gnu.crypto.sig.dss

Class DSSSignature

public class DSSSignature extends BaseSignature

The DSS (Digital Signature Standard) algorithm makes use of the following parameters:

  1. p: A prime modulus, where 2L-1 < p < 2L for 512 <= L <= 1024 and L a multiple of 64.
  2. q: A prime divisor of p - 1, where 2159 < q < 2160.
  3. g: Where g = h(p-1)/q mod p, where h is any integer with 1 < h < p - 1 such that h (p-1)/q mod p > 1 (g has order q mod p).
  4. x: A randomly or pseudorandomly generated integer with 0 < x < q.
  5. y: y = gx mod p.
  6. k: A randomly or pseudorandomly generated integer with 0 < k < q.

The integers p, q, and g can be public and can be common to a group of users. A user's private and public keys are x and y, respectively. They are normally fixed for a period of time. Parameters x and k are used for signature generation only, and must be kept secret. Parameter k must be regenerated for each signature.

The signature of a message M is the pair of numbers r and s computed according to the equations below:

In the above, k-1 is the multiplicative inverse of k, mod q; i.e., (k-1 k) mod q = 1 and 0 < k-1 < q. The value of SHA(M) is a 160-bit string output by the Secure Hash Algorithm specified in FIPS 180. For use in computing s, this string must be converted to an integer.

As an option, one may wish to check if r == 0 or s == 0 . If either r == 0 or s == 0, a new value of k should be generated and the signature should be recalculated (it is extremely unlikely that r == 0 or s == 0 if signatures are generated properly).

The signature is transmitted along with the message to the verifier.

References:

  1. Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186. National Institute of Standards and Technology.

Version: $Revision: 1.9 $

Constructor Summary
DSSSignature()
Trivial 0-arguments constructor.
Method Summary
Objectclone()
protected ObjectgenerateSignature()
protected voidsetupForSigning(PrivateKey k)
protected voidsetupForVerification(PublicKey k)
static BigInteger[]sign(DSAPrivateKey k, byte[] h)
static BigInteger[]sign(DSAPrivateKey k, byte[] h, Random rnd)
static BigInteger[]sign(DSAPrivateKey k, byte[] h, IRandom irnd)
static booleanverify(DSAPublicKey k, byte[] h, BigInteger[] rs)
protected booleanverifySignature(Object sig)

Constructor Detail

DSSSignature

public DSSSignature()
Trivial 0-arguments constructor.

Method Detail

clone

public Object clone()

generateSignature

protected Object generateSignature()

setupForSigning

protected void setupForSigning(PrivateKey k)

setupForVerification

protected void setupForVerification(PublicKey k)

sign

public static final BigInteger[] sign(DSAPrivateKey k, byte[] h)

sign

public static final BigInteger[] sign(DSAPrivateKey k, byte[] h, Random rnd)

sign

public static final BigInteger[] sign(DSAPrivateKey k, byte[] h, IRandom irnd)

verify

public static final boolean verify(DSAPublicKey k, byte[] h, BigInteger[] rs)

verifySignature

protected boolean verifySignature(Object sig)
Copyright © 2001, 2002, 2003 Free Software Foundation, Inc. All Rights Reserved.