSSL_CHECK_MEM_ZERO
1799 mp_memzero_add("wc_DhCheckPrivKey_ex x", x);
1800 #endif
1801 if (prime != NULL) {
1802 if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
1803 ret = MP_READ_E;
1804 }
1805 else if (mp_iszero(&key->q) == MP_NO) {
1806 /* use q available in DhKey */
1807 if (mp_copy(&key->q, q) != MP_OKAY)
1808 ret = MP_INIT_E;
1809 }
1810 }
1811
1812 /* priv (x) should not be 0 */
1813 if (ret == 0) {
1814 if (mp_cmp_d(x, 0) == MP_EQ)
1815 ret = MP_CMP_E;
1816 }
1817
1818 if (ret == 0) {
1819 if (mp_iszero(q) == MP_NO) {
1820 /* priv (x) shouldn't be greater than q - 1 */
1821 if (mp_copy(&key->q, q) != MP_OKAY)
1822 ret = MP_INIT_E;
1823 if (ret == 0) {
1824 if (mp_sub_d(q, 1, q) != MP_OKAY)
1825 ret = MP_SUB_E;
1826 }
1827 if (ret == 0) {
1828 if (mp_cmp(x, q) == MP_GT)
1829 ret = DH_CHECK_PRIV_E;
1830 }
1831 }
1832 }
1833
1834 mp_forcezero(x);
1835 mp_clear(q);
1836#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1837 XFREE(q, key->heap, DYNAMIC_TYPE_DH);
1838 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
1839#elif defined(WOLFSSL_CHECK_MEM_ZERO)
1840 mp_memzero_check(x);
1841#endif
1842
1843 return ret;
1844}
1845
1846
1847/* Check DH Private Key for invalid numbers
1848 *
1849 * key DH key group parameters.
1850 * priv Private Key.
1851 * privSz Private Key size.
1852 *
1853 * returns 0 on success or error code
1854 */
1855int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 privSz)
1856{
1857 return wc_DhCheckPrivKey_ex(key, priv, privSz, NULL, 0);
1858}
1859
1860
1861/* Performs a Pairwise Consistency Test on an FFC key pair. */
1862/* Check DH Keys for pair-wise consistency per process in
1863 * SP 800-56Ar3, section 5.6.2.1.4, method (b) for FFC. */
1864static int _ffc_pairwise_consistency_test(DhKey* key,
1865 const byte* pub, word32 pubSz, const byte* priv, word32 privSz)
1866{
1867#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1868 mp_int* publicKey = NULL;
1869 mp_int* privateKey = NULL;
1870 mp_int* checkKey = NULL;
1871#else
1872 mp_int publicKey[1];
1873 mp_int privateKey[1];
1874 mp_int checkKey[1];
1875#endif
1876 int ret = 0;
1877
1878 if (key == NULL || pub == NULL || priv == NULL)
1879 return BAD_FUNC_ARG;
1880 if (mp_iseven(&key->p) == MP_YES)
1881 return MP_VAL;
1882
1883#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1884 publicKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1885 if (publicKey == NULL)
1886 return MEMORY_E;
1887 privateKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1888 if (privateKey == NULL) {
1889 XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
1890 return MEMORY_E;
1891 }
1892 checkKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
1893 if (checkKey == NULL) {
1894 XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
1895 XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
1896 return MEMORY_E;
1897 }
1898#endif
1899
1900 if (mp_init_multi(publicKey, privateKey, checkKey,
1901 NULL, NULL, NULL) != MP_OKAY) {
1902
1903 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1904 XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
1905 XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
1906 XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
1907 #endif
1908 return MP_INIT_E;
1909 }
1910
1911 SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
1912
1913 /* Load the private and public keys into big integers. */
1914 if (mp_read_unsigned_bin(publicKey, pub, pubSz) != MP_OKAY ||
1915 mp_read_unsigned_bin(privateKey, priv, privSz) != MP_OKAY) {
1916
1917 ret = MP_READ_E;
1918 }
1919#ifdef WOLFSSL_CHECK_MEM_ZERO
1920 mp_memzero_add("_ffc_pairwise_consistency_test privateKey", privateKey);
1921#endif
1922
1923 /* Calculate checkKey = g^privateKey mod p */
1924 if (ret == 0) {
1925#ifdef WOLFSSL_HAVE_SP_DH
1926#ifndef WOLFSSL_SP_NO_2048
1927 if (mp_count_bits(&key->p) == 2048) {
1928 ret = sp_ModExp_2048(&key->g, privateKey, &key->p, checkKey);
1929 if (ret != 0)
1930 ret = MP_EXPTMOD_E;
1931 }
1932 else
1933#endif
1934#ifndef WOLFSSL_SP_NO_3072
1935 if (mp_count_bits(&key->p) == 3072) {
1936 ret = sp_ModExp_3072(&key->g, privateKey, &key->p, checkKey);
1937 if (ret != 0)
1938 ret = MP_EXPTMOD_E;
1939 }
1940 else
1941#endif
1942#ifdef WOLFSSL_SP_4096
1943 if (mp_count_bits(&key->p) == 4096) {
1944 ret = sp_ModExp_4096(&key->g, privateKey, &key->p, checkKey);
1945 if (ret != 0)
1946 ret = MP_EXPTMOD_E;
1947 }
1948 else
1949#endif
1950#endif
1951 {
1952#if !defined(WOLFSSL_SP_MATH)
1953 if (mp_exptmod(&key->g, privateKey, &key->p, checkKey) != MP_OKAY)
1954 ret = MP_EXPTMOD_E;
1955#else
1956 ret = WC_KEY_SIZE_E;
1957#endif
1958 }
1959 }
1960
1961 /* Compare the calculated public key to the supplied check value. */
1962 if (ret == 0) {
1963 if (mp_cmp(checkKey, publicKey) != MP_EQ)
1964 ret = MP_CMP_E;
1965 }
1966
1967 mp_forcezero(privateKey);
1968 mp_clear(publicKey);
1969 mp_clear(checkKey);
1970
1971 RESTORE_VECTOR_REGISTERS();
1972
1973#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1974 XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
1975 XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
1976 XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
1977#elif defined(WOLFSSL_CHECK_MEM_ZERO)
1978 mp_memzero_check(privateKey);
1979#endif
1980
1981 return ret;
1982}
1983
1984
1985/* Check DH Keys for pair-wise consistency per process in
1986 * SP 800-56Ar3, section 5.6.2.1.4, method (b) for FFC.
1987 *
1988 * key DH key group parameters.
1989 * pub Public Key.
1990 * pubSz Public Key size.
1991 * priv Private Key.
1992 * privSz Private Key size.
1993 *
1994 * returns 0 on success or error code
1995 */
1996int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
1997 const byte* priv, word32 privSz)
1998{
1999 return _ffc_pairwise_consistency_test(key, pub, pubSz, priv, privSz);
2000}
2001
2002
2003int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng,
2004 byte* priv, word32* privSz, byte* pub, word32* pubSz)
2005{
2006 int ret;
2007
2008 if (key == NULL || rng == NULL || priv == NULL || privSz == NULL ||
2009 pub == NULL || pubSz == NULL) {
2010 return BAD_FUNC_ARG;
2011 }
2012
2013#ifdef WOLFSSL_KCAPI_DH
2014 (void)priv;
2015 (void)privSz;
2016 ret = KcapiDh_MakeKey(key, pub, pubSz);
2017#else
2018#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
2019 if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) {
2020 ret = wc_DhGenerateKeyPair_Async(key, rng, priv, privSz, pub, pubSz);
2021 }
2022 else
2023#endif
2024 {
2025 ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz);
2026 }
2027#endif /* WOLFSSL_KCAPI_DH */
2028
2029 return ret;
2030}
2031
2032#ifndef WOLFSSL_KCAPI_DH
2033static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
2034 const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz, int ct)
2035{
2036 int ret = 0;
2037#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
2038 mp_int* y = NULL;
2039#if !defined(WOLFSSL_SP_MATH)
2040 mp_int* x = NULL;
2041 mp_int* z = NULL;
2042#endif
2043#else
2044 mp_int y[1];
2045#if !defined(WOLFSSL_SP_MATH)
2046 mp_int x[1];
2047 mp_int z[1];
2048#endif
2049#endif
2050
2051 if (mp_iseven(&key->p) == MP_YES) {
2052 return MP_VAL;
2053 }
2054
2055 /* Non-blocking re-entry: the same wc_DhAgree call repeats until the
2056 * SP state machine completes, so cache the per-op key validation
2057 * results instead of re-running them each yield. The cache is
2058 * scoped to non-blocking, non-const-time callers only. */
2059#ifdef WC_DH_NONBLOCK
2060 if (key->nb == NULL || ct || !key->nb->pubKeyValidated)
2061#endif
2062 {
2063#ifdef WOLFSSL_VALIDATE_FFC_IMPORT
2064 if (wc_DhCheckPrivKey(key, priv, privSz) != 0) {
2065 WOLFSSL_MSG("wc_DhAgree wc_DhCheckPrivKey failed");
2066 return DH_CHECK_PRIV_E;
2067 }
2068#endif
2069 /* Always validate peer public key (2 <= y <= p-2) per SP 800-56A */
2070 if (wc_DhCheckPubKey(key, otherPub, pubSz) != 0) {
2071 WOLFSSL_MSG("wc_DhAgree wc_DhCheckPubKey failed");
2072 return DH_CHECK_PUB_E;
2073 }
2074#ifdef WC_DH_NONBLOCK
2075 if (key->nb != NULL && !ct) {
2076 key->nb->pubKeyValidated = 1;
2077 }
2078#endif
2079 }
2080
2081#if defined(WC_DH_NONBLOCK) && defined(WOLFSSL_HAVE_SP_DH) && \
2082 defined(WOLFSSL_SP_NONBLOCK) && defined(WOLFSSL_SP_SMALL) && \
2083 !defined(WOLFSSL_SP_FAST_MODEXP)
2084 /* Non-blocking dispatch bypasses the mp_int dance entirely - the SP
2085 * wrapper takes byte buffers and persists across yields. The constant-
2086 * time fold-back (ct branch) is intentionally not applied here; nb
2087 * callers should use the standard wc_DhAgree(). */
2088 if (key->nb != NULL && !ct) {
2089 int nb_ret = MP_OKAY;
2090 int dispatched = 0;
2091 #ifndef WOLFSSL_SP_NO_2048
2092 if (mp_count_bits(&key->p) == 2048) {
2093 nb_ret = sp_DhExp_2048_nb(&key->nb->sp_ctx, otherPub, pubSz,
2094 priv, privSz, &key->p, agree, agreeSz);
2095 dispatched = 1;
2096 }
2097 #endif
2098 #ifndef WOLFSSL_SP_NO_3072
2099 if (!dispatched && mp_count_bits(&key->p) == 3072) {
2100 nb_ret = sp_DhExp_3072_nb(&key->nb->sp_ctx, otherPub, pubSz,
2101 priv, privSz, &key->p, agree, agreeSz);
2102 dispatched = 1;
2103 }
2104 #endif
2105 #ifdef WOLFSSL_SP_4096
2106 if (!dispatched && mp_count_bits(&key->p) == 4096) {
2107 nb_ret = sp_DhExp_4096_nb(&key->nb->sp_ctx, otherPub, pubSz,
2108 priv, privSz, &key->p, agree, agreeSz);
2109 dispatched = 1;
2110 }
2111 #endif
2112 if (dispatched) {
2113 /* Op finished (or hit a hard error) - clear the cached
2114 * validation so the next op on this DhNb re-runs the
2115 * SP 800-56A peer-key check. MP_WOULDBLOCK keeps it. */
2116 if (nb_ret != WC_NO_ERR_TRACE(MP_WOULDBLOCK)) {
2117 key->nb->pubKeyValidated = 0;
2118 }
2119 return nb_ret;
2120 }
2121 /* size not nb-supported - the blocking path below completes in
2122 * one call, so the cached validation is single-use. Clear it
2123 * here so the next agree on this DhNb re-validates. */
2124 key->nb->pubKeyValidated = 0;
2125 /* fall through to blocking path */
2126 }
2127#endif
2128
2129#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
2130 y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
2131 if (y == NULL)
2132 return MEMORY_E;
2133#if !defined(WOLFSSL_SP_MATH)
2134 x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
2135 if (x == NULL) {
2136 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
2137 return MEMORY_E;
2138 }
2139 z = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
2140 if (z == NULL) {
2141 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
2142 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
2143 return MEMORY_E;
2144 }
2145#endif
2146#endif
2147
2148#ifdef WOLFSSL_HAVE_SP_DH
2149 if (0
2150#ifndef WOLFSSL_SP_NO_2048
2151 || mp_count_bits(&key->p) == 2048
2152#endif
2153#ifndef WOLFSSL_SP_NO_3072
2154 || mp_count_bits(&key->p) == 3072
2155#endif
2156#ifdef WOLFSSL_SP_4096
2157 || mp_count_bits(&key->p) == 4096
2158#endif
2159 ) {
2160 int i = (int)*agreeSz - 1;
2161
2162 if (mp_init(y) != MP_OKAY)
2163 ret = MP_INIT_E;
2164
2165 if (ret == 0) {
2166 SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
2167
2168 if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
2169 ret = MP_READ_E;
2170
2171 if (ret == 0) {
2172 #ifndef WOLFSSL_SP_NO_2048
2173 if (mp_count_bits(&key->p) == 2048) {
2174 ret = sp_DhExp_2048(y, priv, privSz, &key->p, agree,
2175 agreeSz);
2176 }
2177 #endif
2178 #ifndef WOLFSSL_SP_NO_3072
2179 if (mp_count_bits(&key->p) == 3072) {
2180 ret = sp_DhExp_3072(y, priv, privSz, &key->p, agree,
2181 agreeSz);
2182 }
2183 #endif
2184 #ifdef WOLFSSL_SP_4096
2185 if (mp_count_bits(&key->p) == 4096) {
2186 ret = sp_DhExp_4096(y, priv, privSz, &key->p, agree,
2187 agreeSz);
2188 }
2189 #endif
2190 }
2191
2192 mp_clear(y);
2193
2194 RESTORE_VECTOR_REGISTERS();
2195 }
2196
2197 /* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
2198 if ((ret == 0) &&
2199 ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))))
2200 {
2201 ret = MP_VAL;
2202 }
2203
2204 if ((ret == 0) && ct) {
2205 volatile word16 mask = 0xff;
2206 sword16 o = (sword16)(*agreeSz - 1);
2207
2208 *agreeSz = (word32)(i + 1);
2209 for (; i >= 0 ; i--) {
2210 agree[i] = agree[o] & (byte)mask;
2211 mask = ctMask16LT(0, (int)o);
2212 o = (sword16)(o + (sword16)mask);
2213 }
2214 }
2215
2216 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
2217 #if !defined(WOLFSSL_SP_MATH)
2218 XFREE(z, key->heap, DYNAMIC_TYPE_DH);
2219 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
2220 #endif
2221 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
2222 #endif
2223 return ret;
2224 }
2225#endif
2226
2227#if !defined(WOLFSSL_SP_MATH)
2228 if (mp_init_multi(x, y, z, 0, 0, 0) != MP_OKAY) {
2229 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
2230 XFREE(z, key->heap, DYNAMIC_TYPE_DH);
2231 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
2232 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
2233 #endif
2234 return MP_INIT_E;
2235 }
2236#if defined(WOLFSSL_SP_MATH_ALL)
2237 if (ct) {
2238 /* TFM and Integer implementations keep high words zero.
2239 * SP math implementation needs all words set to zero as it doesn't
2240 * ensure unused words are zero. */
2241 mp_forcezero(x);
2242 }
2243#endif
2244
2245 SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
2246
2247 if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
2248 ret = MP_READ_E;
2249#ifdef WOLFSSL_CHECK_MEM_ZERO
2250 if (ret == 0)
2251 mp_memzero_add("wc_DhAgree_Sync x", x);
2252#endif
2253
2254 if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
2255 ret = MP_READ_E;
2256
2257 if (ret == 0) {
2258 if (ct) {
2259 int bits;
2260
2261 /* x is mod q but if q not available, use p (> q). */
2262 if (mp_iszero(&key->q) == MP_NO) {
2263 bits = mp_count_bits(&key->q);
2264 }
2265 else {
2266 bits = mp_count_bits(&key->p);
2267 }
2268 /* Exponentiate to the maximum words of a valid x to ensure a
2269 * constant time operation. */
2270 ret = mp_exptmod_ex(y, x, (bits + DIGIT_BIT - 1) / DIGIT_BIT,
2271 &key->p, z);
2272 }
2273 else {
2274 ret = mp_exptmod(y, x, &key->p, z);
2275 }
2276 if (ret != MP_OKAY)
2277 ret = MP_EXPTMOD_E;
2278 }
2279
2280#ifdef WOLFSSL_CHECK_MEM_ZERO
2281 if (ret == 0)
2282 mp_memzero_add("wc_DhAgree_Sync z", z);
2283#endif
2284
2285 /* make sure z is not one (SP800-56A, 5.7.1.1) */
2286 if (ret == 0 && (mp_cmp_d(z, 1) == MP_EQ))
2287 ret = MP_VAL;
2288
2289 if (ret == 0) {
2290 if (ct) {
2291 /* Put the secret into a buffer in constant time. */
2292 ret = mp_to_unsigned_bin_len_ct(z, agree, (int)*agreeSz);
2293 }
2294 else {
2295 ret = mp_to_unsigned_bin(z, agree);
2296 if (ret == MP_OKAY)
2297 *agreeSz = (word32)mp_unsigned_bin_size(z);
2298 }
2299 }
2300
2301 mp_forcezero(z);
2302 mp_clear(y);
2303 mp_forcezero(x);
2304
2305 RESTORE_VECTOR_REGISTERS();
2306
2307#else
2308 (void)ct;
2309 ret = WC_KEY_SIZE_E;
2310#endif
2311
2312#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
2313#if !defined(WOLFSSL_SP_MATH)
2314 XFREE(z, key->heap, DYNAMIC_TYPE_DH);
2315 XFREE(x, key->heap, DYNAMIC_TYPE_DH);
2316#endif
2317 XFREE(y, key->heap, DYNAMIC_TYPE_DH);
2318#elif defined(WOLFSSL_CHECK_MEM_ZERO)
2319#if !defined(WOLFSSL_SP_MATH)
2320 mp_memzero_check(x);
2321 mp_memzero_check(z);
2322#endif
2323#endif
2324
2325 return ret;
2326}
2327
2328#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
2329static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
2330 const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz)
2331{
2332 int ret;
2333
2334#if defined(HAVE_INTEL_QA)
2335 word32 pBits;
2336
2337 /* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */
2338 pBits = mp_unsigned_bin_size(&key->p) * 8;
2339 if (pBits == 768 || pBits == 1024 || pBits == 1536 ||
2340 pBits == 2048 || pBits == 3072 || pBits == 4096) {
2341 ret = wc_mp_to_bigint(&key->p, &key->p.raw);
2342 if (ret == MP_OKAY)
2343 ret = IntelQaDhAgree(&key->asyncDev, &key->p.raw,
2344 agree, agreeSz, priv, privSz, otherPub, pubSz);
2345 return ret;
2346 }
2347
2348#elif defined(HAVE_CAVIUM)
2349 /* TODO: Not implemented - use software for now */
2350
2351#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
2352 if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_AGREE)) {
2353 WC_ASYNC_SW* sw = &key->asyncDev.sw;
2354 sw->dhAgree.key = key;
2355 sw->dhAgree.agree = agree;
2356 sw->dhAgree.agreeSz = agreeSz;
2357 sw->dhAgree.priv = priv;
2358 sw->dhAgree.privSz = privSz;
2359 sw->dhAgree.otherPub = otherPub;
2360 sw->dhAgree.pubSz = pubSz;
2361 return WC_PENDING_E;
2362 }
2363#endif
2364
2365 /* otherwise use software DH */
2366 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz,
2367 0);
2368
2369 return ret;
2370}
2371#endif /* WOLFSSL_ASYNC_CRYPT */
2372#endif /* !WOLFSSL_KCAPI_DH */
2373
2374int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,
2375 word32 privSz, const byte* otherPub, word32 pubSz)
2376{
2377 int ret = 0;
2378
2379 if (key == NULL || agree == NULL || agreeSz == NULL || priv == NULL ||
2380 otherPub == NULL) {
2381 return BAD_FUNC_ARG;
2382 }
2383
2384#ifdef WOLFSSL_KCAPI_DH
2385 (void)priv;
2386 (void)privSz;
2387 ret = KcapiDh_SharedSecret(key, otherPub, pubSz, agree, agreeSz);
2388#else
2389#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
2390 /* Async marker takes precedence: when wolfAsync_DoSw (wolfcrypt/src/
2391 * async.c) re-enters the compute path, wc_DhAgree_Async dispatches
2392 * to the SP nonblock wrapper if key->nb is attached, and per-yield
2393 * FP_WOULDBLOCK (alias of MP_WOULDBLOCK) is translated to
2394 * WC_PENDING_E by wolfAsync_DoSw so the TLS event loop drives it. */
2395 if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) {
2396 ret = wc_DhAgree_Async(key, agree, agreeSz, priv, privSz, otherPub,
2397 pubSz);
2398 }
2399 else
2400#endif
2401 {
2402 /* wc_DhAgree_Sync handles key->nb internally; no separate dispatch
2403 * needed here. wc_DhAgree_ct (constant-time fold-back) bypasses
2404 * this function entirely so passing ct=0 is correct. */
2405 ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub,
2406 pubSz, 0);
2407 }
2408#endif /* WOLFSSL_KCAPI_DH */
2409
2410 return ret;
2411}
2412
2413int wc_DhAgree_ct(DhKey* key, byte* agree, word32 *agreeSz, const byte* priv,
2414 word32 privSz, const byte* otherPub, word32 pubSz)
2415{
2416 word32 requested_agreeSz;
2417
2418 if (key == NULL || agree == NULL || agreeSz == NULL || priv == NULL ||
2419 otherPub == NULL) {
2420 return BAD_FUNC_ARG;
2421 }
2422
2423 requested_agreeSz = (word32)mp_unsigned_bin_size(&key->p);
2424 if (requested_agreeSz > *agreeSz) {
2425 return BUFFER_E;
2426 }
2427 *agreeSz = requested_agreeSz;
2428
2429 return wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz,
2430 1);
2431}
2432
2433#ifdef WOLFSSL_DH_EXTRA
2434WOLFSSL_LOCAL int wc_DhKeyCopy(DhKey* src, DhKey* dst)
2435{
2436 int ret;
2437
2438 if (!src || !dst || src == dst) {
2439 WOLFSSL_MSG("Parameters not provided or are the same");
2440 return BAD_FUNC_ARG;
2441 }
2442
2443 if ((ret = mp_copy(&src->p, &dst->p)) != MP_OKAY) {
2444 WOLFSSL_MSG("mp_copy error");
2445 return ret;
2446 }
2447
2448 if ((ret = mp_copy(&src->g, &dst->g)) != MP_OKAY) {
2449 WOLFSSL_MSG("mp_copy error");
2450 return ret;
2451 }
2452
2453 if ((ret = mp_copy(&src->q, &dst->q)) != MP_OKAY) {
2454 WOLFSSL_MSG("mp_copy error");
2455 return ret;
2456 }
2457
2458 if ((ret = mp_copy(&src->pub, &dst->pub)) != MP_OKAY) {
2459 WOLFSSL_MSG("mp_copy error");
2460 return ret;
2461 }
2462
2463 if ((ret = mp_copy(&src->priv, &dst->priv)) != MP_OKAY) {
2464 WOLFSSL_MSG("mp_copy error");
2465 return ret;
2466 }
2467#ifdef WOLFSSL_CHECK_MEM_ZERO
2468 mp_memzero_add("wc_DhKeyCopy dst->priv", &dst->priv);
2469#endif
2470
2471 dst->heap = src->heap;
2472
2473 return MP_OKAY;
2474}
2475
2476/* Sets private and public key in DhKey if both are available, otherwise sets
2477 either private or public key, depending on which is available. */
2478int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
2479 const byte* pub, word32 pubSz)
2480{
2481 byte havePriv, havePub;
2482
2483 if (key == NULL) {
2484 return BAD_FUNC_ARG;
2485 }
2486
2487 havePriv = ( (priv != NULL) && (privSz > 0) );
2488 havePub = ( (pub != NULL) && (pubSz > 0) );
2489
2490 if (!havePub && !havePriv) {
2491 WOLFSSL_MSG("No Public or Private Key to Set");
2492 return BAD_FUNC_ARG;
2493 }
2494
2495 /* Set Private Key */
2496 if (havePriv) {
2497 /* may have leading 0 */
2498 if (priv[0] == 0) {
2499 privSz--; priv++;
2500 }
2501 if (mp_init(&key->priv) != MP_OKAY)
2502 havePriv = 0;
2503 }
2504 if (havePriv) {
2505 if (mp_read_unsigned_bin(&key->priv, priv, privSz) != MP_OKAY) {
2506 mp_forcezero(&key->priv);
2507 havePriv = 0;
2508 } else {
2509 WOLFSSL_MSG("DH Private Key Set");
2510 #ifdef WOLFSSL_CHECK_MEM_ZERO
2511 mp_memzero_add("wc_DhImportKeyPair key->priv", &key->priv);
2512 #endif
2513 }
2514 }
2515
2516 /* Set Public Key */
2517 if (havePub) {
2518 /* may have leading 0 */
2519 if (pub[0] == 0) {
2520 pubSz--; pub++;
2521 }
2522 if (mp_init(&key->pub) != MP_OKAY)
2523 havePub = 0;
2524 }
2525 if (havePub) {
2526 if (mp_read_unsigned_bin(&key->pub, pub, pubSz) != MP_OKAY) {
2527 mp_clear(&key->pub);
2528 havePub = 0;
2529 if (havePriv) {
2530 mp_forcezero(&key->priv);
2531 havePriv = 0; /* set to 0 to error out with failed read pub */
2532 }
2533 } else {
2534 WOLFSSL_MSG("DH Public Key Set");
2535 }
2536 }
2537
2538 if (havePriv == 0 && havePub == 0) {
2539 return MEMORY_E;
2540 }
2541
2542 return 0;
2543}
2544
2545/* Can be used with WOLFSSL_DH_EXTRA when key is loaded with
2546 wc_DhKeyDecode or wc_DhImportKeyPair */
2547int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,
2548 byte* pub, word32* pPubSz)
2549{
2550 int ret = 0;
2551
2552 if (key == NULL || (priv && pPrivSz == NULL) || (pub && pPubSz == NULL)) {
2553 return BAD_FUNC_ARG;
2554 }
2555
2556 if (priv) {
2557 word32 privSz = (word32)mp_unsigned_bin_size(&key->priv);
2558 if (privSz > *pPrivSz) {
2559 return BUFFER_E;
2560 }
2561 *pPrivSz = privSz;
2562 ret |= mp_to_unsigned_bin(&key->priv, priv);
2563 }
2564
2565 if (pub) {
2566 word32 pubSz = (word32)mp_unsigned_bin_size(&key->pub);
2567 if (pubSz > *pPubSz) {
2568 return BUFFER_E;
2569 }
2570 *pPubSz = pubSz;
2571 ret |= mp_to_unsigned_bin(&key->pub, pub);
2572 }
2573
2574 if (ret != 0)
2575 ret = ASN_DH_KEY_E;
2576 return ret;
2577}
2578
2579#endif /* WOLFSSL_DH_EXTRA */
2580
2581static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
2582 word32 gSz, const byte* q, word32 qSz, int trusted,
2583 WC_RNG* rng)
2584{
2585 int ret = 0;
2586 mp_int* keyP = NULL;
2587 mp_int* keyG = NULL;
2588
2589 if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) {
2590 ret = BAD_FUNC_ARG;
2591 }
2592
2593 SAVE_VECTOR_REGISTERS(return _svr_ret;);
2594
2595 if (ret == 0) {
2596 /* may have leading 0 */
2597 if (p[0] == 0) {
2598 pSz--; p++;
2599 }
2600
2601 if (g[0] == 0) {
2602 gSz--; g++;
2603 }
2604
2605 if (q != NULL) {
2606 if (q[0] == 0) {
2607 qSz--; q++;
2608 }
2609 }
2610
2611 if (mp_init(&key->p) != MP_OKAY)
2612 ret = MP_INIT_E;
2613 }
2614
2615 if (ret == 0) {
2616 if (mp_read_unsigned_bin(&key->p, p, pSz) != MP_OKAY)
2617 ret = ASN_DH_KEY_E;
2618 else
2619 keyP = &key->p;
2620 }
2621
2622 if (ret == 0 && !trusted) {
2623 int isPrime = 0;
2624
2625 /* Short-circuit the primality check for p if it is one of the named
2626 * public moduli (known primes) from RFC 7919.
2627 */
2628 #ifdef HAVE_FFDHE_2048
2629 if ((pSz == sizeof(dh_ffdhe2048_p)) &&
2630 (XMEMCMP(p, dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p)) == 0))
2631 {
2632 isPrime = 1;
2633 }
2634 else
2635 #endif
2636 #ifdef HAVE_FFDHE_3072
2637 if ((pSz == sizeof(dh_ffdhe3072_p)) &&
2638 (XMEMCMP(p, dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p)) == 0))
2639 {
2640 isPrime = 1;
2641 }
2642 else
2643 #endif
2644 #ifdef HAVE_FFDHE_4096
2645 if ((pSz == sizeof(dh_ffdhe4096_p)) &&
2646 (XMEMCMP(p, dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p)) == 0))
2647 {
2648 isPrime = 1;
2649 }
2650 else
2651 #endif
2652 #ifdef HAVE_FFDHE_6144
2653 if ((pSz == sizeof(dh_ffdhe6144_p)) &&
2654 (XMEMCMP(p, dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p)) == 0))
2655 {
2656 isPrime = 1;
2657 }
2658 else
2659 #endif
2660 #ifdef HAVE_FFDHE_8192
2661 if ((pSz == sizeof(dh_ffdhe8192_p)) &&
2662 (XMEMCMP(p, dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p)) == 0))
2663 {
2664 isPrime = 1;
2665 }
2666 else
2667 #endif
2668 {
2669 if (rng != NULL)
2670 ret = mp_prime_is_prime_ex(keyP, 8, &isPrime, rng);
2671 else
2672 ret = mp_prime_is_prime(keyP, 8, &isPrime);
2673 }
2674
2675 if (ret == 0 && isPrime == 0)
2676 ret = DH_CHECK_PUB_E;
2677 }
2678
2679 if (ret == 0 && mp_init(&key->g) != MP_OKAY)
2680 ret = MP_INIT_E;
2681 if (ret == 0) {
2682 if (mp_read_unsigned_bin(&key->g, g, gSz) != MP_OKAY)
2683 ret = ASN_DH_KEY_E;
2684 else
2685 keyG = &key->g;
2686 }
2687
2688 if (ret == 0 && q != NULL) {
2689 if (mp_init(&key->q) != MP_OKAY)
2690 ret = MP_INIT_E;
2691 }
2692 if (ret == 0 && q != NULL) {
2693 if (mp_read_unsigned_bin(&key->q, q, qSz) != MP_OKAY)
2694 ret = MP_INIT_E;
2695 else
2696 key->trustedGroup = trusted;
2697 }
2698
2699 if (ret != 0 && key != NULL) {
2700 if (keyG)
2701 mp_clear(keyG);
2702 if (keyP)
2703 mp_clear(keyP);
2704 }
2705
2706 RESTORE_VECTOR_REGISTERS();
2707
2708 return ret;
2709}
2710
2711
2712int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
2713 word32 gSz, const byte* q, word32 qSz, int trusted,
2714 WC_RNG* rng)
2715{
2716 return _DhSetKey(key, p, pSz, g, gSz, q, qSz, trusted, rng);
2717}
2718
2719
2720int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, const byte* g,
2721 word32 gSz, const byte* q, word32 qSz)
2722{
2723 return _DhSetKey(key, p, pSz, g, gSz, q, qSz, 0, NULL);
2724}
2725
2726
2727/* not in asn anymore since no actual asn types used */
2728int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
2729 word32 gSz)
2730{
2731 /* This should not have trusted set. */
2732 return _DhSetKey(key, p, pSz, g, gSz, NULL, 0, 1, NULL);
2733}
2734
2735
2736int wc_DhSetNamedKey(DhKey* key, int name)
2737{
2738 const byte* p = NULL;
2739 const byte* g = NULL;
2740 const byte* q = NULL;
2741 word32 pSz = 0, gSz = 0, qSz = 0;
2742
2743 switch (name) {
2744 #ifdef HAVE_FFDHE_2048
2745 case WC_FFDHE_2048:
2746 p = dh_ffdhe2048_p;
2747 pSz = sizeof(dh_ffdhe2048_p);
2748 g = dh_ffdhe2048_g;
2749 gSz = sizeof(dh_ffdhe2048_g);
2750 #ifdef HAVE_FFDHE_Q
2751 q = dh_ffdhe2048_q;
2752 qSz = sizeof(dh_ffdhe2048_q);
2753 #endif /* HAVE_FFDHE_Q */
2754 break;
2755 #endif /* HAVE_FFDHE_2048 */
2756 #ifdef HAVE_FFDHE_3072
2757 case WC_FFDHE_3072:
2758 p = dh_ffdhe3072_p;
2759 pSz = sizeof(dh_ffdhe3072_p);
2760 g = dh_ffdhe3072_g;
2761 gSz = sizeof(dh_ffdhe3072_g);
2762 #ifdef HAVE_FFDHE_Q
2763 q = dh_ffdhe3072_q;
2764 qSz = sizeof(dh_ffdhe3072_q);
2765 #endif /* HAVE_FFDHE_Q */
2766 break;
2767 #endif /* HAVE_FFDHE_3072 */
2768 #ifdef HAVE_FFDHE_4096
2769 case WC_FFDHE_4096:
2770 p = dh_ffdhe4096_p;
2771 pSz = sizeof(dh_ffdhe4096_p);
2772 g = dh_ffdhe4096_g;
2773 gSz = sizeof(dh_ffdhe4096_g);
2774 #ifdef HAVE_FFDHE_Q
2775 q = dh_ffdhe4096_q;
2776 qSz = sizeof(dh_ffdhe4096_q);
2777 #endif /* HAVE_FFDHE_Q */
2778 break;
2779 #endif /* HAVE_FFDHE_4096 */
2780 #ifdef HAVE_FFDHE_6144
2781 case WC_FFDHE_6144:
2782 p = dh_ffdhe6144_p;
2783 pSz = sizeof(dh_ffdhe6144_p);
2784 g = dh_ffdhe6144_g;
2785 gSz = sizeof(dh_ffdhe6144_g);
2786 #ifdef HAVE_FFDHE_Q
2787 q = dh_ffdhe6144_q;
2788 qSz = sizeof(dh_ffdhe6144_q);
2789 #endif /* HAVE_FFDHE_Q */
2790 break;
2791 #endif /* HAVE_FFDHE_6144 */
2792 #ifdef HAVE_FFDHE_8192
2793 case WC_FFDHE_8192:
2794 p = dh_ffdhe8192_p;
2795 pSz = sizeof(dh_ffdhe8192_p);
2796 g = dh_ffdhe8192_g;
2797 gSz = sizeof(dh_ffdhe8192_g);
2798 #ifdef HAVE_FFDHE_Q
2799 q = dh_ffdhe8192_q;
2800 qSz = sizeof(dh_ffdhe8192_q);
2801 #endif /* HAVE_FFDHE_Q */
2802 break;
2803 #endif /* HAVE_FFDHE_8192 */
2804 default:
2805 break;
2806 }
2807 return _DhSetKey(key, p, pSz, g, gSz, q, qSz, 1, NULL);
2808}
2809
2810
2811word32 wc_DhGetNamedKeyMinSize(int name)
2812{
2813 word32 size;
2814
2815 switch (name) {
2816 #ifdef HAVE_FFDHE_2048
2817 case WC_FFDHE_2048:
2818 size = 29;
2819 break;
2820 #endif /* HAVE_FFDHE_2048 */
2821 #ifdef HAVE_FFDHE_3072
2822 case WC_FFDHE_3072:
2823 size = 34;
2824 break;
2825 #endif /* HAVE_FFDHE_3072 */
2826 #ifdef HAVE_FFDHE_4096
2827 case WC_FFDHE_4096:
2828 size = 39;
2829 break;
2830 #endif /* HAVE_FFDHE_4096 */
2831 #ifdef HAVE_FFDHE_6144
2832 case WC_FFDHE_6144:
2833 size = 46;
2834 break;
2835 #endif /* HAVE_FFDHE_6144 */
2836 #ifdef HAVE_FFDHE_8192
2837 case WC_FFDHE_8192:
2838 size = 52;
2839 break;
2840 #endif /* HAVE_FFDHE_8192 */
2841 default:
2842 size = 0;
2843 }
2844
2845 return size;
2846}
2847
2848
2849/* Returns 1: params match
2850 * 0: params differ */
2851int wc_DhCmpNamedKey(int name, int noQ,
2852 const byte* p, word32 pSz,
2853 const byte* g, word32 gSz,
2854 const byte* q, word32 qSz)
2855{
2856 const byte* pCmp = NULL;
2857 const byte* qCmp = NULL;
2858 const byte* gCmp = NULL;
2859 word32 pCmpSz = 0, qCmpSz = 0, gCmpSz = 0;
2860 int cmp = 0, goodName = 1;
2861
2862 switch (name) {
2863 #ifdef HAVE_FFDHE_2048
2864 case WC_FFDHE_2048:
2865 pCmp = dh_ffdhe2048_p;
2866 pCmpSz = sizeof(dh_ffdhe2048_p);
2867 gCmp = dh_ffdhe2048_g;
2868 gCmpSz = sizeof(dh_ffdhe2048_g);
2869 #ifdef HAVE_FFDHE_Q
2870 qCmp = dh_ffdhe2048_q;
2871 qCmpSz = sizeof(dh_ffdhe2048_q);
2872 #endif /* HAVE_FFDHE_Q */
2873 break;
2874 #endif /* HAVE_FFDHE_2048 */
2875 #ifdef HAVE_FFDHE_3072
2876 case WC_FFDHE_3072:
2877 pCmp = dh_ffdhe3072_p;
2878 pCmpSz = sizeof(dh_ffdhe3072_p);
2879 gCmp = dh_ffdhe3072_g;
2880 gCmpSz = sizeof(dh_ffdhe3072_g);
2881 #ifdef HAVE_FFDHE_Q
2882 qCmp = dh_ffdhe3072_q;
2883 qCmpSz = sizeof(dh_ffdhe3072_q);
2884 #endif /* HAVE_FFDHE_Q */
2885 break;
2886 #endif /* HAVE_FFDHE_3072 */
2887 #ifdef HAVE_FFDHE_4096
2888 case WC_FFDHE_4096:
2889 pCmp = dh_ffdhe4096_p;
2890 pCmpSz = sizeof(dh_ffdhe4096_p);
2891 gCmp = dh_ffdhe4096_g;
2892 gCmpSz = sizeof(dh_ffdhe4096_g);
2893 #ifdef HAVE_FFDHE_Q
2894 qCmp = dh_ffdhe4096_q;
2895 qCmpSz = sizeof(dh_ffdhe4096_q);
2896 #endif /* HAVE_FFDHE_Q */
2897 break;
2898 #endif /* HAVE_FFDHE_4096 */
2899 #ifdef HAVE_FFDHE_6144
2900 case WC_FFDHE_6144:
2901 pCmp = dh_ffdhe6144_p;
2902 pCmpSz = sizeof(dh_ffdhe6144_p);
2903 gCmp = dh_ffdhe6144_g;
2904 gCmpSz = sizeof(dh_ffdhe6144_g);
2905 #ifdef HAVE_FFDHE_Q
2906 qCmp = dh_ffdhe6144_q;
2907 qCmpSz = sizeof(dh_ffdhe6144_q);
2908 #endif /* HAVE_FFDHE_Q */
2909 break;
2910 #endif /* HAVE_FFDHE_6144 */
2911 #ifdef HAVE_FFDHE_8192
2912 case WC_FFDHE_8192:
2913 pCmp = dh_ffdhe8192_p;
2914 pCmpSz = sizeof(dh_ffdhe8192_p);
2915 gCmp = dh_ffdhe8192_g;
2916 gCmpSz = sizeof(dh_ffdhe8192_g);
2917 #ifdef HAVE_FFDHE_Q
2918 qCmp = dh_ffdhe8192_q;
2919 qCmpSz = sizeof(dh_ffdhe8192_q);
2920 #endif /* HAVE_FFDHE_Q */
2921 break;
2922 #endif /* HAVE_FFDHE_8192 */
2923 default:
2924 goodName = 0;
2925 }
2926
2927 if (goodName) {
2928 cmp = (pSz == pCmpSz) && (gSz == gCmpSz) &&
2929 (noQ || ((qCmp != NULL) && (qSz == qCmpSz) &&
2930 XMEMCMP(q, qCmp, qCmpSz) == 0)) &&
2931 (XMEMCMP(p, pCmp, pCmpSz) == 0) &&
2932 (XMEMCMP(g, gCmp, gCmpSz) == 0);
2933 }
2934
2935 return cmp;
2936}
2937
2938
2939int wc_DhGetNamedKeyParamSize(int name, word32* p, word32* g, word32* q)
2940{
2941 word32 pSz = 0, gSz = 0, qSz = 0;
2942
2943 switch (name) {
2944 #ifdef HAVE_FFDHE_2048
2945 case WC_FFDHE_2048:
2946 pSz = sizeof(dh_ffdhe2048_p);
2947 gSz = sizeof(dh_ffdhe2048_g);
2948 #ifdef HAVE_FFDHE_Q
2949 qSz = sizeof(dh_ffdhe2048_q);
2950 #endif /* HAVE_FFDHE_Q */
2951 break;
2952 #endif /* HAVE_FFDHE_2048 */
2953 #ifdef HAVE_FFDHE_3072
2954 case WC_FFDHE_3072:
2955 pSz = sizeof(dh_ffdhe3072_p);
2956 gSz = sizeof(dh_ffdhe3072_g);
2957 #ifdef HAVE_FFDHE_Q
2958 qSz = sizeof(dh_ffdhe3072_q);
2959 #endif /* HAVE_FFDHE_Q */
2960 break;
2961 #endif /* HAVE_FFDHE_3072 */
2962 #ifdef HAVE_FFDHE_4096
2963 case WC_FFDHE_4096:
2964 pSz = sizeof(dh_ffdhe4096_p);
2965 gSz = sizeof(dh_ffdhe4096_g);
2966 #ifdef HAVE_FFDHE_Q
2967 qSz = sizeof(dh_ffdhe4096_q);
2968 #endif /* HAVE_FFDHE_Q */
2969 break;
2970 #endif /* HAVE_FFDHE_4096 */
2971 #ifdef HAVE_FFDHE_6144
2972 case WC_FFDHE_6144:
2973 pSz = sizeof(dh_ffdhe6144_p);
2974 gSz = sizeof(dh_ffdhe6144_g);
2975 #ifdef HAVE_FFDHE_Q
2976 qSz = sizeof(dh_ffdhe6144_q);
2977 #endif /* HAVE_FFDHE_Q */
2978 break;
2979 #endif /* HAVE_FFDHE_6144 */
2980 #ifdef HAVE_FFDHE_8192
2981 case WC_FFDHE_8192:
2982 pSz = sizeof(dh_ffdhe8192_p);
2983 gSz = sizeof(dh_ffdhe8192_g);
2984 #ifdef HAVE_FFDHE_Q
2985 qSz = sizeof(dh_ffdhe8192_q);
2986 #endif /* HAVE_FFDHE_Q */
2987 break;
2988 #endif /* HAVE_FFDHE_8192 */
2989 default:
2990 break;
2991 }
2992
2993 if (p != NULL) *p = pSz;
2994 if (g != NULL) *g = gSz;
2995 if (q != NULL) *q = qSz;
2996
2997 return 0;
2998}
2999
3000
3001int wc_DhCopyNamedKey(int name,
3002 byte* p, word32* pSz, byte* g, word32* gSz, byte* q, word32* qSz)
3003{
3004 const byte* pC = NULL;
3005 const byte* gC = NULL;
3006 const byte* qC = NULL;
3007 word32 pCSz = 0, gCSz = 0, qCSz = 0;
3008
3009 switch (name) {
3010 #ifdef HAVE_FFDHE_2048
3011 case WC_FFDHE_2048:
3012 pC = dh_ffdhe2048_p;
3013 pCSz = sizeof(dh_ffdhe2048_p);
3014 gC = dh_ffdhe2048_g;
3015 gCSz = sizeof(dh_ffdhe2048_g);
3016 #ifdef HAVE_FFDHE_Q
3017 qC = dh_ffdhe2048_q;
3018 qCSz = sizeof(dh_ffdhe2048_q);
3019 #endif /* HAVE_FFDHE_Q */
3020 break;
3021 #endif /* HAVE_FFDHE_2048 */
3022 #ifdef HAVE_FFDHE_3072
3023 case WC_FFDHE_3072:
3024 pC = dh_ffdhe3072_p;
3025 pCSz = sizeof(dh_ffdhe3072_p);
3026 gC = dh_ffdhe3072_g;
3027 gCSz = sizeof(dh_ffdhe3072_g);
3028 #ifdef HAVE_FFDHE_Q
3029 qC = dh_ffdhe3072_q;
3030 qCSz = sizeof(dh_ffdhe3072_q);
3031 #endif /* HAVE_FFDHE_Q */
3032 break;
3033 #endif /* HAVE_FFDHE_3072 */
3034 #ifdef HAVE_FFDHE_4096
3035 case WC_FFDHE_4096:
3036 pC = dh_ffdhe4096_p;
3037 pCSz = sizeof(dh_ffdhe4096_p);
3038 gC = dh_ffdhe4096_g;
3039 gCSz = sizeof(dh_ffdhe4096_g);
3040 #ifdef HAVE_FFDHE_Q
3041 qC = dh_ffdhe4096_q;
3042 qCSz = sizeof(dh_ffdhe4096_q);
3043 #endif /* HAVE_FFDHE_Q */
3044 break;
3045 #endif /* HAVE_FFDHE_4096 */
3046 #ifdef HAVE_FFDHE_6144
3047 case WC_FFDHE_6144:
3048 pC = dh_ffdhe6144_p;
3049 pCSz = sizeof(dh_ffdhe6144_p);
3050 gC = dh_ffdhe6144_g;
3051 gCSz = sizeof(dh_ffdhe6144_g);
3052 #ifdef HAVE_FFDHE_Q
3053 qC = dh_ffdhe6144_q;
3054 qCSz = sizeof(dh_ffdhe6144_q);
3055 #endif /* HAVE_FFDHE_Q */
3056 break;
3057 #endif /* HAVE_FFDHE_6144 */
3058 #ifdef HAVE_FFDHE_8192
3059 case WC_FFDHE_8192:
3060 pC = dh_ffdhe8192_p;
3061 pCSz = sizeof(dh_ffdhe8192_p);
3062 gC = dh_ffdhe8192_g;
3063 gCSz = sizeof(dh_ffdhe8192_g);
3064 #ifdef HAVE_FFDHE_Q
3065 qC = dh_ffdhe8192_q;
3066 qCSz = sizeof(dh_ffdhe8192_q);
3067 #endif /* HAVE_FFDHE_Q */
3068 break;
3069 #endif /* HAVE_FFDHE_8192 */
3070 default:
3071 break;
3072 }
3073
3074 if (p != NULL && pC != NULL)
3075 XMEMCPY(p, pC, pCSz);
3076 if (pSz != NULL)
3077 *pSz = pCSz;
3078 if (g != NULL && gC != NULL)
3079 XMEMCPY(g, gC, gCSz);
3080 if (gSz != NULL)
3081 *gSz = gCSz;
3082 if (q != NULL && qC != NULL)
3083 XMEMCPY(q, qC, qCSz);
3084 if (qSz != NULL)
3085 *qSz = qCSz;
3086
3087 return 0;
3088}
3089
3090
3091#ifdef WOLFSSL_KEY_GEN
3092
3093/* modulus_size in bits */
3094int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
3095{
3096#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
3097 mp_int *tmp = NULL, *tmp2 = NULL;
3098#else
3099 mp_int tmp[1], tmp2[2];
3100#endif
3101 word32 groupSz = 0, bufSz = 0,
3102 primeCheckCount = 0;
3103 int primeCheck = MP_NO,
3104 ret = 0;
3105#ifdef WOLFSSL_NO_MALLOC
3106 unsigned char buf[DH_MAX_SIZE / WOLFSSL_BIT_SIZE];
3107#else
3108 unsigned char *buf = NULL;
3109#endif
3110
3111#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_NO_MALLOC)
3112 XMEMSET(tmp, 0, sizeof(tmp));
3113 XMEMSET(tmp2, 0, sizeof(tmp2));
3114#endif
3115
3116 if (rng == NULL || dh == NULL)
3117 ret = BAD_FUNC_ARG;
3118
3119 /* set group size in bytes from modulus size
3120 * FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256)
3121 */
3122 if (ret == 0) {
3123 switch (modSz) {
3124 case 1024:
3125 groupSz = 20;
3126 break;
3127 case 2048:
3128 case 3072:
3129 groupSz = 32;
3130 break;
3131 default:
3132 #if !defined(HAVE_FIPS) && defined(WOLFSSL_NO_DH186)
3133 /* in non fips mode attempt to match strength of group size with
3134 * mod size */
3135 if (modSz < 2048)
3136 groupSz = 20;
3137 else
3138 groupSz = 32;
3139 #else
3140 ret = BAD_FUNC_ARG;
3141 #endif
3142 break;
3143 }
3144 }
3145
3146 if (ret == 0) {
3147 /* modulus size in bytes */
3148 modSz /= WOLFSSL_BIT_SIZE;
3149
3150 if ((word32)modSz < groupSz) {
3151 WOLFSSL_MSG("DH modSz was too small");
3152 ret = BAD_FUNC_ARG;
3153 }
3154 }
3155
3156 if (ret == 0) {
3157 bufSz = (word32)modSz - groupSz;
3158
3159#ifdef WOLFSSL_NO_MALLOC
3160 if (bufSz > sizeof(buf))
3161 ret = MEMORY_E;
3162#else
3163 /* allocate ram */
3164 buf = (unsigned char *)XMALLOC(bufSz,
3165 dh->heap, DYNAMIC_TYPE_TMP_BUFFER);
3166 if (buf == NULL)
3167 ret = MEMORY_E;
3168#endif
3169 }
3170
3171 /* make a random string that will be multiplied against q */
3172 if (ret == 0)
3173 ret = wc_RNG_GenerateBlock(rng, buf, bufSz);
3174
3175#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
3176 if (ret == 0) {
3177 if ((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL,
3178 DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
3179 ret = MEMORY_E;
3180 }
3181 else {
3182 XMEMSET(tmp, 0, sizeof(*tmp));
3183 }
3184 }
3185 if (ret == 0) {
3186 if ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL,
3187 DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
3188 ret = MEMORY_E;
3189 }
3190 else {
3191 XMEMSET(tmp2, 0, sizeof(*tmp2));
3192 }
3193 }
3194#endif
3195
3196 SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
3197
3198 if (ret == 0) {
3199 /* force magnitude */
3200 buf[0] |= 0xC0;
3201 /* force even */
3202 buf[bufSz - 1] &= 0xfe;
3203
3204 if (mp_init_multi(tmp, tmp2, &dh->p, &dh->q, &dh->g, 0)
3205 != MP_OKAY) {
3206 ret = MP_INIT_E;
3207 }
3208 }
3209
3210 if (ret == 0) {
3211 if (mp_read_unsigned_bin(tmp2, buf, bufSz) != MP_OKAY)
3212 ret = MP_READ_E;
3213 }
3214
3215 /* make our prime q */
3216 if (ret == 0) {
3217 if (mp_rand_prime(&dh->q, (int)groupSz, rng, NULL) != MP_OKAY)
3218 ret = PRIME_GEN_E;
3219 }
3220
3221 /* p = random * q */
3222 if (ret == 0) {
3223 if (mp_mul(&dh->q, tmp2, &dh->p) != MP_OKAY)
3224 ret = MP_MUL_E;
3225 }
3226
3227 /* p = random * q + 1, so q is a prime divisor of p-1 */
3228 if (ret == 0) {
3229 if (mp_add_d(&dh->p, 1, &dh->p) != MP_OKAY)
3230 ret = MP_ADD_E;
3231 }
3232
3233 /* tmp = 2q */
3234 if (ret == 0) {
3235 if (mp_add(&dh->q, &dh->q, tmp) != MP_OKAY)
3236 ret = MP_ADD_E;
3237 }
3238
3239 /* loop until p is prime */
3240 if (ret == 0) {
3241 for (;;) {
3242 if (mp_prime_is_prime_ex(&dh->p, 8, &primeCheck, rng) != MP_OKAY)
3243 ret = PRIME_GEN_E;
3244
3245 if (primeCheck != MP_YES) {
3246 /* p += 2q */
3247 if (mp_add(tmp, &dh->p, &dh->p) != MP_OKAY)
3248 ret = MP_ADD_E;
3249 else
3250 primeCheckCount++;
3251 }
3252
3253 if (ret != 0 || primeCheck == MP_YES)
3254 break;
3255
3256 /* linuxkm: release the kernel for a moment before iterating. */
3257 RESTORE_VECTOR_REGISTERS();
3258 SAVE_VECTOR_REGISTERS(ret = _svr_ret; break;);
3259 };
3260 }
3261
3262 /* tmp2 += (2*loop_check_prime)
3263 * to have p = (q * tmp2) + 1 prime
3264 */
3265 if ((ret == 0) && (primeCheckCount)) {
3266 if (mp_add_d(tmp2, 2 * primeCheckCount, tmp2) != MP_OKAY)
3267 ret = MP_ADD_E;
3268 }
3269
3270 /* find a value g for which g^tmp2 != 1 */
3271 if ((ret == 0) && (mp_set(&dh->g, 1) != MP_OKAY))
3272 ret = MP_ZERO_E;
3273
3274 if (ret == 0) {
3275 do {
3276 if (mp_add_d(&dh->g, 1, &dh->g) != MP_OKAY)
3277 ret = MP_ADD_E;
3278 else if (mp_exptmod(&dh->g, tmp2, &dh->p, tmp) != MP_OKAY)
3279 ret = MP_EXPTMOD_E;
3280 } while (ret == 0 && mp_cmp_d(tmp, 1) == MP_EQ);
3281 }
3282
3283 if (ret == 0) {
3284 /* at this point tmp generates a group of order q mod p */
3285#ifndef USE_FAST_MATH
3286 /* Exchanging is quick when the data pointer can be copied. */
3287 mp_exch(tmp, &dh->g);
3288#else
3289 mp_copy(tmp, &dh->g);
3290#endif
3291 }
3292
3293 /* clear the parameters if there was an error */
3294 if ((ret != 0) && (dh != NULL)) {
3295 mp_clear(&dh->q);
3296 mp_clear(&dh->p);
3297 mp_clear(&dh->g);
3298 }
3299
3300 RESTORE_VECTOR_REGISTERS();
3301
3302#ifndef WOLFSSL_NO_MALLOC
3303 if (buf != NULL)
3304#endif
3305 {
3306 ForceZero(buf, bufSz);
3307#ifndef WOLFSSL_NO_MALLOC
3308 if (dh != NULL) {
3309 XFREE(buf, dh->heap, DYNAMIC_TYPE_TMP_BUFFER);
3310 }
3311#endif
3312 }
3313
3314#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
3315 if (tmp != NULL) {
3316 mp_clear(tmp);
3317 XFREE(tmp, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
3318 }
3319 if (tmp2 != NULL) {
3320 mp_clear(tmp2);
3321 XFREE(tmp2, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
3322 }
3323#else
3324 mp_clear(tmp);
3325 mp_clear(tmp2);
3326#endif
3327
3328 return ret;
3329}
3330
3331#endif /* WOLFSSL_KEY_GEN */
3332
3333/* Export raw DH parameters from DhKey structure
3334 *
3335 * dh - pointer to initialized DhKey structure
3336 * p - output location for DH (p) parameter
3337 * pSz - [IN/OUT] size of output buffer for p, size of p
3338 * q - output location for DH (q) parameter
3339 * qSz - [IN/OUT] size of output buffer for q, size of q
3340 * g - output location for DH (g) parameter
3341 * gSz - [IN/OUT] size of output buffer for g, size of g
3342 *
3343 * If p, q, and g pointers are all passed in as NULL, the function
3344 * will set pSz, qSz, and gSz to the required output buffer sizes for p,
3345 * q, and g. In this case, the function will return LENGTH_ONLY_E.
3346 *
3347 * returns 0 on success, negative upon failure
3348 */
3349int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
3350 byte* q, word32* qSz, byte* g, word32* gSz)
3351{
3352 int ret = 0;
3353 word32 pLen = 0, qLen = 0, gLen = 0;
3354
3355 if (dh == NULL || pSz == NULL || qSz == NULL || gSz == NULL)
3356 ret = BAD_FUNC_ARG;
3357
3358 /* get required output buffer sizes */
3359 if (ret == 0) {
3360 pLen = (word32)mp_unsigned_bin_size(&dh->p);
3361 qLen = (word32)mp_unsigned_bin_size(&dh->q);
3362 gLen = (word32)mp_unsigned_bin_size(&dh->g);
3363
3364 /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */
3365 if (p == NULL && q == NULL && g == NULL) {
3366 *pSz = pLen;
3367 *qSz = qLen;
3368 *gSz = gLen;
3369 ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
3370 }
3371 }
3372
3373 if (ret == 0) {
3374 if (p == NULL || q == NULL || g == NULL)
3375 ret = BAD_FUNC_ARG;
3376 }
3377
3378 /* export p */
3379 if (ret == 0) {
3380 if (*pSz < pLen) {
3381 WOLFSSL_MSG("Output buffer for DH p parameter too small, "
3382 "required size placed into pSz");
3383 *pSz = pLen;
3384 ret = BUFFER_E;
3385 }
3386 }
3387
3388 if (ret == 0) {
3389 *pSz = pLen;
3390 if (mp_to_unsigned_bin(&dh->p, p) != MP_OKAY)
3391 ret = MP_TO_E;
3392 }
3393
3394 /* export q */
3395 if (ret == 0) {
3396 if (*qSz < qLen) {
3397 WOLFSSL_MSG("Output buffer for DH q parameter too small, "
3398 "required size placed into qSz");
3399 *qSz = qLen;
3400 ret = BUFFER_E;
3401 }
3402 }
3403
3404 if (ret == 0) {
3405 *qSz = qLen;
3406 if (mp_to_unsigned_bin(&dh->q, q) != MP_OKAY)
3407 ret = MP_TO_E;
3408 }
3409
3410 /* export g */
3411 if (ret == 0) {
3412 if (*gSz < gLen) {
3413 WOLFSSL_MSG("Output buffer for DH g parameter too small, "
3414 "required size placed into gSz");
3415 *gSz = gLen;
3416 ret = BUFFER_E;
3417 }
3418 }
3419
3420 if (ret == 0) {
3421 *gSz = gLen;
3422 if (mp_to_unsigned_bin(&dh->g, g) != MP_OKAY)
3423 ret = MP_TO_E;
3424 }
3425
3426 return ret;
3427}
3428
3429#endif /* NO_DH */