Oracle Security Developer Tools Crypto Java API Reference
10g Release 2 (10.1.2.0.2)

B15565-01


oracle.security.crypto.core
Class DHParams

java.lang.Object
  extended byoracle.security.crypto.core.DHParams

All Implemented Interfaces:
ASN1Object, Streamable

public class DHParams
extends java.lang.Object
implements ASN1Object

*** For internal use only *** Domain parameters for the Diffie-Hellman key agreement scheme, as described in ANSI X9.42.

The Diffie-Hellman domain parameters contain, at a minimum, the subgroup parameters p and q and a the generator element g; optionally they may also contain an integer j (such that j >= 2 and p = jq + 1, and known as the cofactor of p-1 and q), and validation parameters seed, pGenCounter used to verify the subgroup parameters using the normative generation procedure given in Annex B.

The ASN1 syntax for a DHParams object is as follows:

                DomainParameters ::= Sequence {
                     p INTEGER, -- odd prime, p = jq+1
                     g INTEGER, -- generator, g^q = 1 mod p
                     q INTEGER, -- prime factor of p-1
                     j INTEGER OPTIONAL, -- cofactor, j>=2
                     validationParms  ValidationParms OPTIONAL
                }

                ValidationalParms ::= Sequence {
                     seed BITSTRING, -- seed for prime generation
                     pGenCounter INTEGER, -- parameter verification
                }
        

Status: Provisional (may be changed in future releases.)

See Also:
DHParameterGenerator, DHKeyAgreement

Constructor Summary
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q)
Constructs a new DHParams instance with the give value of p, g and q.
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q, java.math.BigInteger j)
Constructs a new DHParams instance with the give value of p, g, q and j.
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q, java.math.BigInteger j, byte[] seed, int pgenCounter)
Constructs a new DHParams instance with the give value of p, g, q, j and validation parameters seed, pgenCounter.
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q, byte[] seed, int pgenCounter)
Constructs a new DHParams instance with the give value of p, g, q and validation parameters seed, pgenCounter.
DHParams(java.io.InputStream is)
Constructs a new DHParams from the given input stream encoding the parameters.

Method Summary
java.math.BigInteger getG()
Returns the group generator g.
java.math.BigInteger getJ()
Returns the cofactor j.
java.math.BigInteger getP()
Returns the prime p defining the Galois Field GF(p).
int getPGenCounter()
Returns the counter value pGenCounter (greater than zero), used to generate the domain parameters (p, q, g).
java.math.BigInteger getQ()
Returns the prime q, specifying the multiplicative subgroup of order q in GF(p).
byte[] getSeed()
Returns the seed bytes that was used generate these parameters.
void input(java.io.InputStream is)
Inputs a DHParams object by reading its encoding from the given input stream.
static boolean isValidParams(DHParams params, int L, int m)
Verifies that the domain parameters (p, q, g) can be reconstructed using the normative generation procedure given in Annex B of X9.42, using the validation parameters seed and pGenCounter and that p and q have bitlengths corresponding to the prescribed strength values L and m.
int length()
Returns the length of the ASN1 encoding of this object.
void output(java.io.OutputStream os)
Outputs the ASN1 encoding of this object to a given output stream.
java.lang.String toString()
Returns a string representation of this object.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q)
Constructs a new DHParams instance with the give value of p, g and q.
Parameters:
p - p
g - g
q - q

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q,
                java.math.BigInteger j)
Constructs a new DHParams instance with the give value of p, g, q and j.
Parameters:
p - p
g - g
q - q
j - j

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q,
                byte[] seed,
                int pgenCounter)
Constructs a new DHParams instance with the give value of p, g, q and validation parameters seed, pgenCounter.
Parameters:
p - p
g - g
q - q
seed - the seed value used in generating p, q.
pgenCounter - the counter in generating p

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q,
                java.math.BigInteger j,
                byte[] seed,
                int pgenCounter)
Constructs a new DHParams instance with the give value of p, g, q, j and validation parameters seed, pgenCounter.
Parameters:
p - p
g - g
q - q
j - j
seed - the seed value used in generating p, q.
pgenCounter - the counter in generating p

DHParams

public DHParams(java.io.InputStream is)
         throws java.io.IOException
Constructs a new DHParams from the given input stream encoding the parameters.
Parameters:
is - the input stream from which the parameters derived.

Method Detail

getP

public java.math.BigInteger getP()
Returns the prime p defining the Galois Field GF(p).
Returns:
the large prime p.

getQ

public java.math.BigInteger getQ()
Returns the prime q, specifying the multiplicative subgroup of order q in GF(p).
Returns:
the small prime q.

getG

public java.math.BigInteger getG()
Returns the group generator g.
Returns:
the group generator g.

getJ

public java.math.BigInteger getJ()
Returns the cofactor j.
Returns:
the cofactor j, if present; or null, if not.

getSeed

public byte[] getSeed()
Returns the seed bytes that was used generate these parameters.
Returns:
(a clone of) the seed bytes used to generate (or validate) the domain parameters (p, q, g), if present, or null if not.

getPGenCounter

public int getPGenCounter()
Returns the counter value pGenCounter (greater than zero), used to generate the domain parameters (p, q, g).
Returns:
the counter value pGenCounter if present, or 0 if not.

toString

public java.lang.String toString()
Returns a string representation of this object.
Returns:
A string representation of this object.

isValidParams

public static boolean isValidParams(DHParams params,
                                    int L,
                                    int m)
Verifies that the domain parameters (p, q, g) can be reconstructed using the normative generation procedure given in Annex B of X9.42, using the validation parameters seed and pGenCounter and that p and q have bitlengths corresponding to the prescribed strength values L and m. Note: L must be evenly divisible by 256 and must be at least 1024; m must be at least 160; and both seed and pGenCounter must be present.

Additionally, if the optional cofactor j is provided, its relations to p and q are also verifed.

Finally, it should be noted that since the procedure for parameter verification essentially follows the same steps as for parameter generation, the operation is similarly resource intensive

Parameters:
params - a DHParams object to be validated.
L - the strength of p in bits; L=256n with n >= 4
m - the strength of q in bits; m >= 160
Returns:
true if the parameters are valid (and match the given strength parameters), otherwise returns false.
Throws:
java.lang.IllegalArgumentException - If the values L and/or m are invalid, or if either of seed and pGenCounter are missing from the params.
See Also:
DHParameterGenerator

input

public void input(java.io.InputStream is)
           throws java.io.IOException
Inputs a DHParams object by reading its encoding from the given input stream.
Specified by:
input in interface Streamable
Parameters:
is - The input stream from which this object will be read
Throws:
java.io.IOException - If an input exception occured.

output

public void output(java.io.OutputStream os)
            throws java.io.IOException
Outputs the ASN1 encoding of this object to a given output stream.
Specified by:
output in interface Streamable
Parameters:
os - The output stream to which the encoding of this object will be written.
Throws:
java.io.IOException - If an output exception occured.

length

public int length()
Returns the length of the ASN1 encoding of this object.
Specified by:
length in interface Streamable
Returns:
The length of the ASN1 encoding of this object.

Oracle Security Developer Tools Crypto Java API Reference
10g Release 2 (10.1.2.0.2)

B15565-01


Copyright © 2005 , Oracle. All rights reserved.