DragonFly On-Line Manual Pages
GET_RFC3526_PRIME_... DragonFly Library Functions Manual GET_RFC3526_PRIME_...
NAME
get_rfc2409_prime_768, get_rfc2409_prime_1024, get_rfc3526_prime_1536,
get_rfc3526_prime_2048, get_rfc3526_prime_3072, get_rfc3526_prime_4096,
get_rfc3526_prime_6144, get_rfc3526_prime_8192, BN_get_rfc2409_prime_768,
BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_2048,
BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096,
BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 -- standard moduli
for Diffie-Hellmann key exchange
SYNOPSIS
#include <openssl/bn.h>
BIGNUM *
get_rfc2409_prime_768(BIGNUM *bn);
BIGNUM *
get_rfc2409_prime_1024(BIGNUM *bn);
BIGNUM *
get_rfc3526_prime_1536(BIGNUM *bn);
BIGNUM *
get_rfc3526_prime_2048(BIGNUM *bn);
BIGNUM *
get_rfc3526_prime_3072(BIGNUM *bn);
BIGNUM *
get_rfc3526_prime_4096(BIGNUM *bn);
BIGNUM *
get_rfc3526_prime_6144(BIGNUM *bn);
BIGNUM *
get_rfc3526_prime_8192(BIGNUM *bn);
BIGNUM *
BN_get_rfc2409_prime_768(BIGNUM *bn);
BIGNUM *
BN_get_rfc2409_prime_1024(BIGNUM *bn);
BIGNUM *
BN_get_rfc3526_prime_1536(BIGNUM *bn);
BIGNUM *
BN_get_rfc3526_prime_2048(BIGNUM *bn);
BIGNUM *
BN_get_rfc3526_prime_3072(BIGNUM *bn);
BIGNUM *
BN_get_rfc3526_prime_4096(BIGNUM *bn);
BIGNUM *
BN_get_rfc3526_prime_6144(BIGNUM *bn);
BIGNUM *
BN_get_rfc3526_prime_8192(BIGNUM *bn);
DESCRIPTION
Each of these functions returns one specific constant Sophie Germain
prime number p. The names with the prefix `BN_' are aliases for the
names without that prefix.
If bn is NULL, a new BIGNUM object is created and returned. Otherwise,
the number is stored in *bn and bn is returned.
All these numbers are of the form
p = 2 sup s - 2 sup left ( s - 64 right ) - 1 + 2 sup 64 * left { left [
2 sup left ( s - 130 right ) pi right ] + offset right } delim $$
where s is the size of the binary representation of the number in bits
and appears at the end of the function names. As long as the offset is
sufficiently small, the above form assures that the top and bottom 64
bits of each number are all 1.
The offsets are defined in the standards as follows:
size s offset
768 = 3 * 2^8149686
1024 = 2 * 2^9129093
1536 = 3 * 2^9741804
2048 = 2 * 2^10124476
3072 = 3 * 2^101690314
4096 = 2 * 2^11240904
6144 = 3 * 2^11929484
8192 = 2 * 2^124743158
For each of these prime numbers, the finite group of natural numbers
smaller than p, where the group operation is defined as multiplication
modulo p, is used for Diffie-Hellmann key exchange. The first two of
these groups are called the First Oakley Group and the Second Oakley
Group. Obiviously, all these groups are cyclic groups of order p,
respectively, and the numbers returned by these functions are not
secrets.
RETURN VALUES
If memory allocation fails, these functions return NULL. That can happen
even if bn is not NULL.
SEE ALSO
BN_mod_exp(3), BN_new(3), BN_set_flags(3), DH_new(3)
STANDARDS
RFC 2409, "The Internet Key Exchange (IKE)", defines the Oakley Groups.
RFC 2412, "The OAKLEY Key Determination Protocol", contains additional
information about these numbers.
RFC 3526, "More Modular Exponential (MODP) Diffie-Hellman groups for
Internet Key Exchange (IKE)", defines the other six numbers.
HISTORY
get_rfc2409_prime_768(), get_rfc2409_prime_1024(),
get_rfc3526_prime_1536(), get_rfc3526_prime_2048(),
get_rfc3526_prime_3072(), get_rfc3526_prime_4096(),
get_rfc3526_prime_6144(), and get_rfc3526_prime_8192() first appeared in
OpenSSL 0.9.8a and have been available since OpenBSD 4.5.
The BN_ aliases first appeared in OpenSSL 1.1.0 and have been available
since OpenBSD 6.3.
CAVEATS
As all the memory needed for storing the numbers is dynamically allo-
cated, the BN_FLG_STATIC_DATA flag is not set on the returned BIGNUM
objects. So be careful to not change the returned numbers.
DragonFly 5.5 March 23, 2018 DragonFly 5.5