dh-primes: add MODP primes from RFC 3526

Signed-off-by: Daiki Ueno <ueno@gnu.org>

1 files changed, 29 insertions, 0 deletions

diff --git a/lib/dh.h b/lib/dh.h
index 9f3dc2a709..a64a4eb5e8 100644
--- a/lib/dh.h
+++ b/lib/dh.h
@@ -31,4 +31,33 @@ _gnutls_figure_dh_params(gnutls_session_t session, gnutls_dh_params_t dh_params,
 
 int _gnutls_set_cred_dh_params(gnutls_dh_params_t *cparams, gnutls_sec_param_t sec_param);
 
+/* The static parameters defined in RFC 3526, used for the approved
+ * primes check in SP800-56A (Appendix D).
+ */
+
+extern const gnutls_datum_t gnutls_modp_8192_group_prime;
+extern const gnutls_datum_t gnutls_modp_8192_group_q;
+extern const gnutls_datum_t gnutls_modp_8192_group_generator;
+extern const unsigned int gnutls_modp_8192_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_6144_group_prime;
+extern const gnutls_datum_t gnutls_modp_6144_group_q;
+extern const gnutls_datum_t gnutls_modp_6144_group_generator;
+extern const unsigned int gnutls_modp_6144_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_4096_group_prime;
+extern const gnutls_datum_t gnutls_modp_4096_group_q;
+extern const gnutls_datum_t gnutls_modp_4096_group_generator;
+extern const unsigned int gnutls_modp_4096_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_3072_group_prime;
+extern const gnutls_datum_t gnutls_modp_3072_group_q;
+extern const gnutls_datum_t gnutls_modp_3072_group_generator;
+extern const unsigned int gnutls_modp_3072_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_2048_group_prime;
+extern const gnutls_datum_t gnutls_modp_2048_group_q;
+extern const gnutls_datum_t gnutls_modp_2048_group_generator;
+extern const unsigned int gnutls_modp_2048_key_bits;
+
 #endif /* GNUTLS_LIB_DH_H */