#include <dl_group.h>

Public Types
enum	Format { ANSI_X9_42, ANSI_X9_57, PKCS_3, DSA_PARAMETERS = ANSI_X9_57, DH_PARAMETERS = ANSI_X9_42, ANSI_X9_42_DH_PARAMETERS = ANSI_X9_42, PKCS3_DH_PARAMETERS = PKCS_3 }

enum	PrimeType { Strong, Prime_Subgroup, DSA_Kosherizer }

Public Member Functions
void	BER_decode (const std::vector< uint8_t > &ber, Format format)

std::vector< uint8_t >	DER_encode (Format format) const

	DL_Group ()=default

	DL_Group (const std::string &name)

	DL_Group (RandomNumberGenerator &rng, PrimeType type, size_t pbits, size_t qbits=0)

	DL_Group (RandomNumberGenerator &rng, const std::vector< uint8_t > &seed, size_t pbits=1024, size_t qbits=0)

	DL_Group (const BigInt &p, const BigInt &g)

	DL_Group (const BigInt &p, const BigInt &q, const BigInt &g)

	DL_Group (const uint8_t ber[], size_t ber_len, Format format)

template<typename Alloc >
	DL_Group (const std::vector< uint8_t, Alloc > &ber, Format format)

size_t	estimated_strength () const

size_t	exponent_bits () const

const BigInt &	get_g () const

const BigInt &	get_p () const

const BigInt &	get_q () const

BigInt	inverse_mod_p (const BigInt &x) const

BigInt	inverse_mod_q (const BigInt &x) const

BigInt	mod_p (const BigInt &x) const

BigInt	mod_q (const BigInt &x) const

std::shared_ptr< const Montgomery_Params >	monty_params_p () const

BigInt	multi_exponentiate (const BigInt &x, const BigInt &y, const BigInt &z) const

BigInt	multiply_mod_p (const BigInt &x, const BigInt &y) const

BigInt	multiply_mod_q (const BigInt &x, const BigInt &y) const

BigInt	multiply_mod_q (const BigInt &x, const BigInt &y, const BigInt &z) const

size_t	p_bits () const

size_t	p_bytes () const

void	PEM_decode (const std::string &pem)

std::string	PEM_encode (Format format) const

BigInt	power_g_p (const BigInt &x) const

BigInt	power_g_p (const BigInt &x, size_t max_x_bits) const

size_t	q_bits () const

size_t	q_bytes () const

BigInt	square_mod_q (const BigInt &x) const

bool	verify_element_pair (const BigInt &y, const BigInt &x) const

bool	verify_group (RandomNumberGenerator &rng, bool strong=true) const

bool	verify_public_element (const BigInt &y) const

Static Public Member Functions
static std::shared_ptr< DL_Group_Data >	DL_group_info (const std::string &name)

static std::string	PEM_for_named_group (const std::string &name)

Detailed Description

This class represents discrete logarithm groups. It holds a prime modulus p, a generator g, and (optionally) a prime q which is a factor of (p-1). In most cases g generates the order-q subgroup.

Definition at line 23 of file dl_group.h.

Member Enumeration Documentation

◆ Format

enum Botan::DL_Group::Format

The DL group encoding format variants.

Enumerator
ANSI_X9_42
ANSI_X9_57
PKCS_3
DSA_PARAMETERS
DH_PARAMETERS
ANSI_X9_42_DH_PARAMETERS
PKCS3_DH_PARAMETERS

Definition at line 34 of file dl_group.h.

                   {
          ANSI_X9_42,
          ANSI_X9_57,
          PKCS_3,
 
          DSA_PARAMETERS = ANSI_X9_57,
          DH_PARAMETERS = ANSI_X9_42,
          ANSI_X9_42_DH_PARAMETERS = ANSI_X9_42,
          PKCS3_DH_PARAMETERS = PKCS_3
       };

◆ PrimeType

enum Botan::DL_Group::PrimeType

Determine the prime creation for DL groups.

Enumerator
Strong
Prime_Subgroup
DSA_Kosherizer

Definition at line 29 of file dl_group.h.

29 { Strong, Prime_Subgroup, DSA_Kosherizer };

Botan::DL_Group::Prime_Subgroup

Definition: dl_group.h:29

Botan::DL_Group::Strong

Definition: dl_group.h:29

Botan::DL_Group::DSA_Kosherizer

Definition: dl_group.h:29

Constructor & Destructor Documentation

◆ DL_Group() [1/8]

Botan::DL_Group::DL_Group ( )

default

Construct a DL group with uninitialized internal value. Use this constructor is you wish to set the groups values from a DER or PEM encoded group.

◆ DL_Group() [2/8]

Botan::DL_Group::DL_Group ( const std::string & name )

Construct a DL group that is registered in the configuration.

Parameters

name	the name that is configured in the global configuration for the desired group. If no configuration file is specified, the default values from the file policy.cpp will be used. For instance, use "modp/ietf/3072".

Definition at line 182 of file dl_group.cpp.

References Botan::PEM_Code::decode(), DL_group_info(), and Botan::unlock().

    {
    // Either a name or a PEM block, try name first
    m_data = DL_group_info(str);
 
    if(m_data == nullptr)
       {
       try
          {
          std::string label;
          const std::vector<uint8_t> ber = unlock(PEM_Code::decode(str, label));
          Format format = pem_label_to_dl_format(label);
 
          m_data = BER_decode_DL_group(ber.data(), ber.size(), format);
          }
       catch(...) {}
       }
 
    if(m_data == nullptr)
       throw Invalid_Argument("DL_Group: Unknown group " + str);
    }

◆ DL_Group() [3/8]

Botan::DL_Group::DL_Group	(	RandomNumberGenerator &	rng,
		PrimeType	type,
		size_t	pbits,
		size_t	qbits = `0`
	)

Create a new group randomly.

Parameters

rng	the random number generator to use
type	specifies how the creation of primes p and q shall be performed. If type=Strong, then p will be determined as a safe prime, and q will be chosen as (p-1)/2. If type=Prime_Subgroup and qbits = 0, then the size of q will be determined according to the estimated difficulty of the DL problem. If type=DSA_Kosherizer, DSA primes will be created.
pbits	the number of bits of p
qbits	the number of bits of q. Leave it as 0 to have the value determined according to pbits.

Definition at line 232 of file dl_group.cpp.

References Botan::BigInt::bits(), Botan::dl_exponent_size(), DSA_Kosherizer, Botan::generate_dsa_primes(), Botan::is_prime(), Botan::jacobi(), Prime_Subgroup, Botan::PRIME_TABLE_SIZE, Botan::PRIMES, Botan::random_prime(), Botan::random_safe_prime(), Botan::Modular_Reducer::reduce(), Strong, Botan::ASN1::to_string(), type, and X.

    {
    if(pbits < 1024)
       throw Invalid_Argument("DL_Group: prime size " + std::to_string(pbits) + " is too small");
 
    if(type == Strong)
       {
       if(qbits != 0 && qbits != pbits - 1)
          throw Invalid_Argument("Cannot create strong-prime DL_Group with specified q bits");
 
       const BigInt p = random_safe_prime(rng, pbits);
       const BigInt q = (p - 1) / 2;
 
       /*
       Always choose a generator that is quadratic reside mod p,
       this forces g to be a generator of the subgroup of size q.
       */
       BigInt g = 2;
       if(jacobi(g, p) != 1)
          {
          // prime table does not contain 2
          for(size_t i = 0; i < PRIME_TABLE_SIZE; ++i)
             {
             g = PRIMES[i];
             if(jacobi(g, p) == 1)
                break;
             }
          }
 
       m_data = std::make_shared<DL_Group_Data>(p, q, g);
       }
    else if(type == Prime_Subgroup)
       {
       if(qbits == 0)
          qbits = dl_exponent_size(pbits);
 
       const BigInt q = random_prime(rng, qbits);
       Modular_Reducer mod_2q(2*q);
       BigInt X;
       BigInt p;
       while(p.bits() != pbits || !is_prime(p, rng, 128, true))
          {
          X.randomize(rng, pbits);
          p = X - mod_2q.reduce(X) + 1;
          }
 
       const BigInt g = make_dsa_generator(p, q);
       m_data = std::make_shared<DL_Group_Data>(p, q, g);
       }
    else if(type == DSA_Kosherizer)
       {
       if(qbits == 0)
          qbits = ((pbits <= 1024) ? 160 : 256);
 
       BigInt p, q;
       generate_dsa_primes(rng, p, q, pbits, qbits);
       const BigInt g = make_dsa_generator(p, q);
       m_data = std::make_shared<DL_Group_Data>(p, q, g);
       }
    else
       {
       throw Invalid_Argument("DL_Group unknown PrimeType");
       }
    }

◆ DL_Group() [4/8]

Botan::DL_Group::DL_Group	(	RandomNumberGenerator &	rng,
		const std::vector< uint8_t > &	seed,
		size_t	pbits = `1024`,
		size_t	qbits = `0`
	)

Create a DSA group with a given seed.

Parameters

rng	the random number generator to use
seed	the seed to use to create the random primes
pbits	the desired bit size of the prime p
qbits	the desired bit size of the prime q.

Definition at line 301 of file dl_group.cpp.

References Botan::generate_dsa_primes().

    {
    BigInt p, q;
 
    if(!generate_dsa_primes(rng, p, q, pbits, qbits, seed))
       throw Invalid_Argument("DL_Group: The seed given does not generate a DSA group");
 
    BigInt g = make_dsa_generator(p, q);
 
    m_data = std::make_shared<DL_Group_Data>(p, q, g);
    }

◆ DL_Group() [5/8]

Botan::DL_Group::DL_Group	(	const BigInt &	p,
		const BigInt &	g
	)

Create a DL group.

Parameters

p	the prime p
g	the base g

Definition at line 318 of file dl_group.cpp.

    {
    m_data = std::make_shared<DL_Group_Data>(p, 0, g);
    }

◆ DL_Group() [6/8]

Botan::DL_Group::DL_Group	(	const BigInt &	p,
		const BigInt &	q,
		const BigInt &	g
	)

Create a DL group.

Parameters

p	the prime p
q	the prime q
g	the base g

Definition at line 326 of file dl_group.cpp.

    {
    m_data = std::make_shared<DL_Group_Data>(p, q, g);
    }

◆ DL_Group() [7/8]

Botan::DL_Group::DL_Group	(	const uint8_t	ber[],
		size_t	ber_len,
		Format	format
	)

Decode a BER-encoded DL group param

Definition at line 587 of file dl_group.cpp.

    {
    m_data = BER_decode_DL_group(ber, ber_len, format);
    }

◆ DL_Group() [8/8]

template<typename Alloc >

Botan::DL_Group::DL_Group	(	const std::vector< uint8_t, Alloc > &	ber,
		Format	format
	)

inline

Decode a BER-encoded DL group param

Definition at line 112 of file dl_group.h.

112 :

113 DL_Group(ber.data(), ber.size(), format) {}

Botan::DL_Group::DL_Group

DL_Group()=default

Member Function Documentation

◆ BER_decode()

void Botan::DL_Group::BER_decode	(	const std::vector< uint8_t > &	ber,
		Format	format
	)

Decode a DER/BER encoded group into this instance.

Parameters

ber	a vector containing the DER/BER encoded group
format	the format of the encoded group

Definition at line 592 of file dl_group.cpp.

Referenced by Botan::DL_Scheme_PrivateKey::DL_Scheme_PrivateKey().

    {
    m_data = BER_decode_DL_group(ber.data(), ber.size(), format);
    }

◆ DER_encode()

std::vector< uint8_t > Botan::DL_Group::DER_encode ( Format format ) const

Encode this group into a string using DER encoding.

Parameters

format the encoding format

Returns: string holding the DER encoded group

Definition at line 533 of file dl_group.cpp.

References ANSI_X9_42, ANSI_X9_57, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), get_g(), get_p(), get_q(), PKCS_3, Botan::SEQUENCE, Botan::DER_Encoder::start_cons(), and Botan::ASN1::to_string().

Referenced by Botan::DL_Scheme_PublicKey::algorithm_identifier(), and PEM_encode().

    {
    if(get_q().is_zero() && (format == ANSI_X9_57 || format == ANSI_X9_42))
       throw Encoding_Error("Cannot encode DL_Group in ANSI formats when q param is missing");
 
    std::vector<uint8_t> output;
    DER_Encoder der(output);
 
    if(format == ANSI_X9_57)
       {
       der.start_cons(SEQUENCE)
             .encode(get_p())
             .encode(get_q())
             .encode(get_g())
          .end_cons();
       }
    else if(format == ANSI_X9_42)
       {
       der.start_cons(SEQUENCE)
             .encode(get_p())
             .encode(get_g())
             .encode(get_q())
          .end_cons();
       }
    else if(format == PKCS_3)
       {
       der.start_cons(SEQUENCE)
             .encode(get_p())
             .encode(get_g())
          .end_cons();
       }
    else
       throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
 
    return output;
    }

◆ DL_group_info()

std::shared_ptr< DL_Group_Data > Botan::DL_Group::DL_group_info ( const std::string & name )

static

Definition at line 13 of file dl_named.cpp.

References name.

Referenced by DL_Group().

    {
    /* TLS FFDHE groups */
 
    if(name == "ffdhe/ietf/2048")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B423861285C97FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "ffdhe/ietf/3072")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "ffdhe/ietf/4096")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6AFFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "ffdhe/ietf/6144")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD9020BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA63BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3ACDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477A52471F7A9A96910B855322EDB6340D8A00EF092350511E30ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538CD72B03746AE77F5E62292C311562A846505DC82DB854338AE49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B045B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "ffdhe/ietf/8192")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD9020BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA63BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3ACDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477A52471F7A9A96910B855322EDB6340D8A00EF092350511E30ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538CD72B03746AE77F5E62292C311562A846505DC82DB854338AE49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B045B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C8381E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665CB2C0F1CC01BD70229388839D2AF05E454504AC78B7582822846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA4571EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88CD68C8BB7C5C6424CFFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    /* IETF IPsec groups */
 
    if(name == "modp/ietf/1024")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "modp/ietf/1536")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "modp/ietf/2048")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "modp/ietf/3072")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "modp/ietf/4096")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "modp/ietf/6144")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    if(name == "modp/ietf/8192")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFFF",
                                 "0x2");
       }
 
    /* SRP groups
 
    SRP groups have a p st (p-1)/2 is prime, but g is not a generator
    of subgroup of size q, so set q == 0 to bypass generator check
 
    Missing q doesn't matter for SRP, and nothing but SRP should be
    using these parameters.
    */
 
    if(name == "modp/srp/1024")
       {
       return load_DL_group_info("0xEEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3",
                                 "0",
                                 "0x2");
       }
 
    if(name == "modp/srp/1536")
       {
       return load_DL_group_info("0x9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA9614B19CC4D5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F84380B655BB9A22E8DCDF028A7CEC67F0D08134B1C8B97989149B609E0BE3BAB63D47548381DBC5B1FC764E3F4B53DD9DA1158BFD3E2B9C8CF56EDF019539349627DB2FD53D24B7C48665772E437D6C7F8CE442734AF7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E5A021FFF5E91479E8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB",
                                 "0",
                                 "0x2");
       }
 
    if(name == "modp/srp/2048")
       {
       return load_DL_group_info("0xAC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC3192943DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310DCD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FBD5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF747359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E7303CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB694B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F9E4AFF73",
                                 "0",
                                 "0x2");
       }
 
    if(name == "modp/srp/3072")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF",
                                 "0",
                                 "0x5");
       }
 
    if(name == "modp/srp/4096")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF",
                                 "0",
                                 "0x5");
       }
 
    if(name == "modp/srp/6144")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF",
                                 "0",
                                 "0x5");
       }
 
    if(name == "modp/srp/8192")
       {
       return load_DL_group_info("0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFFF",
                                 "0",
                                 "0x13");
       }
 
    /* DSA groups */
 
    if(name == "dsa/jce/1024")
       {
       return load_DL_group_info("0xFD7F53811D75122952DF4A9C2EECE4E7F611B7523CEF4400C31E3F80B6512669455D402251FB593D8D58FABFC5F5BA30F6CB9B556CD7813B801D346FF26660B76B9950A5A49F9FE8047B1022C24FBBA9D7FEB7C61BF83B57E7C6A8A6150F04FB83F6D3C51EC3023554135A169132F675F3AE2B61D72AEFF22203199DD14801C7",
                                 "0x9760508F15230BCCB292B982A2EB840BF0581CF5",
                                 "0x469603512E30278CD3947595DB22EEC9826A6322ADC97344F41D740C325724C8F9EFBAA7D4D803FF8C609DCD100EBC5BDFCFAD7C6A425FAEA786EA2050EBE98351EA1FDA1FDF24D6947AA6B9AA23766953802F4D7D4A8ECBA06D19768A2491FFB16D0EF9C43A99B5F71672FF6F0A24B444D0736D04D38A1A1322DAF6CDD88C9D");
       }
 
    if(name == "dsa/botan/2048")
       {
       return load_DL_group_info("0x91C48A4FDFBCF7C02AE95E7DA126122B5DD2864F559B87E8E74A286D52F59BD1DE68DFD645D0E00C60C080031891980374EEB594A532BFD67B9A09EAC4B8663A07910E68F39465FB7040D25DF13932EBAC4347A530ECBA61C854F9B880D3C0C3660080587C45566DADE26BD5A394BE093B4C0F24B5AFFEF8EC6C5B3E57FB89025A9BC16769932131E16D3C94EFCAB18D0DF061203CC53E6103BC72D5594BFD40CA65380F44A9A851DCB075495FC033A8A58071A1BD78FE052F66555648EB4B719D2AFE8B4880F8DAD6F15818BA178F89274C870BE9B96EB08C46C40040CC2EFE1DFB1B1868DD319DE3C34A32A63AB6EB1224209A419680CC7902D1728D4DF9E1",
                                 "0x8CD7D450F86F0AD94EEE4CE469A8756D1EBD1058241943EAFFB0B354585E924D",
                                 "0xD9F5E0761B4DBD1833D6AB1A961A0996C5F22303F72D84C140F67C431D94AB5715BEA81A0C98D39CE4BCF78D6B9EBC895D34FE89D94091D5848615EF15F5E86F11D96F6C969E203DDFA58356420A49CB444B595B901A933CFE0767B594F18A07B7F91DECDBA446B88990F78F2FF91F2FE7CD43FD2E46D18EADA1F7BB6602C617F6EF3A4B284F2FD9BA10A36042DE8FA87A2CA36597FEC81157A1485E44041DF02830111CB880BBE6ED494814886F965CDC3135F5CCF1383728BF65B806F9692C0B10D6C4C09C75A6CA3B4013CB16AB2C105F6BE23AEA9000EAB2178985F972C98057E1C86E44E7218688EA4AE0F3636DCCA745C9DCD4E6AFFB67CCBC13D6131");
       }
 
    if(name == "dsa/botan/3072")
       {
       return load_DL_group_info("0xE4B50880759663585E142460CA2D9DFF132F8AE4C840DDA3A2666889124FE5638B84E8A29B7AF3FA1209BE6BFC4B5072ED3B2B7387BAF3F857F478A80228EF3600B76B3DCFB61D20D34465B2506D2CAF87DF6E7DC0CE91BD2D167A46F6ADCC31C531E4F9C7ABBDB92ADDF35B0A806C66292A5F5E17E964DD099903733AC428AB35D80EA6F685BFBA8BE4068E5418AE5ECAD9E8FF073DE2B63E4E7EAD35C8A9B70B5BD47CFB88D373B66F37931939B0AB71BD5595809086DA0155337D185A0E4FB36A519B1B6202B8591E6002449CF1CD3A66384F6D2073B1CD73BECA93BAF1E1A6117D0238F222AE1ED7FED185A890E7F67FAB8FEB9753CC134A5183DFE87AE2595F7B5C2D9FBB42249FDD59513E1D3396B3EB2FD86684F285A8448FE757A029881C40760B94EF919BDF9740C38389599EC51A6E9BB519A8E068491E9CE0A2FCFE3CB60D66CF0DFAD20A8EC684048684A61444575BD1724D7352B44A760077B3BD6BD385CE5B0A7250CC0BF768DA82923806EB9CFBB138843731B618208C759B",
                                 "0xB3EBD364EC69EF8CF3BAF643B75734B16339B2E49E5CDE1B59C1E9FB40EE0C5B",
                                 "0x2BED21EEF83964A230AE89BBA71D9F7C39C52FC8229B4E3BC7E5944D329DA10F010EAC9E7BAF6C009FC4EB2960723E2B56DF4663E4C3AC800E9258DE2F7649D206782893F865EFCA498D2EEF30074EA5E8A7AB262712A4D94A2F3B0B9A92EE400FB38A3CC59A5DC7E436D5C004B22E35028381B51C93407EB32D4AE0FD42CB45E12D0ECEE8A26238EDE2082A7B1522113C66CEF8D745C6CF3CB945F84D2F4DE16D44A71DE198270E13F03553C88B8D323AD0B948A1BF2103A949979B6ED16FB5F3C953D95B7C8E88CA67DCF5A636FB9CA39D924215F7A884ED6C7EE3C96D8D9715427974B7C4351282E13D3773F7D28B452F10892A13C7587328DEA4827B6B369B2A8DC172ADC583F51F2A6598C5483E5BC467B02F91D059C402D18E2C2680F776AA06F49280A2C72C17CC42D5B6E740C5C4B1AB3C51C2ED092BE2A2D8B053AE5773D1425ED2B08F06E2DD50592DF1A478C15591CDFD11564FF88FF38B721D42392FDA473212DCFD8D2D88A976A00AFFE6FFFB430A359E64CA2B351CA2412394");
       }
 
    return std::shared_ptr<DL_Group_Data>();
    }

◆ estimated_strength()

size_t Botan::DL_Group::estimated_strength ( ) const

Return an estimate of the strength of this group against discrete logarithm attacks (eg NFS). Warning: since this only takes into account known attacks it is by necessity an overestimate of the actual strength.

Definition at line 458 of file dl_group.cpp.

Referenced by Botan::DL_Scheme_PublicKey::estimated_strength().

    {
    return data().estimated_strength();
    }

◆ exponent_bits()

size_t Botan::DL_Group::exponent_bits ( ) const

Return size in bits of a secret exponent

This attempts to balance between the attack costs of NFS (which depends on the size of the modulus) and Pollard's rho (which depends on the size of the exponent).

It may vary over time for a particular group, if the attack costs change.

Definition at line 463 of file dl_group.cpp.

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), and Botan::ElGamal_PrivateKey::ElGamal_PrivateKey().

    {
    return data().exponent_bits();
    }

◆ get_g()

const BigInt & Botan::DL_Group::get_g ( ) const

Get the base g.

Returns: base g

Definition at line 418 of file dl_group.cpp.

Referenced by DER_encode(), multi_exponentiate(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), Botan::srp6_client_agree(), Botan::SRP6_Server_Session::step1(), and verify_group().

    {
    return data().g();
    }

◆ get_p()

const BigInt & Botan::DL_Group::get_p ( ) const

Get the prime p.

Returns: prime p

Definition at line 410 of file dl_group.cpp.

Referenced by DER_encode(), inverse_mod_p(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), Botan::srp6_client_agree(), Botan::SRP6_Server_Session::step1(), verify_element_pair(), verify_group(), and verify_public_element().

    {
    return data().p();
    }

◆ get_q()

const BigInt & Botan::DL_Group::get_q ( ) const

Get the prime q, returns zero if q is not used

Returns: prime q

Definition at line 426 of file dl_group.cpp.

Referenced by DER_encode(), inverse_mod_q(), PEM_for_named_group(), verify_group(), and verify_public_element().

    {
    return data().q();
    }

◆ inverse_mod_p()

BigInt Botan::DL_Group::inverse_mod_p ( const BigInt & x ) const

Return the inverse of x mod p

Definition at line 468 of file dl_group.cpp.

References get_p(), and Botan::inverse_mod().

    {
    // precompute??
    return inverse_mod(x, get_p());
    }

◆ inverse_mod_q()

BigInt Botan::DL_Group::inverse_mod_q ( const BigInt & x ) const

Return the inverse of x mod q Throws if q is unset on this DL_Group

Definition at line 484 of file dl_group.cpp.

References get_q(), and Botan::inverse_mod().

    {
    data().assert_q_is_set("inverse_mod_q");
    // precompute??
    return inverse_mod(x, get_q());
    }

◆ mod_p()

BigInt Botan::DL_Group::mod_p ( const BigInt & x ) const

Reduce an integer modulo p

Returns: x % p

Definition at line 474 of file dl_group.cpp.

Referenced by Botan::srp6_client_agree(), and Botan::SRP6_Server_Session::step1().

    {
    return data().mod_p(x);
    }

◆ mod_q()

BigInt Botan::DL_Group::mod_q ( const BigInt & x ) const

Reduce an integer modulo q Throws if q is unset on this DL_Group

Returns: x % q

Definition at line 491 of file dl_group.cpp.

    {
    data().assert_q_is_set("mod_q");
    return data().mod_q(x);
    }

◆ monty_params_p()

std::shared_ptr< const Montgomery_Params > Botan::DL_Group::monty_params_p ( ) const

Return parameters for Montgomery reduction/exponentiation mod p

Definition at line 431 of file dl_group.cpp.

Referenced by multi_exponentiate().

    {
    return data().monty_params_p();
    }

◆ multi_exponentiate()

BigInt Botan::DL_Group::multi_exponentiate	(	const BigInt &	x,
		const BigInt &	y,
		const BigInt &	z
	)		const

Multi-exponentiate Return (g^x * y^z) % p

Definition at line 515 of file dl_group.cpp.

References get_g(), Botan::monty_multi_exp(), and monty_params_p().

    {
    return monty_multi_exp(data().monty_params_p(), get_g(), x, y, z);
    }

◆ multiply_mod_p()

BigInt Botan::DL_Group::multiply_mod_p	(	const BigInt &	x,
		const BigInt &	y
	)		const

Multiply and reduce an integer modulo p

Returns: (x*y) % p

Definition at line 479 of file dl_group.cpp.

    {
    return data().multiply_mod_p(x, y);
    }

◆ multiply_mod_q() [1/2]

BigInt Botan::DL_Group::multiply_mod_q	(	const BigInt &	x,
		const BigInt &	y
	)		const

Multiply and reduce an integer modulo q Throws if q is unset on this DL_Group

Returns: (x*y) % q

Definition at line 497 of file dl_group.cpp.

Referenced by multiply_mod_q().

    {
    data().assert_q_is_set("multiply_mod_q");
    return data().multiply_mod_q(x, y);
    }

◆ multiply_mod_q() [2/2]

BigInt Botan::DL_Group::multiply_mod_q	(	const BigInt &	x,
		const BigInt &	y,
		const BigInt &	z
	)		const

Multiply and reduce an integer modulo q Throws if q is unset on this DL_Group

Returns: (x*y*z) % q

Definition at line 503 of file dl_group.cpp.

References multiply_mod_q().

    {
    data().assert_q_is_set("multiply_mod_q");
    return data().multiply_mod_q(data().multiply_mod_q(x, y), z);
    }

◆ p_bits()

size_t Botan::DL_Group::p_bits ( ) const

Return the size of p in bits Same as get_p().bits()

Definition at line 436 of file dl_group.cpp.

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), and Botan::DL_Scheme_PublicKey::key_length().

    {
    return data().p_bits();
    }

◆ p_bytes()

size_t Botan::DL_Group::p_bytes ( ) const

Return the size of p in bytes Same as get_p().bytes()

Definition at line 441 of file dl_group.cpp.

Referenced by Botan::srp6_client_agree().

    {
    return data().p_bytes();
    }

◆ PEM_decode()

void Botan::DL_Group::PEM_decode ( const std::string & pem )

Decode a PEM encoded group into this instance.

Parameters

pem	the PEM encoding of the group

Definition at line 600 of file dl_group.cpp.

References Botan::PEM_Code::decode(), and Botan::unlock().

    {
    std::string label;
    const std::vector<uint8_t> ber = unlock(PEM_Code::decode(pem, label));
    Format format = pem_label_to_dl_format(label);
 
    m_data = BER_decode_DL_group(ber.data(), ber.size(), format);
    }

◆ PEM_encode()

std::string Botan::DL_Group::PEM_encode ( Format format ) const

Encode this group into a string using PEM encoding.

Parameters

format the encoding format

Returns: string holding the PEM encoded group

Definition at line 573 of file dl_group.cpp.

References ANSI_X9_42, ANSI_X9_57, DER_encode(), Botan::PEM_Code::encode(), PKCS_3, and Botan::ASN1::to_string().

Referenced by PEM_for_named_group().

    {
    const std::vector<uint8_t> encoding = DER_encode(format);
 
    if(format == PKCS_3)
       return PEM_Code::encode(encoding, "DH PARAMETERS");
    else if(format == ANSI_X9_57)
       return PEM_Code::encode(encoding, "DSA PARAMETERS");
    else if(format == ANSI_X9_42)
       return PEM_Code::encode(encoding, "X9.42 DH PARAMETERS");
    else
       throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
    }

◆ PEM_for_named_group()

std::string Botan::DL_Group::PEM_for_named_group ( const std::string & name )

static

Return PEM representation of named DL group

Definition at line 610 of file dl_group.cpp.

References ANSI_X9_42, get_q(), Botan::BigInt::is_zero(), name, PEM_encode(), and PKCS_3.

    {
    DL_Group group(name);
    DL_Group::Format format = group.get_q().is_zero() ? DL_Group::PKCS_3 : DL_Group::ANSI_X9_42;
    return group.PEM_encode(format);
    }

◆ power_g_p() [1/2]

BigInt Botan::DL_Group::power_g_p ( const BigInt & x ) const

Modular exponentiation

Warning: this function leaks the size of x via the number of loop iterations. Use the version taking the maximum size to avoid this.

Returns: (g^x) % p

Definition at line 520 of file dl_group.cpp.

References Botan::BigInt::bits().

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::DSA_PrivateKey::DSA_PrivateKey(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), Botan::generate_srp6_verifier(), Botan::srp6_client_agree(), Botan::SRP6_Server_Session::step1(), verify_element_pair(), and verify_group().

    {
    return data().power_g_p(x, x.bits());
    }

◆ power_g_p() [2/2]

BigInt Botan::DL_Group::power_g_p	(	const BigInt &	x,
		size_t	max_x_bits
	)		const

Modular exponentiation

Parameters

x	the exponent
max_x_bits	x is assumed to be at most this many bits long.

Returns: (g^x) % p

Definition at line 525 of file dl_group.cpp.

    {
    return data().power_g_p(x, max_x_bits);
    }

◆ q_bits()

size_t Botan::DL_Group::q_bits ( ) const

Return the size of q in bits Same as get_q().bits() Throws if q is unset

Definition at line 446 of file dl_group.cpp.

Referenced by Botan::DSA_PrivateKey::DSA_PrivateKey().

    {
    data().assert_q_is_set("q_bits");
    return data().q_bits();
    }

◆ q_bytes()

size_t Botan::DL_Group::q_bytes ( ) const

Return the size of q in bytes Same as get_q().bytes() Throws if q is unset

Definition at line 452 of file dl_group.cpp.

    {
    data().assert_q_is_set("q_bytes");
    return data().q_bytes();
    }

◆ square_mod_q()

BigInt Botan::DL_Group::square_mod_q ( const BigInt & x ) const

Square and reduce an integer modulo q Throws if q is unset on this DL_Group

Returns: (x*x) % q

Definition at line 509 of file dl_group.cpp.

    {
    data().assert_q_is_set("square_mod_q");
    return data().square_mod_q(x);
    }

◆ verify_element_pair()

bool Botan::DL_Group::verify_element_pair	(	const BigInt &	y,
		const BigInt &	x
	)		const

Verify a pair of elements y = g^x

This verifies that 1 < x,y < p and that y=g^x mod p

Definition at line 356 of file dl_group.cpp.

References get_p(), and power_g_p().

Referenced by Botan::DL_Scheme_PrivateKey::check_key().

    {
    const BigInt& p = get_p();
 
    if(y <= 1 || y >= p || x <= 1 || x >= p)
       return false;
 
    if(y != power_g_p(x))
       return false;
 
    return true;
    }

◆ verify_group()

bool Botan::DL_Group::verify_group	(	RandomNumberGenerator &	rng,
		bool	strong = `true`
	)		const

Perform validity checks on the group.

Parameters

rng	the rng to use
strong	whether to perform stronger by lengthier tests

Returns: true if the object is consistent, false otherwise

Definition at line 372 of file dl_group.cpp.

References get_g(), get_p(), get_q(), Botan::is_prime(), and power_g_p().

Referenced by Botan::DL_Scheme_PublicKey::check_key(), Botan::DL_Scheme_PrivateKey::check_key(), and Botan::TLS::Callbacks::tls_dh_agree().

    {
    const BigInt& p = get_p();
    const BigInt& q = get_q();
    const BigInt& g = get_g();
 
    if(g < 2 || p < 3 || q < 0)
       return false;
 
    const size_t prob = (strong) ? 128 : 10;
 
    if(q != 0)
       {
       if((p - 1) % q != 0)
          {
          return false;
          }
       if(this->power_g_p(q) != 1)
          {
          return false;
          }
       if(!is_prime(q, rng, prob))
          {
          return false;
          }
       }
 
    if(!is_prime(p, rng, prob))
       {
       return false;
       }
    return true;
    }

◆ verify_public_element()

bool Botan::DL_Group::verify_public_element ( const BigInt & y ) const

Verify a public element, ie check if y = g^x for some x.

This is not a perfect test. It verifies that 1 < y < p and (if q is set) that y is in the subgroup of size q.

Definition at line 339 of file dl_group.cpp.

References get_p(), get_q(), Botan::BigInt::is_zero(), and Botan::power_mod().

Referenced by Botan::DL_Scheme_PublicKey::check_key().

    {
    const BigInt& p = get_p();
    const BigInt& q = get_q();
 
    if(y <= 1 || y >= p)
       return false;
 
    if(q.is_zero() == false)
       {
       if(power_mod(y, q, p) != 1)
          return false;
       }
 
    return true;
    }

The documentation for this class was generated from the following files:

src/lib/pubkey/dl_group/dl_group.h
src/lib/pubkey/dl_group/dl_group.cpp
src/lib/pubkey/dl_group/dl_named.cpp

Public Types

Public Member Functions

Static Public Member Functions

Detailed Description

Member Enumeration Documentation

◆ Format

◆ PrimeType

Constructor & Destructor Documentation

◆ DL_Group() [1/8]

◆ DL_Group() [2/8]

◆ DL_Group() [3/8]

◆ DL_Group() [4/8]

◆ DL_Group() [5/8]

◆ DL_Group() [6/8]

◆ DL_Group() [7/8]

◆ DL_Group() [8/8]

Member Function Documentation

◆ BER_decode()

◆ DER_encode()

◆ DL_group_info()

◆ estimated_strength()

◆ exponent_bits()

◆ get_g()

◆ get_p()

◆ get_q()

◆ inverse_mod_p()

◆ inverse_mod_q()

◆ mod_p()

◆ mod_q()

◆ monty_params_p()

◆ multi_exponentiate()

◆ multiply_mod_p()

◆ multiply_mod_q() [1/2]

◆ multiply_mod_q() [2/2]

◆ p_bits()

◆ p_bytes()

◆ PEM_decode()

◆ PEM_encode()

◆ PEM_for_named_group()

◆ power_g_p() [1/2]

◆ power_g_p() [2/2]

◆ q_bits()

◆ q_bytes()

◆ square_mod_q()

◆ verify_element_pair()

◆ verify_group()

◆ verify_public_element()