|
6.0 (c) 2002 IAIK, (c) 2003 - 2022 SIC |
|
public class DHParameterGenerator
extends java.security.AlgorithmParameterGeneratorSpi
The algorithm used is taken from RFC 2631. It specifies a minimum prime length of 512 bit and minimum exponent length of 160 bit; defaults in this implementation are 2048 and 384 bits (or prime length / 2) respectively. Access to the verification parameters provided by the generation algorithm is not possible with the current API.
Note that parameter generation is fairly slow but this should not be a problem as this is a hardly performed activity anyway. Typically they will be generated once per user group by the CA and then the users will generate their keys using the parameters provided.
The Diffie Hellman algorithm has been the first public-key algorithm. It only can be used for key-agreement, but not for data encrypting and decrypting.
PKCS#3
describes a method for implementing the Diffie Hellman key agreement where
two (or more) entities use general Diffie Hellman parameters (an odd prime
p, an integer base g satisfying
0 < g < p, and optionally an integer
l prescribing the length of the private value), generated from
some central authority (which may an entity itself), for creating a shared
secret only known by them.
Applications shall use
AlgorithmParameterGenerator.getInstance("DH") for obtaining an
AlgorithmParamterGenerator for generating DH parameters in opaque
representation. Once the generator has been created, it shall be properly
initialized by one of the several init methods. If none explicit
initialization is done, per default the length of the prime modulus is set to
1024 bits and the length of the exponent (private value) is chosen to be 300
bits. After initializing the generator (or relying on default settings), the
reguired parameters actually are created by calling the
generateParameters method.
AlgorithmParameterGenerator,
DHParameterSpec,
DHParameters,
DHPublicKey,
DHPrivateKey,
DHKeyPairGenerator,
DHKeyFactory,
DHKeyAgreement| Constructor and Description |
|---|
DHParameterGenerator()
The default constructor.
|
| Modifier and Type | Method and Description |
|---|---|
protected java.security.AlgorithmParameters |
engineGenerateParameters()
Actually generates the required DH AlgorithmParameters.
|
protected void |
engineInit(java.security.spec.AlgorithmParameterSpec param,
java.security.SecureRandom random)
Initializes this generator with DH-specific parameter generation values and
some random seed.
|
protected void |
engineInit(int primeLength,
java.security.SecureRandom random)
Initializes the parameter generator with given prime modulus length and
random seed.
|
public DHParameterGenerator()
AlgorithmParameterGenerator.getInstance factory methods for
obtaining an AlgorithmParamterGenerator for generating parameters for
Diffie Hellman key agreement.protected void engineInit(int primeLength,
java.security.SecureRandom random)
engineInit in class java.security.AlgorithmParameterGeneratorSpiprimeLength - the length of the prime modulus in bitsrandom - the random seed for this generator.protected void engineInit(java.security.spec.AlgorithmParameterSpec param,
java.security.SecureRandom random)
throws java.security.InvalidAlgorithmParameterException
From the given parameter specification DHGenParameterSpec)
prime modulus length and exponent length are obtained for generating the
algorithm parameters.
Applications shall call init(param_spec, random) for provider
independently accessing this method.
engineInit in class java.security.AlgorithmParameterGeneratorSpiparam - an instance of DHGenParameterSpecrandom - the random seed to be used by this generator.java.security.InvalidAlgorithmParameterException - if param is not an instance of DHGenParameterSpec
or if the size of the exponent is not shorter than that of the
prime modulusprotected java.security.AlgorithmParameters engineGenerateParameters()
Applications shall call generatePrameters() for provider
independently accessing this method.
engineGenerateParameters in class java.security.AlgorithmParameterGeneratorSpi