cryptix.provider.rsa
Class BaseRSAKeyPairGenerator

java.lang.Object
  |
  +--java.security.KeyPairGeneratorSpi
        |
        +--java.security.KeyPairGenerator
              |
              +--cryptix.provider.rsa.BaseRSAKeyPairGenerator
All Implemented Interfaces:
RSAKeyPairGenerator

public class BaseRSAKeyPairGenerator
extends java.security.KeyPairGenerator
implements RSAKeyPairGenerator

A class capable of generating RSA key pairs. The generator is first initialized, then used to generate one or more RSA key pairs.

Users wishing to indicate the public exponent, and to generate a key pair suitable for use with the RSA algorithm typically:

  1. Get a key pair generator for the RSA algorithm by calling the KeyPairGenerator getInstance method with "RSA" as its argument.
  2. Initialize the generator by casting the result to an RSAKeyPairGenerator and calling the initialize method from this RSAKeyPairGenerator interface.
  3. Generate one or more key pairs by calling the generateKeyPair method from the KeyPairGenerator class, as often as desired.

Note: To use this generator in your configuration, make sure that the following property is set in the Cryptix.properties file (located in the cryptix-lib directory):

     KeyPairGenerator.RSA = cryptix.provider.rsa.BaseRSAKeyPairGenerator
 

The algorithm used to generate RSA keys is that described in [1], adapted for our case where e is known in advance:

  1. Generate two large random and distinct primes p and q, each roughly the same size.
  2. Compute phi = (p - 1)(q - 1).
  3. If gcd(e, phi) != 1, go to step 1.
  4. Compute n = pq.
  5. Use the extended Euclidean algorithm to compute the unique integer d, 1 < d < phi, such that ed = 1 mod phi.

For the prime number generation, we use java.math.BigInteger class methods and constructors which rely (as of JDK 1.1 and up to the time of this writing) on Colin Plumb's BigNum multi-precision integer math library. It is not clear though what part of this library is called (by the plumbGeneratePrime native method) for the actual probable prime generation.

The BigInteger class also uses the Miller-Rabin probabilistic primality test, also known as strong pseudo prime test as described in FIPS-186, with a user supplied certainty factor, referred to in the source as isProbablePrime. In this implementation we provide a default value of 80 for this parameter. In future revisions we will refine the computations to set this parameter, depending on the strength of the desired prime, using a function to compute an upperbound limit on the Miller-Rabin test error probability.

References:

  1. A. J. Menezes, P. C. van Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press 1997, pp 286-291.

  2. Bruce Schneier, "Section 19.3 RSA," Applied Cryptography, 2nd edition, John Wiley & Sons 1996.

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.9 $

Author:
Raif S. Naffah
See Also:
KeyPairGenerator

Inner classes inherited from class java.security.KeyPairGenerator
java.security.KeyPairGenerator.Delegate
 
Constructor Summary
BaseRSAKeyPairGenerator()
           
 
Method Summary
 java.security.KeyPair generateKeyPair()
          Generate a new RSA key pair with the confidence that each of the public modulus n factors p and q are primes with a mathematical probability that will exceed 1 - (1/2)** CONFIDENCE.
 void initialize()
          Initialise the RSA key pair generator for key strength value of 1024-bit, using the Fermat prime F4 (0x10001) as the encryption/ decryption exponent and a default SecureRandom source.
 void initialize(int strength, java.math.BigInteger e, java.security.SecureRandom source)
          Initialise the key pair generator using the specified strength (desired public modulus length in bits), public exponent, and a source of random bits.
 void initialize(int strength, java.security.SecureRandom source)
          Initialise the RSA key pair generator for a given key strength (its number of bits), using the Fermat prime F4 (0x10001) as the public exponent.
protected  java.security.KeyPair makeKeyPair(java.math.BigInteger n, java.math.BigInteger e, java.math.BigInteger d, java.math.BigInteger p, java.math.BigInteger q)
          Makes an RSA key pair using the given parameters.
 
Methods inherited from class java.security.KeyPairGenerator
genKeyPair, getAlgorithm, getInstance, getInstance, getProvider, initialize, initialize, initialize
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BaseRSAKeyPairGenerator

public BaseRSAKeyPairGenerator()
Method Detail

initialize

public void initialize(int strength,
                       java.math.BigInteger e,
                       java.security.SecureRandom source)
Initialise the key pair generator using the specified strength (desired public modulus length in bits), public exponent, and a source of random bits.
Specified by:
initialize in interface RSAKeyPairGenerator
Parameters:
strength - desired number of bits in the public modulus to be generated by this object. If null or less than 2 then use the set DEFAULT_STRENGTH
e - the encryption/decryption exponent. If null then use Fermat's F4 prime.
source - a cryptographically strong source of pseudo random data. If null then use a default one.

initialize

public void initialize(int strength,
                       java.security.SecureRandom source)
Initialise the RSA key pair generator for a given key strength (its number of bits), using the Fermat prime F4 (0x10001) as the public exponent.
Overrides:
initialize in class java.security.KeyPairGenerator
Parameters:
strength - desired number of bits in the public modulus to be generated by this object.
source - a cryptographically strong source of pseudo random data.

generateKeyPair

public java.security.KeyPair generateKeyPair()
Generate a new RSA key pair with the confidence that each of the public modulus n factors p and q are primes with a mathematical probability that will exceed 1 - (1/2)** CONFIDENCE.
Overrides:
generateKeyPair in class java.security.KeyPairGenerator

makeKeyPair

protected java.security.KeyPair makeKeyPair(java.math.BigInteger n,
                                            java.math.BigInteger e,
                                            java.math.BigInteger d,
                                            java.math.BigInteger p,
                                            java.math.BigInteger q)
Makes an RSA key pair using the given parameters.

initialize

public void initialize()
Initialise the RSA key pair generator for key strength value of 1024-bit, using the Fermat prime F4 (0x10001) as the encryption/ decryption exponent and a default SecureRandom source.