FIPS186 (GNU cryptographic primitives and tools, version 2.0.0)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

For the latest news and information visit
The GNU Crypto project

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

gnu.crypto.key.dss
Class FIPS186

java.lang.Object
  gnu.crypto.key.dss.FIPS186

public class FIPS186
extends java.lang.Object

An implementation of the DSA parameters generation as described in FIPS-186.

References:
Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186. National Institute of Standards and Technology.

Version:: $Revision: 1.2 $

Field Summary
`static int`	`DSA_PARAMS_COUNTER`
`static int`	`DSA_PARAMS_E`
`static int`	`DSA_PARAMS_G`
`static int`	`DSA_PARAMS_P`
`static int`	`DSA_PARAMS_Q`
`static int`	`DSA_PARAMS_SEED`

Constructor Summary
`FIPS186(int L, java.security.SecureRandom rnd)`

Method Summary
`java.math.BigInteger[]`	`generateParameters()` This method generates the DSS `p`, `q`, and `g` parameters only when `L` (the modulus length) is not one of the following: `512`, `768` and `1024`.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DSA_PARAMS_SEED

public static final int DSA_PARAMS_SEED

See Also:: Constant Field Values

DSA_PARAMS_COUNTER

public static final int DSA_PARAMS_COUNTER

See Also:: Constant Field Values

DSA_PARAMS_Q

public static final int DSA_PARAMS_Q

See Also:: Constant Field Values

DSA_PARAMS_P

public static final int DSA_PARAMS_P

See Also:: Constant Field Values

DSA_PARAMS_E

public static final int DSA_PARAMS_E

See Also:: Constant Field Values

DSA_PARAMS_G

public static final int DSA_PARAMS_G

See Also:: Constant Field Values

Constructor Detail

FIPS186

public FIPS186(int L,
               java.security.SecureRandom rnd)

Method Detail

generateParameters

public java.math.BigInteger[] generateParameters()

This method generates the DSS p, q, and g parameters only when L (the modulus length) is not one of the following: 512, 768 and 1024. For those values of L, this implementation uses pre-computed values of p, q, and g given in the document CryptoSpec included in the security guide documentation of the standard JDK distribution.

The DSS requires two primes , p and q, satisfying the following three conditions:

2¹⁵⁹ < q < 2¹⁶⁰
2^L-1 < p < 2^L for a specified L, where L = 512 + 64j for some 0 <= j <= 8
q divides p - 1.

The algorithm used to find these primes is as described in FIPS-186, section 2.2: GENERATION OF PRIMES. This prime generation scheme starts by using the Sha160 and a user supplied SEED to construct a prime, q, in the range 2¹⁵⁹ < q < 2¹⁶⁰. Once this is accomplished, the same SEED value is used to construct an X in the range

2^L-1 < X < 2^L. The prime, p, is then
 formed by rounding X to a number congruent to 1 mod
 2q. In this implementation we use the same SEED value given
 in FIPS-186, Appendix 5.














  
      Overview 
      Package 
    Class 
      Use 
      Tree 
      Deprecated 
      Index 
      Help 
  




            For the latest news and information visit

            The GNU Crypto
            project
         





 PREV CLASS 
 NEXT CLASS

  FRAMES   
 NO FRAMES   
 






  SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD







            Copyright © 2001, 2002, 2003
            Free Software Foundation,
            Inc. All Rights Reserved.

gnu.crypto.key.dss Class FIPS186