public class SHA256withDSAKeyPairGenerator extends DSAKeyPairGenerator
FIPS 186-3 (June 2009) updates the DSA digital signature algorithm for use with SHA-2 hash algorithms. It defines four (L,N) (prime modulus length, prime divisor length) parameter sets for moduli of lengths 1024, 2048 and 3072:
This DSA key pair generator allows to generate 1024, 2048 and 3072 bit key pairs.
When initializing this key pair generator you explicitly may specify the set of domain parameters (p, q, g) to be used, e.g.:
DSAParameterSpec dsaParamSpec = ...; KeyPairGenerator dsaKeyGen = KeyPairGenerator.getInstance("SHA256withDSA", "IAIK"); dsaKeyGen.initialize(dsaParamSpec); KeyPair keyPair = dsaKeyGen.generateKeyPair();Alternatively you may only specify the length (in bits) of the key pair to be generated. In this case default parameters for the requested modulus length are used (with L,N pairs 1024,160 or 2048,256 or 3072,256), e.g.:
KeyPairGenerator dsaKeyGen = KeyPairGenerator.getInstance("SHA256withDSA", "IAIK"); dsaKeyGen.initialize(2048); KeyPair keyPair = dsaKeyGen.generateKeyPair();The IAIK provider also allows to tell this DSA KeyPairGenerator to generate new domain parameters. However, in this case you must cast to the IAIK DSAKeyPairGenerator, e.g.:
SHA256withDSAKeyPairGenerator dsaKeyGen = (SHA256withDSAKeyPairGenerator)KeyPairGenerator.getInstance("SHA256withDSA", "IAIK"); boolean generateNewParameters = true; SecureRansom random = ...; dsaKeyGen.initialize(2048, generateNewParameters, random); KeyPair keyPair = dsaKeyGen.generateKeyPair();If the KeyPairGenerator is used without calling an
initialize
method at all, 2048 bit keys are generated (L = 2048, N = 256), , e.g.:
KeyPairGenerator dsaKeyGen = KeyPairGenerator.getInstance("SHA256withDSA", "IAIK"); KeyPair keyPair = dsaKeyGen.generateKeyPair();
SHA224withDSAKeyPairGenerator
,
DSAPublicKey
,
DSAPrivateKey
,
DSAParams
Constructor and Description |
---|
SHA256withDSAKeyPairGenerator()
Default constructor.
|
Modifier and Type | Method and Description |
---|---|
void |
initialize(int modlen)
Initializes this DSAKeyPairGenerator for given prime modulus length.
|
void |
initialize(int modlen,
boolean genParams,
java.security.SecureRandom random)
Initializes this DSAKeyPairGenerator for given modulus length with the given random seed.
|
void |
initialize(int modlen,
java.security.SecureRandom random)
Initializes this DSAKeyPairGenerator for given prime modulus
length with the given random seed.
|
generateKeyPair, initialize, initialize
public SHA256withDSAKeyPairGenerator()
public void initialize(int modlen)
initialize
in class DSAKeyPairGenerator
modlen
- the desired length (in bits) of the prime modulus
(1024 or 2048 or 3072)java.lang.IllegalArgumentException
- if the requested modulus length is not
1024 or 2048 or 3072public void initialize(int modlen, java.security.SecureRandom random)
initialize
in class DSAKeyPairGenerator
modlen
- the desired length (in bits) of the prime modulus
(1024 or 2048 or 3072)random
- the random seed as SecureRandomjava.lang.IllegalArgumentException
- if the requested modulus length is not
1024 or 2048 or 3072public void initialize(int modlen, boolean genParams, java.security.SecureRandom random) throws java.security.InvalidParameterException
genParams
is set to false
), or by generating new DSA parameter
values (when genParams
is set to true
). Precomputed parameters are
available for modulus length of either 1024, 2048 or 3072 bits.initialize
in interface java.security.interfaces.DSAKeyPairGenerator
initialize
in class DSAKeyPairGenerator
modlen
- the length of the modulus in bits (1024, 2048 or 3072)genParams
- true
for generating new parameters, false
for using
precomputed values for p, q and grandom
- the random seed as SecureRandomjava.security.InvalidParameterException
- if the given modulus length is not 1024, 2048 or 3072
6.0 (c) 2002 IAIK, (c) 2003 - 2022 SIC |