< prev index next >
src/share/classes/sun/security/provider/DSAKeyPairGenerator.java
Print this page
rev 12543 : 8181048: Refactor existing providers to refer to the same constants for default values for key length
Reviewed-by: mullan, ahgross
*** 1,7 ****
/*
! * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 33,71 ****
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.DSAParameterSpec;
import sun.security.jca.JCAUtil;
/**
* This class generates DSA key parameters and public/private key
* pairs according to the DSS standard NIST FIPS 186. It uses the
* updated version of SHA, SHA-1 as described in FIPS 180-1.
*
* @author Benjamin Renaud
* @author Andreas Sterbenz
*
*/
! public class DSAKeyPairGenerator extends KeyPairGenerator
! implements java.security.interfaces.DSAKeyPairGenerator {
/* Length for prime P and subPrime Q in bits */
private int plen;
private int qlen;
/* whether to force new parameters to be generated for each KeyPair */
! private boolean forceNewParameters;
/* preset algorithm parameters. */
private DSAParameterSpec params;
/* The source of random bits to use */
private SecureRandom random;
! public DSAKeyPairGenerator() {
super("DSA");
! initialize(1024, null);
}
private static void checkStrength(int sizeP, int sizeQ) {
if ((sizeP >= 512) && (sizeP <= 1024) && (sizeP % 64 == 0)
&& sizeQ == 160) {
--- 33,72 ----
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.DSAParameterSpec;
import sun.security.jca.JCAUtil;
+ import static sun.security.util.SecurityProviderConstants.DEF_DSA_KEY_SIZE;
+ import static sun.security.util.SecurityProviderConstants.getDefDSASubprimeSize;
/**
* This class generates DSA key parameters and public/private key
* pairs according to the DSS standard NIST FIPS 186. It uses the
* updated version of SHA, SHA-1 as described in FIPS 180-1.
*
* @author Benjamin Renaud
* @author Andreas Sterbenz
*
*/
! class DSAKeyPairGenerator extends KeyPairGenerator {
/* Length for prime P and subPrime Q in bits */
private int plen;
private int qlen;
/* whether to force new parameters to be generated for each KeyPair */
! boolean forceNewParameters;
/* preset algorithm parameters. */
private DSAParameterSpec params;
/* The source of random bits to use */
private SecureRandom random;
! DSAKeyPairGenerator(int defaultKeySize) {
super("DSA");
! initialize(defaultKeySize, null);
}
private static void checkStrength(int sizeP, int sizeQ) {
if ((sizeP >= 512) && (sizeP <= 1024) && (sizeP % 64 == 0)
&& sizeQ == 160) {
*** 80,136 ****
sizeP + ", " + sizeQ);
}
}
public void initialize(int modlen, SecureRandom random) {
! // generate new parameters when no precomputed ones available.
! initialize(modlen, true, random);
! this.forceNewParameters = false;
! }
!
! /**
! * Initializes the DSA key pair generator. If <code>genParams</code>
! * is false, a set of pre-computed parameters is used.
! */
! public void initialize(int modlen, boolean genParams, SecureRandom random) {
! int subPrimeLen = -1;
! if (modlen <= 1024) {
! subPrimeLen = 160;
! } else if (modlen == 2048) {
! subPrimeLen = 224;
! }
! checkStrength(modlen, subPrimeLen);
! if (genParams) {
! params = null;
! } else {
! params = ParameterCache.getCachedDSAParameterSpec(modlen,
! subPrimeLen);
! if (params == null) {
! throw new InvalidParameterException
! ("No precomputed parameters for requested modulus size "
! + "available");
! }
!
! }
! this.plen = modlen;
! this.qlen = subPrimeLen;
! this.random = random;
! this.forceNewParameters = genParams;
! }
!
! /**
! * Initializes the DSA object using a DSA parameter object.
! *
! * @param params a fully initialized DSA parameter object.
! */
! public void initialize(DSAParams params, SecureRandom random) {
! if (params == null) {
! throw new InvalidParameterException("Params must not be null");
! }
! DSAParameterSpec spec = new DSAParameterSpec
! (params.getP(), params.getQ(), params.getG());
! initialize0(spec, random);
}
/**
* Initializes the DSA object using a parameter object.
*
--- 81,91 ----
sizeP + ", " + sizeQ);
}
}
public void initialize(int modlen, SecureRandom random) {
! init(modlen, random, false);
}
/**
* Initializes the DSA object using a parameter object.
*
*** 145,166 ****
throws InvalidAlgorithmParameterException {
if (!(params instanceof DSAParameterSpec)) {
throw new InvalidAlgorithmParameterException
("Inappropriate parameter");
}
! initialize0((DSAParameterSpec)params, random);
}
! private void initialize0(DSAParameterSpec params, SecureRandom random) {
int sizeP = params.getP().bitLength();
int sizeQ = params.getQ().bitLength();
checkStrength(sizeP, sizeQ);
this.plen = sizeP;
this.qlen = sizeQ;
this.params = params;
this.random = random;
! this.forceNewParameters = false;
}
/**
* Generates a pair of keys usable by any JavaSecurity compliant
* DSA implementation.
--- 100,132 ----
throws InvalidAlgorithmParameterException {
if (!(params instanceof DSAParameterSpec)) {
throw new InvalidAlgorithmParameterException
("Inappropriate parameter");
}
! init((DSAParameterSpec)params, random, false);
}
! void init(int modlen, SecureRandom random, boolean forceNew) {
! int subPrimeLen = getDefDSASubprimeSize(modlen);
! checkStrength(modlen, subPrimeLen);
! this.plen = modlen;
! this.qlen = subPrimeLen;
! this.params = null;
! this.random = random;
! this.forceNewParameters = forceNew;
! }
!
! void init(DSAParameterSpec params, SecureRandom random,
! boolean forceNew) {
int sizeP = params.getP().bitLength();
int sizeQ = params.getQ().bitLength();
checkStrength(sizeP, sizeQ);
this.plen = sizeP;
this.qlen = sizeQ;
this.params = params;
this.random = random;
! this.forceNewParameters = forceNew;
}
/**
* Generates a pair of keys usable by any JavaSecurity compliant
* DSA implementation.
*** 185,195 ****
throw new ProviderException(e);
}
return generateKeyPair(spec.getP(), spec.getQ(), spec.getG(), random);
}
! public KeyPair generateKeyPair(BigInteger p, BigInteger q, BigInteger g,
SecureRandom random) {
BigInteger x = generateX(random, q);
BigInteger y = generateY(x, p, g);
--- 151,161 ----
throw new ProviderException(e);
}
return generateKeyPair(spec.getP(), spec.getQ(), spec.getG(), random);
}
! private KeyPair generateKeyPair(BigInteger p, BigInteger q, BigInteger g,
SecureRandom random) {
BigInteger x = generateX(random, q);
BigInteger y = generateY(x, p, g);
*** 240,245 ****
--- 206,262 ----
BigInteger generateY(BigInteger x, BigInteger p, BigInteger g) {
BigInteger y = g.modPow(x, p);
return y;
}
+ public static final class Current extends DSAKeyPairGenerator {
+ public Current() {
+ super(DEF_DSA_KEY_SIZE);
+ }
+ }
+
+ public static final class Legacy extends DSAKeyPairGenerator
+ implements java.security.interfaces.DSAKeyPairGenerator {
+
+ public Legacy() {
+ super(1024);
+ }
+
+ /**
+ * Initializes the DSA key pair generator. If <code>genParams</code>
+ * is false, a set of pre-computed parameters is used.
+ */
+ @Override
+ public void initialize(int modlen, boolean genParams,
+ SecureRandom random) throws InvalidParameterException {
+ if (genParams) {
+ super.init(modlen, random, true);
+ } else {
+ DSAParameterSpec cachedParams =
+ ParameterCache.getCachedDSAParameterSpec(modlen,
+ getDefDSASubprimeSize(modlen));
+ if (cachedParams == null) {
+ throw new InvalidParameterException
+ ("No precomputed parameters for requested modulus" +
+ " size available");
+ }
+ super.init(cachedParams, random, false);
+ }
+ }
+
+ /**
+ * Initializes the DSA object using a DSA parameter object.
+ *
+ * @param params a fully initialized DSA parameter object.
+ */
+ @Override
+ public void initialize(DSAParams params, SecureRandom random)
+ throws InvalidParameterException {
+ if (params == null) {
+ throw new InvalidParameterException("Params must not be null");
+ }
+ DSAParameterSpec spec = new DSAParameterSpec
+ (params.getP(), params.getQ(), params.getG());
+ super.init(spec, random, false);
+ }
+ }
}
< prev index next >