Skip navigation links

Oracle Fusion Middleware Crypto FIPS Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)

E10696-04


oracle.security.crypto.core
Class DHParams

java.lang.Object
  extended by javax.crypto.spec.DHParameterSpec
      extended by oracle.security.crypto.core.DHParams

All Implemented Interfaces:
java.io.Externalizable, java.io.Serializable, java.security.spec.AlgorithmParameterSpec, ASN1Object, Streamable

public class DHParams
extends javax.crypto.spec.DHParameterSpec
implements ASN1Object, java.io.Externalizable

Domain parameters for the Diffie-Hellman key agreement scheme, as described in ANSI X9.42.

The Diffie-Hellman domain parameters contain, at a minimum, the subgroup parameters p and q and a the generator element g; optionally they may also contain an integer j (such that j >= 2 and p = jq + 1, and known as the cofactor of p-1 and q), and validation parameters seed, pGenCounter used to verify the subgroup parameters using the normative generation procedure given in Annex B.

The ASN1 syntax for a DHParams object is as follows:

        DomainParameters ::= Sequence {
             p INTEGER, -- odd prime, p = jq+1
             g INTEGER, -- generator, g^q = 1 mod p
             q INTEGER, -- prime factor of p-1
             j INTEGER OPTIONAL, -- cofactor, j>=2
             validationParms  ValidationParms OPTIONAL
        }

        ValidationalParms ::= Sequence {
             seed BITSTRING, -- seed for prime generation
             pGenCounter INTEGER, -- parameter verification
        }
    
See Also:
DHParameterGenerator, DHKeyAgreement, Serialized Form

Constructor Summary
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q)
          Constructs a new DHParams instance with the give value of p, g and q.
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q, java.math.BigInteger j)
          Constructs a new DHParams instance with the give value of p, g, q and j.
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q, java.math.BigInteger j, byte[] seed, int pgenCounter)
          Constructs a new DHParams instance with the give value of p, g, q, j and validation parameters seed, pgenCounter.
DHParams(java.math.BigInteger p, java.math.BigInteger g, java.math.BigInteger q, byte[] seed, int pgenCounter)
          Constructs a new DHParams instance with the give value of p, g, q and validation parameters seed, pgenCounter.
DHParams(java.io.InputStream is)
          Constructs a new DHParams from the given input stream encoding the parameters.

 

Method Summary
 java.math.BigInteger getG()
          Returns the group generator g.
 java.math.BigInteger getJ()
          Returns the cofactor j.
 java.math.BigInteger getP()
          Returns the prime p defining the Galois Field GF(p).
 int getPGenCounter()
          Returns the counter value pGenCounter (greater than zero), used to generate the domain parameters (p, q, g).
 java.math.BigInteger getQ()
          Returns the prime q, specifying the multiplicative subgroup of order q in GF(p).
 byte[] getSeed()
          Returns the seed bytes that was used generate these parameters.
 void input(java.io.InputStream is)
          Inputs a DHParams object by reading its encoding from the given input stream.
static boolean isValidParams(DHParams params, int L, int m)
          Verifies that the domain parameters (p, q, g) can be reconstructed using the normative generation procedure given in Annex B of X9.42, using the validation parameters seed and pGenCounter and that p and q have bitlengths corresponding to the prescribed strength values L and m.
 int length()
          Returns the length of the ASN1 encoding of this object.
 void output(java.io.OutputStream os)
          Outputs the ASN1 encoding of this object to a given output stream.
 void readExternal(java.io.ObjectInput is)
          Reads the input stream and initializes the Diffie Hellman parameters.
 java.lang.String toString()
          Returns a string representation of this object.
 void writeExternal(java.io.ObjectOutput os)
          Writes to the output stream the DER encoding of this object.

 

Methods inherited from class javax.crypto.spec.DHParameterSpec
getL

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

 

Constructor Detail

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q)
Constructs a new DHParams instance with the give value of p, g and q.
Parameters:
p - p
g - g
q - q

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q,
                java.math.BigInteger j)
Constructs a new DHParams instance with the give value of p, g, q and j.
Parameters:
p - p
g - g
q - q
j - j

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q,
                byte[] seed,
                int pgenCounter)
Constructs a new DHParams instance with the give value of p, g, q and validation parameters seed, pgenCounter.
Parameters:
p - p
g - g
q - q
seed - the seed value used in generating p, q.
pgenCounter - the counter in generating p

DHParams

public DHParams(java.math.BigInteger p,
                java.math.BigInteger g,
                java.math.BigInteger q,
                java.math.BigInteger j,
                byte[] seed,
                int pgenCounter)
Constructs a new DHParams instance with the give value of p, g, q, j and validation parameters seed, pgenCounter.
Parameters:
p - p
g - g
q - q
j - j
seed - the seed value used in generating p, q.
pgenCounter - the counter in generating p

DHParams

public DHParams(java.io.InputStream is)
         throws java.io.IOException
Constructs a new DHParams from the given input stream encoding the parameters.
Parameters:
is - the input stream from which the parameters derived.
Throws:
java.io.IOException

Method Detail

getP

public java.math.BigInteger getP()
Returns the prime p defining the Galois Field GF(p).
Overrides:
getP in class javax.crypto.spec.DHParameterSpec
Returns:
the large prime p.

getQ

public java.math.BigInteger getQ()
Returns the prime q, specifying the multiplicative subgroup of order q in GF(p).
Returns:
the small prime q.

getG

public java.math.BigInteger getG()
Returns the group generator g.
Overrides:
getG in class javax.crypto.spec.DHParameterSpec
Returns:
the group generator g.

getJ

public java.math.BigInteger getJ()
Returns the cofactor j.
Returns:
the cofactor j, if present; or null, if not.

getSeed

public byte[] getSeed()
Returns the seed bytes that was used generate these parameters.
Returns:
(a clone of) the seed bytes used to generate (or validate) the domain parameters (p, q, g), if present, or null if not.

getPGenCounter

public int getPGenCounter()
Returns the counter value pGenCounter (greater than zero), used to generate the domain parameters (p, q, g).
Returns:
the counter value pGenCounter if present, or 0 if not.

toString

public java.lang.String toString()
Returns a string representation of this object.
Overrides:
toString in class java.lang.Object
Returns:
A string representation of this object.

isValidParams

public static boolean isValidParams(DHParams params,
                                    int L,
                                    int m)
Verifies that the domain parameters (p, q, g) can be reconstructed using the normative generation procedure given in Annex B of X9.42, using the validation parameters seed and pGenCounter and that p and q have bitlengths corresponding to the prescribed strength values L and m. Note: L must be evenly divisible by 256 and must be at least 1024; m must be at least 160; and both seed and pGenCounter must be present.

Additionally, if the optional cofactor j is provided, its relations to p and q are also verifed.

Finally, it should be noted that since the procedure for parameter verification essentially follows the same steps as for parameter generation, the operation is similarly resource intensive

Parameters:
params - a DHParams object to be validated.
L - the strength of p in bits; L=256n with n >= 4
m - the strength of q in bits; m >= 160
Returns:
true if the parameters are valid (and match the given strength parameters), otherwise returns false.
Throws:
java.lang.IllegalArgumentException - If the values L and/or m are invalid, or if either of seed and pGenCounter are missing from the params.
See Also:
DHParameterGenerator

input

public void input(java.io.InputStream is)
           throws java.io.IOException
Inputs a DHParams object by reading its encoding from the given input stream.
Specified by:
input in interface Streamable
Parameters:
is - The input stream from which this object will be read
Throws:
java.io.IOException - If an input exception occured.

output

public void output(java.io.OutputStream os)
            throws java.io.IOException
Outputs the ASN1 encoding of this object to a given output stream.
Specified by:
output in interface Streamable
Parameters:
os - The output stream to which the encoding of this object will be written.
Throws:
java.io.IOException - If an output exception occured.

length

public int length()
Returns the length of the ASN1 encoding of this object.
Specified by:
length in interface Streamable
Returns:
The length of the ASN1 encoding of this object.

writeExternal

public void writeExternal(java.io.ObjectOutput os)
                   throws java.io.IOException
Writes to the output stream the DER encoding of this object.
Specified by:
writeExternal in interface java.io.Externalizable
Parameters:
os - The output stream to write the encoding to.
Throws:
java.io.IOException

readExternal

public void readExternal(java.io.ObjectInput is)
                  throws java.io.IOException,
                         java.lang.ClassNotFoundException
Reads the input stream and initializes the Diffie Hellman parameters.
Specified by:
readExternal in interface java.io.Externalizable
Parameters:
is - The stream to read from.
Throws:
java.io.IOException
java.lang.ClassNotFoundException

Skip navigation links

Oracle Fusion Middleware Crypto FIPS Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)

E10696-04


Copyright © 2005, 2011 , Oracle. All rights reserved.