iaik.security.rsa

Class RSAOaepKeyPairGeneratorFIPS

java.lang.Object

java.security.KeyPairGeneratorSpi

java.security.KeyPairGenerator

iaik.security.rsa.RSAKeyPairGenerator

iaik.security.rsa.RSAKeyPairGeneratorFIPS

iaik.security.rsa.RSAOaepKeyPairGeneratorFIPS

All Implemented Interfaces:

OaepKeyPairGenerator

public class RSAOaepKeyPairGeneratorFIPS
extends RSAKeyPairGeneratorFIPS
implements OaepKeyPairGenerator

KeyPairGenerator for generating RSAES-OAEP keys according to RFC 4055.

The modulus of the generated KeyPair always has either 1024, 2048 or 3072 bits. If no initialize() method of this key pair generator is called, it defaults to initialize(1024).
The algorithm used for key generation was published in FIPS 186-3.

RSAES-OAEP keys (RSAOaepPublicKey, RSAOaepPrivateKey) differ from ordinary PKCS#1 RSA keys (RSAPublicKey, RSAPrivateKey) only in that RSAES-OAEP keys may contain OAEP parameters. If RSAES-OAEP keys do not contain parameters they may be used for OAEP based en/decryption with any OAEP parameters. However, if RSAES-OAEP keys contain OAEP parameters they must be only used with the hash algorithm and mask generation function that are specified by their parameters (see RFC 4055):

 RSAES-OAEP-params  ::=  SEQUENCE  {
   hashFunc          [0] AlgorithmIdentifier DEFAULT
                            sha1Identifier,
   maskGenFunc       [1] AlgorithmIdentifier DEFAULT
                            mgf1SHA1Identifier,
   pSourceFunc       [2] AlgorithmIdentifier DEFAULT
                            pSpecifiedEmptyIdentifier  }
 
 
  pSpecifiedEmptyIdentifier  AlgorithmIdentifier  ::=
                      { id-pSpecified, nullOctetString }
 
  nullOctetString  OCTET STRING (SIZE (0))  ::=  { ''H }
 

An application wishing to create a RSAES-OAEP key pair to be used for OAEP based encryption with the RSA algorithm, uses a proper getInstance method of the java.security.KeyPairGenerator class, which subsequently maybe casted to RSAOaepKeyPairGeneratorFIPS for performing an algorithm-specific initialization with proper RSAES-OAEP parameters. If an algorithm-specific initialization is not required, the cast to RSAOaepKeyPairGeneratorFIPS can be omitted (in this case no parameters will be included in the RSA-OAEP-FIPS-186-3 generated keys and they maybe used with any OAEP parameters).

Generally four steps have to be performed for creating a RSAES-OAEP-FIPS-186-3 KeyPair by using a proper KeyPairGenerator:

• First the KeyPairGenerator has to be instantiated thereby specifying "RSA-OAEP-FIPS-186-3" as algorithm name:

   KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSAES-OAEP-FIPS-186-3",
       "IAIK");
   

• Second, the KeyPairGenerator just created may be initialized using a proper initialize method. For initializing the generator to create keys with a modulus length of, e.g., 2048 bits, this can be explicitly specified (when not initializing the generator explicitly, per default the modulus length is set to 1024 bits):

   keyGen.initialize(2048);
   

• Third the key pair is created by calling generateKeyPair():

   KeyPair keyPair = keyGen.generateKeyPair();
   

• And finally the keys have to be got from the key pair just created:

   RSAOaepPrivateKey privateKey = (RSAOaepPrivateKey) keyPair.getPrivate();
   RSAOaepPublicKey publicKey = (RSAOaepPublicKey) keyPair.getPublic();
   

For performing an algorithm-specific initialization with particular RSA OAEP parameters an explicit cast of the KeyPairGenerator may be necessary for obtaining a specific RSAOaepKeyPairGeneratorFIPS to be initialized with the desired RSA-OAEP parameters which have to be supplied as RSAOaepParameterSpec object, e.g.:

 RSAOaepKeyPairGeneratorFIPS rsaOaepkeyGen = (RSAOaepKeyPairGeneratorFIPS) keyGen;
 // create OAEP parameters for specifying hash, mgf and pSource algorithms:
 // hash, mgf and pSource algorithm ids
 AlgorithmID hashID = (AlgorithmID) AlgorithmID.sha512.clone();
 AlgorithmID mgfID = (AlgorithmID) AlgorithmID.mgf1.clone();
 mgfID.setParameter(hashID.toASN1Object());
 AlgorithmID pSourceID = (AlgorithmID) AlgorithmID.pSpecified.clone();
 pSourceID.setParameter(new OCTET_STRING());
 // hash and mgf engines
 MessageDigest hashEngine = hashID.getMessageDigestInstance();
 MaskGenerationAlgorithm mgfEngine = mgfID.getMaskGenerationAlgorithmInstance();
 MGF1ParameterSpec mgf1ParamSpec = new MGF1ParameterSpec(hashID);
 mgf1ParamSpec.setHashEngine(hashEngine);
 mgfEngine.setParameters(mgf1ParamSpec);
 // create the RSAOaepParameterSpec
 RSAOaepParameterSpec oaepParamSpec = new RSAOaepParameterSpec(hashID, mgfID,
     pSourceID);
 // set engines
 oaepParamSpec.setHashEngine(hashEngine);
 oaepParamSpec.setMGFEngine(mgfEngine);
 // initialize key pair generator
 rsaOaepkeyGen.initialize(2048, oaepParamSpec);
 KeyPair keyPair = rsaOaepkeyGen.generateKeyPair();
 RSAOaepPublicKey publicKey = (RSAOaepPublicKey) keyPair.getPublic();
 RSAOaepPrivateKey privateKey = (RSAOaepPrivateKey) keyPair.getPrivate();
 

RSAES-OAEP keys must be only used for en/decryption purposes with the RSAES-OAEP-FIPS-186-3 encryption scheme. For using a RSAOaepPublicKey with a Cipher engine, "OAEP-FIPS-186-3" has to be specified as padding scheme when instantiating the Cipher object:

 Cipher rsaOaep = Cipher.getInstance("RSA/ECB/OAEP-FIPS-186-3", "IAIK");
 

When now initializing the Cipher with an RSAES-OAEP-FIPS-186-3 key that contains OAEP parameters, the hash algorithm, mask generation function and pSource algorithm are taken from the public key parameters:

 rsaOaep.init(Cipher.ENCRYPT_MODE, publicKey); 
 // the data to be encrypted (e.g. secret key material):
 byte[] data = ...;
 // encrypt data  
 byte[] encrypted = rsaOaep.doFinal(data);
 

For decrypting the encrypted data you will have to use the right RSAES-OAEP RSAOaepPrivateKey:

 Cipher rsaOaep = Cipher.getInstance("RSA/ECB/OAEP", "IAIK");
 rsaOaep.init(Cipher.DECRYPT_MODE, privateKey); 
 // decrypt data  
 byte[] decrypted = rsaOaep.doFinal(encrypted);

Version:

File Revision 4

See Also:

RSAOaepPublicKey, RSAOaepPrivateKey, RSAOaepKeyFactory, RSAOaepParameterSpec, KeyPairGenerator, KeyPair

Field Summary

Fields inherited from class iaik.security.rsa.RSAKeyPairGeneratorFIPS

KEYLENGTH_1024, KEYLENGTH_2048, KEYLENGTH_3072, LOWER_PUBLIC_EXPONENT_BOUND, UPPER_PUBLIC_EXPONENT_BOUND

Fields inherited from class iaik.security.rsa.RSAKeyPairGenerator

initialized, keylen, public_exponent, random

Constructor Summary

Constructors

Constructor and Description
RSAOaepKeyPairGeneratorFIPS() Default constructor for creating a RSAOaepKeyPairGeneratorFIPS object.

Method Summary

Methods

Modifier and Type	Method and Description
void	initialize(java.security.spec.AlgorithmParameterSpec params) Initializes this RSAOaepKeyPairGeneratorFIPS with the given RSAOaepParameterSpec.
void	initialize(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) Initializes this RSAOaepKeyPairGeneratorFIPS with given RSAOaepParameterSpec and random number generator.
void	initialize(int strength, java.security.spec.AlgorithmParameterSpec params) Initializes the RSAOaepKeyPairGeneratorFIPS for generating keys with the given length and OAEP parameters.
void	initialize(int strength, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom secureRandom) Initializes the RSAOaepKeyPairGeneratorFIPS for a certain key length with the given random number generator and OAEP parameters.
void	initialize(int strength, java.math.BigInteger publicExponent, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom secureRandom) Initializes the key pair generator using the specified "strength" (desired key length in bits), public exponent, source of random bits, and OAEP parameters.

Methods inherited from class iaik.security.rsa.RSAKeyPairGenerator

generateKeyPair, initialize, initialize, initialize

Methods inherited from class java.security.KeyPairGenerator

genKeyPair, getAlgorithm, getInstance, getInstance, getInstance, getProvider

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RSAOaepKeyPairGeneratorFIPS

public RSAOaepKeyPairGeneratorFIPS()

Default constructor for creating a RSAOaepKeyPairGeneratorFIPS object. Required for dynamic object creation. An application typically will not use this constructor for creating a RSAOaepKeyPairGeneratorFIPS. Rather it will use a proper KeyPairGenerator.getInstance method:

 KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSAES-OAEP-FIPS-186-3",
     "IAIK");
 

See Also:

KeyPairGenerator

Method Detail

initialize

public void initialize(int strength,
              java.security.spec.AlgorithmParameterSpec params)
                throws java.security.InvalidParameterException

Initializes the RSAOaepKeyPairGeneratorFIPS for generating keys with the given length and OAEP parameters. When using this initialization method, an explicit cast from KeyPairGenerator to RSAOaepKeyPairGeneratorFIPS is required:

 RSAOaepKeyPairGeneratorFIPS keyGen = (RSAOaepKeyPairGeneratorFIPS)KeyPairGenerator.getInstance("RSAES-OAEP-FIPS-186-3", "IAIK");
 keyGen.initialize(strength, oaepParamSpec);
 ...
 

Specified by:

initialize in interface OaepKeyPairGenerator

Parameters:

strength - the length of the key in bits.

params - the OAEP parameters to be set for the RSAES-OAEP keys

Throws:

java.security.InvalidParameterException - if the supplied parameters do not represent OAEP parameters

initialize

public void initialize(int strength,
              java.security.spec.AlgorithmParameterSpec params,
              java.security.SecureRandom secureRandom)
                throws java.security.InvalidParameterException

Initializes the RSAOaepKeyPairGeneratorFIPS for a certain key length with the given random number generator and OAEP parameters. When using this initialization method, an explicit cast from KeyPairGenerator to RSAOaepKeyPairGeneratorFIPS is required:

 RSAOaepKeyPairGeneratorFIPS keyGen = (RSAOaepKeyPairGeneratorFIPS)KeyPairGenerator.getInstance("RSAES-OAEP-FIPS-186-3", "IAIK");
 keyGen.initialize(strength, oaepParamSpec, secureRandom);
 ...
 

Specified by:

initialize in interface OaepKeyPairGenerator

Parameters:

strength - the length of the key in bits.

params - the OAEP parameters to be set for the RSAES-OAEP keys

secureRandom - the random number generator

Throws:

java.security.InvalidParameterException - if the supplied parameters do not represent OAEP parameters

initialize

public void initialize(int strength,
              java.math.BigInteger publicExponent,
              java.security.spec.AlgorithmParameterSpec params,
              java.security.SecureRandom secureRandom)
                throws java.security.InvalidParameterException

Initializes the key pair generator using the specified "strength" (desired key length in bits), public exponent, source of random bits, and OAEP parameters. Typical values for the public exponent are the Fermat primes F4 and F0 (0x10001 and 0x11) and, less commonly, 17. When using this initialization method, an explicit cast from KeyPairGenerator to RSAOaepKeyPairGeneratorFIPS is required:

 RSAOaepKeyPairGeneratorFIPS keyGen = (RSAOaepKeyPairGeneratorFIPS)KeyPairGenerator.getInstance("RSAES-OAEP-FIPS-186-3", "IAIK");
 keyGen.initialize(strength, publicExponent, oaepParamSpec, secureRandom);
 ...
 

Specified by:

initialize in interface OaepKeyPairGenerator

Parameters:

strength - keyLength the length of the key in bits.

publicExponent - the public exponent

params - the OAEP parameters to be set for the RSAES-OAEP keys

secureRandom - the random seed

Throws:

java.security.InvalidParameterException - if the supplied parameters do not represent OAEP parameters

initialize

public void initialize(java.security.spec.AlgorithmParameterSpec params)
                throws java.security.InvalidAlgorithmParameterException

Initializes this RSAOaepKeyPairGeneratorFIPS with the given RSAOaepParameterSpec. When using JDK 1.2 or later an application may use this method for initializing the KeyPairGenerator with OAEP parameters without casting the KeyPairGenerator to RSAOaepKeyPairGeneratorFIPS. If the KeyPairGenerator also shall be initialized with a specific strength, two initialize methods may be called during the initialization process, e.g.:

 int strength = ...;
 RSAOaepParameterSpec oaepParamSpec = ...;
 KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSAES-OAEP-FIPS-186-3", "IAIK");
 keyGen.initialize(strength);
 keyGen.initialize(oaepParamSpec);
 ...
 

Specified by:

initialize in interface OaepKeyPairGenerator

Overrides:

initialize in class java.security.KeyPairGenerator

Parameters:

params - the RSAOaepParameterSpec for initializing this generator

Throws:

java.security.InvalidAlgorithmParameterException - if the given parameter specification is not a RSAOaepParameterSpec

initialize

public void initialize(java.security.spec.AlgorithmParameterSpec params,
              java.security.SecureRandom random)
                throws java.security.InvalidAlgorithmParameterException

Initializes this RSAOaepKeyPairGeneratorFIPS with given RSAOaepParameterSpec and random number generator. When using JDK 1.2 or later an application may use this method for initializing the KeyPairGenerator with OAEP parameters without casting the KeyPairGenerator to RSAOaepKeyPairGeneratorFIPS. If the KeyPairGenerator also shall be initialized with a specific strength, two initialize methods may be called during the initialization process, e.g.:

 int strength = ...;
 RSAOaepParameterSpec oaepParamSpec = ...;
 SecureRandom secureRandom = ...;
 KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSAES-OAEP-FIPS-186-3", "IAIK");
 keyGen.initialize(strength);
 keyGen.initialize(oaepParamSpec, secureRandom);
 ...
 

Specified by:

initialize in interface OaepKeyPairGenerator

Overrides:

initialize in class java.security.KeyPairGenerator

Parameters:

params - the RSAOaepParameterSpec for initializing this generator

random - the SecureRandom for generating random numbers

Throws:

java.security.InvalidAlgorithmParameterException - if the given parameter specification is not a RSAOaepParameterSpec