/*
* Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package com.zaranux.client.crypto;
//import java.security.*;
import com.zaranux.client.crypto.spec.AlgorithmParameterSpec;
import com.zaranux.client.crypto.spec.JCAUtil;
import com.zaranux.client.crypto.spec.RSAKeyGenParameterSpec;
import com.zaranux.client.crypto.util.BigInteger;
import com.zaranux.client.crypto.util.NumberGeneratedCallback;
/**
* RSA keypair generation. Standard algorithm, minimum key length 512 bit.
* We generate two random primes until we find two where phi is relative
* prime to the public exponent. Default exponent is 65537. It has only bit 0
* and bit 4 set, which makes it particularly efficient.
*
* @since 1.5
* @author Andreas Sterbenz
*/
public final class RSAKeyPairGenerator extends KeyPairGeneratorSpi {
// public exponent to use
private BigInteger publicExponent;
// size of the key to generate, >= 512
private int keySize;
// PRNG to use
private SecureRandom random;
public RSAKeyPairGenerator() {
// initialize to default in case the app does not call initialize()
initialize(1024, null);
}
// initialize the generator. See JCA doc
public void initialize(int keySize, SecureRandom random) {
if (keySize < 512) {
throw new InvalidParameterException
("Key size must be at least 512 bits");
}
if (keySize > 64 * 1024) {
// do not allow unreasonably large key sizes, probably user error
throw new InvalidParameterException
("Key size must be 65536 bits or less");
}
this.keySize = keySize;
this.random = random;
this.publicExponent = RSAKeyGenParameterSpec.F4;
}
// second initialize method. See JCA doc.
public void initialize(AlgorithmParameterSpec params, SecureRandom random)
throws InvalidAlgorithmParameterException {
if (params instanceof RSAKeyGenParameterSpec == false) {
throw new InvalidAlgorithmParameterException
("Params must be instance of RSAKeyGenParameterSpec");
}
RSAKeyGenParameterSpec rsaSpec = (RSAKeyGenParameterSpec)params;
keySize = rsaSpec.getKeysize();
publicExponent = rsaSpec.getPublicExponent();
this.random = random;
if (keySize < 512) {
throw new InvalidAlgorithmParameterException
("Key size must be at least 512 bits");
}
if (keySize > 64 * 1024) {
// do not allow unreasonably large key sizes, probably user error
throw new InvalidAlgorithmParameterException
("Key size must be 65536 bits or less");
}
if (publicExponent == null) {
publicExponent = RSAKeyGenParameterSpec.F4;
} else {
if (publicExponent.compareTo(RSAKeyGenParameterSpec.F0) < 0) {
throw new InvalidAlgorithmParameterException
("Public exponent must be 3 or larger");
}
if (publicExponent.bitLength() > keySize) {
throw new InvalidAlgorithmParameterException
("Public exponent must be smaller than key size");
}
}
}
/*
// generate the keypair. See JCA doc
public KeyPair generateKeyPair() {
// accomodate odd key sizes in case anybody wants to use them
int lp = (keySize + 1) >> 1;
int lq = keySize - lp;
if (random == null) {
random = JCAUtil.getSecureRandom();
}
BigInteger e = publicExponent;
while (true) {
// generate two random primes of size lp/lq
BigInteger p = BigInteger.probablePrime(lp, random);
com.allen_sauer.gwt.log.client.Log.debug(p.toString());
// if(1==1) return null;
BigInteger q, n;
do {
q = BigInteger.probablePrime(lq, random);
// convention is for p > q
if (p.compareTo(q) < 0) {
BigInteger tmp = p;
p = q;
q = tmp;
}
// modulus n = p * q
n = p.multiply(q);
// even with correctly sized p and q, there is a chance that
// n will be one bit short. re-generate the smaller prime if so
} while (n.bitLength() < keySize);
// phi = (p - 1) * (q - 1) must be relative prime to e
// otherwise RSA just won't work ;-)
BigInteger p1 = p.subtract(BigInteger.ONE);
BigInteger q1 = q.subtract(BigInteger.ONE);
BigInteger phi = p1.multiply(q1);
// generate new p and q until they work. typically
// the first try will succeed when using F4
if (e.gcd(phi).equals(BigInteger.ONE) == false) {
continue;
}
// private exponent d is the inverse of e mod phi
BigInteger d = e.modInverse(phi);
// 1st prime exponent pe = d mod (p - 1)
BigInteger pe = d.mod(p1);
// 2nd prime exponent qe = d mod (q - 1)
BigInteger qe = d.mod(q1);
// crt coefficient coeff is the inverse of q mod p
BigInteger coeff = q.modInverse(p);
try {
PublicKey publicKey = new RSAPublicKeyImpl(n, e);
PrivateKey privateKey =
new RSAPrivateCrtKeyImpl(n, e, d, p, q, pe, qe, coeff);
return new KeyPair(publicKey, privateKey);
} catch (InvalidKeyException exc) {
// invalid key exception only thrown for keys < 512 bit,
// will not happen here
throw new RuntimeException(exc);
}
}
} */
public void generateKeyPair(final KeyPairCallback kp) {
BigInteger x = BigInteger.getBigInteger();
// accomodate odd key sizes in case anybody wants to use them
final int lp = (keySize + 1) >> 1;
final int lq = keySize - lp;
final BigInteger e = BigInteger.getBigInteger(publicExponent.toString());
com.allen_sauer.gwt.log.client.Log.debug("e : " + e);
// generate two random primes of size lp/lq
BigInteger.getProbablePrime(lp,new NumberGeneratedCallback(){
public void onGenerated(final BigInteger p_)
{
//final BigInteger p_ = new BigInteger(nbInteger.toString());
com.allen_sauer.gwt.log.client.Log.debug("p : " + p_);
BigInteger.getProbablePrime(lq,
new NumberGeneratedCallback(){
public void onGenerated(BigInteger q)
{
com.allen_sauer.gwt.log.client.Log.debug("q : " + q);
BigInteger p = p_;
if (p_.compareTo(q) < 0) {
BigInteger tmp = p;
p = q;
q = tmp;
}
BigInteger n = p.multiply(q);
// phi = (p - 1) * (q - 1) must be relative prime to e
// otherwise RSA just won't work ;-)
BigInteger p1 = p.subtract(BigInteger.ONE);
BigInteger q1 = q.subtract(BigInteger.ONE);
BigInteger phi = p1.multiply(q1);
// generate new p and q until they work. typically
// the first try will succeed when using F4
if (e.gcd(phi).compareTo(BigInteger.ONE) != 0) {
//repeat
generateKeyPair(kp);
return;
}
// private exponent d is the inverse of e mod phi
BigInteger d = e.modInverse(phi);
// 1st prime exponent pe = d mod (p - 1)
BigInteger pe = d.mod(p1);
// 2nd prime exponent qe = d mod (q - 1)
BigInteger qe = d.mod(q1);
// crt coefficient coeff is the inverse of q mod p
BigInteger coeff = q.modInverse(p);
try {
PublicKey publicKey = new RSAPublicKeyImpl(n, e);
PrivateKey privateKey =
new RSAPrivateCrtKeyImpl(n, e,d,p, q, pe, qe, coeff);
kp.onGenerated( new KeyPair(publicKey, privateKey) );
} catch (InvalidKeyException exc) {
// invalid key exception only thrown for keys < 512 bit,
// will not happen here
throw new RuntimeException(exc);
}
}
}
);
}
}
);
}
// generate the keypair. See JCA doc
/*
public KeyPair generateKeyPair() {
NativeBigInteger x = NativeBigInteger.getBigInteger();
BigInteger e = RSAKeyGenParameterSpec.F0;
x.GenerateRSANumbers( e.toString(), keySize); // exponent 3
try {
// PublicKey publicKey = new RSAPublicKeyImpl(new BigInteger(x.getRSA_n().toString()), RSAKeyGenParameterSpec.F0);
// PrivateKey privateKey =
// new RSAPrivateCrtKeyImpl(new BigInteger(x.getRSA_n().toString()), e, new BigInteger(x.getRSA_d().toString()), new BigInteger(x.getRSA_p().toString()), new BigInteger(x.getRSA_q().toString()), new BigInteger(x.getRSA_pe().toString()), new BigInteger(x.getRSA_qe().toString()), new BigInteger(x.getRSA_coeff().toString()));
return null; // new KeyPair(publicKey, privateKey);
} catch (InvalidKeyException exc) {
// invalid key exception only thrown for keys < 512 bit,
// will not happen here
throw new RuntimeException(exc);
}
return null;
}
*/
}