< prev index next >
src/share/classes/sun/security/provider/DSAParameterGenerator.java
Print this page
rev 12543 : 8181048: Refactor existing providers to refer to the same constants for default values for key length
Reviewed-by: mullan, ahgross
@@ -1,7 +1,7 @@
/*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
@@ -32,19 +32,22 @@
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.SecureRandom;
+import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.DSAParameterSpec;
import java.security.spec.DSAGenParameterSpec;
+import static sun.security.util.SecurityProviderConstants.DEF_DSA_KEY_SIZE;
+import static sun.security.util.SecurityProviderConstants.getDefDSASubprimeSize;
+
+
/**
- * This class generates parameters for the DSA algorithm. It uses a default
- * prime modulus size of 1024 bits, which can be overwritten during
- * initialization.
+ * This class generates parameters for the DSA algorithm.
*
* @author Jan Luehe
*
*
* @see java.security.AlgorithmParameters
@@ -54,14 +57,10 @@
* @since 1.2
*/
public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi {
- // the default parameters
- private static final DSAGenParameterSpec DEFAULTS =
- new DSAGenParameterSpec(1024, 160, 160);
-
// the length of prime P, subPrime Q, and seed in bits
private int valueL = -1;
private int valueN = -1;
private int seedLen = -1;
@@ -81,43 +80,42 @@
* and source of randomness.
*
* @param strength the strength (size of prime) in bits
* @param random the source of randomness
*/
+ @Override
protected void engineInit(int strength, SecureRandom random) {
- if ((strength >= 512) && (strength <= 1024) && (strength % 64 == 0)) {
- this.valueN = 160;
- } else if (strength == 2048) {
- this.valueN = 224;
-// } else if (strength == 3072) {
-// this.valueN = 256;
- } else {
- throw new InvalidParameterException
- ("Prime size should be 512 - 1024, or 2048");
+ if ((strength != 2048) &&
+ ((strength < 512) || (strength > 1024) || (strength % 64 != 0))) {
+ throw new InvalidParameterException(
+ "Unexpected strength (size of prime): " + strength +
+ ". Prime size should be 512-1024, or 2048");
}
this.valueL = strength;
+ this.valueN = getDefDSASubprimeSize(strength);
this.seedLen = valueN;
this.random = random;
}
/**
* Initializes this parameter generator with a set of
* algorithm-specific parameter generation values.
*
- * @param genParamSpec the set of algorithm-specific parameter generation values
+ * @param genParamSpec the set of algorithm-specific parameter
+ * generation values
* @param random the source of randomness
*
* @exception InvalidAlgorithmParameterException if the given parameter
* generation values are inappropriate for this parameter generator
*/
+ @Override
protected void engineInit(AlgorithmParameterSpec genParamSpec,
- SecureRandom random)
- throws InvalidAlgorithmParameterException {
+ SecureRandom random) throws InvalidAlgorithmParameterException {
if (!(genParamSpec instanceof DSAGenParameterSpec)) {
throw new InvalidAlgorithmParameterException("Invalid parameter");
}
- DSAGenParameterSpec dsaGenParams = (DSAGenParameterSpec) genParamSpec;
+ DSAGenParameterSpec dsaGenParams = (DSAGenParameterSpec)genParamSpec;
int primePLen = dsaGenParams.getPrimePLength();
if (primePLen > 2048) {
throw new InvalidParameterException
("No support for prime size " + primePLen);
}
@@ -138,15 +136,11 @@
try {
if (this.random == null) {
this.random = new SecureRandom();
}
if (valueL == -1) {
- try {
- engineInit(DEFAULTS, this.random);
- } catch (InvalidAlgorithmParameterException iape) {
- // should never happen
- }
+ engineInit(DEF_DSA_KEY_SIZE, this.random);
}
BigInteger[] pAndQ = generatePandQ(this.random, valueL,
valueN, seedLen);
BigInteger paramP = pAndQ[0];
BigInteger paramQ = pAndQ[1];
@@ -208,17 +202,20 @@
int outLen = hashObj.getDigestLength()*8;
int n = (valueL - 1) / outLen;
int b = (valueL - 1) % outLen;
byte[] seedBytes = new byte[seedLen/8];
BigInteger twoSl = TWO.pow(seedLen);
- int primeCertainty = 80; // for 1024-bit prime P
- if (valueL == 2048) {
+ int primeCertainty = -1;
+ if (valueL <= 1024) {
+ primeCertainty = 80;
+ } else if (valueL == 2048) {
primeCertainty = 112;
- //} else if (valueL == 3072) {
- // primeCertainty = 128;
}
+ if (primeCertainty < 0) {
+ throw new ProviderException("Invalid valueL: " + valueL);
+ }
BigInteger resultP, resultQ, seed = null;
int counter;
while (true) {
do {
/* Step 5 */
< prev index next >