Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
GET_RFC3526_PRIME_819... BSD Library Functions Manual GET_RFC3526_PRIME_819...

NAME
     get_rfc2409_prime_768, get_rfc2409_prime_1024, get_rfc3526_prime_1536,
     get_rfc3526_prime_2048, get_rfc3526_prime_3072, get_rfc3526_prime_4096,
     get_rfc3526_prime_6144, get_rfc3526_prime_8192 -- standard	moduli for
     Diffie-Hellmann key exchange

SYNOPSIS
     #include <openssl/bn.h>

     BIGNUM *
     get_rfc2409_prime_768(BIGNUM *bn);

     BIGNUM *
     get_rfc2409_prime_1024(BIGNUM *bn);

     BIGNUM *
     get_rfc3526_prime_1536(BIGNUM *bn);

     BIGNUM *
     get_rfc3526_prime_2048(BIGNUM *bn);

     BIGNUM *
     get_rfc3526_prime_3072(BIGNUM *bn);

     BIGNUM *
     get_rfc3526_prime_4096(BIGNUM *bn);

     BIGNUM *
     get_rfc3526_prime_6144(BIGNUM *bn);

     BIGNUM *
     get_rfc3526_prime_8192(BIGNUM *bn);

DESCRIPTION
     Each of these functions returns one specific constant Sophie Germain
     prime number p.

     If	bn is NULL, a new BIGNUM object	is created and returned.  Otherwise,
     the number	is stored in *bn and bn	is returned.

     All these numbers are of the form

     p = 2 sup s - 2 sup left (	s - 64 right ) - 1 + 2 sup 64 *	left { left [
     2 sup left	( s - 130 right	) pi right ] + offset right } delim $$

     where s is	the size of the	binary representation of the number in bits
     and appears at the	end of the function names.  As long as the offset is
     sufficiently small, the above form	assures	that the top and bottom	64
     bits of each number are all 1.

     The offsets are defined in	the standards as follows:

	   size	s offset

	    768	= 3 * 2^8149686
	   1024	= 2 * 2^9129093
	   1536	= 3 * 2^9741804
	   2048	= 2 * 2^10124476
	   3072	= 3 * 2^101690314
	   4096	= 2 * 2^11240904
	   6144	= 3 * 2^11929484
	   8192	= 2 * 2^124743158

     For each of these prime numbers, the finite group of natural numbers
     smaller than p, where the group operation is defined as multiplication
     modulo p, is used for Diffie-Hellmann key exchange.  The first two	of
     these groups are called the First Oakley Group and	the Second Oakley
     Group.  Obiviously, all these groups are cyclic groups of order p,	re-
     spectively, and the numbers returned by these functions are not secrets.

RETURN VALUES
     If	memory allocation fails, these functions return	NULL.  That can	happen
     even if bn	is not NULL.

SEE ALSO
     BN_mod_exp(3), BN_new(3), BN_set_flags(3),	DH_new(3)

STANDARDS
     RFC 2409, "The Internet Key Exchange (IKE)", defines the Oakley Groups.

     RFC 2412, "The OAKLEY Key Determination Protocol",	contains additional
     information about these numbers.

     RFC 3526, "More Modular Exponential (MODP)	Diffie-Hellman groups for In-
     ternet Key	Exchange (IKE)", defines the other six numbers.

CAVEATS
     As	all the	memory needed for storing the numbers is dynamically allo-
     cated, the	BN_FLG_STATIC_DATA flag	is not set on the returned BIGNUM ob-
     jects.  So	be careful to not change the returned numbers.

BSD			       January 31, 2017				   BSD

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | SEE ALSO | STANDARDS | CAVEATS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=get_rfc2409_prime_768&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help