mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 21:13:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

endecode_test.c: Significant speedup in generating DH and DHX keys

Browse Source 
Fixes #13495

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13552)
This commit is contained in:
Dr. David von Oheimb 2020-11-27 22:03:29 +01:00
parent 6568d7a931
commit 5658470ce7
6 changed files with 243 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
test/build.info
View File

@ -700,7 +700,7 @@ IF[{- !$disabled{tests} -}]
INCLUDE[mdc2_internal_test]=.. ../include ../apps/include
DEPEND[mdc2_internal_test]=../libcrypto.a libtestutil.a
SOURCE[ssltest_old]=ssltest_old.c
SOURCE[ssltest_old]=ssltest_old.c predefined_dhparams.c
INCLUDE[ssltest_old]=.. ../include ../apps/include
DEPEND[ssltest_old]=../libcrypto.a ../libssl.a
ENDIF
@ -789,7 +789,7 @@ IF[{- !$disabled{tests} -}]
DEPEND[hexstr_test]=../libcrypto.a libtestutil.a
PROGRAMS{noinst}=endecode_test
SOURCE[endecode_test]=endecode_test.c
SOURCE[endecode_test]=endecode_test.c predefined_dhparams.c
INCLUDE[endecode_test]=.. ../include ../apps/include
DEPEND[endecode_test]=../libcrypto.a libtestutil.a

19
test/endecode_test.c
View File

@ -22,6 +22,7 @@
#include "internal/cryptlib.h" /* ossl_assert */
#include "crypto/pem.h" /* For PVK and "blob" PEM headers */
#include "predefined_dhparams.h"
#include "testutil.h"
#ifndef OPENSSL_NO_EC
@ -42,13 +43,21 @@ static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
{
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
EVP_PKEY_CTX *ctx = NULL;
#ifndef OPENSSL_NO_DH
/* use DH(X) keys with predetermined parameters for efficiency */
if (strcmp(type, "DH") == 0)
return get_dh512(NULL);
if (strcmp(type, "X9.42 DH") == 0)
return get_dhx512(NULL);
#endif
/*
* No real need to check the errors other than for the cascade
* effect. |pkey| will simply remain NULL if something goes wrong.
*/
(void)(ctx != NULL
(void)((ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL)) != NULL
&& EVP_PKEY_paramgen_init(ctx) > 0
&& (genparams == NULL
|| EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
@ -1193,9 +1202,11 @@ int setup_tests(void)
#ifndef OPENSSL_NO_DH
MAKE_DOMAIN_KEYS(DH, "DH", NULL);
MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
TEST_info("Generating keys...DH done");
#endif
#ifndef OPENSSL_NO_DSA
MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
TEST_info("Generating keys...DSA done");
#endif
#ifndef OPENSSL_NO_EC
MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
@ -1209,10 +1220,12 @@ int setup_tests(void)
MAKE_KEYS(ED448, "ED448", NULL);
MAKE_KEYS(X25519, "X25519", NULL);
MAKE_KEYS(X448, "X448", NULL);
TEST_info("Generating keys...EC done");
#endif
MAKE_KEYS(RSA, "RSA", NULL);
TEST_info("Generating keys...RSA done");
MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
TEST_info("Generating key... done");
TEST_info("Generating keys...RSA_PSS done");
if (ok) {
#ifndef OPENSSL_NO_DH

172
test/predefined_dhparams.c Normal file
View File

@ -0,0 +1,172 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/evp.h>
#include <openssl/core_names.h>
#include <openssl/param_build.h>
#include "predefined_dhparams.h"
#ifndef OPENSSL_NO_DH
static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type,
BIGNUM *p, BIGNUM *g, BIGNUM *q)
{
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(libctx, type, NULL);
OSSL_PARAM_BLD *tmpl = NULL;
OSSL_PARAM *params = NULL;
EVP_PKEY *dhpkey = NULL;
if (pctx == NULL || !EVP_PKEY_key_fromdata_init(pctx))
goto err;
if ((tmpl = OSSL_PARAM_BLD_new()) == NULL
|| !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
|| !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g)
|| (q != NULL
&& !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q)))
goto err;
params = OSSL_PARAM_BLD_to_param(tmpl);
if (params == NULL || !EVP_PKEY_fromdata(pctx, &dhpkey, params))
goto err;
err:
EVP_PKEY_CTX_free(pctx);
OSSL_PARAM_BLD_free_params(params);
OSSL_PARAM_BLD_free(tmpl);
return dhpkey;
}
static EVP_PKEY *get_dh_from_pg(OSSL_LIB_CTX *libctx, const char *type,
unsigned char *pdata, size_t plen,
unsigned char *gdata, size_t glen,
unsigned char *qdata, size_t qlen)
{
EVP_PKEY *dhpkey = NULL;
BIGNUM *p = NULL, *g = NULL, *q = NULL;
p = BN_bin2bn(pdata, plen, NULL);
g = BN_bin2bn(gdata, glen, NULL);
if (p == NULL || g == NULL)
goto err;
if (qdata != NULL && (q = BN_bin2bn(qdata, qlen, NULL)) == NULL)
goto err;
dhpkey = get_dh_from_pg_bn(libctx, type, p, g, q);
err:
BN_free(p);
BN_free(g);
BN_free(q);
return dhpkey;
}
EVP_PKEY *get_dh512(OSSL_LIB_CTX *libctx)
{
static unsigned char dh512_p[] = {
0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 0xC6,
0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 0xB0,
0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 0x5F,
0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 0xB8,
0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 0x33,
0x02, 0xC5, 0xAE, 0x23,
};
static unsigned char dh512_g[] = {
0x02,
};
return get_dh_from_pg(libctx, "DH", dh512_p, sizeof(dh512_p),
dh512_g, sizeof(dh512_g), NULL, 0);
}
EVP_PKEY *get_dhx512(OSSL_LIB_CTX *libctx)
{
static unsigned char dhx512_p[] = {
0x00, 0xe8, 0x1a, 0xb7, 0x9a, 0x02, 0x65, 0x64, 0x94, 0x7b, 0xba, 0x09,
0x1c, 0x12, 0x27, 0x1e, 0xea, 0x89, 0x32, 0x64, 0x78, 0xf8, 0x1c, 0x78,
0x8e, 0x96, 0xc3, 0xc6, 0x9f, 0x41, 0x05, 0x41, 0x65, 0xae, 0xe3, 0x05,
0xea, 0x66, 0x21, 0xf7, 0x38, 0xb7, 0x2b, 0x32, 0x40, 0x5a, 0x14, 0x86,
0x51, 0x94, 0xb1, 0xcf, 0x01, 0xe3, 0x27, 0x28, 0xf6, 0x75, 0xa3, 0x15,
0xbb, 0x12, 0x4d, 0x99, 0xe7,
};
static unsigned char dhx512_g[] = {
0x00, 0x91, 0xc1, 0x43, 0x6d, 0x0d, 0xb0, 0xa4, 0xde, 0x41, 0xb7, 0x93,
0xad, 0x51, 0x94, 0x1b, 0x43, 0xd8, 0x42, 0xf1, 0x5e, 0x46, 0x83, 0x5d,
0xf1, 0xd1, 0xf0, 0x41, 0x10, 0xd1, 0x1c, 0x5e, 0xad, 0x9b, 0x68, 0xb1,
0x6f, 0xf5, 0x8e, 0xaa, 0x6d, 0x71, 0x88, 0x37, 0xdf, 0x05, 0xf7, 0x6e,
0x7a, 0xb4, 0x25, 0x10, 0x6c, 0x7f, 0x38, 0xb4, 0xc8, 0xfc, 0xcc, 0x0c,
0x6a, 0x02, 0x08, 0x61, 0xf6,
};
static unsigned char dhx512_q[] = {
0x00, 0xdd, 0xf6, 0x35, 0xad, 0xfa, 0x70, 0xc7, 0xe7, 0xa8, 0xf0, 0xe3,
0xda, 0x79, 0x34, 0x3f, 0x5b, 0xcf, 0x73, 0x82, 0x91,
};
return get_dh_from_pg(libctx, "X9.42 DH",
dhx512_p, sizeof(dhx512_p),
dhx512_g, sizeof(dhx512_g),
dhx512_q, sizeof(dhx512_q));
}
EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libctx)
{
static unsigned char dh1024_p[] = {
0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00,
0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19,
0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2,
0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55,
0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC,
0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97,
0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D,
0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB,
0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6,
0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E,
0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
};
static unsigned char dh1024_g[] = {
0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05,
0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3,
0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9,
0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C,
0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65,
0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60,
0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6,
0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7,
0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1,
0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60,
0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
};
return get_dh_from_pg(libctx, "DH", dh1024_p, sizeof(dh1024_p),
dh1024_g, sizeof(dh1024_g), NULL, 0);
}
EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx)
{
BIGNUM *p = NULL, *g = NULL;
EVP_PKEY *dhpkey = NULL;
g = BN_new();
if (g == NULL || !BN_set_word(g, 2))
goto err;
p = BN_get_rfc3526_prime_2048(NULL);
if (p == NULL)
goto err;
dhpkey = get_dh_from_pg_bn(libctx, "DH", p, g, NULL);
err:
BN_free(p);
BN_free(g);
return dhpkey;
}
#endif

17
test/predefined_dhparams.h Normal file
View File

@ -0,0 +1,17 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/evp.h>
#ifndef OPENSSL_NO_DH
EVP_PKEY *get_dh512(OSSL_LIB_CTX *libctx);
EVP_PKEY *get_dhx512(OSSL_LIB_CTX *libctx);
EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libct);
EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx);
#endif

28
test/recipes/80-test_ssl_old.t
View File

@ -391,8 +391,14 @@ sub testssl {
'test sslv2/sslv3 w/o (EC)DHE via BIO pair');
}
ok(run(test([@ssltest, "-bio_pair", "-dhe1024dsa", "-v"])),
'test sslv2/sslv3 with 1024bit DHE via BIO pair');
SKIP: {
skip "skipping dhe1024dsa test", 1
if ($no_dh);
ok(run(test([@ssltest, "-bio_pair", "-dhe1024dsa", "-v"])),
'test sslv2/sslv3 with 1024bit DHE via BIO pair');
}
ok(run(test([@ssltest, "-bio_pair", "-server_auth", @CA])),
'test sslv2/sslv3 with server authentication');
ok(run(test([@ssltest, "-bio_pair", "-client_auth", @CA])),
@ -499,12 +505,18 @@ sub testssl {
}
}
next if $protocol eq "-tls1_3";
is(run(test([@ssltest,
"-s_cipher", "EDH",
"-c_cipher", 'EDH:@SECLEVEL=1',
"-dhe512",
$protocol])), 0,
"testing connection with weak DH, expecting failure");
SKIP: {
skip "skipping dhe512 test", 1
if ($no_dh);
is(run(test([@ssltest,
"-s_cipher", "EDH",
"-c_cipher", 'EDH:@SECLEVEL=1',
"-dhe512",
$protocol])), 0,
"testing connection with weak DH, expecting failure");
}
}
};

173
test/ssltest_old.c
View File

@ -57,8 +57,6 @@
# include <openssl/ct.h>
#endif
#include <openssl/provider.h>
#include <openssl/core_names.h>
#include <openssl/param_build.h>
/*
* Or gethostname won't be declared properly
@ -74,6 +72,8 @@
# include <unistd.h>
#endif
#include "predefined_dhparams.h"
static SSL_CTX *s_ctx = NULL;
static SSL_CTX *s_ctx2 = NULL;
@ -91,10 +91,6 @@ struct app_verify_arg {
int app_verify;
};
static EVP_PKEY *get_dh512(OSSL_LIB_CTX *libctx);
static EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libctx);
static EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx);
static char *psk_key = NULL; /* by default PSK is not used */
#ifndef OPENSSL_NO_PSK
static unsigned int psk_client_callback(SSL *ssl, const char *hint,
@ -632,12 +628,14 @@ static void sv_usage(void)
fprintf(stderr, " -num <val> - number of connections to perform\n");
fprintf(stderr,
" -bytes <val> - number of bytes to swap between client/server\n");
#ifndef OPENSSL_NO_DH
fprintf(stderr,
" -dhe512 - use 512 bit key for DHE (to test failure)\n");
fprintf(stderr,
" -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
fprintf(stderr,
" -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
#endif
fprintf(stderr, " -no_dhe - disable DHE\n");
#ifndef OPENSSL_NO_EC
fprintf(stderr, " -no_ecdhe - disable ECDHE\nTODO(openssl-team): no_ecdhe was broken by auto ecdh. Make this work again.\n");
@ -888,12 +886,10 @@ int main(int argc, char *argv[])
int should_reuse = -1;
int no_ticket = 0;
long bytes = 256L;
#ifndef OPENSSL_NO_DH
EVP_PKEY *dhpkey;
int dhe512 = 0, dhe1024dsa = 0;
#ifndef OPENSSL_NO_DH
int no_dhe = 0;
#else
int no_dhe = 1;
#endif
int no_psk = 0;
int print_time = 0;
@ -978,12 +974,16 @@ int main(int argc, char *argv[])
debug = 1;
else if (strcmp(*argv, "-reuse") == 0)
reuse = 1;
else if (strcmp(*argv, "-dhe512") == 0) {
dhe512 = 1;
} else if (strcmp(*argv, "-dhe1024dsa") == 0) {
dhe1024dsa = 1;
} else if (strcmp(*argv, "-no_dhe") == 0)
else if (strcmp(*argv, "-no_dhe") == 0)
#ifdef OPENSSL_NO_DH
/* unused in this case */;
#else
no_dhe = 1;
else if (strcmp(*argv, "-dhe512") == 0)
dhe512 = 1;
else if (strcmp(*argv, "-dhe1024dsa") == 0)
dhe1024dsa = 1;
#endif
else if (strcmp(*argv, "-no_ecdhe") == 0)
/* obsolete */;
else if (strcmp(*argv, "-psk") == 0) {
@ -1486,6 +1486,7 @@ int main(int argc, char *argv[])
ERR_print_errors(bio_err);
goto end;
}
#ifndef OPENSSL_NO_DH
if (!no_dhe) {
if (dhe1024dsa)
dhpkey = get_dh1024dsa(libctx);
@ -1503,6 +1504,7 @@ int main(int argc, char *argv[])
SSL_CTX_set0_tmp_dh_pkey(s_ctx, dhpkey);
SSL_CTX_set0_tmp_dh_pkey(s_ctx2, dhpkey);
}
#endif
if (!(SSL_CTX_load_verify_file(s_ctx, CAfile)
|| SSL_CTX_load_verify_dir(s_ctx, CApath))
@ -2884,149 +2886,6 @@ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
return ok;
}
static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, BIGNUM *p, BIGNUM *g)
{
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL);
OSSL_PARAM_BLD *tmpl = NULL;
OSSL_PARAM *params = NULL;
EVP_PKEY *dhpkey = NULL;
if (pctx == NULL || !EVP_PKEY_key_fromdata_init(pctx))
goto err;
tmpl = OSSL_PARAM_BLD_new();
if (tmpl == NULL
|| !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
|| !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g))
goto err;
params = OSSL_PARAM_BLD_to_param(tmpl);
if (params == NULL || !EVP_PKEY_fromdata(pctx, &dhpkey, params))
goto err;
err:
EVP_PKEY_CTX_free(pctx);
OSSL_PARAM_BLD_free_params(params);
OSSL_PARAM_BLD_free(tmpl);
return dhpkey;
}
static EVP_PKEY *get_dh_from_pg(OSSL_LIB_CTX *libctx, unsigned char *pdata,
size_t plen, unsigned char *gdata, size_t glen)
{
EVP_PKEY *dhpkey = NULL;
BIGNUM *p = NULL, *g = NULL;
p = BN_bin2bn(pdata, plen, NULL);
g = BN_bin2bn(gdata, glen, NULL);
if (p == NULL || g == NULL)
goto err;
dhpkey = get_dh_from_pg_bn(libctx, p, g);
err:
BN_free(p);
BN_free(g);
return dhpkey;
}
/* These DH parameters were generated using the dhparam command line app */
static EVP_PKEY *get_dh512(OSSL_LIB_CTX *libctx)
{
static unsigned char dh512_p[] = {
0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
0xC6,
0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
0xB0,
0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
0x5F,
0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
0xB8,
0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
0x33,
0x02, 0xC5, 0xAE, 0x23,
};
static unsigned char dh512_g[] = {
0x02,
};
return get_dh_from_pg(libctx, dh512_p, sizeof(dh512_p), dh512_g,
sizeof(dh512_g));
}
static EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libctx)
{
static unsigned char dh1024_p[] = {
0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
0x00,
0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
0x19,
0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
0xD2,
0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
0x55,
0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
0xFC,
0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
0x97,
0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
0x8D,
0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
0xBB,
0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
0xF6,
0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
0x9E,
0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
};
static unsigned char dh1024_g[] = {
0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
0x05,
0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
0xF3,
0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
0xE9,
0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
0x3C,
0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
0x65,
0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
0x60,
0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
0xF6,
0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
0xA7,
0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
0xA1,
0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
0x60,
0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
};
return get_dh_from_pg(libctx, dh1024_p, sizeof(dh1024_p), dh1024_g,
sizeof(dh1024_g));
}
static EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx)
{
BIGNUM *p = NULL, *g = NULL;
EVP_PKEY *dhpkey = NULL;
g = BN_new();
if (g == NULL || !BN_set_word(g, 2))
goto err;
p = BN_get_rfc3526_prime_2048(NULL);
if (p == NULL)
goto err;
dhpkey = get_dh_from_pg_bn(libctx, p, g);
err:
BN_free(p);
BN_free(g);
return dhpkey;
}
#ifndef OPENSSL_NO_PSK
/* convert the PSK key (psk_key) in ascii to binary (psk) */
static int psk_key2bn(const char *pskkey, unsigned char *psk,