Class PQGParams

java.lang.Object
java.security.spec.DSAParameterSpec
org.mozilla.jss.crypto.PQGParams
All Implemented Interfaces:
DSAParams, AlgorithmParameterSpec

public class PQGParams extends DSAParameterSpec
PQG parameters for DSA key generation, along with the seed, counter, and H values for verification.

This class has two main purposes: generating PQG parameters and verifying PQG parameters. To generate PQG parameters, call one of the static generate methods. They will return a new set of PQG parameters. To verify existing PQG parameters, create a new PQGParams object with the constructor and call paramsAreValid on the object.

It is necessary to call CryptoManager.initialize before using this class.

  • Field Details

  • Constructor Details

    • PQGParams

      public PQGParams(BigInteger P, BigInteger Q, BigInteger G, BigInteger seed, int counter, BigInteger H)
      Creates a PQGParams object from a set of pre-computed DSA parameters.
      Parameters:
      P - The DSA prime parameter.
      Q - The DSA sub-prime parameter.
      G - The DSA base parameter.
      seed - The Seed used to calculate P, Q, and G.
      counter - The Counter (C) used to calculate P, Q, and G.
      H - The H value used to generate P, Q, and G.
  • Method Details

    • generate

      public static PQGParams generate(int keySize) throws InvalidParameterException, PQGParamGenException
      Generates P, Q, and G parameters for DSA key generation. Also provides the seed, counter, and H values for verification of the P, Q, and G. The parameters are generated and then verified before being returned. The length of the Seed will equal the length of P. It is necessary to call one of the CryptoManager.initialize functions before calling this method.
      Parameters:
      keySize - The size of P in bits. Keys generated by these P, Q, and G values will have this length. Valid key sizes are multiples of 64 in the closed interval [512,1024]. This also dictates the length of H and Seed.
      Returns:
      A new set of P, Q, and G parameters, along with the Seed, Counter, and H values used to generate them.
      Throws:
      InvalidParameterException - If the keySize is outside the bounds described by the DSA key pair generation algorithm.
      PQGParamGenException - If an error occurs during the generation process.
      See Also:
    • generateNative

      private static PQGParams generateNative(int keySize) throws InvalidParameterException, PQGParamGenException
      Does the actual work of generation, but does not verify.
      Throws:
      InvalidParameterException
      PQGParamGenException
    • generate

      public static PQGParams generate(int keySize, int seedBytes) throws InvalidParameterException, PQGParamGenException
      Generates P, Q, and G parameters for DSA key generation. Also provides the seed, counter, and H values for verification of the P, Q, and G. The parameters are generated and then verified before being returned. It is necessary to call one of the CryptoManager.initialize functions before calling this method.
      Parameters:
      keySize - The size of P in bits. Keys generated by these P, Q, and G values will have this length. Valid key sizes are multiples of 64 in the closed interval [512,1024]. This also dictates the length of H.
      seedBytes - The number of bytes in the Seed value used to generate P, Q, and G. seedBytes must be from the closed interval [20,255].
      Returns:
      A new set of P, Q, and G parameters, along with the Seed, Counter, and H values used to generate them.
      Throws:
      InvalidParameterException - If the keySize or number of seed bytes is outside the bounds described by the DSA key pair generation algorithm.
      PQGParamGenException - If an error occurs during the generation process.
      See Also:
    • generateNative

      private static PQGParams generateNative(int keySize, int seedBytes) throws InvalidParameterException, PQGParamGenException
      Does the actual work of generation, but does not verify.
      Throws:
      InvalidParameterException
      PQGParamGenException
    • BigIntegerToUnsignedByteArray

      public static byte[] BigIntegerToUnsignedByteArray(BigInteger big)
      Produces an unsigned byte-array representation of a BigInteger.

      BigInteger adds an extra sign bit to the beginning of its byte array representation. In some cases this will cause the size of the byte array to increase, which may be unacceptable for some applications. This function returns a minimal byte array representing the BigInteger without extra sign bits.

      Returns:
      An unsigned, big-endian byte array representation of a BigInteger.
    • paramsAreValid

      public boolean paramsAreValid()
      Verifies the PQG parameters using the seed, counter, and H values.
      Returns:
      true if the parameters verified correctly, false if they did not verify.
    • paramsAreValidNative

      private boolean paramsAreValidNative(byte[] P, byte[] Q, byte[] G, byte[] seed, int counter, byte[] H)
    • getSeed

      public BigInteger getSeed()
      Returns:
      The Seed used to generate P, Q, and G.
    • getCounter

      public int getCounter()
      Returns:
      The Counter (C) used to generate P, Q, and G.
    • getH

      public BigInteger getH()
      Returns:
      The H value used to generate P, Q, and G.