- Added predefined DHM groups from RFC 5114
diff --git a/ChangeLog b/ChangeLog
index 2df4c86..a4a2172 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -25,6 +25,7 @@
* Added blowfish algorithm (Generic and cipher layer)
* Added PKCS#5 PBKDF2 key derivation function
* Added Secure Renegotiation (RFC 5746)
+ * Added predefined DHM groups from RFC 5114
Changes
* Removed redundant POLARSSL_DEBUG_MSG define
diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h
index 0c8dd55..726273d 100644
--- a/include/polarssl/dhm.h
+++ b/include/polarssl/dhm.h
@@ -40,6 +40,56 @@
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
/**
+ * RFC 5114 defines a number of standardized Diffie-Hellman groups
+ * that can be used. Some are included here for convenience.
+ *
+ * Included are:
+ * 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup
+ * 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
+ */
+#define POLARSSL_DHM_RFC5114_MODP_1024_P \
+ "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \
+ "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \
+ "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \
+ "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" \
+ "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \
+ "DF1FB2BC2E4A4371";
+
+#define POLARSSL_DHM_RFC5114_MODP_1024_G \
+ "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \
+ "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \
+ "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \
+ "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" \
+ "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \
+ "855E6EEB22B3B2E5";
+
+#define POLARSSL_DHM_RFC5114_MODP_2048_P \
+ "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
+ "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
+ "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \
+ "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \
+ "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \
+ "B3BF8A317091883681286130BC8985DB1602E714415D9330" \
+ "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \
+ "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \
+ "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \
+ "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \
+ "CF9DE5384E71B81C0AC4DFFE0C10E64F";
+
+#define POLARSSL_DHM_RFC5114_MODP_2048_G \
+ "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\
+ "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\
+ "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\
+ "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"\
+ "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"\
+ "F180EB34118E98D119529A45D6F834566E3025E316A330EF"\
+ "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"\
+ "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"\
+ "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"\
+ "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\
+ "81BC087F2A7065B384B890D3191F2BFA";
+
+/**
* \brief DHM context structure
*/
typedef struct
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 3d5008b..570785f 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -991,7 +991,8 @@
ssl->out_msg[5] = (unsigned char)( n );
i = 6;
- ret = dhm_make_public( &ssl->handshake->dhm_ctx, 256,
+ ret = dhm_make_public( &ssl->handshake->dhm_ctx,
+ mpi_size( &ssl->handshake->dhm_ctx.P ),
&ssl->out_msg[i], n,
ssl->f_rng, ssl->p_rng );
if( ret != 0 )
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 209e5bd..c28716c 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -676,7 +676,9 @@
return( ret );
}
- if( ( ret = dhm_make_params( &ssl->handshake->dhm_ctx, 256, ssl->out_msg + 4,
+ if( ( ret = dhm_make_params( &ssl->handshake->dhm_ctx,
+ mpi_size( &ssl->handshake->dhm_ctx.P ),
+ ssl->out_msg + 4,
&n, ssl->f_rng, ssl->p_rng ) ) != 0 )
{
SSL_DEBUG_RET( 1, "dhm_make_params", ret );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index ca1477e..a8855b8 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -51,21 +51,12 @@
"<p>Successful connection using: %s</p>\r\n"
/*
- * Computing a "safe" DH-1024 prime can take a very
- * long time, so a precomputed value is provided below.
- * You may run dh_genprime to generate a new value.
+ * Computing a "safe" DH prime can take a very
+ * long time. RFC 5114 provides precomputed and standardized
+ * values.
*/
-char *my_dhm_P =
- "E4004C1F94182000103D883A448B3F80" \
- "2CE4B44A83301270002C20D0321CFD00" \
- "11CCEF784C26A400F43DFB901BCA7538" \
- "F2C6B176001CF5A0FD16D2C48B1D0C1C" \
- "F6AC8E1DA6BCC3B4E1F96B0564965300" \
- "FFA1D0B601EB2800F489AA512C4B248C" \
- "01F76949A60BB7F00A40B1EAB64BDD48" \
- "E8A700D60B7F1200FA8E77B0A979DABF";
-
-char *my_dhm_G = "4";
+char *my_dhm_P = POLARSSL_DHM_RFC5114_MODP_1024_P;
+char *my_dhm_G = POLARSSL_DHM_RFC5114_MODP_1024_G;
/*
* Sorted by order of preference
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 4e85f72..bc5402f 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -62,21 +62,12 @@
"<p>Successful connection using: %s</p>\r\n"
/*
- * Computing a "safe" DH-1024 prime can take a very
- * long time, so a precomputed value is provided below.
- * You may run dh_genprime to generate a new value.
+ * Computing a "safe" DH prime can take a very
+ * long time. RFC 5114 provides precomputed and standardized
+ * values.
*/
-char *my_dhm_P =
- "E4004C1F94182000103D883A448B3F80" \
- "2CE4B44A83301270002C20D0321CFD00" \
- "11CCEF784C26A400F43DFB901BCA7538" \
- "F2C6B176001CF5A0FD16D2C48B1D0C1C" \
- "F6AC8E1DA6BCC3B4E1F96B0564965300" \
- "FFA1D0B601EB2800F489AA512C4B248C" \
- "01F76949A60BB7F00A40B1EAB64BDD48" \
- "E8A700D60B7F1200FA8E77B0A979DABF";
-
-char *my_dhm_G = "4";
+char *my_dhm_P = POLARSSL_DHM_RFC5114_MODP_2048_P;
+char *my_dhm_G = POLARSSL_DHM_RFC5114_MODP_2048_G;
/*
* global options