Botan::DL_Group Class Reference

#include <dl_group.h>

Public Types
enum	Format {   ANSI_X9_42, ANSI_X9_57, PKCS_3, DSA_PARAMETERS = ANSI_X9_57,   DH_PARAMETERS = ANSI_X9_42, ANSI_X9_42_DH_PARAMETERS = ANSI_X9_42, PKCS3_DH_PARAMETERS = PKCS_3 }
enum	PrimeType { Strong, Prime_Subgroup, DSA_Kosherizer }

Public Member Functions
void	BER_decode (const std::vector< uint8_t > &ber, Format format)
std::vector< uint8_t >	DER_encode (Format format) const
	DL_Group ()=default
	DL_Group (const std::string &name)
	DL_Group (RandomNumberGenerator &rng, PrimeType type, size_t pbits, size_t qbits=0)
	DL_Group (RandomNumberGenerator &rng, const std::vector< uint8_t > &seed, size_t pbits=1024, size_t qbits=0)
	DL_Group (const BigInt &p, const BigInt &g)
	DL_Group (const BigInt &p, const BigInt &q, const BigInt &g)
	DL_Group (const uint8_t ber[], size_t ber_len, Format format)
template<typename Alloc >
	DL_Group (const std::vector< uint8_t, Alloc > &ber, Format format)
size_t	estimated_strength () const
size_t	exponent_bits () const
const BigInt &	get_g () const
const BigInt &	get_p () const
const BigInt &	get_q () const
BigInt	inverse_mod_p (const BigInt &x) const
BigInt	inverse_mod_q (const BigInt &x) const
BigInt	mod_p (const BigInt &x) const
BigInt	mod_q (const BigInt &x) const
std::shared_ptr< const Montgomery_Params >	monty_params_p () const
BigInt	multi_exponentiate (const BigInt &x, const BigInt &y, const BigInt &z) const
BigInt	multiply_mod_p (const BigInt &x, const BigInt &y) const
BigInt	multiply_mod_q (const BigInt &x, const BigInt &y) const
BigInt	multiply_mod_q (const BigInt &x, const BigInt &y, const BigInt &z) const
size_t	p_bits () const
size_t	p_bytes () const
void	PEM_decode (const std::string &pem)
std::string	PEM_encode (Format format) const
BigInt	power_g_p (const BigInt &x) const
BigInt	power_g_p (const BigInt &x, size_t max_x_bits) const
size_t	q_bits () const
size_t	q_bytes () const
DL_Group_Source	source () const
BigInt	square_mod_q (const BigInt &x) const
bool	verify_element_pair (const BigInt &y, const BigInt &x) const
bool	verify_group (RandomNumberGenerator &rng, bool strong=true) const
bool	verify_public_element (const BigInt &y) const

Static Public Member Functions
static DL_Group	DL_Group_from_PEM (const std::string &pem)
static std::shared_ptr< DL_Group_Data >	DL_group_info (const std::string &name)
static std::string	PEM_for_named_group (const std::string &name)

Detailed Description

This class represents discrete logarithm groups. It holds a prime modulus p, a generator g, and (optionally) a prime q which is a factor of (p-1). In most cases g generates the order-q subgroup.

Definition at line 29 of file dl_group.h.

Member Enumeration Documentation

Format

enum Botan::DL_Group::Format

The DL group encoding format variants.

Enumerator
ANSI_X9_42
ANSI_X9_57
PKCS_3
DSA_PARAMETERS
DH_PARAMETERS
ANSI_X9_42_DH_PARAMETERS
PKCS3_DH_PARAMETERS

Definition at line 40 of file dl_group.h.

                  {
         ANSI_X9_42,
         ANSI_X9_57,
         PKCS_3,

         DSA_PARAMETERS = ANSI_X9_57,
         DH_PARAMETERS = ANSI_X9_42,
         ANSI_X9_42_DH_PARAMETERS = ANSI_X9_42,
         PKCS3_DH_PARAMETERS = PKCS_3
      };

PrimeType

enum Botan::DL_Group::PrimeType

Determine the prime creation for DL groups.

Enumerator
Strong
Prime_Subgroup
DSA_Kosherizer

Definition at line 35 of file dl_group.h.

{ Strong, Prime_Subgroup, DSA_Kosherizer };

Constructor & Destructor Documentation

DL_Group() [1/8]

Botan::DL_Group::DL_Group ( )

default

Construct a DL group with uninitialized internal value. Use this constructor is you wish to set the groups values from a DER or PEM encoded group.

Referenced by DL_Group_from_PEM().

DL_Group() [2/8]

Botan::DL_Group::DL_Group ( const std::string &  name )

explicit

Construct a DL group that is registered in the configuration.

Parameters

name	the name of the group, for example "modp/ietf/3072"

Warning

This constructor also accepts PEM inputs. This behavior is deprecated and will be removed in a future major release. Instead use DL_Group_from_PEM function

Definition at line 189 of file dl_group.cpp.

References Botan::PEM_Code::decode(), DL_group_info(), Botan::ExternalSource, and Botan::unlock().

   {
   // Either a name or a PEM block, try name first
   m_data = DL_group_info(str);

   if(m_data == nullptr)
      {
      try
         {
         std::string label;
         const std::vector<uint8_t> ber = unlock(PEM_Code::decode(str, label));
         Format format = pem_label_to_dl_format(label);

         m_data = BER_decode_DL_group(ber.data(), ber.size(), format, DL_Group_Source::ExternalSource);
         }
      catch(...) {}
      }

   if(m_data == nullptr)
      throw Invalid_Argument("DL_Group: Unknown group " + str);
   }

DL_Group() [3/8]

Botan::DL_Group::DL_Group	(	RandomNumberGenerator &	rng,
		PrimeType	type,
		size_t	pbits,
		size_t	qbits = 0
	)

Create a new group randomly.

Parameters

rng	the random number generator to use
type	specifies how the creation of primes p and q shall be performed. If type=Strong, then p will be determined as a safe prime, and q will be chosen as (p-1)/2. If type=Prime_Subgroup and qbits = 0, then the size of q will be determined according to the estimated difficulty of the DL problem. If type=DSA_Kosherizer, DSA primes will be created.
pbits	the number of bits of p
qbits	the number of bits of q. Leave it as 0 to have the value determined according to pbits.

Definition at line 240 of file dl_group.cpp.

References Botan::BigInt::bits(), Botan::dl_exponent_size(), DSA_Kosherizer, Botan::generate_dsa_primes(), Botan::is_prime(), Botan::jacobi(), Prime_Subgroup, Botan::PRIME_TABLE_SIZE, Botan::PRIMES, Botan::random_prime(), Botan::random_safe_prime(), Botan::RandomlyGenerated, Botan::Modular_Reducer::reduce(), Strong, Botan::ASN1::to_string(), type, and X.

   {
   if(pbits < 1024)
      throw Invalid_Argument("DL_Group: prime size " + std::to_string(pbits) + " is too small");

   if(type == Strong)
      {
      if(qbits != 0 && qbits != pbits - 1)
         throw Invalid_Argument("Cannot create strong-prime DL_Group with specified q bits");

      const BigInt p = random_safe_prime(rng, pbits);
      const BigInt q = (p - 1) / 2;

      /*
      Always choose a generator that is quadratic reside mod p,
      this forces g to be a generator of the subgroup of size q.
      */
      BigInt g = 2;
      if(jacobi(g, p) != 1)
         {
         // prime table does not contain 2
         for(size_t i = 0; i < PRIME_TABLE_SIZE; ++i)
            {
            g = PRIMES[i];
            if(jacobi(g, p) == 1)
               break;
            }
         }

      m_data = std::make_shared<DL_Group_Data>(p, q, g, DL_Group_Source::RandomlyGenerated);
      }
   else if(type == Prime_Subgroup)
      {
      if(qbits == 0)
         qbits = dl_exponent_size(pbits);

      const BigInt q = random_prime(rng, qbits);
      Modular_Reducer mod_2q(2*q);
      BigInt X;
      BigInt p;
      while(p.bits() != pbits || !is_prime(p, rng, 128, true))
         {
         X.randomize(rng, pbits);
         p = X - mod_2q.reduce(X) + 1;
         }

      const BigInt g = make_dsa_generator(p, q);
      m_data = std::make_shared<DL_Group_Data>(p, q, g, DL_Group_Source::RandomlyGenerated);
      }
   else if(type == DSA_Kosherizer)
      {
      if(qbits == 0)
         qbits = ((pbits <= 1024) ? 160 : 256);

      BigInt p, q;
      generate_dsa_primes(rng, p, q, pbits, qbits);
      const BigInt g = make_dsa_generator(p, q);
      m_data = std::make_shared<DL_Group_Data>(p, q, g, DL_Group_Source::RandomlyGenerated);
      }
   else
      {
      throw Invalid_Argument("DL_Group unknown PrimeType");
      }
   }

DL_Group() [4/8]

Botan::DL_Group::DL_Group	(	RandomNumberGenerator &	rng,
		const std::vector< uint8_t > &	seed,
		size_t	pbits = 1024,
		size_t	qbits = 0
	)

Create a DSA group with a given seed.

Parameters

rng	the random number generator to use
seed	the seed to use to create the random primes
pbits	the desired bit size of the prime p
qbits	the desired bit size of the prime q.

Definition at line 309 of file dl_group.cpp.

References Botan::generate_dsa_primes(), and Botan::RandomlyGenerated.

   {
   BigInt p, q;

   if(!generate_dsa_primes(rng, p, q, pbits, qbits, seed))
      throw Invalid_Argument("DL_Group: The seed given does not generate a DSA group");

   BigInt g = make_dsa_generator(p, q);

   m_data = std::make_shared<DL_Group_Data>(p, q, g, DL_Group_Source::RandomlyGenerated);
   }

DL_Group() [5/8]

Botan::DL_Group::DL_Group	(	const BigInt &	p,
		const BigInt &	g
	)

Create a DL group.

Parameters

p	the prime p
g	the base g

Definition at line 326 of file dl_group.cpp.

References Botan::ExternalSource.

   {
   m_data = std::make_shared<DL_Group_Data>(p, 0, g, DL_Group_Source::ExternalSource);
   }

DL_Group() [6/8]

Botan::DL_Group::DL_Group	(	const BigInt &	p,
		const BigInt &	q,
		const BigInt &	g
	)

Create a DL group.

Parameters

p	the prime p
q	the prime q
g	the base g

Definition at line 334 of file dl_group.cpp.

References Botan::ExternalSource.

   {
   m_data = std::make_shared<DL_Group_Data>(p, q, g, DL_Group_Source::ExternalSource);
   }

DL_Group() [7/8]

Botan::DL_Group::DL_Group	(	const uint8_t	ber[],
		size_t	ber_len,
		Format	format
	)

Decode a BER-encoded DL group param

Definition at line 607 of file dl_group.cpp.

References Botan::ExternalSource.

   {
   m_data = BER_decode_DL_group(ber, ber_len, format, DL_Group_Source::ExternalSource);
   }

DL_Group() [8/8]

template<typename Alloc >

Botan::DL_Group::DL_Group ( const std::vector< uint8_t, Alloc > &  ber, Format  format  )

inline

Decode a BER-encoded DL group param

Definition at line 124 of file dl_group.h.

                                                                       :
         DL_Group(ber.data(), ber.size(), format) {}

Member Function Documentation

BER_decode()

void Botan::DL_Group::BER_decode	(	const std::vector< uint8_t > &	ber,
		Format	format
	)

Decode a DER/BER encoded group into this instance.

Parameters

ber	a vector containing the DER/BER encoded group
format	the format of the encoded group

Warning

avoid this. Instead use the DL_Group constructor

Definition at line 612 of file dl_group.cpp.

References Botan::ExternalSource.

Referenced by Botan::DL_Scheme_PrivateKey::DL_Scheme_PrivateKey().

   {
   m_data = BER_decode_DL_group(ber.data(), ber.size(), format, DL_Group_Source::ExternalSource);
   }

DER_encode()

std::vector< uint8_t > Botan::DL_Group::DER_encode

(

Format

format

)

const

Encode this group into a string using DER encoding.

Parameters

format

the encoding format

Returns

string holding the DER encoded group

Definition at line 553 of file dl_group.cpp.

References ANSI_X9_42, ANSI_X9_57, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), get_g(), get_p(), get_q(), PKCS_3, Botan::SEQUENCE, Botan::DER_Encoder::start_cons(), and Botan::ASN1::to_string().

Referenced by Botan::DL_Scheme_PublicKey::algorithm_identifier(), and PEM_encode().

   {
   if(get_q().is_zero() && (format == ANSI_X9_57 || format == ANSI_X9_42))
      throw Encoding_Error("Cannot encode DL_Group in ANSI formats when q param is missing");

   std::vector<uint8_t> output;
   DER_Encoder der(output);

   if(format == ANSI_X9_57)
      {
      der.start_cons(SEQUENCE)
            .encode(get_p())
            .encode(get_q())
            .encode(get_g())
         .end_cons();
      }
   else if(format == ANSI_X9_42)
      {
      der.start_cons(SEQUENCE)
            .encode(get_p())
            .encode(get_g())
            .encode(get_q())
         .end_cons();
      }
   else if(format == PKCS_3)
      {
      der.start_cons(SEQUENCE)
            .encode(get_p())
            .encode(get_g())
         .end_cons();
      }
   else
      throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));

   return output;
   }

DL_Group_from_PEM()

DL_Group Botan::DL_Group::DL_Group_from_PEM ( const std::string &  pem )

static

Definition at line 618 of file dl_group.cpp.

References Botan::PEM_Code::decode(), DL_Group(), and Botan::unlock().

   {
   std::string label;
   const std::vector<uint8_t> ber = unlock(PEM_Code::decode(pem, label));
   Format format = pem_label_to_dl_format(label);
   return DL_Group(ber, format);
   }

DL_group_info()

std::shared_ptr< DL_Group_Data > Botan::DL_Group::DL_group_info ( const std::string &  name )

static

Definition at line 13 of file dl_named.cpp.

References name.

Referenced by DL_Group().

   {
   /* TLS FFDHE groups */

   if(name == "ffdhe/ietf/2048")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B423861285C97FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "ffdhe/ietf/3072")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "ffdhe/ietf/4096")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6AFFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "ffdhe/ietf/6144")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD9020BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA63BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3ACDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477A52471F7A9A96910B855322EDB6340D8A00EF092350511E30ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538CD72B03746AE77F5E62292C311562A846505DC82DB854338AE49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B045B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "ffdhe/ietf/8192")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD9020BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA63BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3ACDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477A52471F7A9A96910B855322EDB6340D8A00EF092350511E30ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538CD72B03746AE77F5E62292C311562A846505DC82DB854338AE49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B045B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C8381E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665CB2C0F1CC01BD70229388839D2AF05E454504AC78B7582822846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA4571EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88CD68C8BB7C5C6424CFFFFFFFFFFFFFFFF",
                                "0x2");
      }

   /* IETF IPsec groups */

   if(name == "modp/ietf/1024")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "modp/ietf/1536")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "modp/ietf/2048")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "modp/ietf/3072")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "modp/ietf/4096")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "modp/ietf/6144")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF",
                                "0x2");
      }

   if(name == "modp/ietf/8192")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFFF",
                                "0x2");
      }

   /* SRP groups

   SRP groups have a p st (p-1)/2 is prime, but g is not a generator
   of subgroup of size q, so set q == 0 to bypass generator check

   Missing q doesn't matter for SRP, and nothing but SRP should be
   using these parameters.
   */

   if(name == "modp/srp/1024")
      {
      return load_DL_group_info("0xEEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3",
                                "0",
                                "0x2");
      }

   if(name == "modp/srp/1536")
      {
      return load_DL_group_info("0x9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA9614B19CC4D5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F84380B655BB9A22E8DCDF028A7CEC67F0D08134B1C8B97989149B609E0BE3BAB63D47548381DBC5B1FC764E3F4B53DD9DA1158BFD3E2B9C8CF56EDF019539349627DB2FD53D24B7C48665772E437D6C7F8CE442734AF7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E5A021FFF5E91479E8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB",
                                "0",
                                "0x2");
      }

   if(name == "modp/srp/2048")
      {
      return load_DL_group_info("0xAC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC3192943DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310DCD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FBD5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF747359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E7303CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB694B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F9E4AFF73",
                                "0",
                                "0x2");
      }

   if(name == "modp/srp/3072")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF",
                                "0",
                                "0x5");
      }

   if(name == "modp/srp/4096")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF",
                                "0",
                                "0x5");
      }

   if(name == "modp/srp/6144")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF",
                                "0",
                                "0x5");
      }

   if(name == "modp/srp/8192")
      {
      return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFFF",
                                "0",
                                "0x13");
      }

   /* DSA groups */

   if(name == "dsa/jce/1024")
      {
      return load_DL_group_info("0xFD7F53811D75122952DF4A9C2EECE4E7F611B7523CEF4400C31E3F80B6512669455D402251FB593D8D58FABFC5F5BA30F6CB9B556CD7813B801D346FF26660B76B9950A5A49F9FE8047B1022C24FBBA9D7FEB7C61BF83B57E7C6A8A6150F04FB83F6D3C51EC3023554135A169132F675F3AE2B61D72AEFF22203199DD14801C7",
                                "0x9760508F15230BCCB292B982A2EB840BF0581CF5",
                                "0x469603512E30278CD3947595DB22EEC9826A6322ADC97344F41D740C325724C8F9EFBAA7D4D803FF8C609DCD100EBC5BDFCFAD7C6A425FAEA786EA2050EBE98351EA1FDA1FDF24D6947AA6B9AA23766953802F4D7D4A8ECBA06D19768A2491FFB16D0EF9C43A99B5F71672FF6F0A24B444D0736D04D38A1A1322DAF6CDD88C9D");
      }

   if(name == "dsa/botan/2048")
      {
      return load_DL_group_info("0x91C48A4FDFBCF7C02AE95E7DA126122B5DD2864F559B87E8E74A286D52F59BD1DE68DFD645D0E00C60C080031891980374EEB594A532BFD67B9A09EAC4B8663A07910E68F39465FB7040D25DF13932EBAC4347A530ECBA61C854F9B880D3C0C3660080587C45566DADE26BD5A394BE093B4C0F24B5AFFEF8EC6C5B3E57FB89025A9BC16769932131E16D3C94EFCAB18D0DF061203CC53E6103BC72D5594BFD40CA65380F44A9A851DCB075495FC033A8A58071A1BD78FE052F66555648EB4B719D2AFE8B4880F8DAD6F15818BA178F89274C870BE9B96EB08C46C40040CC2EFE1DFB1B1868DD319DE3C34A32A63AB6EB1224209A419680CC7902D1728D4DF9E1",
                                "0x8CD7D450F86F0AD94EEE4CE469A8756D1EBD1058241943EAFFB0B354585E924D",
                                "0xD9F5E0761B4DBD1833D6AB1A961A0996C5F22303F72D84C140F67C431D94AB5715BEA81A0C98D39CE4BCF78D6B9EBC895D34FE89D94091D5848615EF15F5E86F11D96F6C969E203DDFA58356420A49CB444B595B901A933CFE0767B594F18A07B7F91DECDBA446B88990F78F2FF91F2FE7CD43FD2E46D18EADA1F7BB6602C617F6EF3A4B284F2FD9BA10A36042DE8FA87A2CA36597FEC81157A1485E44041DF02830111CB880BBE6ED494814886F965CDC3135F5CCF1383728BF65B806F9692C0B10D6C4C09C75A6CA3B4013CB16AB2C105F6BE23AEA9000EAB2178985F972C98057E1C86E44E7218688EA4AE0F3636DCCA745C9DCD4E6AFFB67CCBC13D6131");
      }

   if(name == "dsa/botan/3072")
      {
      return load_DL_group_info("0xE4B50880759663585E142460CA2D9DFF132F8AE4C840DDA3A2666889124FE5638B84E8A29B7AF3FA1209BE6BFC4B5072ED3B2B7387BAF3F857F478A80228EF3600B76B3DCFB61D20D34465B2506D2CAF87DF6E7DC0CE91BD2D167A46F6ADCC31C531E4F9C7ABBDB92ADDF35B0A806C66292A5F5E17E964DD099903733AC428AB35D80EA6F685BFBA8BE4068E5418AE5ECAD9E8FF073DE2B63E4E7EAD35C8A9B70B5BD47CFB88D373B66F37931939B0AB71BD5595809086DA0155337D185A0E4FB36A519B1B6202B8591E6002449CF1CD3A66384F6D2073B1CD73BECA93BAF1E1A6117D0238F222AE1ED7FED185A890E7F67FAB8FEB9753CC134A5183DFE87AE2595F7B5C2D9FBB42249FDD59513E1D3396B3EB2FD86684F285A8448FE757A029881C40760B94EF919BDF9740C38389599EC51A6E9BB519A8E068491E9CE0A2FCFE3CB60D66CF0DFAD20A8EC684048684A61444575BD1724D7352B44A760077B3BD6BD385CE5B0A7250CC0BF768DA82923806EB9CFBB138843731B618208C759B",
                                "0xB3EBD364EC69EF8CF3BAF643B75734B16339B2E49E5CDE1B59C1E9FB40EE0C5B",
                                "0x2BED21EEF83964A230AE89BBA71D9F7C39C52FC8229B4E3BC7E5944D329DA10F010EAC9E7BAF6C009FC4EB2960723E2B56DF4663E4C3AC800E9258DE2F7649D206782893F865EFCA498D2EEF30074EA5E8A7AB262712A4D94A2F3B0B9A92EE400FB38A3CC59A5DC7E436D5C004B22E35028381B51C93407EB32D4AE0FD42CB45E12D0ECEE8A26238EDE2082A7B1522113C66CEF8D745C6CF3CB945F84D2F4DE16D44A71DE198270E13F03553C88B8D323AD0B948A1BF2103A949979B6ED16FB5F3C953D95B7C8E88CA67DCF5A636FB9CA39D924215F7A884ED6C7EE3C96D8D9715427974B7C4351282E13D3773F7D28B452F10892A13C7587328DEA4827B6B369B2A8DC172ADC583F51F2A6598C5483E5BC467B02F91D059C402D18E2C2680F776AA06F49280A2C72C17CC42D5B6E740C5C4B1AB3C51C2ED092BE2A2D8B053AE5773D1425ED2B08F06E2DD50592DF1A478C15591CDFD11564FF88FF38B721D42392FDA473212DCFD8D2D88A976A00AFFE6FFFB430A359E64CA2B351CA2412394");
      }

   return std::shared_ptr<DL_Group_Data>();
   }

estimated_strength()

size_t Botan::DL_Group::estimated_strength

(

)

const

Return an estimate of the strength of this group against discrete logarithm attacks (eg NFS). Warning: since this only takes into account known attacks it is by necessity an overestimate of the actual strength.

Definition at line 473 of file dl_group.cpp.

Referenced by Botan::DL_Scheme_PublicKey::estimated_strength().

   {
   return data().estimated_strength();
   }

exponent_bits()

size_t Botan::DL_Group::exponent_bits

(

)

const

Return size in bits of a secret exponent

This attempts to balance between the attack costs of NFS (which depends on the size of the modulus) and Pollard's rho (which depends on the size of the exponent).

It may vary over time for a particular group, if the attack costs change.

Definition at line 478 of file dl_group.cpp.

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), Botan::srp6_client_agree(), and Botan::SRP6_Server_Session::step1().

   {
   return data().exponent_bits();
   }

get_g()

const BigInt & Botan::DL_Group::get_g

(

)

const

Get the base g.

Returns

base g

Definition at line 433 of file dl_group.cpp.

Referenced by DER_encode(), multi_exponentiate(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), Botan::srp6_client_agree(), Botan::SRP6_Server_Session::step1(), and verify_group().

   {
   return data().g();
   }

get_p()

const BigInt & Botan::DL_Group::get_p

(

)

const

Get the prime p.

Returns

prime p

Definition at line 425 of file dl_group.cpp.

Referenced by DER_encode(), inverse_mod_p(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), Botan::srp6_client_agree(), Botan::SRP6_Server_Session::step1(), verify_element_pair(), verify_group(), and verify_public_element().

   {
   return data().p();
   }

get_q()

const BigInt & Botan::DL_Group::get_q

(

)

const

Get the prime q, returns zero if q is not used

Returns

prime q

Definition at line 441 of file dl_group.cpp.

Referenced by DER_encode(), inverse_mod_q(), PEM_for_named_group(), verify_group(), and verify_public_element().

   {
   return data().q();
   }

inverse_mod_p()

BigInt Botan::DL_Group::inverse_mod_p

(

const BigInt &

x

)

const

Return the inverse of x mod p

Definition at line 483 of file dl_group.cpp.

References get_p(), and Botan::inverse_mod().

   {
   // precompute??
   return inverse_mod(x, get_p());
   }

inverse_mod_q()

BigInt Botan::DL_Group::inverse_mod_q

(

const BigInt &

x

)

const

Return the inverse of x mod q Throws if q is unset on this DL_Group

Definition at line 499 of file dl_group.cpp.

References get_q(), and Botan::inverse_mod().

   {
   data().assert_q_is_set("inverse_mod_q");
   // precompute??
   return inverse_mod(x, get_q());
   }

mod_p()

BigInt Botan::DL_Group::mod_p

(

const BigInt &

x

)

const

Reduce an integer modulo p

Returns

x % p

Definition at line 489 of file dl_group.cpp.

Referenced by Botan::srp6_client_agree(), and Botan::SRP6_Server_Session::step1().

   {
   return data().mod_p(x);
   }

mod_q()

BigInt Botan::DL_Group::mod_q

(

const BigInt &

x

)

const

Reduce an integer modulo q Throws if q is unset on this DL_Group

Returns

x % q

Definition at line 506 of file dl_group.cpp.

   {
   data().assert_q_is_set("mod_q");
   return data().mod_q(x);
   }

monty_params_p()

std::shared_ptr< const Montgomery_Params > Botan::DL_Group::monty_params_p

(

)

const

Return parameters for Montgomery reduction/exponentiation mod p

Definition at line 446 of file dl_group.cpp.

Referenced by multi_exponentiate().

   {
   return data().monty_params_p();
   }

multi_exponentiate()

BigInt Botan::DL_Group::multi_exponentiate	(	const BigInt &	x,
		const BigInt &	y,
		const BigInt &	z
	)		const

Multi-exponentiate Return (g^x * y^z) % p

Definition at line 530 of file dl_group.cpp.

References get_g(), Botan::monty_multi_exp(), and monty_params_p().

   {
   return monty_multi_exp(data().monty_params_p(), get_g(), x, y, z);
   }

multiply_mod_p()

BigInt Botan::DL_Group::multiply_mod_p	(	const BigInt &	x,
		const BigInt &	y
	)		const

Multiply and reduce an integer modulo p

Returns

(x*y) % p

Definition at line 494 of file dl_group.cpp.

   {
   return data().multiply_mod_p(x, y);
   }

multiply_mod_q() [1/2]

BigInt Botan::DL_Group::multiply_mod_q	(	const BigInt &	x,
		const BigInt &	y
	)		const

Multiply and reduce an integer modulo q Throws if q is unset on this DL_Group

Returns

(x*y) % q

Definition at line 512 of file dl_group.cpp.

Referenced by multiply_mod_q().

   {
   data().assert_q_is_set("multiply_mod_q");
   return data().multiply_mod_q(x, y);
   }

multiply_mod_q() [2/2]

BigInt Botan::DL_Group::multiply_mod_q	(	const BigInt &	x,
		const BigInt &	y,
		const BigInt &	z
	)		const

Multiply and reduce an integer modulo q Throws if q is unset on this DL_Group

Returns

(x*y*z) % q

Definition at line 518 of file dl_group.cpp.

References multiply_mod_q().

   {
   data().assert_q_is_set("multiply_mod_q");
   return data().multiply_mod_q(data().multiply_mod_q(x, y), z);
   }

p_bits()

size_t Botan::DL_Group::p_bits

(

)

const

Return the size of p in bits Same as get_p().bits()

Definition at line 451 of file dl_group.cpp.

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), and Botan::DL_Scheme_PublicKey::key_length().

   {
   return data().p_bits();
   }

p_bytes()

size_t Botan::DL_Group::p_bytes

(

)

const

Return the size of p in bytes Same as get_p().bytes()

Definition at line 456 of file dl_group.cpp.

Referenced by Botan::srp6_client_agree().

   {
   return data().p_bytes();
   }

PEM_decode()

void Botan::DL_Group::PEM_decode

(

const std::string &

pem

)

Decode a PEM encoded group into this instance.

Parameters

pem	the PEM encoding of the group

Definition at line 629 of file dl_group.cpp.

References Botan::PEM_Code::decode(), Botan::ExternalSource, and Botan::unlock().

   {
   std::string label;
   const std::vector<uint8_t> ber = unlock(PEM_Code::decode(pem, label));
   Format format = pem_label_to_dl_format(label);

   m_data = BER_decode_DL_group(ber.data(), ber.size(), format, DL_Group_Source::ExternalSource);
   }

PEM_encode()

std::string Botan::DL_Group::PEM_encode

(

Format

format

)

const

Encode this group into a string using PEM encoding.

Parameters

format

the encoding format

Returns

string holding the PEM encoded group

Definition at line 593 of file dl_group.cpp.

References ANSI_X9_42, ANSI_X9_57, DER_encode(), Botan::PEM_Code::encode(), PKCS_3, and Botan::ASN1::to_string().

Referenced by PEM_for_named_group().

   {
   const std::vector<uint8_t> encoding = DER_encode(format);

   if(format == PKCS_3)
      return PEM_Code::encode(encoding, "DH PARAMETERS");
   else if(format == ANSI_X9_57)
      return PEM_Code::encode(encoding, "DSA PARAMETERS");
   else if(format == ANSI_X9_42)
      return PEM_Code::encode(encoding, "X9.42 DH PARAMETERS");
   else
      throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
   }

PEM_for_named_group()

std::string Botan::DL_Group::PEM_for_named_group ( const std::string &  name )

static

Return PEM representation of named DL group

Definition at line 639 of file dl_group.cpp.

References ANSI_X9_42, get_q(), Botan::BigInt::is_zero(), name, PEM_encode(), and PKCS_3.

   {
   DL_Group group(name);
   DL_Group::Format format = group.get_q().is_zero() ? DL_Group::PKCS_3 : DL_Group::ANSI_X9_42;
   return group.PEM_encode(format);
   }

power_g_p() [1/2]

BigInt Botan::DL_Group::power_g_p

(

const BigInt &

x

)

const

Modular exponentiation

Warning

this function leaks the size of x via the number of loop iterations. Use the version taking the maximum size to avoid this.

Returns

(g^x) % p

Definition at line 535 of file dl_group.cpp.

References Botan::BigInt::bits().

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::DSA_PrivateKey::DSA_PrivateKey(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), Botan::generate_srp6_verifier(), Botan::srp6_client_agree(), Botan::SRP6_Server_Session::step1(), verify_element_pair(), and verify_group().

   {
   return data().power_g_p(x, x.bits());
   }

power_g_p() [2/2]

BigInt Botan::DL_Group::power_g_p	(	const BigInt &	x,
		size_t	max_x_bits
	)		const

Modular exponentiation

Parameters

x	the exponent
max_x_bits	x is assumed to be at most this many bits long.

Returns

(g^x) % p

Definition at line 540 of file dl_group.cpp.

   {
   return data().power_g_p(x, max_x_bits);
   }

q_bits()

size_t Botan::DL_Group::q_bits

(

)

const

Return the size of q in bits Same as get_q().bits() Throws if q is unset

Definition at line 461 of file dl_group.cpp.

Referenced by Botan::DSA_PrivateKey::DSA_PrivateKey().

   {
   data().assert_q_is_set("q_bits");
   return data().q_bits();
   }

q_bytes()

size_t Botan::DL_Group::q_bytes

(

)

const

Return the size of q in bytes Same as get_q().bytes() Throws if q is unset

Definition at line 467 of file dl_group.cpp.

   {
   data().assert_q_is_set("q_bytes");
   return data().q_bytes();
   }

source()

DL_Group_Source Botan::DL_Group::source

(

)

const

Definition at line 545 of file dl_group.cpp.

Referenced by verify_group().

   {
   return data().source();
   }

square_mod_q()

BigInt Botan::DL_Group::square_mod_q

(

const BigInt &

x

)

const

Square and reduce an integer modulo q Throws if q is unset on this DL_Group

Returns

(x*x) % q

Definition at line 524 of file dl_group.cpp.

   {
   data().assert_q_is_set("square_mod_q");
   return data().square_mod_q(x);
   }

verify_element_pair()

bool Botan::DL_Group::verify_element_pair	(	const BigInt &	y,
		const BigInt &	x
	)		const

Verify a pair of elements y = g^x

This verifies that 1 < x,y < p and that y=g^x mod p

Definition at line 364 of file dl_group.cpp.

References get_p(), and power_g_p().

Referenced by Botan::DL_Scheme_PrivateKey::check_key().

   {
   const BigInt& p = get_p();

   if(y <= 1 || y >= p || x <= 1 || x >= p)
      return false;

   if(y != power_g_p(x))
      return false;

   return true;
   }

verify_group()

bool Botan::DL_Group::verify_group	(	RandomNumberGenerator &	rng,
		bool	strong = true
	)		const

Perform validity checks on the group.

Parameters

rng	the rng to use
strong	whether to perform stronger by lengthier tests

Returns

true if the object is consistent, false otherwise

Definition at line 380 of file dl_group.cpp.

References Botan::Builtin, Botan::ExternalSource, get_g(), get_p(), get_q(), Botan::is_prime(), power_g_p(), and source().

Referenced by Botan::DL_Scheme_PublicKey::check_key(), Botan::DL_Scheme_PrivateKey::check_key(), and Botan::TLS::Callbacks::tls_dh_agree().

   {
   const bool from_builtin = (source() == DL_Group_Source::Builtin);

   if(!strong && from_builtin)
      return true;

   const BigInt& p = get_p();
   const BigInt& q = get_q();
   const BigInt& g = get_g();

   if(g < 2 || p < 3 || q < 0)
      return false;

   const size_t test_prob = 128;
   const bool is_randomly_generated = (source() != DL_Group_Source::ExternalSource);

   if(q != 0)
      {
      if((p - 1) % q != 0)
         {
         return false;
         }
      if(this->power_g_p(q) != 1)
         {
         return false;
         }
      if(!is_prime(q, rng, test_prob, is_randomly_generated))
         {
         return false;
         }
      }

   if(!is_prime(p, rng, test_prob, is_randomly_generated))
      {
      return false;
      }

   return true;
   }

verify_public_element()

bool Botan::DL_Group::verify_public_element

(

const BigInt &

y

)

const

Verify a public element, ie check if y = g^x for some x.

This is not a perfect test. It verifies that 1 < y < p and (if q is set) that y is in the subgroup of size q.

Definition at line 347 of file dl_group.cpp.

References get_p(), get_q(), Botan::BigInt::is_zero(), and Botan::power_mod().

Referenced by Botan::DL_Scheme_PublicKey::check_key().

   {
   const BigInt& p = get_p();
   const BigInt& q = get_q();

   if(y <= 1 || y >= p)
      return false;

   if(q.is_zero() == false)
      {
      if(power_mod(y, q, p) != 1)
         return false;
      }

   return true;
   }

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/dl_group/dl_group.h
• src/lib/pubkey/dl_group/dl_group.cpp
• src/lib/pubkey/dl_group/dl_named.cpp