diff --git a/SOURCES/gnutls-3.6.14-fips-dh-check.patch b/SOURCES/gnutls-3.6.14-fips-dh-check.patch new file mode 100644 index 0000000..40d579f --- /dev/null +++ b/SOURCES/gnutls-3.6.14-fips-dh-check.patch @@ -0,0 +1,676 @@ +From bea53f1b46a64d6dcf5bbe4794740c4d4459f9bf Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Fri, 10 Jul 2020 09:35:49 +0200 +Subject: [PATCH 1/5] dh: check validity of Z before export + +SP800-56A rev3 section 5.7.1.1 step 2 mandates that the validity of the +calculated shared secret is verified before the data is returned to the +caller. This patch adds the validation check. + +Suggested by Stephan Mueller. + +Signed-off-by: Daiki Ueno +--- + lib/nettle/pk.c | 26 +++++++++++++++++--------- + 1 file changed, 17 insertions(+), 9 deletions(-) + +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index 57a8560ed..08c7d4860 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c +@@ -288,7 +288,7 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, + switch (algo) { + case GNUTLS_PK_DH: { + bigint_t f, x, q, prime; +- bigint_t k = NULL, ff = NULL, r = NULL; ++ bigint_t k = NULL, primesub1 = NULL, r = NULL; + unsigned int bits; + + if (nonce != NULL) +@@ -299,21 +299,20 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, + q = priv->params[DH_Q]; + prime = priv->params[DH_P]; + +- ret = _gnutls_mpi_init_multi(&k, &ff, &r, NULL); ++ ret = _gnutls_mpi_init_multi(&k, &primesub1, &r, NULL); + if (ret < 0) + return gnutls_assert_val(ret); + +- ret = _gnutls_mpi_add_ui(ff, f, 1); ++ ret = _gnutls_mpi_sub_ui(primesub1, prime, 1); + if (ret < 0) { + gnutls_assert(); + goto dh_cleanup; + } + +- /* check if f==0,1, or f >= p-1. +- * or (ff=f+1) equivalently ff==1,2, ff >= p */ +- if ((_gnutls_mpi_cmp_ui(ff, 2) == 0) +- || (_gnutls_mpi_cmp_ui(ff, 1) == 0) +- || (_gnutls_mpi_cmp(ff, prime) >= 0)) { ++ /* check if f==0,1, or f >= p-1 */ ++ if ((_gnutls_mpi_cmp_ui(f, 1) == 0) ++ || (_gnutls_mpi_cmp_ui(f, 0) == 0) ++ || (_gnutls_mpi_cmp(f, primesub1) >= 0)) { + gnutls_assert(); + ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + goto dh_cleanup; +@@ -354,6 +353,15 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, + goto dh_cleanup; + } + ++ /* check if k==0,1, or k = p-1 */ ++ if ((_gnutls_mpi_cmp_ui(k, 1) == 0) ++ || (_gnutls_mpi_cmp_ui(k, 0) == 0) ++ || (_gnutls_mpi_cmp(k, primesub1) == 0)) { ++ gnutls_assert(); ++ ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; ++ goto dh_cleanup; ++ } ++ + if (flags & PK_DERIVE_TLS13) { + ret = + _gnutls_mpi_dprint_size(k, out, +@@ -370,7 +378,7 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, + ret = 0; + dh_cleanup: + _gnutls_mpi_release(&r); +- _gnutls_mpi_release(&ff); ++ _gnutls_mpi_release(&primesub1); + zrelease_temp_mpi_key(&k); + if (ret < 0) + goto cleanup; +-- +2.26.2 + + +From 13202600d3e42258d8758b05ff45a3e3d0f07e4e Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Fri, 10 Jul 2020 09:42:30 +0200 +Subject: [PATCH 2/5] ecdh: check validity of P before export + +SP800-56A rev3 section 5.7.1.2 step 2 mandates that the validity of +the calculated shared secret is verified before the data is returned +to the caller. This patch adds the validation check. + +Suggested by Stephan Mueller. + +Signed-off-by: Daiki Ueno +--- + lib/nettle/pk.c | 27 +++++++++++++++++++++------ + 1 file changed, 21 insertions(+), 6 deletions(-) + +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index 08c7d4860..7f0fa8e03 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c +@@ -229,25 +229,38 @@ _gost_params_to_pubkey(const gnutls_pk_params_st * pk_params, + } + #endif + +-static void ++static int + ecc_shared_secret(struct ecc_scalar *private_key, + struct ecc_point *public_key, void *out, unsigned size) + { + struct ecc_point r; +- mpz_t x; ++ mpz_t x, y; ++ int ret = 0; + + mpz_init(x); ++ mpz_init(y); + ecc_point_init(&r, public_key->ecc); + + ecc_point_mul(&r, private_key, public_key); + +- ecc_point_get(&r, x, NULL); ++ ecc_point_get(&r, x, y); ++ ++ /* Check if the point is not an identity element. Note that this cannot ++ * happen in nettle implementation, because it cannot represent an ++ * infinity point. */ ++ if (mpz_cmp_ui(x, 0) == 0 && mpz_cmp_ui(y, 0) == 0) { ++ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ goto cleanup; ++ } ++ + nettle_mpz_get_str_256(size, out, x); + ++ cleanup: + mpz_clear(x); ++ mpz_clear(y); + ecc_point_clear(&r); + +- return; ++ return ret; + } + + #define MAX_DH_BITS DEFAULT_MAX_VERIFY_BITS +@@ -423,8 +436,10 @@ dh_cleanup: + goto ecc_cleanup; + } + +- ecc_shared_secret(&ecc_priv, &ecc_pub, out->data, +- out->size); ++ ret = ecc_shared_secret(&ecc_priv, &ecc_pub, out->data, ++ out->size); ++ if (ret < 0) ++ gnutls_free(out->data); + + ecc_cleanup: + ecc_point_clear(&ecc_pub); +-- +2.26.2 + + +From 245fb622e82bfa7b80d2cec7cafdbc65014ca3cb Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Fri, 17 Jul 2020 17:45:17 +0200 +Subject: [PATCH 3/5] dh-primes: make the FIPS approved check return Q value + +This is necessary for full public key validation in +SP800-56A (revision 3), section 5.6.2.3.1. + +Signed-off-by: Daiki Ueno +--- + lib/auth/dh_common.c | 2 +- + lib/dh-primes.c | 38 +++++++++++++++++++++++--------------- + lib/dh.h | 10 ++++++---- + 3 files changed, 30 insertions(+), 20 deletions(-) + +diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c +index 252eea0cb..fcd696d4d 100644 +--- a/lib/auth/dh_common.c ++++ b/lib/auth/dh_common.c +@@ -259,7 +259,7 @@ _gnutls_proc_dh_common_server_kx(gnutls_session_t session, + + #ifdef ENABLE_FIPS140 + if (gnutls_fips140_mode_enabled() && +- !_gnutls_dh_prime_is_fips_approved(data_p, n_p, data_g, n_g)) { ++ !_gnutls_dh_prime_match_fips_approved(data_p, n_p, data_g, n_g, NULL, NULL)) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } +diff --git a/lib/dh-primes.c b/lib/dh-primes.c +index a43a8e5de..a440b5b98 100644 +--- a/lib/dh-primes.c ++++ b/lib/dh-primes.c +@@ -1894,25 +1894,28 @@ const gnutls_datum_t gnutls_modp_8192_group_generator = { + const unsigned int gnutls_modp_8192_key_bits = 512; + + unsigned +-_gnutls_dh_prime_is_fips_approved(const uint8_t *prime, +- size_t prime_size, +- const uint8_t *generator, +- size_t generator_size) ++_gnutls_dh_prime_match_fips_approved(const uint8_t *prime, ++ size_t prime_size, ++ const uint8_t *generator, ++ size_t generator_size, ++ uint8_t **q, ++ size_t *q_size) + { + static const struct { + const gnutls_datum_t *prime; + const gnutls_datum_t *generator; ++ const gnutls_datum_t *q; + } primes[] = { +- { &gnutls_ffdhe_8192_group_prime, &gnutls_ffdhe_8192_group_generator }, +- { &gnutls_ffdhe_6144_group_prime, &gnutls_ffdhe_6144_group_generator }, +- { &gnutls_ffdhe_4096_group_prime, &gnutls_ffdhe_4096_group_generator }, +- { &gnutls_ffdhe_3072_group_prime, &gnutls_ffdhe_3072_group_generator }, +- { &gnutls_ffdhe_2048_group_prime, &gnutls_ffdhe_2048_group_generator }, +- { &gnutls_modp_8192_group_prime, &gnutls_modp_8192_group_generator }, +- { &gnutls_modp_6144_group_prime, &gnutls_modp_6144_group_generator }, +- { &gnutls_modp_4096_group_prime, &gnutls_modp_4096_group_generator }, +- { &gnutls_modp_3072_group_prime, &gnutls_modp_3072_group_generator }, +- { &gnutls_modp_2048_group_prime, &gnutls_modp_2048_group_generator }, ++ { &gnutls_ffdhe_8192_group_prime, &gnutls_ffdhe_8192_group_generator, &gnutls_ffdhe_8192_group_q }, ++ { &gnutls_ffdhe_6144_group_prime, &gnutls_ffdhe_6144_group_generator, &gnutls_ffdhe_6144_group_q }, ++ { &gnutls_ffdhe_4096_group_prime, &gnutls_ffdhe_4096_group_generator, &gnutls_ffdhe_4096_group_q }, ++ { &gnutls_ffdhe_3072_group_prime, &gnutls_ffdhe_3072_group_generator, &gnutls_ffdhe_3072_group_q }, ++ { &gnutls_ffdhe_2048_group_prime, &gnutls_ffdhe_2048_group_generator, &gnutls_ffdhe_2048_group_q }, ++ { &gnutls_modp_8192_group_prime, &gnutls_modp_8192_group_generator, &gnutls_modp_8192_group_q }, ++ { &gnutls_modp_6144_group_prime, &gnutls_modp_6144_group_generator, &gnutls_modp_6144_group_q }, ++ { &gnutls_modp_4096_group_prime, &gnutls_modp_4096_group_generator, &gnutls_modp_4096_group_q }, ++ { &gnutls_modp_3072_group_prime, &gnutls_modp_3072_group_generator, &gnutls_modp_3072_group_q }, ++ { &gnutls_modp_2048_group_prime, &gnutls_modp_2048_group_generator, &gnutls_modp_2048_group_q }, + }; + size_t i; + +@@ -1920,8 +1923,13 @@ _gnutls_dh_prime_is_fips_approved(const uint8_t *prime, + if (primes[i].prime->size == prime_size && + memcmp(primes[i].prime->data, prime, primes[i].prime->size) == 0 && + primes[i].generator->size == generator_size && +- memcmp(primes[i].generator->data, generator, primes[i].generator->size) == 0) ++ memcmp(primes[i].generator->data, generator, primes[i].generator->size) == 0) { ++ if (q) { ++ *q = primes[i].q->data; ++ *q_size = primes[i].q->size; ++ } + return 1; ++ } + } + + return 0; +diff --git a/lib/dh.h b/lib/dh.h +index 672451947..f5c2c0924 100644 +--- a/lib/dh.h ++++ b/lib/dh.h +@@ -61,9 +61,11 @@ extern const gnutls_datum_t gnutls_modp_2048_group_generator; + extern const unsigned int gnutls_modp_2048_key_bits; + + unsigned +-_gnutls_dh_prime_is_fips_approved(const uint8_t *prime, +- size_t prime_size, +- const uint8_t *generator, +- size_t generator_size); ++_gnutls_dh_prime_match_fips_approved(const uint8_t *prime, ++ size_t prime_size, ++ const uint8_t *generator, ++ size_t generator_size, ++ uint8_t **q, ++ size_t *q_size); + + #endif /* GNUTLS_LIB_DH_H */ +-- +2.26.2 + + +From 8b575625614fbe5a22b68dc8d1877efb1d44dd37 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Fri, 17 Jul 2020 17:47:06 +0200 +Subject: [PATCH 4/5] dh: perform SP800-56A rev3 full pubkey validation on + keygen + +This implements full public key validation required in SP800-56A rev3, +section 5.6.2.3.1. + +Signed-off-by: Daiki Ueno +--- + lib/nettle/pk.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 90 insertions(+) + +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index 7f0fa8e03..057836bc2 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c +@@ -71,6 +71,7 @@ + #include "int/dsa-compute-k.h" + #include + #include ++#include "dh.h" + + static inline const struct ecc_curve *get_supported_nist_curve(int curve); + static inline const struct ecc_curve *get_supported_gost_curve(int curve); +@@ -2131,6 +2132,53 @@ edwards_curve_mul_g(gnutls_pk_algorithm_t algo, + } + } + ++static inline int ++dh_find_q(const gnutls_pk_params_st *pk_params, mpz_t q) ++{ ++ gnutls_datum_t prime = { NULL, 0 }; ++ gnutls_datum_t generator = { NULL, 0 }; ++ uint8_t *data_q; ++ size_t n_q; ++ bigint_t _q; ++ int ret = 0; ++ ++ ret = _gnutls_mpi_dprint(pk_params->params[DSA_P], &prime); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto cleanup; ++ } ++ ++ ret = _gnutls_mpi_dprint(pk_params->params[DSA_G], &generator); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto cleanup; ++ } ++ ++ if (!_gnutls_dh_prime_match_fips_approved(prime.data, ++ prime.size, ++ generator.data, ++ generator.size, ++ &data_q, ++ &n_q)) { ++ ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); ++ goto cleanup; ++ } ++ ++ if (_gnutls_mpi_init_scan_nz(&_q, data_q, n_q) != 0) { ++ ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ mpz_set(q, TOMPZ(_q)); ++ _gnutls_mpi_release(&_q); ++ ++ cleanup: ++ gnutls_free(prime.data); ++ gnutls_free(generator.data); ++ ++ return ret; ++} ++ + /* To generate a DH key either q must be set in the params or + * level should be set to the number of required bits. + */ +@@ -2212,6 +2260,9 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + mpz_t x, y; + int max_tries; + unsigned have_q = 0; ++ mpz_t q; ++ mpz_t primesub1; ++ mpz_t ypowq; + + if (algo != params->algo) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); +@@ -2229,6 +2280,10 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + mpz_init(x); + mpz_init(y); + ++ mpz_init(q); ++ mpz_init(primesub1); ++ mpz_init(ypowq); ++ + max_tries = 3; + do { + if (have_q) { +@@ -2260,8 +2315,40 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + ret = GNUTLS_E_LIB_IN_ERROR_STATE; + goto dh_fail; + } ++ + } while(mpz_cmp_ui(y, 1) == 0); + ++#ifdef ENABLE_FIPS140 ++ if (_gnutls_fips_mode_enabled()) { ++ /* Perform FFC full public key validation checks ++ * according to SP800-56A (revision 3), 5.6.2.3.1. ++ */ ++ ++ /* Step 1: 2 <= y <= p - 2 */ ++ mpz_sub_ui(primesub1, pub.p, 1); ++ ++ if (mpz_cmp_ui(y, 2) < 0 || mpz_cmp(y, primesub1) >= 0) { ++ ret = gnutls_assert_val(GNUTLS_E_RANDOM_FAILED); ++ goto dh_fail; ++ } ++ ++ /* Step 2: 1 = y^q mod p */ ++ if (have_q) ++ mpz_set(q, pub.q); ++ else { ++ ret = dh_find_q(params, q); ++ if (ret < 0) ++ goto dh_fail; ++ } ++ ++ mpz_powm(ypowq, y, q, pub.p); ++ if (mpz_cmp_ui(ypowq, 1) != 0) { ++ ret = gnutls_assert_val(GNUTLS_E_RANDOM_FAILED); ++ goto dh_fail; ++ } ++ } ++#endif ++ + ret = _gnutls_mpi_init_multi(¶ms->params[DSA_Y], ¶ms->params[DSA_X], NULL); + if (ret < 0) { + gnutls_assert(); +@@ -2278,6 +2365,9 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + mpz_clear(r); + mpz_clear(x); + mpz_clear(y); ++ mpz_clear(q); ++ mpz_clear(primesub1); ++ mpz_clear(ypowq); + + if (ret < 0) + goto fail; +-- +2.26.2 + + +From 23756c8580dff99d0856adca49dd22a55352ad62 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Sat, 18 Jul 2020 08:26:48 +0200 +Subject: [PATCH 5/5] ecdh: perform SP800-56A rev3 full pubkey validation on + keygen + +This implements full public key validation required in +SP800-56A rev3, section 5.6.2.3.3. + +Signed-off-by: Daiki Ueno +--- + lib/nettle/pk.c | 182 +++++++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 180 insertions(+), 2 deletions(-) + +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index 057836bc2..588e9df50 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c +@@ -1552,6 +1552,80 @@ static inline const struct ecc_curve *get_supported_nist_curve(int curve) + } + } + ++static inline const char *get_supported_nist_curve_order(int curve) ++{ ++ static const struct { ++ int curve; ++ const char *order; ++ } orders[] = { ++#ifdef ENABLE_NON_SUITEB_CURVES ++ { GNUTLS_ECC_CURVE_SECP192R1, ++ "ffffffffffffffffffffffff99def836" ++ "146bc9b1b4d22831" }, ++ { GNUTLS_ECC_CURVE_SECP224R1, ++ "ffffffffffffffffffffffffffff16a2" ++ "e0b8f03e13dd29455c5c2a3d" }, ++#endif ++ { GNUTLS_ECC_CURVE_SECP256R1, ++ "ffffffff00000000ffffffffffffffff" ++ "bce6faada7179e84f3b9cac2fc632551" }, ++ { GNUTLS_ECC_CURVE_SECP384R1, ++ "ffffffffffffffffffffffffffffffff" ++ "ffffffffffffffffc7634d81f4372ddf" ++ "581a0db248b0a77aecec196accc52973" }, ++ { GNUTLS_ECC_CURVE_SECP521R1, ++ "1fffffffffffffffffffffffffffffff" ++ "ffffffffffffffffffffffffffffffff" ++ "ffa51868783bf2f966b7fcc0148f709a" ++ "5d03bb5c9b8899c47aebb6fb71e91386" ++ "409" }, ++ }; ++ size_t i; ++ ++ for (i = 0; i < sizeof(orders)/sizeof(orders[0]); i++) { ++ if (orders[i].curve == curve) ++ return orders[i].order; ++ } ++ return NULL; ++} ++ ++static inline const char *get_supported_nist_curve_modulus(int curve) ++{ ++ static const struct { ++ int curve; ++ const char *order; ++ } orders[] = { ++#ifdef ENABLE_NON_SUITEB_CURVES ++ { GNUTLS_ECC_CURVE_SECP192R1, ++ "fffffffffffffffffffffffffffffffe" ++ "ffffffffffffffff" }, ++ { GNUTLS_ECC_CURVE_SECP224R1, ++ "ffffffffffffffffffffffffffffffff" ++ "000000000000000000000001" }, ++#endif ++ { GNUTLS_ECC_CURVE_SECP256R1, ++ "ffffffff000000010000000000000000" ++ "00000000ffffffffffffffffffffffff" }, ++ { GNUTLS_ECC_CURVE_SECP384R1, ++ "ffffffffffffffffffffffffffffffff" ++ "fffffffffffffffffffffffffffffffe" ++ "ffffffff0000000000000000ffffffff" }, ++ { GNUTLS_ECC_CURVE_SECP521R1, ++ "1ff" ++ "ffffffffffffffffffffffffffffffff" ++ "ffffffffffffffffffffffffffffffff" ++ "ffffffffffffffffffffffffffffffff" ++ "ffffffffffffffffffffffffffffffff" }, ++ }; ++ size_t i; ++ ++ for (i = 0; i < sizeof(orders)/sizeof(orders[0]); i++) { ++ if (orders[i].curve == curve) ++ return orders[i].order; ++ } ++ return NULL; ++} ++ + static inline const struct ecc_curve *get_supported_gost_curve(int curve) + { + switch (curve) { +@@ -2507,6 +2581,10 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + struct ecc_scalar key; + struct ecc_point pub; + const struct ecc_curve *curve; ++ struct ecc_scalar n; ++ struct ecc_scalar m; ++ struct ecc_point r; ++ mpz_t x, y, xx, yy, nn, mm; + + curve = get_supported_nist_curve(level); + if (curve == NULL) +@@ -2514,8 +2592,18 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + gnutls_assert_val + (GNUTLS_E_ECC_UNSUPPORTED_CURVE); + ++ mpz_init(x); ++ mpz_init(y); ++ mpz_init(xx); ++ mpz_init(yy); ++ mpz_init(nn); ++ mpz_init(mm); ++ + ecc_scalar_init(&key, curve); + ecc_point_init(&pub, curve); ++ ecc_scalar_init(&n, curve); ++ ecc_scalar_init(&m, curve); ++ ecc_point_init(&r, curve); + + ecdsa_generate_keypair(&pub, &key, NULL, rnd_func); + if (HAVE_LIB_ERROR()) { +@@ -2533,15 +2621,105 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + params->curve = level; + params->params_nr = ECC_PRIVATE_PARAMS; + +- ecc_point_get(&pub, TOMPZ(params->params[ECC_X]), +- TOMPZ(params->params[ECC_Y])); ++ ecc_point_get(&pub, x, y); ++ ++#ifdef ENABLE_FIPS140 ++ if (_gnutls_fips_mode_enabled()) { ++ /* Perform ECC full public key validation checks ++ * according to SP800-56A (revision 3), 5.6.2.3.3. ++ */ ++ ++ const char *order, *modulus; ++ ++ /* Step 1: verify that Q is not an identity ++ * element (an infinity point). Note that this ++ * cannot happen in the nettle implementation, ++ * because it cannot represent an infinity point ++ * on curves. */ ++ if (mpz_cmp_ui(x, 0) == 0 && mpz_cmp_ui(y, 0) == 0) { ++ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ goto ecc_fail; ++ } ++ ++ /* Step 2: verify that both coordinates of Q are ++ * in the range [0, p - 1]. ++ * ++ * Step 3: verify that Q lie on the curve ++ * ++ * Both checks are performed in nettle. */ ++ if (!ecc_point_set(&r, x, y)) { ++ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ goto ecc_fail; ++ } ++ ++ /* Step 4: verify that n * Q, where n is the ++ * curve order, result in an identity element ++ * ++ * Since nettle internally cannot represent an ++ * identity element on curves, we validate this ++ * instead: ++ * ++ * (n - 1) * Q = -Q ++ * ++ * That effectively means: n * Q = -Q + Q = O ++ */ ++ order = get_supported_nist_curve_order(level); ++ if (unlikely(order == NULL)) { ++ ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); ++ goto ecc_fail; ++ } ++ ++ ret = mpz_set_str(nn, order, 16); ++ if (unlikely(ret < 0)) { ++ ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto ecc_fail; ++ } ++ ++ modulus = get_supported_nist_curve_modulus(level); ++ if (unlikely(modulus == NULL)) { ++ ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); ++ goto ecc_fail; ++ } ++ ++ ret = mpz_set_str(mm, modulus, 16); ++ if (unlikely(ret < 0)) { ++ ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto ecc_fail; ++ } ++ ++ /* (n - 1) * Q = -Q */ ++ mpz_sub_ui (nn, nn, 1); ++ ecc_scalar_set(&n, nn); ++ ecc_point_mul(&r, &n, &r); ++ ecc_point_get(&r, xx, yy); ++ mpz_sub (mm, mm, y); ++ ++ if (mpz_cmp(xx, x) != 0 || mpz_cmp(yy, mm) != 0) { ++ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ goto ecc_fail; ++ } ++ } ++#endif ++ ++ mpz_set(TOMPZ(params->params[ECC_X]), x); ++ mpz_set(TOMPZ(params->params[ECC_Y]), y); ++ + ecc_scalar_get(&key, TOMPZ(params->params[ECC_K])); + + ret = 0; + + ecc_fail: ++ mpz_clear(x); ++ mpz_clear(y); ++ mpz_clear(xx); ++ mpz_clear(yy); ++ mpz_clear(nn); ++ mpz_clear(mm); + ecc_point_clear(&pub); + ecc_scalar_clear(&key); ++ ecc_point_clear(&r); ++ ecc_scalar_clear(&n); ++ ecc_scalar_clear(&m); + + if (ret < 0) + goto fail; +-- +2.26.2 + diff --git a/SOURCES/gnutls-3.6.14-fips-dh-primes.patch b/SOURCES/gnutls-3.6.14-fips-dh-primes.patch new file mode 100644 index 0000000..4aa5846 --- /dev/null +++ b/SOURCES/gnutls-3.6.14-fips-dh-primes.patch @@ -0,0 +1,1843 @@ +From 481e48f3236be42ff1fcb96f96c4efcbb2b69242 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Fri, 26 Jun 2020 09:43:02 +0200 +Subject: [PATCH 1/2] dh-primes: add MODP primes from RFC 3526 + +Signed-off-by: Daiki Ueno +--- + lib/dh-primes.c | 933 ++++++++++++++++++++++++++++++++++++++++++++++++ + lib/dh.h | 29 ++ + 2 files changed, 962 insertions(+) + +diff --git a/lib/dh-primes.c b/lib/dh-primes.c +index d785584d0..5d2dce0fb 100644 +--- a/lib/dh-primes.c ++++ b/lib/dh-primes.c +@@ -960,4 +960,937 @@ const gnutls_datum_t gnutls_ffdhe_8192_group_generator = { + }; + const unsigned int gnutls_ffdhe_8192_key_bits = 512; + ++static const unsigned char modp_generator = 0x02; ++ ++static const unsigned char modp_params_2048[] = { ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, ++ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, ++ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, ++ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, ++ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, ++ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, ++ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, ++ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, ++ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, ++ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, ++ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, ++ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, ++ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, ++ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, ++ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, ++ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, ++ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, ++ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, ++ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, ++ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D, ++ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, ++ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, ++ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, ++ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, ++ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, ++ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, ++ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, ++ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, ++ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, ++ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, ++ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, ++ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, ++ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, ++ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A, ++ 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xFF, 0xFF, 0xFF ++}; ++ ++static const unsigned char modp_q_2048[] = { ++ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4, ++ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0, ++ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04, ++ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF, ++ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5, ++ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7, ++ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D, ++ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A, ++ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8, ++ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31, ++ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74, ++ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE, ++ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C, ++ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7, ++ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3, ++ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D, ++ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1, ++ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E, ++ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4, ++ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE, ++ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31, ++ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF, ++ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36, ++ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C, ++ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C, ++ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17, ++ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96, ++ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1, ++ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2, ++ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF, ++ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C, ++ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5, ++ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D, ++ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45, ++ 0x56, 0x55, 0x34, 0x7F, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xFF, 0xFF, 0xFF ++}; ++ ++const gnutls_datum_t gnutls_modp_2048_group_prime = { ++ (void *) modp_params_2048, sizeof(modp_params_2048) ++}; ++const gnutls_datum_t gnutls_modp_2048_group_q = { ++ (void *) modp_q_2048, sizeof(modp_q_2048) ++}; ++const gnutls_datum_t gnutls_modp_2048_group_generator = { ++ (void *) &modp_generator, sizeof(modp_generator) ++}; ++const unsigned int gnutls_modp_2048_key_bits = 256; ++ ++static const unsigned char modp_params_3072[] = { ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, ++ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, ++ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, ++ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, ++ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, ++ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, ++ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, ++ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, ++ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, ++ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, ++ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, ++ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, ++ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, ++ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, ++ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, ++ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, ++ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, ++ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, ++ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, ++ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D, ++ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, ++ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, ++ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, ++ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, ++ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, ++ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, ++ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, ++ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, ++ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, ++ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, ++ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, ++ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, ++ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, ++ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A, ++ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, ++ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, ++ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB, ++ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, ++ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, ++ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, ++ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, ++ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A, ++ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, ++ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA, ++ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, ++ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52, ++ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, ++ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, ++ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, ++ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, ++ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC, ++ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, ++ 0x20, 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ++}; ++ ++static const unsigned char modp_q_3072[] = { ++ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4, ++ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0, ++ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04, ++ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF, ++ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5, ++ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7, ++ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D, ++ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A, ++ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8, ++ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31, ++ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74, ++ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE, ++ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C, ++ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7, ++ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3, ++ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D, ++ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1, ++ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E, ++ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4, ++ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE, ++ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31, ++ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF, ++ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36, ++ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C, ++ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C, ++ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17, ++ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96, ++ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1, ++ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2, ++ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF, ++ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C, ++ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5, ++ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D, ++ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45, ++ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86, ++ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90, ++ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D, ++ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45, ++ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E, ++ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2, ++ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84, ++ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25, ++ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13, ++ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD, ++ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B, ++ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29, ++ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06, ++ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE, ++ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C, ++ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A, ++ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE, ++ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68, ++ 0x90, 0x54, 0x9D, 0x69, 0x65, 0x7F, 0xFF, ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ++}; ++ ++const gnutls_datum_t gnutls_modp_3072_group_prime = { ++ (void *) modp_params_3072, sizeof(modp_params_3072) ++}; ++const gnutls_datum_t gnutls_modp_3072_group_q = { ++ (void *) modp_q_3072, sizeof(modp_q_3072) ++}; ++const gnutls_datum_t gnutls_modp_3072_group_generator = { ++ (void *) &modp_generator, sizeof(modp_generator) ++}; ++const unsigned int gnutls_modp_3072_key_bits = 276; ++ ++static const unsigned char modp_params_4096[] = { ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, ++ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, ++ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, ++ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, ++ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, ++ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, ++ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, ++ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, ++ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, ++ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, ++ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, ++ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, ++ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, ++ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, ++ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, ++ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, ++ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, ++ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, ++ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, ++ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D, ++ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, ++ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, ++ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, ++ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, ++ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, ++ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, ++ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, ++ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, ++ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, ++ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, ++ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, ++ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, ++ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, ++ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A, ++ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, ++ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, ++ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB, ++ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, ++ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, ++ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, ++ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, ++ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A, ++ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, ++ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA, ++ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, ++ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52, ++ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, ++ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, ++ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, ++ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, ++ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC, ++ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, ++ 0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, ++ 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88, ++ 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, ++ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, ++ 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, ++ 0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A, ++ 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, ++ 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, ++ 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C, ++ 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, ++ 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, ++ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, ++ 0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, ++ 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21, ++ 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, ++ 0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA, ++ 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, ++ 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D, ++ 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF ++}; ++ ++static const unsigned char modp_q_4096[] = { ++ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4, ++ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0, ++ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04, ++ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF, ++ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5, ++ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7, ++ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D, ++ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A, ++ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8, ++ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31, ++ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74, ++ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE, ++ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C, ++ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7, ++ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3, ++ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D, ++ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1, ++ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E, ++ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4, ++ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE, ++ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31, ++ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF, ++ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36, ++ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C, ++ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C, ++ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17, ++ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96, ++ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1, ++ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2, ++ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF, ++ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C, ++ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5, ++ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D, ++ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45, ++ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86, ++ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90, ++ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D, ++ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45, ++ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E, ++ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2, ++ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84, ++ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25, ++ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13, ++ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD, ++ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B, ++ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29, ++ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06, ++ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE, ++ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C, ++ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A, ++ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE, ++ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68, ++ 0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39, ++ 0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4, ++ 0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93, ++ 0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71, ++ 0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A, ++ 0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15, ++ 0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D, ++ 0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E, ++ 0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E, ++ 0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC, ++ 0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1, ++ 0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3, ++ 0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71, ++ 0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10, ++ 0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93, ++ 0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75, ++ 0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F, ++ 0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6, ++ 0xFA, 0x1A, 0xE4, 0x9A, 0x03, 0x18, 0xCC, ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF ++}; ++ ++const gnutls_datum_t gnutls_modp_4096_group_prime = { ++ (void *) modp_params_4096, sizeof(modp_params_4096) ++}; ++const gnutls_datum_t gnutls_modp_4096_group_q = { ++ (void *) modp_q_4096, sizeof(modp_q_4096) ++}; ++const gnutls_datum_t gnutls_modp_4096_group_generator = { ++ (void *) &modp_generator, sizeof(modp_generator) ++}; ++const unsigned int gnutls_modp_4096_key_bits = 336; ++ ++static const unsigned char modp_params_6144[] = { ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, ++ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, ++ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, ++ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, ++ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, ++ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, ++ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, ++ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, ++ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, ++ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, ++ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, ++ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, ++ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, ++ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, ++ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, ++ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, ++ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, ++ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, ++ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, ++ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D, ++ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, ++ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, ++ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, ++ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, ++ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, ++ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, ++ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, ++ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, ++ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, ++ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, ++ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, ++ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, ++ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, ++ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A, ++ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, ++ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, ++ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB, ++ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, ++ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, ++ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, ++ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, ++ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A, ++ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, ++ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA, ++ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, ++ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52, ++ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, ++ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, ++ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, ++ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, ++ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC, ++ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, ++ 0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, ++ 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88, ++ 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, ++ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, ++ 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, ++ 0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A, ++ 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, ++ 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, ++ 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C, ++ 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, ++ 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, ++ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, ++ 0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, ++ 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21, ++ 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, ++ 0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA, ++ 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, ++ 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D, ++ 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, ++ 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, ++ 0x26, 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, ++ 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, ++ 0xBA, 0x37, 0xBD, 0xF8, 0xFF, 0x94, 0x06, ++ 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, ++ 0x2F, 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, ++ 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 0x17, ++ 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, ++ 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, ++ 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, ++ 0xBB, 0x1B, 0xDB, 0x7F, 0x14, 0x47, 0xE6, ++ 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51, ++ 0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, ++ 0x01, 0x37, 0x8C, 0xD2, 0xBF, 0x59, 0x83, ++ 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, ++ 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, ++ 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, ++ 0xF6, 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, ++ 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, 0x90, ++ 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, ++ 0xBE, 0xC7, 0xE8, 0xF3, 0x23, 0xA9, 0x7A, ++ 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, ++ 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 0x4B, ++ 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, ++ 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, ++ 0xD8, 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, ++ 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, ++ 0x9B, 0xE3, 0x28, 0x06, 0xA1, 0xD5, 0x8B, ++ 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, ++ 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, ++ 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 0xDA, ++ 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, ++ 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, ++ 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, ++ 0x60, 0xEE, 0x12, 0xBF, 0x2D, 0x5B, 0x0B, ++ 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E, ++ 0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ++}; ++ ++static const unsigned char modp_q_6144[] = { ++ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4, ++ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0, ++ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04, ++ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF, ++ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5, ++ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7, ++ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D, ++ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A, ++ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8, ++ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31, ++ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74, ++ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE, ++ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C, ++ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7, ++ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3, ++ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D, ++ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1, ++ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E, ++ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4, ++ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE, ++ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31, ++ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF, ++ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36, ++ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C, ++ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C, ++ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17, ++ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96, ++ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1, ++ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2, ++ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF, ++ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C, ++ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5, ++ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D, ++ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45, ++ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86, ++ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90, ++ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D, ++ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45, ++ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E, ++ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2, ++ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84, ++ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25, ++ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13, ++ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD, ++ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B, ++ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29, ++ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06, ++ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE, ++ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C, ++ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A, ++ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE, ++ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68, ++ 0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39, ++ 0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4, ++ 0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93, ++ 0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71, ++ 0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A, ++ 0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15, ++ 0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D, ++ 0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E, ++ 0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E, ++ 0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC, ++ 0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1, ++ 0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3, ++ 0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71, ++ 0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10, ++ 0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93, ++ 0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75, ++ 0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F, ++ 0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6, ++ 0xFA, 0x1A, 0xE4, 0x9A, 0x01, 0x42, 0x49, ++ 0x1B, 0x61, 0xFD, 0x5A, 0x69, 0x3E, 0x38, ++ 0x13, 0x60, 0xEA, 0x6E, 0x59, 0x30, 0x13, ++ 0x23, 0x6F, 0x64, 0xBA, 0x8F, 0x3B, 0x1E, ++ 0xDD, 0x1B, 0xDE, 0xFC, 0x7F, 0xCA, 0x03, ++ 0x56, 0xCF, 0x29, 0x87, 0x72, 0xED, 0x9C, ++ 0x17, 0xA0, 0x98, 0x00, 0xD7, 0x58, 0x35, ++ 0x29, 0xF6, 0xC8, 0x13, 0xEC, 0x18, 0x8B, ++ 0xCB, 0x93, 0xD8, 0x43, 0x2D, 0x44, 0x8C, ++ 0x6D, 0x1F, 0x6D, 0xF5, 0xE7, 0xCD, 0x8A, ++ 0x76, 0xA2, 0x67, 0x36, 0x5D, 0x67, 0x6A, ++ 0x5D, 0x8D, 0xED, 0xBF, 0x8A, 0x23, 0xF3, ++ 0x66, 0x12, 0xA5, 0x99, 0x90, 0x28, 0xA8, ++ 0x95, 0xEB, 0xD7, 0xA1, 0x37, 0xDC, 0x7A, ++ 0x00, 0x9B, 0xC6, 0x69, 0x5F, 0xAC, 0xC1, ++ 0xE5, 0x00, 0xE3, 0x25, 0xC9, 0x76, 0x78, ++ 0x19, 0x75, 0x0A, 0xE8, 0xB9, 0x0E, 0x81, ++ 0xFA, 0x41, 0x6B, 0xE7, 0x37, 0x3A, 0x7F, ++ 0x7B, 0x6A, 0xAF, 0x38, 0x17, 0xA3, 0x4C, ++ 0x06, 0x41, 0x5A, 0xD4, 0x20, 0x18, 0xC8, ++ 0x05, 0x8E, 0x4F, 0x2C, 0xF3, 0xE4, 0xBF, ++ 0xDF, 0x63, 0xF4, 0x79, 0x91, 0xD4, 0xBD, ++ 0x3F, 0x1B, 0x66, 0x44, 0x5F, 0x07, 0x8E, ++ 0xA2, 0xDB, 0xFF, 0xAC, 0x2D, 0x62, 0xA5, ++ 0xEA, 0x03, 0xD9, 0x15, 0xA0, 0xAA, 0x55, ++ 0x66, 0x47, 0xB6, 0xBF, 0x5F, 0xA4, 0x70, ++ 0xEC, 0x0A, 0x66, 0x2F, 0x69, 0x07, 0xC0, ++ 0x1B, 0xF0, 0x53, 0xCB, 0x8A, 0xF7, 0x79, ++ 0x4D, 0xF1, 0x94, 0x03, 0x50, 0xEA, 0xC5, ++ 0xDB, 0xE2, 0xED, 0x3B, 0x7A, 0xA8, 0x55, ++ 0x1E, 0xC5, 0x0F, 0xDF, 0xF8, 0x75, 0x8C, ++ 0xE6, 0x58, 0xD1, 0x89, 0xEA, 0xAE, 0x6D, ++ 0x2B, 0x64, 0xF6, 0x17, 0x79, 0x4B, 0x19, ++ 0x1C, 0x3F, 0xF4, 0x6B, 0xB7, 0x1E, 0x02, ++ 0x34, 0x02, 0x1F, 0x47, 0xB3, 0x1F, 0xA4, ++ 0x30, 0x77, 0x09, 0x5F, 0x96, 0xAD, 0x85, ++ 0xBA, 0x3A, 0x6B, 0x73, 0x4A, 0x7C, 0x8F, ++ 0x36, 0xE6, 0x20, 0x12, 0x7F, 0xFF, 0xFF, ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ++}; ++ ++const gnutls_datum_t gnutls_modp_6144_group_prime = { ++ (void *) modp_params_6144, sizeof(modp_params_6144) ++}; ++const gnutls_datum_t gnutls_modp_6144_group_q = { ++ (void *) modp_q_6144, sizeof(modp_q_6144) ++}; ++const gnutls_datum_t gnutls_modp_6144_group_generator = { ++ (void *) &modp_generator, sizeof(modp_generator) ++}; ++const unsigned int gnutls_modp_6144_key_bits = 376; ++ ++static const unsigned char modp_params_8192[] = { ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, ++ 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, ++ 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, ++ 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, ++ 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, ++ 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, ++ 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, ++ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, ++ 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, ++ 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, ++ 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, ++ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, ++ 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, ++ 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, ++ 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, ++ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, ++ 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, ++ 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, ++ 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, ++ 0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D, ++ 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, ++ 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, ++ 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, ++ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, ++ 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, ++ 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, ++ 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, ++ 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, ++ 0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, ++ 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, ++ 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, ++ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, ++ 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, ++ 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A, ++ 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, ++ 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, ++ 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB, ++ 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, ++ 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, ++ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, ++ 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, ++ 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A, ++ 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, ++ 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA, ++ 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, ++ 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52, ++ 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, ++ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, ++ 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, ++ 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, ++ 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC, ++ 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, ++ 0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, ++ 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88, ++ 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, ++ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, ++ 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, ++ 0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A, ++ 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, ++ 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, ++ 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C, ++ 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, ++ 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, ++ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, ++ 0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, ++ 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21, ++ 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, ++ 0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA, ++ 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, ++ 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D, ++ 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, ++ 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, ++ 0x26, 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, ++ 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, ++ 0xBA, 0x37, 0xBD, 0xF8, 0xFF, 0x94, 0x06, ++ 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, ++ 0x2F, 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, ++ 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 0x17, ++ 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, ++ 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, ++ 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, ++ 0xBB, 0x1B, 0xDB, 0x7F, 0x14, 0x47, 0xE6, ++ 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51, ++ 0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, ++ 0x01, 0x37, 0x8C, 0xD2, 0xBF, 0x59, 0x83, ++ 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, ++ 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, ++ 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, ++ 0xF6, 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, ++ 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, 0x90, ++ 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, ++ 0xBE, 0xC7, 0xE8, 0xF3, 0x23, 0xA9, 0x7A, ++ 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, ++ 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 0x4B, ++ 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, ++ 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, ++ 0xD8, 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, ++ 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, ++ 0x9B, 0xE3, 0x28, 0x06, 0xA1, 0xD5, 0x8B, ++ 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, ++ 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, ++ 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 0xDA, ++ 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, ++ 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, ++ 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, ++ 0x60, 0xEE, 0x12, 0xBF, 0x2D, 0x5B, 0x0B, ++ 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E, ++ 0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92, ++ 0x6F, 0x12, 0xFE, 0xE5, 0xE4, 0x38, 0x77, ++ 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8, ++ 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA, ++ 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, ++ 0x00, 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, ++ 0x47, 0xED, 0x25, 0x76, 0xF6, 0x93, 0x6B, ++ 0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C, ++ 0x5A, 0xE4, 0xF5, 0x68, 0x34, 0x23, 0xB4, ++ 0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F, ++ 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D, 0xE3, ++ 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9, ++ 0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, ++ 0x07, 0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, ++ 0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C, ++ 0xEA, 0x30, 0x6B, 0x4B, 0xCB, 0xC8, 0x86, ++ 0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B, ++ 0x7F, 0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68, ++ 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, 0x06, ++ 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, ++ 0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, ++ 0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, ++ 0x6A, 0x36, 0x45, 0x97, 0xE8, 0x99, 0xA0, ++ 0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5, ++ 0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48, ++ 0x19, 0x5D, 0xED, 0x7E, 0xA1, 0xB1, 0xD5, ++ 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA, ++ 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68, ++ 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, ++ 0x92, 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, ++ 0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E, 0xD5, ++ 0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6, ++ 0xFC, 0x02, 0x6E, 0x47, 0x95, 0x58, 0xE4, ++ 0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30, ++ 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF, 0xC8, ++ 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71, ++ 0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, ++ 0xDF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xFF ++}; ++ ++static const unsigned char modp_q_8192[] = { ++ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4, ++ 0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0, ++ 0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04, ++ 0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF, ++ 0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5, ++ 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7, ++ 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D, ++ 0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A, ++ 0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8, ++ 0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31, ++ 0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74, ++ 0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE, ++ 0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C, ++ 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7, ++ 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3, ++ 0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D, ++ 0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1, ++ 0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E, ++ 0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4, ++ 0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE, ++ 0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31, ++ 0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF, ++ 0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36, ++ 0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C, ++ 0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C, ++ 0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17, ++ 0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96, ++ 0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1, ++ 0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2, ++ 0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF, ++ 0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C, ++ 0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5, ++ 0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D, ++ 0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45, ++ 0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86, ++ 0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90, ++ 0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D, ++ 0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45, ++ 0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E, ++ 0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2, ++ 0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84, ++ 0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25, ++ 0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13, ++ 0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD, ++ 0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B, ++ 0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29, ++ 0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06, ++ 0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE, ++ 0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C, ++ 0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A, ++ 0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE, ++ 0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68, ++ 0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39, ++ 0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4, ++ 0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93, ++ 0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71, ++ 0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A, ++ 0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15, ++ 0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D, ++ 0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E, ++ 0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E, ++ 0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC, ++ 0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1, ++ 0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3, ++ 0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71, ++ 0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10, ++ 0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93, ++ 0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75, ++ 0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F, ++ 0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6, ++ 0xFA, 0x1A, 0xE4, 0x9A, 0x01, 0x42, 0x49, ++ 0x1B, 0x61, 0xFD, 0x5A, 0x69, 0x3E, 0x38, ++ 0x13, 0x60, 0xEA, 0x6E, 0x59, 0x30, 0x13, ++ 0x23, 0x6F, 0x64, 0xBA, 0x8F, 0x3B, 0x1E, ++ 0xDD, 0x1B, 0xDE, 0xFC, 0x7F, 0xCA, 0x03, ++ 0x56, 0xCF, 0x29, 0x87, 0x72, 0xED, 0x9C, ++ 0x17, 0xA0, 0x98, 0x00, 0xD7, 0x58, 0x35, ++ 0x29, 0xF6, 0xC8, 0x13, 0xEC, 0x18, 0x8B, ++ 0xCB, 0x93, 0xD8, 0x43, 0x2D, 0x44, 0x8C, ++ 0x6D, 0x1F, 0x6D, 0xF5, 0xE7, 0xCD, 0x8A, ++ 0x76, 0xA2, 0x67, 0x36, 0x5D, 0x67, 0x6A, ++ 0x5D, 0x8D, 0xED, 0xBF, 0x8A, 0x23, 0xF3, ++ 0x66, 0x12, 0xA5, 0x99, 0x90, 0x28, 0xA8, ++ 0x95, 0xEB, 0xD7, 0xA1, 0x37, 0xDC, 0x7A, ++ 0x00, 0x9B, 0xC6, 0x69, 0x5F, 0xAC, 0xC1, ++ 0xE5, 0x00, 0xE3, 0x25, 0xC9, 0x76, 0x78, ++ 0x19, 0x75, 0x0A, 0xE8, 0xB9, 0x0E, 0x81, ++ 0xFA, 0x41, 0x6B, 0xE7, 0x37, 0x3A, 0x7F, ++ 0x7B, 0x6A, 0xAF, 0x38, 0x17, 0xA3, 0x4C, ++ 0x06, 0x41, 0x5A, 0xD4, 0x20, 0x18, 0xC8, ++ 0x05, 0x8E, 0x4F, 0x2C, 0xF3, 0xE4, 0xBF, ++ 0xDF, 0x63, 0xF4, 0x79, 0x91, 0xD4, 0xBD, ++ 0x3F, 0x1B, 0x66, 0x44, 0x5F, 0x07, 0x8E, ++ 0xA2, 0xDB, 0xFF, 0xAC, 0x2D, 0x62, 0xA5, ++ 0xEA, 0x03, 0xD9, 0x15, 0xA0, 0xAA, 0x55, ++ 0x66, 0x47, 0xB6, 0xBF, 0x5F, 0xA4, 0x70, ++ 0xEC, 0x0A, 0x66, 0x2F, 0x69, 0x07, 0xC0, ++ 0x1B, 0xF0, 0x53, 0xCB, 0x8A, 0xF7, 0x79, ++ 0x4D, 0xF1, 0x94, 0x03, 0x50, 0xEA, 0xC5, ++ 0xDB, 0xE2, 0xED, 0x3B, 0x7A, 0xA8, 0x55, ++ 0x1E, 0xC5, 0x0F, 0xDF, 0xF8, 0x75, 0x8C, ++ 0xE6, 0x58, 0xD1, 0x89, 0xEA, 0xAE, 0x6D, ++ 0x2B, 0x64, 0xF6, 0x17, 0x79, 0x4B, 0x19, ++ 0x1C, 0x3F, 0xF4, 0x6B, 0xB7, 0x1E, 0x02, ++ 0x34, 0x02, 0x1F, 0x47, 0xB3, 0x1F, 0xA4, ++ 0x30, 0x77, 0x09, 0x5F, 0x96, 0xAD, 0x85, ++ 0xBA, 0x3A, 0x6B, 0x73, 0x4A, 0x7C, 0x8F, ++ 0x36, 0xDF, 0x08, 0xAC, 0xBA, 0x51, 0xC9, ++ 0x37, 0x89, 0x7F, 0x72, 0xF2, 0x1C, 0x3B, ++ 0xBE, 0x5B, 0x54, 0x99, 0x6F, 0xC6, 0x6C, ++ 0x5F, 0x62, 0x68, 0x39, 0xDC, 0x98, 0xDD, ++ 0x1D, 0xE4, 0x19, 0x5B, 0x46, 0xCE, 0xE9, ++ 0x80, 0x3A, 0x0F, 0xD3, 0xDF, 0xC5, 0x7E, ++ 0x23, 0xF6, 0x92, 0xBB, 0x7B, 0x49, 0xB5, ++ 0xD2, 0x12, 0x33, 0x1D, 0x55, 0xB1, 0xCE, ++ 0x2D, 0x72, 0x7A, 0xB4, 0x1A, 0x11, 0xDA, ++ 0x3A, 0x15, 0xF8, 0xE4, 0xBC, 0x11, 0xC7, ++ 0x8B, 0x65, 0xF1, 0xCE, 0xB2, 0x96, 0xF1, ++ 0xFE, 0xDC, 0x5F, 0x7E, 0x42, 0x45, 0x6C, ++ 0x91, 0x11, 0x17, 0x02, 0x52, 0x01, 0xBE, ++ 0x03, 0x89, 0xF5, 0xAB, 0xD4, 0x0D, 0x11, ++ 0xF8, 0x63, 0x9A, 0x39, 0xFE, 0x32, 0x36, ++ 0x75, 0x18, 0x35, 0xA5, 0xE5, 0xE4, 0x43, ++ 0x17, 0xC1, 0xC2, 0xEE, 0xFD, 0x4E, 0xA5, ++ 0xBF, 0xD1, 0x60, 0x43, 0xF4, 0x3C, 0xB4, ++ 0x19, 0x81, 0xF6, 0xAD, 0xEE, 0x9D, 0x03, ++ 0x15, 0x9E, 0x7A, 0xD9, 0xD1, 0x3C, 0x53, ++ 0x36, 0x95, 0x09, 0xFC, 0x1F, 0xA2, 0x7C, ++ 0x16, 0xEF, 0x98, 0x87, 0x70, 0x3A, 0x55, ++ 0xB5, 0x1B, 0x22, 0xCB, 0xF4, 0x4C, 0xD0, ++ 0x12, 0xAE, 0xE0, 0xB2, 0x79, 0x8E, 0x62, ++ 0x84, 0x23, 0x42, 0x8E, 0xFC, 0xD5, 0xA4, ++ 0x0C, 0xAE, 0xF6, 0xBF, 0x50, 0xD8, 0xEA, ++ 0x88, 0x5E, 0xBF, 0x73, 0xA6, 0xB9, 0xFD, ++ 0x79, 0xB5, 0xE1, 0x8F, 0x67, 0xD1, 0x34, ++ 0x1A, 0xC8, 0x23, 0x7A, 0x75, 0xC3, 0xCF, ++ 0xC9, 0x20, 0x04, 0xA1, 0xC5, 0xA4, 0x0E, ++ 0x36, 0x6B, 0xC4, 0x4D, 0x00, 0x17, 0x6A, ++ 0xF7, 0x1C, 0x15, 0xE4, 0x8C, 0x86, 0xD3, ++ 0x7E, 0x01, 0x37, 0x23, 0xCA, 0xAC, 0x72, ++ 0x23, 0xAB, 0x3B, 0xF4, 0xD5, 0x4F, 0x18, ++ 0x28, 0x71, 0x3B, 0x2B, 0x4A, 0x6F, 0xE4, ++ 0x0F, 0xAB, 0x74, 0x40, 0x5C, 0xB7, 0x38, ++ 0xB0, 0x64, 0xC0, 0x6E, 0xCC, 0x76, 0xE9, ++ 0xEF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ++ 0xFF, 0xFF ++}; ++ ++const gnutls_datum_t gnutls_modp_8192_group_prime = { ++ (void *) modp_params_8192, sizeof(modp_params_8192) ++}; ++const gnutls_datum_t gnutls_modp_8192_group_q = { ++ (void *) modp_q_8192, sizeof(modp_q_8192) ++}; ++const gnutls_datum_t gnutls_modp_8192_group_generator = { ++ (void *) &modp_generator, sizeof(modp_generator) ++}; ++const unsigned int gnutls_modp_8192_key_bits = 512; ++ + #endif +diff --git a/lib/dh.h b/lib/dh.h +index 9f3dc2a70..a64a4eb5e 100644 +--- a/lib/dh.h ++++ b/lib/dh.h +@@ -31,4 +31,33 @@ _gnutls_figure_dh_params(gnutls_session_t session, gnutls_dh_params_t dh_params, + + int _gnutls_set_cred_dh_params(gnutls_dh_params_t *cparams, gnutls_sec_param_t sec_param); + ++/* The static parameters defined in RFC 3526, used for the approved ++ * primes check in SP800-56A (Appendix D). ++ */ ++ ++extern const gnutls_datum_t gnutls_modp_8192_group_prime; ++extern const gnutls_datum_t gnutls_modp_8192_group_q; ++extern const gnutls_datum_t gnutls_modp_8192_group_generator; ++extern const unsigned int gnutls_modp_8192_key_bits; ++ ++extern const gnutls_datum_t gnutls_modp_6144_group_prime; ++extern const gnutls_datum_t gnutls_modp_6144_group_q; ++extern const gnutls_datum_t gnutls_modp_6144_group_generator; ++extern const unsigned int gnutls_modp_6144_key_bits; ++ ++extern const gnutls_datum_t gnutls_modp_4096_group_prime; ++extern const gnutls_datum_t gnutls_modp_4096_group_q; ++extern const gnutls_datum_t gnutls_modp_4096_group_generator; ++extern const unsigned int gnutls_modp_4096_key_bits; ++ ++extern const gnutls_datum_t gnutls_modp_3072_group_prime; ++extern const gnutls_datum_t gnutls_modp_3072_group_q; ++extern const gnutls_datum_t gnutls_modp_3072_group_generator; ++extern const unsigned int gnutls_modp_3072_key_bits; ++ ++extern const gnutls_datum_t gnutls_modp_2048_group_prime; ++extern const gnutls_datum_t gnutls_modp_2048_group_q; ++extern const gnutls_datum_t gnutls_modp_2048_group_generator; ++extern const unsigned int gnutls_modp_2048_key_bits; ++ + #endif /* GNUTLS_LIB_DH_H */ +-- +2.26.2 + + +From 3f4532862bf9140976d970ab14e102cede61d1c7 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Fri, 26 Jun 2020 10:21:26 +0200 +Subject: [PATCH 2/2] dhe: check if DH params in SKE match the FIPS approved + algorithms + +SP800-56A rev. 3 restricts the FIPS compliant clients to use only +approved DH parameters, defined in RFC 7919 and RFC 3526. This adds a +check in the handling of ServerKeyExchange if DHE is negotiated. + +Signed-off-by: Daiki Ueno +--- + doc/credentials/Makefile.am | 24 ++++ + .../dhparams/rfc2409-group-1-768.pem | 5 + + .../dhparams/rfc2409-group-2-1024.pem | 5 + + .../dhparams/rfc3526-group-14-2048.pem | 8 ++ + .../dhparams/rfc3526-group-15-3072.pem | 11 ++ + .../dhparams/rfc3526-group-16-4096.pem | 13 ++ + .../dhparams/rfc3526-group-17-6144.pem | 19 +++ + .../dhparams/rfc3526-group-18-8192.pem | 24 ++++ + .../dhparams/rfc3526-group-5-1536.pem | 7 + + doc/credentials/dhparams/rfc5054-1024.pem | 5 + + doc/credentials/dhparams/rfc5054-1536.pem | 7 + + doc/credentials/dhparams/rfc5054-2048.pem | 8 ++ + doc/credentials/dhparams/rfc5054-3072.pem | 11 ++ + doc/credentials/dhparams/rfc5054-4096.pem | 13 ++ + doc/credentials/dhparams/rfc5054-6144.pem | 19 +++ + doc/credentials/dhparams/rfc5054-8192.pem | 24 ++++ + .../dhparams/rfc5114-group-22-1024.pem | 8 ++ + .../dhparams/rfc5114-group-23-2048.pem | 13 ++ + .../dhparams/rfc5114-group-24-2048.pem | 13 ++ + .../dhparams/rfc7919-ffdhe2048.pem | 8 ++ + .../dhparams/rfc7919-ffdhe3072.pem | 11 ++ + .../dhparams/rfc7919-ffdhe4096.pem | 14 ++ + .../dhparams/rfc7919-ffdhe6144.pem | 19 +++ + .../dhparams/rfc7919-ffdhe8192.pem | 24 ++++ + lib/auth/dh_common.c | 8 ++ + lib/dh-primes.c | 34 +++++ + lib/dh.h | 6 + + tests/Makefile.am | 2 + + tests/client-sign-md5-rep.c | 5 + + tests/dh-fips-approved.sh | 127 ++++++++++++++++++ + tests/utils.c | 58 ++++---- + 31 files changed, 521 insertions(+), 32 deletions(-) + create mode 100644 doc/credentials/dhparams/rfc2409-group-1-768.pem + create mode 100644 doc/credentials/dhparams/rfc2409-group-2-1024.pem + create mode 100644 doc/credentials/dhparams/rfc3526-group-14-2048.pem + create mode 100644 doc/credentials/dhparams/rfc3526-group-15-3072.pem + create mode 100644 doc/credentials/dhparams/rfc3526-group-16-4096.pem + create mode 100644 doc/credentials/dhparams/rfc3526-group-17-6144.pem + create mode 100644 doc/credentials/dhparams/rfc3526-group-18-8192.pem + create mode 100644 doc/credentials/dhparams/rfc3526-group-5-1536.pem + create mode 100644 doc/credentials/dhparams/rfc5054-1024.pem + create mode 100644 doc/credentials/dhparams/rfc5054-1536.pem + create mode 100644 doc/credentials/dhparams/rfc5054-2048.pem + create mode 100644 doc/credentials/dhparams/rfc5054-3072.pem + create mode 100644 doc/credentials/dhparams/rfc5054-4096.pem + create mode 100644 doc/credentials/dhparams/rfc5054-6144.pem + create mode 100644 doc/credentials/dhparams/rfc5054-8192.pem + create mode 100644 doc/credentials/dhparams/rfc5114-group-22-1024.pem + create mode 100644 doc/credentials/dhparams/rfc5114-group-23-2048.pem + create mode 100644 doc/credentials/dhparams/rfc5114-group-24-2048.pem + create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe2048.pem + create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe3072.pem + create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe4096.pem + create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe6144.pem + create mode 100644 doc/credentials/dhparams/rfc7919-ffdhe8192.pem + create mode 100755 tests/dh-fips-approved.sh + +diff --git a/doc/credentials/Makefile.am b/doc/credentials/Makefile.am +index ecdd57a10..25778856f 100644 +--- a/doc/credentials/Makefile.am ++++ b/doc/credentials/Makefile.am +@@ -31,3 +31,27 @@ EXTRA_DIST += srp-passwd.txt srp-tpasswd.conf + + EXTRA_DIST += psk-passwd.txt + ++EXTRA_DIST += \ ++ dhparams/rfc2409-group-1-768.pem \ ++ dhparams/rfc2409-group-2-1024.pem \ ++ dhparams/rfc3526-group-14-2048.pem \ ++ dhparams/rfc3526-group-15-3072.pem \ ++ dhparams/rfc3526-group-16-4096.pem \ ++ dhparams/rfc3526-group-17-6144.pem \ ++ dhparams/rfc3526-group-18-8192.pem \ ++ dhparams/rfc3526-group-5-1536.pem \ ++ dhparams/rfc5054-1024.pem \ ++ dhparams/rfc5054-1536.pem \ ++ dhparams/rfc5054-2048.pem \ ++ dhparams/rfc5054-3072.pem \ ++ dhparams/rfc5054-4096.pem \ ++ dhparams/rfc5054-6144.pem \ ++ dhparams/rfc5054-8192.pem \ ++ dhparams/rfc5114-group-22-1024.pem \ ++ dhparams/rfc5114-group-23-2048.pem \ ++ dhparams/rfc5114-group-24-2048.pem \ ++ dhparams/rfc7919-ffdhe2048.pem \ ++ dhparams/rfc7919-ffdhe3072.pem \ ++ dhparams/rfc7919-ffdhe4096.pem \ ++ dhparams/rfc7919-ffdhe6144.pem \ ++ dhparams/rfc7919-ffdhe8192.pem +diff --git a/doc/credentials/dhparams/rfc2409-group-1-768.pem b/doc/credentials/dhparams/rfc2409-group-1-768.pem +new file mode 100644 +index 000000000..33a617018 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc2409-group-1-768.pem +@@ -0,0 +1,5 @@ ++-----BEGIN DH PARAMETERS----- ++MGYCYQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5siUUoI ++eY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummOjYg//// ++//////8CAQI= ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc2409-group-2-1024.pem b/doc/credentials/dhparams/rfc2409-group-2-1024.pem +new file mode 100644 +index 000000000..bbfb1bfb6 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc2409-group-2-1024.pem +@@ -0,0 +1,5 @@ ++-----BEGIN DH PARAMETERS----- ++MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJRSgh5jjQE ++3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL/1y29Aa37e44a/ta ++iZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc3526-group-14-2048.pem b/doc/credentials/dhparams/rfc3526-group-14-2048.pem +new file mode 100644 +index 000000000..b15071532 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc3526-group-14-2048.pem +@@ -0,0 +1,8 @@ ++-----BEGIN DH PARAMETERS----- ++MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc3526-group-15-3072.pem b/doc/credentials/dhparams/rfc3526-group-15-3072.pem +new file mode 100644 +index 000000000..f27b77820 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc3526-group-15-3072.pem +@@ -0,0 +1,11 @@ ++-----BEGIN DH PARAMETERS----- ++MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS ++yv//////////AgEC ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc3526-group-16-4096.pem b/doc/credentials/dhparams/rfc3526-group-16-4096.pem +new file mode 100644 +index 000000000..a734b9050 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc3526-group-16-4096.pem +@@ -0,0 +1,13 @@ ++-----BEGIN DH PARAMETERS----- ++MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI ++ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O +++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI ++HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI= ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc3526-group-17-6144.pem b/doc/credentials/dhparams/rfc3526-group-17-6144.pem +new file mode 100644 +index 000000000..d8307bda3 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc3526-group-17-6144.pem +@@ -0,0 +1,19 @@ ++-----BEGIN DH PARAMETERS----- ++MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI ++ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O +++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI ++HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG ++3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU ++7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId ++A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha ++xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/ ++8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA ++JP//////////AgEC ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc3526-group-18-8192.pem b/doc/credentials/dhparams/rfc3526-group-18-8192.pem +new file mode 100644 +index 000000000..af54dd656 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc3526-group-18-8192.pem +@@ -0,0 +1,24 @@ ++-----BEGIN DH PARAMETERS----- ++MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI ++ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O +++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI ++HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG ++3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU ++7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId ++A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha ++xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/ ++8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R ++WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk ++ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw ++xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4 ++Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i ++aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU ++38gfVuiAuW5xYMmA3Zjt09///////////wIBAg== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc3526-group-5-1536.pem b/doc/credentials/dhparams/rfc3526-group-5-1536.pem +new file mode 100644 +index 000000000..44df6de65 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc3526-group-5-1536.pem +@@ -0,0 +1,7 @@ ++-----BEGIN DH PARAMETERS----- ++MIHHAoHBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR ++Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL ++/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7ORbPcIAfLihY78FmNpINhxV05pp ++Fj+o/STPX4NlXSPco62WHGLzViCFUrue1SkHcJaWbWcMNU5KvJgE8XRsCMojcyf/ ++/////////wIBAg== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5054-1024.pem b/doc/credentials/dhparams/rfc5054-1024.pem +new file mode 100644 +index 000000000..33aed9fab +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5054-1024.pem +@@ -0,0 +1,5 @@ ++-----BEGIN DH PARAMETERS----- ++MIGHAoGBAO6vCrmts43WnDP4CvqPxehgcmGHdf88C56iMUycJWV21nTfdJbqgdM4 ++O0gT1pLG4ODV2OJQuYvkjklcHWCJ2tFdx9e0YVTWts6O9K1psV1JglWbKXvPGIXF ++KfVmZg5X7GjtvDwFcmzAL9TL9Jduqpr9UTj+g3ZDW5/GHS/A6wbjAgEC ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5054-1536.pem b/doc/credentials/dhparams/rfc5054-1536.pem +new file mode 100644 +index 000000000..dc2db6b42 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5054-1536.pem +@@ -0,0 +1,7 @@ ++-----BEGIN DH PARAMETERS----- ++MIHHAoHBAJ3vPK+5OSd6sfEqhheke7vbpR30maxMgL7uqWFLGcxNX09fVW4ny95R ++xqlL5GB6KRVYkDug0PhDgLZVu5oi6NzfAop87Gfw0IE0sci5eYkUm2CeC+O6tj1H ++VIOB28Wx/HZOP0tT3Z2hFYv9PiucjPVu3wGVOTSWJ9sv1T0kt8SGZXcuQ31sf4zk ++QnNK98y3roN8Jkrjqb64f4ov6bi1KS5aAh//XpFHnoznoowkQsbzFRgPk0maI03P ++duP+0TX5uwIBAg== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5054-2048.pem b/doc/credentials/dhparams/rfc5054-2048.pem +new file mode 100644 +index 000000000..814e70ce6 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5054-2048.pem +@@ -0,0 +1,8 @@ ++-----BEGIN DH PARAMETERS----- ++MIIBCAKCAQEArGvbQTJKmpvxZt5eE4lYL69ytmUZh+4H/DGSlD21YFCjcynLtKCZ ++7YGT4HV3Z6E91SMSq0sDMQ3Nf0ip2gT9UOgIOWntt2ewz2CVF5oWOrNmGgX71fqq ++6CkYqZYvC5O4Vfl5k+yXXuqoDXQK2/T/dHNZ0EHVwz6nHSgeRGsUdzvKl7Q6I/uA ++Fna9IHpDbGSB8dK5B4cXRhpbnTLmiPh3SFRFI7UksNV9Xqd6J3XS7PoDLPvb9S+z ++eGFgJ5AE5Xrmr4dOcwPOUymczAQce8MI2CpWmPOo0MOCca41+Onb+7aUtcgD2J96 ++5DXeI21SX1R1m2XjcvzWjvIPpxEfnkr/cwIBAg== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5054-3072.pem b/doc/credentials/dhparams/rfc5054-3072.pem +new file mode 100644 +index 000000000..d84b2424a +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5054-3072.pem +@@ -0,0 +1,11 @@ ++-----BEGIN DH PARAMETERS----- ++MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS ++yv//////////AgEF ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5054-4096.pem b/doc/credentials/dhparams/rfc5054-4096.pem +new file mode 100644 +index 000000000..99ca4456b +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5054-4096.pem +@@ -0,0 +1,13 @@ ++-----BEGIN DH PARAMETERS----- ++MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI ++ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O +++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI ++HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQU= ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5054-6144.pem b/doc/credentials/dhparams/rfc5054-6144.pem +new file mode 100644 +index 000000000..97d8d21a9 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5054-6144.pem +@@ -0,0 +1,19 @@ ++-----BEGIN DH PARAMETERS----- ++MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI ++ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O +++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI ++HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG ++3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU ++7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId ++A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha ++xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/ ++8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA ++JP//////////AgEF ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5054-8192.pem b/doc/credentials/dhparams/rfc5054-8192.pem +new file mode 100644 +index 000000000..bb54575c7 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5054-8192.pem +@@ -0,0 +1,24 @@ ++-----BEGIN DH PARAMETERS----- ++MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb ++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft ++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT ++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh ++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq ++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM ++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq ++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI ++ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O +++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI ++HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG ++3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU ++7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId ++A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha ++xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/ ++8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R ++WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk ++ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw ++xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4 ++Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i ++aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU ++38gfVuiAuW5xYMmA3Zjt09///////////wIBEw== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5114-group-22-1024.pem b/doc/credentials/dhparams/rfc5114-group-22-1024.pem +new file mode 100644 +index 000000000..759afcb2f +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5114-group-22-1024.pem +@@ -0,0 +1,8 @@ ++-----BEGIN DH PARAMETERS----- ++MIIBCAKBgQCxC4+WoIDgHd6S3l6uXVTsUsmfvPsGo8aaap3KUtI7YWBz4oZ1oj0Y ++mDjvHi7mUsAT7LSuqQYRIySXXDzUm4O/rMvdfZDEvXCYSI6cIZpzck7/1vrlZEc4 +++qMaT/VbzMChUa9fDci0vUW/N982XBpl5oz9p21NpwjfH7K8LkpDcQKBgQCk0cvV ++w/00EmdlpELvuZkF+BBN0lisUH/WQGz/FCZtMSZv6h5cQVZLd35pD1UE8hMWAhe0 ++sBuIal6RVH+eJ0n01/vX07mpLuGQnQ0iY/gKdqaiTAh6CR9THb8KAWm2oorWYqTR ++jnOvoy13nVkY0IvIhY9Nzvl8KiSFXm7rIrOy5Q== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5114-group-23-2048.pem b/doc/credentials/dhparams/rfc5114-group-23-2048.pem +new file mode 100644 +index 000000000..d4f360ef2 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5114-group-23-2048.pem +@@ -0,0 +1,13 @@ ++-----BEGIN DH PARAMETERS----- ++MIICCgKCAQEArRB+HpEjqdDWYPqnlVnFH6INZOVoO5/RtUsVl7YdCnXm+hQd+VpW ++26+aPEB7od8V6z1oijCcGA4d5rhaEnSgpm0/gVKtasISkDfJ7e/aTfjZHo/vVbc5 ++S3rVt9C2wSIHyfmNEe002/bGugssi7wnvmoA4KC5xJcIs7+KMXCRiDaBKGEwvImF ++2xYC5xRBXZMwJ4Jzx94x79xzEPcSH9WgdBWYfZrcCkhtzfk6zEQyg4cxXXXhmMZB ++pIDNhqG55YfovmDmnMkosrnFIXLkEwQumyPxCw4W55djybU9z0uoCinj+3PBa451 ++uX7zY+L/ox9xz53lOE5xuBwKxN/+DBDmTwKCAQEArEAy708tmuOd8wtcj/2sUGze ++vnuJmYyvdIZqCM/k/+OmgkpOELmm8N2SHwGnDEr6q3OddwDCn1LFfbF8YgqGUr5e ++kAGo1mrXwXZpEBmZAkr00CcnWsE0i7inYtBSG8mK4kcVBCLqHtQJk51U2nRgzbX2 ++xrJQcXy+8YDrNBGOmNEZUppF1vg0Vm4wJeMWozDvu3eobwwasVsFGuPUKMj4rLcK ++gTcVC47rEOGD7dGZY93Z4mPkdwWJ72qiHn9fL/OBtTnM40CdE81Wavu0jWwBkYHh ++vP6UswJp7f5y/ptqpL17Wg8ccc//TBnEGOH27AF5gbwIfypwZbOEuJDTGR8r+g== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc5114-group-24-2048.pem b/doc/credentials/dhparams/rfc5114-group-24-2048.pem +new file mode 100644 +index 000000000..dc0211648 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc5114-group-24-2048.pem +@@ -0,0 +1,13 @@ ++-----BEGIN DH PARAMETERS----- ++MIICCQKCAQEAh6jmHbS2Zjz/u9GcZRlZmYzu9ghmDdDyXSzu1ENeOwDgDfjx1hlX ++1Pr330VhsqowFsPZETQJb6o79Cltgw6afCCeDGSXUXq9WoqdMGvPZ+2R+eZyW0dY ++wCLgse9Cdb97bFv8EdRfkIi5QfVOseWbuLw5oL8SMH9cT9twxYGyP3a2Osrhyqa3 ++kC1SUmc1SIoO8TxtmlG/pKs62DR3llJNjvahZ7WkGCXZZ+FE5RQFZCUcysuD5rSG ++9rPKP3lxUGAmwLhX9omWKFbe1AEKvQvmIcOjlgpU5xDDdfJjddcBQQOktUMwwZiv ++EmEW0iduEXFfaTh3+tfvCcrbCUrpHhoVlwKCAQA/syybcxNNCy53UGZg7b1ITKex ++jyHvIFQH9Hk6GguhJRDbwVB3vkY//0/tSqwLtVW+OmwbDGtHsbw3c79+jG9ikBIo +++MKMuxilWuMTQQAKZQGW+THHelfy3fRj5ensFEt3feYqqrioYorDdtKC1u04ZOZ5 ++gkKOvIMdFDSPby+Rk7UEWvJ2cWTh38lnwfs/LlWkvRv/6DucgNBSuYXRguoK2yo7 ++cxPT/hTISEseBSWIubfSu9LfAWGZ7NBuFVfNCRWzNTu7ZODsN3/QKDcN+StSx4kU ++KM3GfrYYS1I9HbJGwy9jB4SQ8A741kfRSNR5VFFeIyfP75jFgmZLTA9sxBZZ ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc7919-ffdhe2048.pem b/doc/credentials/dhparams/rfc7919-ffdhe2048.pem +new file mode 100644 +index 000000000..9b182b720 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc7919-ffdhe2048.pem +@@ -0,0 +1,8 @@ ++-----BEGIN DH PARAMETERS----- ++MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz +++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a ++87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 ++YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi ++7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD ++ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg== ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc7919-ffdhe3072.pem b/doc/credentials/dhparams/rfc7919-ffdhe3072.pem +new file mode 100644 +index 000000000..fb31ccda5 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc7919-ffdhe3072.pem +@@ -0,0 +1,11 @@ ++-----BEGIN DH PARAMETERS----- ++MIIBiAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz +++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a ++87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 ++YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi ++7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD ++ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3 ++7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32 ++nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu ++N///////////AgEC ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc7919-ffdhe4096.pem b/doc/credentials/dhparams/rfc7919-ffdhe4096.pem +new file mode 100644 +index 000000000..ad9f68b1e +--- /dev/null ++++ b/doc/credentials/dhparams/rfc7919-ffdhe4096.pem +@@ -0,0 +1,14 @@ ++-----BEGIN DH PARAMETERS----- ++MIICCAKCAgEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz +++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a ++87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 ++YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi ++7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD ++ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3 ++7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32 ++nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e ++8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx ++iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K ++zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eZV9q//////////8CAQI= ++-----END DH PARAMETERS----- ++ +diff --git a/doc/credentials/dhparams/rfc7919-ffdhe6144.pem b/doc/credentials/dhparams/rfc7919-ffdhe6144.pem +new file mode 100644 +index 000000000..d8239bb05 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc7919-ffdhe6144.pem +@@ -0,0 +1,19 @@ ++-----BEGIN DH PARAMETERS----- ++MIIDCAKCAwEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz +++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a ++87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 ++YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi ++7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD ++ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3 ++7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32 ++nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e ++8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx ++iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K ++zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq ++OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE ++HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj ++w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8 ++vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70 ++A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKc0OQO ++Zf//////////AgEC ++-----END DH PARAMETERS----- +diff --git a/doc/credentials/dhparams/rfc7919-ffdhe8192.pem b/doc/credentials/dhparams/rfc7919-ffdhe8192.pem +new file mode 100644 +index 000000000..4484cf885 +--- /dev/null ++++ b/doc/credentials/dhparams/rfc7919-ffdhe8192.pem +@@ -0,0 +1,24 @@ ++-----BEGIN DH PARAMETERS----- ++MIIECAKCBAEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz +++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a ++87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 ++YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi ++7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD ++ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3 ++7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32 ++nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e ++8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx ++iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K ++zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eDdkCC/1ktkUDbHpOZ30sOFMq ++OiO6RELK9T6mO7RUMpt2JMiRe91kscD9TLOOjDNMcBw6za0GV/zP7HGbH1w+TkYE ++HziBR/tM/bR3pSRx96mpaRC4VTIu22NA2KAO8JI1BRHjCr7B//njom5/sp+MGDAj ++w1h+ONoAd9m0dj5OS5Syu8GUxmUed8r5ku6qwCMqKBv2s6c5wSJhFoIK6NtYR6Z8 ++vvnJCRtGLVOM1ysDdGrnf15iKSwxFWKoRlBdyC24VDOK5J9SNclbkReMzy3Vys70 ++A+ydGBDGJysEWztx+dxrgNY/3UqOmtseaWKmlSbUMWHBpB1XDXk42tSkDjKcz/Rq ++qjatAEz2AMg4HkJaMdlRrmT9sj/OyVCdQ2h/62nt0cxeC4zDvfZLEO+GtjFCo6uI ++KVVbL3R8kyZlyywPHMAb1wIpOIg50q8F5FRQSseLdYKCKEbAujXDX1xZFgzARv2C ++UVQfxoychrAiu3CZh2pGDnRRqKkxCXA/7hwhfmw4JuUsUappHg5CPPyZ6eMWUMEh ++e2JIFs2tmpX51bgBlIjZwKCh/jB1pXfiMYP4HUo/L6RXHvyM4LqKT+i2hV3+crCm ++bt7S+6v75Yow+vq+HF1xqH4vdB74wf6G/qa7/eUwZ38Nl9EdSfeoRD0IIuUGqfRh ++TgEeKpSDj/iM1oyLt8XGQkz//////////wIBAg== ++-----END DH PARAMETERS----- +diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c +index 19c205bbe..252eea0cb 100644 +--- a/lib/auth/dh_common.c ++++ b/lib/auth/dh_common.c +@@ -257,6 +257,14 @@ _gnutls_proc_dh_common_server_kx(gnutls_session_t session, + } + } + ++#ifdef ENABLE_FIPS140 ++ if (gnutls_fips140_mode_enabled() && ++ !_gnutls_dh_prime_is_fips_approved(data_p, n_p, data_g, n_g)) { ++ gnutls_assert(); ++ return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; ++ } ++#endif ++ + if (_gnutls_mpi_init_scan_nz(&session->key.proto.tls12.dh.params.params[DH_G], data_g, _n_g) != 0) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; +diff --git a/lib/dh-primes.c b/lib/dh-primes.c +index 5d2dce0fb..a43a8e5de 100644 +--- a/lib/dh-primes.c ++++ b/lib/dh-primes.c +@@ -1893,4 +1893,38 @@ const gnutls_datum_t gnutls_modp_8192_group_generator = { + }; + const unsigned int gnutls_modp_8192_key_bits = 512; + ++unsigned ++_gnutls_dh_prime_is_fips_approved(const uint8_t *prime, ++ size_t prime_size, ++ const uint8_t *generator, ++ size_t generator_size) ++{ ++ static const struct { ++ const gnutls_datum_t *prime; ++ const gnutls_datum_t *generator; ++ } primes[] = { ++ { &gnutls_ffdhe_8192_group_prime, &gnutls_ffdhe_8192_group_generator }, ++ { &gnutls_ffdhe_6144_group_prime, &gnutls_ffdhe_6144_group_generator }, ++ { &gnutls_ffdhe_4096_group_prime, &gnutls_ffdhe_4096_group_generator }, ++ { &gnutls_ffdhe_3072_group_prime, &gnutls_ffdhe_3072_group_generator }, ++ { &gnutls_ffdhe_2048_group_prime, &gnutls_ffdhe_2048_group_generator }, ++ { &gnutls_modp_8192_group_prime, &gnutls_modp_8192_group_generator }, ++ { &gnutls_modp_6144_group_prime, &gnutls_modp_6144_group_generator }, ++ { &gnutls_modp_4096_group_prime, &gnutls_modp_4096_group_generator }, ++ { &gnutls_modp_3072_group_prime, &gnutls_modp_3072_group_generator }, ++ { &gnutls_modp_2048_group_prime, &gnutls_modp_2048_group_generator }, ++ }; ++ size_t i; ++ ++ for (i = 0; i < sizeof(primes) / sizeof(primes[0]); i++) { ++ if (primes[i].prime->size == prime_size && ++ memcmp(primes[i].prime->data, prime, primes[i].prime->size) == 0 && ++ primes[i].generator->size == generator_size && ++ memcmp(primes[i].generator->data, generator, primes[i].generator->size) == 0) ++ return 1; ++ } ++ ++ return 0; ++} ++ + #endif +diff --git a/lib/dh.h b/lib/dh.h +index a64a4eb5e..672451947 100644 +--- a/lib/dh.h ++++ b/lib/dh.h +@@ -60,4 +60,10 @@ extern const gnutls_datum_t gnutls_modp_2048_group_q; + extern const gnutls_datum_t gnutls_modp_2048_group_generator; + extern const unsigned int gnutls_modp_2048_key_bits; + ++unsigned ++_gnutls_dh_prime_is_fips_approved(const uint8_t *prime, ++ size_t prime_size, ++ const uint8_t *generator, ++ size_t generator_size); ++ + #endif /* GNUTLS_LIB_DH_H */ +diff --git a/tests/Makefile.am b/tests/Makefile.am +index 7cdf828e0..13d7ba385 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -522,6 +522,8 @@ endif + + dist_check_SCRIPTS += gnutls-cli-self-signed.sh gnutls-cli-invalid-crl.sh gnutls-cli-rawpk.sh + ++dist_check_SCRIPTS += dh-fips-approved.sh ++ + if ENABLE_PKCS11 + dist_check_SCRIPTS += p11-kit-trust.sh testpkcs11.sh certtool-pkcs11.sh + +diff --git a/tests/client-sign-md5-rep.c b/tests/client-sign-md5-rep.c +index 1c7877fbd..b1ad46ce9 100644 +--- a/tests/client-sign-md5-rep.c ++++ b/tests/client-sign-md5-rep.c +@@ -468,6 +468,11 @@ void doit(void) + int sockets[2]; + int err; + ++ /* tls1_hello contains ServerKeyExchange with custom DH ++ * parameters */ ++ if (gnutls_fips140_mode_enabled()) ++ exit(77); ++ + signal(SIGPIPE, SIG_IGN); + + err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets); +diff --git a/tests/dh-fips-approved.sh b/tests/dh-fips-approved.sh +new file mode 100755 +index 000000000..136dd15f3 +--- /dev/null ++++ b/tests/dh-fips-approved.sh +@@ -0,0 +1,127 @@ ++#!/bin/sh ++ ++# Copyright (C) 2017 Nikos Mavrogiannopoulos ++# ++# Author: Nikos Mavrogiannopoulos ++# ++# This file is part of GnuTLS. ++# ++# GnuTLS is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation; either version 3 of the License, or (at ++# your option) any later version. ++# ++# GnuTLS is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++# You should have received a copy of the GNU Lesser General Public License ++# along with this program. If not, see ++ ++srcdir="${srcdir:-.}" ++SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" ++CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" ++unset RETCODE ++ ++if ! test -x "${SERV}"; then ++ exit 77 ++fi ++ ++if ! test -x "${CLI}"; then ++ exit 77 ++fi ++ ++if test "${WINDIR}" != ""; then ++ exit 77 ++fi ++ ++if ! test -z "${VALGRIND}"; then ++ VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" ++fi ++ ++ ++SERV="${SERV} -q" ++ ++. "${srcdir}/scripts/common.sh" ++ ++KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem ++CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem ++CA1=${srcdir}/../doc/credentials/x509/ca.pem ++ ++ALLOWED_PARAMS=" ++rfc3526-group-14-2048 ++rfc3526-group-15-3072 ++rfc3526-group-16-4096 ++rfc3526-group-17-6144 ++rfc3526-group-18-8192 ++rfc7919-ffdhe2048 ++rfc7919-ffdhe3072 ++rfc7919-ffdhe4096 ++rfc7919-ffdhe6144 ++rfc7919-ffdhe8192 ++" ++ ++DISALLOWED_PARAMS=" ++rfc2409-group-2-1024 ++rfc3526-group-5-1536 ++rfc5054-1024 ++rfc5054-1536 ++rfc5054-2048 ++rfc5054-3072 ++rfc5054-4096 ++rfc5054-6144 ++rfc5054-8192 ++rfc5114-group-22-1024 ++rfc5114-group-23-2048 ++rfc5114-group-24-2048 ++" ++ ++OPTS="--priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+DHE-RSA:+AES-128-GCM:-GROUP-ALL" ++ ++for params in $ALLOWED_PARAMS; do ++ echo "Checking with approved DH params: $params" ++ ++ PARAMS=${srcdir}/../doc/credentials/dhparams/${params}.pem ++ ++ eval "${GETPORT}" ++ launch_server $$ ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS} ++ PID=$! ++ wait_server ${PID} ++ ++ ${VALGRIND} "${CLI}" ${OPTS} -p "${PORT}" 127.0.0.1 --verify-hostname=localhost --x509cafile ${CA1} /dev/null || \ ++ fail ${PID} "handshake should have succeeded!" ++ ++ kill ${PID} ++ wait ++done ++ ++for params in $DISALLOWED_PARAMS; do ++ echo "Checking with non-approved DH params: $params" ++ ++ PARAMS=${srcdir}/../doc/credentials/dhparams/${params}.pem ++ ++ eval "${GETPORT}" ++ launch_server $$ ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS} ++ PID=$! ++ wait_server ${PID} ++ ++ ${VALGRIND} "${CLI}" ${OPTS} -p "${PORT}" 127.0.0.1 --verify-hostname=localhost --x509cafile ${CA1} /dev/null ++ ++ RET=$? ++ ++ if test $RET -eq 0; then ++ if test "${GNUTLS_FORCE_FIPS_MODE}" = 1; then ++ fail ${PID} "handshake should have failed (FIPS mode 1)!" ++ fi ++ else ++ if test "${GNUTLS_FORCE_FIPS_MODE}" != 1; then ++ fail ${PID} "handshake should have succeeded (FIPS mode 0)!" ++ fi ++ fi ++ ++ kill ${PID} ++ wait ++done ++ ++exit 0 +diff --git a/tests/utils.c b/tests/utils.c +index 9186a1757..60cd79b35 100644 +--- a/tests/utils.c ++++ b/tests/utils.c +@@ -50,47 +50,41 @@ int debug = 0; + int error_count = 0; + int break_on_error = 0; + ++/* doc/credentials/dhparams/rfc3526-group-14-2048.pem */ + const char *pkcs3 = + "-----BEGIN DH PARAMETERS-----\n" +- "MIGGAoGAtkxw2jlsVCsrfLqxrN+IrF/3W8vVFvDzYbLmxi2GQv9s/PQGWP1d9i22\n" +- "P2DprfcJknWt7KhCI1SaYseOQIIIAYP78CfyIpGScW/vS8khrw0rlQiyeCvQgF3O\n" +- "GeGOEywcw+oQT4SmFOD7H0smJe2CNyjYpexBXQ/A0mbTF9QKm1cCAQU=\n" ++ "MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb\n" ++ "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft\n" ++ "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT\n" ++ "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh\n" ++ "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq\n" ++ "5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==\n" + "-----END DH PARAMETERS-----\n"; + ++/* doc/credentials/dhparams/rfc7919-ffdhe2048.pem */ + const char *pkcs3_2048 = + "-----BEGIN DH PARAMETERS-----\n" +- "MIICDgKCAQEAvVNCqM8M9ZoVYBKEkV2KN8ELHHJ75aTZiK9z6170iKSgbITkOxsd\n" +- "aBCLzHZd7d6/2aNofUeuWdDGHm73d8v53ma2HRVCNESeC2LKsEDFG9FjjUeugvfl\n" +- "zb85TLZwWT9Lb35Ddhdk7CtxoukjS0/JkCE+8RGzmk5+57N8tNffs4aSSHSe4+cw\n" +- "i4wULDxiG2p052czAMP3YR5egWvMuiByhy0vKShiZmOy1/Os5r6E/GUF+298gDjG\n" +- "OeaEUF9snrTcoBwB4yNjVSEbuAh5fMd5zFtz2+dzrk9TYZ44u4DQYkgToW05WcmC\n" +- "+LG0bLAH6lrJR5OMgyheZEo6F20z/d2yyQKCAQEAtzcuTHW61SFQiDRouk6eD0Yx\n" +- "0k1RJdaQdlRf6/Dcc6lEqnbezL90THzvxkBwfJ5jG1VZE7JlVCvLRkBtgb0/6SCf\n" +- "MATfEKG2JMOnKsJxvidmKEp4uN32LketXRrrEBl7rS+HABEfKAzqx+J6trBaq25E\n" +- "7FVJFsyoa8IL8N8YUWwhE2UuEfmiqQQaeoIUYC/xD2arMXn9N0W84Nyy2S9IL4ct\n" +- "e3Azi1Wc8MMfpbxxDRxXCnM2uMkLYWs1lQmcUUX+Uygv3P8lgS+RJ1Pi3+BWMx0S\n" +- "ocsZXqOr6dbEF1WOLObQRK7h/MZp80iVUyrBgX0MbVFN9M5i2u4KKTG95VKRtgIC\n" +- "AQA=\n" "-----END DH PARAMETERS-----\n"; ++ "MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" ++ "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" ++ "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" ++ "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" ++ "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" ++ "ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==\n" ++ "-----END DH PARAMETERS-----\n"; + ++/* doc/credentials/dhparams/rfc7919-ffdhe3072.pem */ + const char *pkcs3_3072 = + "-----BEGIN DH PARAMETERS-----\n" +- "MIIDDgKCAYEAtRUay8nDgwE5dSVzW525wEu/d0vrFolvYJSevxg2myj5S+gr3Fgq\n" +- "OGaZc4zrBxkxsELc7GuCqaXSOWL4yobT8N05yGbYWkWRPf4crRMx3P7/Gba9WsmH\n" +- "BlL71uPf1IN9CanAlabkhV89RKiYaCpUI19+/sq+N2dO874ToBZCNhxZnTgRZ+po\n" +- "Gdr6XWM0lQ8imIKSer0px3ZHI+/5gmyPry35tGpwlbyclJAg3wlTSdnqDcLxq7AF\n" +- "OZ23PzC3ij7SFErOX9EFBdS2bjtU47O3OkPc9EIYMEv5nwnXICLHslwVifmURAjV\n" +- "LfpObL8LYGN4Gac4tFxuDa0PMg0ES5ADugYBwdRFTAtCy5WOYXINzAAOrH9MommT\n" +- "rMkELf7JOCaV2ktBsvTlrgMAXeyqbf2YSG6CGjj4QnUuqPybSgwPru7VlahsS2lo\n" +- "qjutBPpgIxS53o97Wi3V5kQedKJiNuIDNnJMFNuTADAM+OYwClTH7ZSwTsxEgVpr\n" +- "tMH+WnTI7KTJAoIBgQCrELwIUB4oNbf0x+fIpVndhDpl/WcFc/lDtmiRuym5gWbb\n" +- "NPeI+1rdhnS2R3+nCJODFQTcPNMgIJuSu2EnDCSs5xJ2k08SAgSzyxEdjBpY7qJe\n" +- "+lJPJ12zhcl0vgcvMhb/YgqVe2MKz0RvnYZPwHM/aJbjYjq/6OpK3fVw4M1ZccBK\n" +- "QD4OHK8HOvGU7Wf6kRIcxUlfn15spMCIsrAZQBddWLmQgktsxJNUS+AnaPwTBoOv\n" +- "nGCr1vzw8OS1DtS03VCmtqt3otXhJ3D2oCIG6ogxVAKfHR30KIfzZLBfmCjdzHmH\n" +- "x4OwYTN1wy5juA438QtiDtcgK60ZqSzQO08ZklRncA/TkkyEH6kPn5KSh/hW9O3D\n" +- "KZeAY/KF0/Bc1XNtqPEYFb7Vo3rbTsyjXkICN1Hk9S0OIKL42K7rWBepO9KuddSd\n" +- "aXgH9staP0HXCyyW1VAyqo0TwcWDhE/R7IQQGGwGyd4rD0T+ySW/t09ox23O6X8J\n" +- "FSp6mOVNcuvhB5U2gW8CAgEA\n" "-----END DH PARAMETERS-----\n"; ++ "MIIBiAKCAYEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz\n" ++ "+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a\n" ++ "87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7\n" ++ "YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi\n" ++ "7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD\n" ++ "ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3\n" ++ "7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32\n" ++ "nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZsYu\n" ++ "N///////////AgEC\n" ++ "-----END DH PARAMETERS-----\n"; + + void _fail(const char *format, ...) + { +-- +2.26.2 + diff --git a/SOURCES/gnutls-3.6.14-memcmp.patch b/SOURCES/gnutls-3.6.14-memcmp.patch new file mode 100644 index 0000000..a211c97 --- /dev/null +++ b/SOURCES/gnutls-3.6.14-memcmp.patch @@ -0,0 +1,131 @@ +From 9acc0f68320db4c7c6dadacb974e77c7fbca72a7 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Sun, 21 Jun 2020 16:03:54 +0200 +Subject: [PATCH] safe_memcmp: remove in favor of gnutls_memcmp + +Signed-off-by: Daiki Ueno +--- + lib/accelerated/x86/aes-xts-x86-aesni.c | 2 +- + lib/ext/pre_shared_key.c | 2 +- + lib/mem.h | 9 --------- + lib/nettle/cipher.c | 8 ++++---- + lib/tls13/finished.c | 2 +- + lib/x509/x509.c | 3 ++- + 6 files changed, 9 insertions(+), 17 deletions(-) + +diff --git a/lib/accelerated/x86/aes-xts-x86-aesni.c b/lib/accelerated/x86/aes-xts-x86-aesni.c +index 3371d0812..b904cbf00 100644 +--- a/lib/accelerated/x86/aes-xts-x86-aesni.c ++++ b/lib/accelerated/x86/aes-xts-x86-aesni.c +@@ -72,7 +72,7 @@ x86_aes_xts_cipher_setkey(void *_ctx, const void *userkey, size_t keysize) + + /* Check key block according to FIPS-140-2 IG A.9 */ + if (_gnutls_fips_mode_enabled()){ +- if (safe_memcmp(key, key + (keysize / 2), keysize / 2) == 0) { ++ if (gnutls_memcmp(key, key + (keysize / 2), keysize / 2) == 0) { + _gnutls_switch_lib_state(LIB_STATE_ERROR); + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + } +diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c +index fef67d341..240be2162 100644 +--- a/lib/ext/pre_shared_key.c ++++ b/lib/ext/pre_shared_key.c +@@ -650,7 +650,7 @@ static int server_recv_params(gnutls_session_t session, + } + + if (_gnutls_mac_get_algo_len(prf) != binder_recvd.size || +- safe_memcmp(binder_value, binder_recvd.data, binder_recvd.size)) { ++ gnutls_memcmp(binder_value, binder_recvd.data, binder_recvd.size)) { + gnutls_assert(); + ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + goto fail; +diff --git a/lib/mem.h b/lib/mem.h +index dc838a2b4..d3eea97a4 100644 +--- a/lib/mem.h ++++ b/lib/mem.h +@@ -35,15 +35,6 @@ char *_gnutls_strdup(const char *); + + unsigned _gnutls_mem_is_zero(const uint8_t *ptr, unsigned size); + +-/* To avoid undefined behavior when s1 or s2 are null and n = 0 */ +-inline static +-int safe_memcmp(const void *s1, const void *s2, size_t n) +-{ +- if (n == 0) +- return 0; +- return memcmp(s1, s2, n); +-} +- + #define zrelease_mpi_key(mpi) if (*mpi!=NULL) { \ + _gnutls_mpi_clear(*mpi); \ + _gnutls_mpi_release(mpi); \ +diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c +index b0a52deb5..ec0c1ab04 100644 +--- a/lib/nettle/cipher.c ++++ b/lib/nettle/cipher.c +@@ -482,7 +482,7 @@ _xts_aes128_set_encrypt_key(struct xts_aes128_key *xts_key, + const uint8_t *key) + { + if (_gnutls_fips_mode_enabled() && +- safe_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) ++ gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) + _gnutls_switch_lib_state(LIB_STATE_ERROR); + + xts_aes128_set_encrypt_key(xts_key, key); +@@ -493,7 +493,7 @@ _xts_aes128_set_decrypt_key(struct xts_aes128_key *xts_key, + const uint8_t *key) + { + if (_gnutls_fips_mode_enabled() && +- safe_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) ++ gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) + _gnutls_switch_lib_state(LIB_STATE_ERROR); + + xts_aes128_set_decrypt_key(xts_key, key); +@@ -504,7 +504,7 @@ _xts_aes256_set_encrypt_key(struct xts_aes256_key *xts_key, + const uint8_t *key) + { + if (_gnutls_fips_mode_enabled() && +- safe_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) ++ gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) + _gnutls_switch_lib_state(LIB_STATE_ERROR); + + xts_aes256_set_encrypt_key(xts_key, key); +@@ -515,7 +515,7 @@ _xts_aes256_set_decrypt_key(struct xts_aes256_key *xts_key, + const uint8_t *key) + { + if (_gnutls_fips_mode_enabled() && +- safe_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) ++ gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) + _gnutls_switch_lib_state(LIB_STATE_ERROR); + + xts_aes256_set_decrypt_key(xts_key, key); +diff --git a/lib/tls13/finished.c b/lib/tls13/finished.c +index 68eab993e..ec646e673 100644 +--- a/lib/tls13/finished.c ++++ b/lib/tls13/finished.c +@@ -112,7 +112,7 @@ int _gnutls13_recv_finished(gnutls_session_t session) + #if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) + # warning This is unsafe for production builds + #else +- if (safe_memcmp(verifier, buf.data, buf.length) != 0) { ++ if (gnutls_memcmp(verifier, buf.data, buf.length) != 0) { + gnutls_assert(); + ret = GNUTLS_E_ERROR_IN_FINISHED_PACKET; + goto cleanup; +diff --git a/lib/x509/x509.c b/lib/x509/x509.c +index 2091f3ae6..2b68fe440 100644 +--- a/lib/x509/x509.c ++++ b/lib/x509/x509.c +@@ -360,7 +360,8 @@ static int compare_sig_algorithm(gnutls_x509_crt_t cert) + } + + if (empty1 != empty2 || +- sp1.size != sp2.size || safe_memcmp(sp1.data, sp2.data, sp1.size) != 0) { ++ sp1.size != sp2.size || ++ (sp1.size > 0 && memcmp(sp1.data, sp2.data, sp1.size) != 0)) { + gnutls_assert(); + ret = GNUTLS_E_CERTIFICATE_ERROR; + goto cleanup; +-- +2.26.2 + diff --git a/SPECS/gnutls.spec b/SPECS/gnutls.spec index d4caf4b..357a95b 100644 --- a/SPECS/gnutls.spec +++ b/SPECS/gnutls.spec @@ -1,10 +1,13 @@ Version: 3.6.14 -Release: 3%{?dist} +Release: 5%{?dist} Patch1: gnutls-3.2.7-rpath.patch Patch2: gnutls-3.6.4-no-now-guile.patch Patch3: gnutls-3.6.13-enable-intel-cet.patch Patch4: gnutls-3.6.14-autogen-int.patch Patch5: gnutls-3.6.14-fips-mode-check.patch +Patch6: gnutls-3.6.14-fips-dh-primes.patch +Patch7: gnutls-3.6.14-memcmp.patch +Patch8: gnutls-3.6.14-fips-dh-check.patch %bcond_without dane %if 0%{?rhel} %bcond_with guile @@ -288,6 +291,12 @@ fi %endif %changelog +* Sat Jul 18 2020 Daiki Ueno - 3.6.14-5 +- Perform validation checks on (EC)DH public keys and share secrets (#1855803) + +* Mon Jun 29 2020 Daiki Ueno - 3.6.14-4 +- Tighten FIPS DH primes check according to SP800-56A (rev 3) (#1849079) + * Fri Jun 5 2020 Daiki Ueno - 3.6.14-3 - Update gnutls-3.6.14-fips-mode-check.patch