All Packages Class Hierarchy This Package Previous Next Index
Class cryptix.provider.rsa.BaseRSAKeyPairGenerator
java.lang.Object
|
+----java.security.KeyPairGenerator
|
+----cryptix.provider.rsa.BaseRSAKeyPairGenerator
- public class BaseRSAKeyPairGenerator
- extends KeyPairGenerator
- implements RSAKeyPairGenerator
A class capable of generating RSA key pairs. The generator is first
initialized, then used to generate one or more RSA key pairs.
Users wishing to indicate the public exponent, and to generate a
key pair suitable for use with the RSA algorithm typically:
- Get a key pair generator for the RSA algorithm by calling
the KeyPairGenerator getInstance method with "RSA" as
its argument.
- Initialize the generator by casting the result to an
RSAKeyPairGenerator and calling the initialize method
from this RSAKeyPairGenerator interface.
- Generate one or more key pairs by calling the
generateKeyPair method from the KeyPairGenerator class,
as often as desired.
Note: To use this generator in your configuration, make sure that
the following property is set in the Cryptix.properties
file (located in the cryptix-lib directory):
KeyPairGenerator.RSA = cryptix.provider.rsa.BaseRSAKeyPairGenerator
The algorithm used to generate RSA keys is that described in [1],
adapted for our case where e is known in advance:
- Generate two large random and distinct primes p and
q, each roughly the same size.
- Compute phi = (p - 1)(q - 1).
- If gcd(e, phi) != 1, go to step 1.
- Compute n = pq.
- Use the extended Euclidean algorithm to compute the unique
integer d, 1 < d < phi, such that ed = 1 mod phi.
For the prime number generation, we use java.math.BigInteger class
methods and constructors which rely (as of JDK 1.1 and up to the time
of this writing) on Colin Plumb's
BigNum multi-precision integer math library. It is not clear
though what part of this library is called (by the plumbGeneratePrime
native method) for the actual probable prime generation.
The BigInteger class also uses the Miller-Rabin probabilistic primality
test, also known as strong pseudo prime test as described in
FIPS-186, with a user supplied certainty factor, referred to in
the source as isProbablePrime
. In this implementation we provide
a default value of 80 for this parameter. In future revisions we
will refine the computations to set this parameter, depending on the
strength of the desired prime, using a function to compute an upperbound
limit on the Miller-Rabin test error probability.
References:
- A. J. Menezes, P. C. van Oorschot, S. A. Vanstone,
Handbook of Applied Cryptography,
CRC Press 1997, pp 286-291.
- Bruce Schneier,
"Section 19.3 RSA,"
Applied Cryptography, 2nd edition,
John Wiley & Sons 1996.
Copyright © 1997
Systemics Ltd on behalf of the
Cryptix Development Team.
All rights reserved.
$Revision: 1.6 $
- Author:
- Raif S. Naffah
- See Also:
- KeyPairGenerator
-
BaseRSAKeyPairGenerator()
-
-
generateKeyPair()
- Generate a new RSA key pair with the confidence that each of the
public modulus n factors p and q are primes
with a mathematical probability that will exceed 1 - (1/2)**
CONFIDENCE.
-
initialize()
- Initialise the RSA key pair generator for key strength value of
1024-bit, using the Fermat prime F4 (0x10001) as the encryption/
decryption exponent and a default SecureRandom source.
-
initialize(int, BigInteger, SecureRandom)
- Initialise the key pair generator using the specified strength
(desired public modulus length in bits), public exponent, and a
source of random bits.
-
initialize(int, SecureRandom)
- Initialise the RSA key pair generator for a given key strength
(its number of bits), using the Fermat prime F4 (0x10001) as the
public exponent.
-
makeKeyPair(BigInteger, BigInteger, BigInteger, BigInteger, BigInteger)
- Makes an RSA key pair using the given parameters.
BaseRSAKeyPairGenerator
public BaseRSAKeyPairGenerator()
initialize
public void initialize(int strength,
BigInteger e,
SecureRandom source)
- Initialise the key pair generator using the specified strength
(desired public modulus length in bits), public exponent, and a
source of random bits.
- Parameters:
- strength - desired number of bits in the public modulus
to be generated by this object. If null or
less than 2 then use the set DEFAULT_STRENGTH
- e - the encryption/decryption exponent. If null
then use Fermat's F4 prime.
- source - a cryptographically strong source of pseudo
random data. If null then use a default one.
initialize
public void initialize(int strength,
SecureRandom source)
- Initialise the RSA key pair generator for a given key strength
(its number of bits), using the Fermat prime F4 (0x10001) as the
public exponent.
- Parameters:
- strength - desired number of bits in the public modulus
to be generated by this object.
- source - a cryptographically strong source of pseudo
random data.
- Overrides:
- initialize in class KeyPairGenerator
generateKeyPair
public KeyPair generateKeyPair()
- Generate a new RSA key pair with the confidence that each of the
public modulus n factors p and q are primes
with a mathematical probability that will exceed 1 - (1/2)**
CONFIDENCE.
- Overrides:
- generateKeyPair in class KeyPairGenerator
makeKeyPair
protected KeyPair makeKeyPair(BigInteger n,
BigInteger e,
BigInteger d,
BigInteger p,
BigInteger q)
- Makes an RSA key pair using the given parameters.
initialize
public void initialize()
- Initialise the RSA key pair generator for key strength value of
1024-bit, using the Fermat prime F4 (0x10001) as the encryption/
decryption exponent and a default SecureRandom source.
All Packages Class Hierarchy This Package Previous Next Index