xref: /openbsd-src/lib/libcrypto/man/BN_get_rfc3526_prime_8192.3 (revision 6865ce41ec39dd359558492512500796fc5394dd) 
1*6865ce41Stb.\" $OpenBSD: BN_get_rfc3526_prime_8192.3,v 1.1 2023/07/20 16:26:40 tb Exp $
2*6865ce41Stb.\" checked up to: OpenSSL DH_get_1024_160 99d63d46 Oct 26 13:56:48 2016 -0400
3*6865ce41Stb.\"
4*6865ce41Stb.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
5*6865ce41Stb.\"
6*6865ce41Stb.\" Permission to use, copy, modify, and distribute this software for any
7*6865ce41Stb.\" purpose with or without fee is hereby granted, provided that the above
8*6865ce41Stb.\" copyright notice and this permission notice appear in all copies.
9*6865ce41Stb.\"
10*6865ce41Stb.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11*6865ce41Stb.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12*6865ce41Stb.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13*6865ce41Stb.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14*6865ce41Stb.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15*6865ce41Stb.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16*6865ce41Stb.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17*6865ce41Stb.\"
18*6865ce41Stb.Dd $Mdocdate: July 20 2023 $
19*6865ce41Stb.Dt BN_GET_RFC3526_PRIME_8192 3
20*6865ce41Stb.Os
21*6865ce41Stb.Sh NAME
22*6865ce41Stb.Nm BN_get_rfc2409_prime_768 ,
23*6865ce41Stb.Nm BN_get_rfc2409_prime_1024 ,
24*6865ce41Stb.Nm BN_get_rfc3526_prime_1536 ,
25*6865ce41Stb.Nm BN_get_rfc3526_prime_2048 ,
26*6865ce41Stb.Nm BN_get_rfc3526_prime_3072 ,
27*6865ce41Stb.Nm BN_get_rfc3526_prime_4096 ,
28*6865ce41Stb.Nm BN_get_rfc3526_prime_6144 ,
29*6865ce41Stb.Nm BN_get_rfc3526_prime_8192
30*6865ce41Stb.Nd standard moduli for Diffie-Hellman key exchange
31*6865ce41Stb.Sh SYNOPSIS
32*6865ce41Stb.In openssl/bn.h
33*6865ce41Stb.Ft BIGNUM *
34*6865ce41Stb.Fn BN_get_rfc2409_prime_768 "BIGNUM *bn"
35*6865ce41Stb.Ft BIGNUM *
36*6865ce41Stb.Fn BN_get_rfc2409_prime_1024 "BIGNUM *bn"
37*6865ce41Stb.Ft BIGNUM *
38*6865ce41Stb.Fn BN_get_rfc3526_prime_1536 "BIGNUM *bn"
39*6865ce41Stb.Ft BIGNUM *
40*6865ce41Stb.Fn BN_get_rfc3526_prime_2048 "BIGNUM *bn"
41*6865ce41Stb.Ft BIGNUM *
42*6865ce41Stb.Fn BN_get_rfc3526_prime_3072 "BIGNUM *bn"
43*6865ce41Stb.Ft BIGNUM *
44*6865ce41Stb.Fn BN_get_rfc3526_prime_4096 "BIGNUM *bn"
45*6865ce41Stb.Ft BIGNUM *
46*6865ce41Stb.Fn BN_get_rfc3526_prime_6144 "BIGNUM *bn"
47*6865ce41Stb.Ft BIGNUM *
48*6865ce41Stb.Fn BN_get_rfc3526_prime_8192 "BIGNUM *bn"
49*6865ce41Stb.Sh DESCRIPTION
50*6865ce41StbEach of these functions returns one specific constant Sophie Germain
51*6865ce41Stbprime number
52*6865ce41Stb.Fa p .
53*6865ce41Stb.Pp
54*6865ce41StbIf
55*6865ce41Stb.Fa bn
56*6865ce41Stbis
57*6865ce41Stb.Dv NULL ,
58*6865ce41Stba new
59*6865ce41Stb.Vt BIGNUM
60*6865ce41Stbobject is created and returned.
61*6865ce41StbOtherwise, the number is stored in
62*6865ce41Stb.Pf * Fa bn
63*6865ce41Stband
64*6865ce41Stb.Fa bn
65*6865ce41Stbis returned.
66*6865ce41Stb.Pp
67*6865ce41StbAll these numbers are of the form
68*6865ce41Stb.Pp
69*6865ce41Stb.EQ
70*6865ce41Stbp = 2 sup s - 2 sup left ( s - 64 right ) - 1 + 2 sup 64 *
71*6865ce41Stbleft { left [ 2 sup left ( s - 130 right ) pi right ] + offset right }
72*6865ce41Stbdelim $$
73*6865ce41Stb.EN
74*6865ce41Stb.Pp
75*6865ce41Stbwhere
76*6865ce41Stb.Ar s
77*6865ce41Stbis the size of the binary representation of the number in bits
78*6865ce41Stband appears at the end of the function names.
79*6865ce41StbAs long as the offset is sufficiently small, the above form assures
80*6865ce41Stbthat the top and bottom 64 bits of each number are all 1.
81*6865ce41Stb.Pp
82*6865ce41StbThe offsets are defined in the standards as follows:
83*6865ce41Stb.Bl -column "8192 = 2 * 2^12" "4743158" -offset indent
84*6865ce41Stb.It size Ar s Ta Ar offset
85*6865ce41Stb.It Ta
86*6865ce41Stb.It \ 768 = 3 * 2^8  Ta  149686
87*6865ce41Stb.It 1024 = 2 * 2^9  Ta  129093
88*6865ce41Stb.It 1536 = 3 * 2^9  Ta  741804
89*6865ce41Stb.It 2048 = 2 * 2^10 Ta  124476
90*6865ce41Stb.It 3072 = 3 * 2^10 Ta 1690314
91*6865ce41Stb.It 4096 = 2 * 2^11 Ta  240904
92*6865ce41Stb.It 6144 = 3 * 2^11 Ta  929484
93*6865ce41Stb.It 8192 = 2 * 2^12 Ta 4743158
94*6865ce41Stb.El
95*6865ce41Stb.Pp
96*6865ce41StbFor each of these prime numbers, the finite group of natural numbers
97*6865ce41Stbsmaller than
98*6865ce41Stb.Fa p ,
99*6865ce41Stbwhere the group operation is defined as multiplication modulo
100*6865ce41Stb.Fa p ,
101*6865ce41Stbis used for Diffie-Hellman key exchange.
102*6865ce41StbThe first two of these groups are called the First Oakley Group and
103*6865ce41Stbthe Second Oakley Group.
104*6865ce41StbObviously, all these groups are cyclic groups of order
105*6865ce41Stb.Fa p ,
106*6865ce41Stbrespectively, and the numbers returned by these functions are not
107*6865ce41Stbsecrets.
108*6865ce41Stb.Sh RETURN VALUES
109*6865ce41StbIf memory allocation fails, these functions return
110*6865ce41Stb.Dv NULL .
111*6865ce41StbThat can happen even if
112*6865ce41Stb.Fa bn
113*6865ce41Stbis not
114*6865ce41Stb.Dv NULL .
115*6865ce41Stb.Sh SEE ALSO
116*6865ce41Stb.Xr BN_mod_exp 3 ,
117*6865ce41Stb.Xr BN_new 3 ,
118*6865ce41Stb.Xr BN_set_flags 3 ,
119*6865ce41Stb.Xr DH_new 3
120*6865ce41Stb.Sh STANDARDS
121*6865ce41StbRFC 2409, "The Internet Key Exchange (IKE)", defines the Oakley Groups.
122*6865ce41Stb.Pp
123*6865ce41StbRFC 2412, "The OAKLEY Key Determination Protocol", contains additional
124*6865ce41Stbinformation about these numbers.
125*6865ce41Stb.Pp
126*6865ce41StbRFC 3526, "More Modular Exponential (MODP) Diffie-Hellman groups
127*6865ce41Stbfor Internet Key Exchange (IKE)", defines the other six numbers.
128*6865ce41Stb.Sh HISTORY
129*6865ce41Stb.Fn BN_get_rfc2409_prime_768 ,
130*6865ce41Stb.Fn BN_get_rfc2409_prime_1024 ,
131*6865ce41Stb.Fn BN_get_rfc3526_prime_1536 ,
132*6865ce41Stb.Fn BN_get_rfc3526_prime_2048 ,
133*6865ce41Stb.Fn BN_get_rfc3526_prime_3072 ,
134*6865ce41Stb.Fn BN_get_rfc3526_prime_4096 ,
135*6865ce41Stb.Fn BN_get_rfc3526_prime_6144 ,
136*6865ce41Stband
137*6865ce41Stb.Fn BN_get_rfc3526_prime_8192
138*6865ce41Stbfirst appeared in OpenSSL 1.1.0 and have been available since
139*6865ce41Stb.Ox 6.3 .
140*6865ce41StbThe same functions without
141*6865ce41Stb.Sy BN_
142*6865ce41Stbprefix first appeared in OpenSSL 0.9.8a and
143*6865ce41Stb.Ox 4.5 ;
144*6865ce41Stbthey were removed in
145*6865ce41Stb.Ox 7.4 .
146*6865ce41Stb.Sh CAVEATS
147*6865ce41StbAs all the memory needed for storing the numbers is dynamically
148*6865ce41Stballocated, the
149*6865ce41Stb.Dv BN_FLG_STATIC_DATA
150*6865ce41Stbflag is not set on the returned
151*6865ce41Stb.Vt BIGNUM
152*6865ce41Stbobjects.
153*6865ce41StbSo be careful to not change the returned numbers.
154