From 3b629a52d24a367d183dbec8d5c9bb1030826721 Mon Sep 17 00:00:00 2001
From: Fedor Brunner <fedor.brunner@azet.sk>
Date: Mon, 17 Feb 2014 14:54:20 +0100
Subject: [PATCH] "4096-bit MODP Group" from RFC3526, Section 5.

The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }

RFC3526 specifies a generator of 2.

The generation of the group is described in RFC 2412.

Fixes: #7644
---
 data/other/dh4096.pem     | 33 ++++++++++++++++++---------------
 src/common/jingle_xtls.py |  4 ----
 2 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/data/other/dh4096.pem b/data/other/dh4096.pem
index 1b35ad8e62..90ef682834 100644
--- a/data/other/dh4096.pem
+++ b/data/other/dh4096.pem
@@ -1,18 +1,21 @@
 -----BEGIN DH PARAMETERS-----
-MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ
-l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt
-Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS
-Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98
-VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc
-alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM
-sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9
-ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte
-OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH
-AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL
-KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=
+MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=
 -----END DH PARAMETERS-----
 
-These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
+"4096-bit MODP Group" from RFC3526, Section 5.
+
+The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
+
+RFC3526 specifies a generator of 2.
+
+The generation of the group is described in RFC 2412.
diff --git a/src/common/jingle_xtls.py b/src/common/jingle_xtls.py
index 864cc5f057..5af585903c 100644
--- a/src/common/jingle_xtls.py
+++ b/src/common/jingle_xtls.py
@@ -120,10 +120,6 @@ def get_context(fingerprint, verify_cb=None, remote_jid=None):
         with open(dh_params_name, "r") as dh_params_file:
             ctx.load_tmp_dh(str(dh_params_name).encode('utf-8'))
     except IOError as err:
-        log.warn('Unable to load DH parameter file: %s. You should generate it '
-            'by using this command : "openssl dhparam 4096 -out '
-            '~/.config/gajim/dh_params.pem". This command take about 15 '
-            'minutes to complete.' % dh_params_name)
         default_dh_params_name = os.path.join(common.gajim.DATA_DIR,
             'other', DEFAULT_DH_PARAMS)
         try:
-- 
GitLab