Cryptography Tutorials - Herong's Tutorial Examples - v5.42, by Herong Yang
DSA 512-bit and 1024-bit Key Pair Examples
This section provides 2 DSA key pair examples, 512-bit and 1024-bit, using DsaKeyGenerator.java.
Let's compile and run DsaKeyGenerator.java using JDK 12:
herong> javac DsaKeyGenerator.java herong> java DsaKeyGenerator 16 test Exception: java.security.InvalidParameterException: Unsupported prime and subprime size combination: 16, 160
If you run the same program using JDK 1.6, you will get a different error:
herong> java DsaKeyGenerator 16 test Exception: java.security.InvalidParameterException: Modulus size must range from 512 to 1024 and be a multiple of 64
Ok. We are not allowed to generate small DSA keys. Let's try the minimum DSA key size, 512 bits:
herong> java DsaKeyGenerator 512 dsa_512 KeyPairGenerator Object Info: Algorithm = DSA Provider = SUN version 12 Key Size = 512 toString = sun.security.provider.DSAKeyPairGenerator@19b49e6 Private Key Info: Algorithm = DSA Saved File = dsa_512.pri Format = PKCS#8 toString = Sun DSA Private Key parameters: p: fca682ce 8e12caba 26efccf7 110e526d b078b05e decbcd1e b4a208f3 ae1617ae 01f35b91 a47e6df6 3413c5e1 2ed0899b cd132acd 50d99151 bdc43ee7 37592e17 q: 962eddcc 369cba8e bb260ee6 b6a126d9 346e38c5 g: 678471b2 7a9cf44e e91a49c5 147db1a9 aaf244f0 5a434d64 86931d2d 14271b9e 35030b71 fd73da17 9069b32e 2935630e 1c206235 4d0da20a 6c416e50 be794ca4 x: 8ad78f1c 6fd8512f a6f82053 5672a761 96fec0b2 Public Key Info: Algorithm = DSA Saved File = dsa_512.pub Format = X.509 toString = Sun DSA Public Key Parameters: p: fca682ce 8e12caba 26efccf7 110e526d b078b05e decbcd1e b4a208f3 ae1617ae 01f35b91 a47e6df6 3413c5e1 2ed0899b cd132acd 50d99151 bdc43ee7 37592e17 q: 962eddcc 369cba8e bb260ee6 b6a126d9 346e38c5 g: 678471b2 7a9cf44e e91a49c5 147db1a9 aaf244f0 5a434d64 86931d2d 14271b9e 35030b71 fd73da17 9069b32e 2935630e 1c206235 4d0da20a 6c416e50 be794ca4 y: cde640d1 ebcaf6e2 caa83da1 ed475f5e 3f4fdfa5 802d4d5a f8bd07a6 d278418a 4b29f245 3ccff8ba 8daace97 e12d36a5 d50edd2d c93101da 213de2ef 189f8be4
Cool. Here is our first real DSA key pair. The toString() method actually dumps all DSA key parameters, p, q, g, x, y, in hexadecimal format.
Also note that the default encoding format is PKCS#8 for the private key, and X.509 for the public key.
The next test generates a 1024-bit DSA key pair:
herong> java DsaKeyGenerator 1024 dsa_1024 KeyPairGenerator Object Info: Algorithm = DSA Provider = SUN version 12 Key Size = 1024 toString = sun.security.provider.DSAKeyPairGenerator@19b49e6 Private Key Info: Algorithm = DSA Saved File = dsa_1024.pri Format = PKCS#8 toString = Sun DSA Private Key parameters: p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669 455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7 6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb 83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7 q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5 g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267 5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1 3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a x: 87a06897 5ef251b4 50510dee 08734119 5ca68c16 Public Key Info: Algorithm = DSA Saved File = dsa_1024.pub Format = X.509 toString = Sun DSA Public Key Parameters: p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669 455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7 6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb 83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7 q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5 g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267 5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1 3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a y: a28a43b9 5d736b5a 5afeb5a0 7d2c8965 ebf352a3 e29ba7e3 6511120c cca2b760 51cdfb87 fd9ee758 e5b11598 6663186f 468327bf 5ac500f1 89cb706f 6216abbc 4bb7258f 92150606 5db33698 3c31267c e78c9427 fab8dad0 c64b54f1 eff60ec6 01dd1abc 25d95693 803794d9 6733d565 69931f07 c772a513 2383ac6e abdafbc4
Table of Contents
Introduction to AES (Advanced Encryption Standard)
DES Algorithm - Illustrated with Java Programs
DES Algorithm Java Implementation
DES Algorithm - Java Implementation in JDK JCE
DES Encryption Operation Modes
PHP Implementation of DES - mcrypt
Blowfish - 8-Byte Block Cipher
Secret Key Generation and Management
Cipher - Secret Key Encryption and Decryption
RSA Implementation using java.math.BigInteger Class
Introduction of DSA (Digital Signature Algorithm)
►Java Default Implementation of DSA
DsaKeyGenerator.java - Generating DSA Key Pair
►DSA 512-bit and 1024-bit Key Pair Examples
DsaKeyChecker.java - Reading and Checking DSA Keys
Example of DSA Key Parameters and Properties
java.security.Signature - The Data Signing Class
DsaSignatureGenerator.java - Generating DSA Digital Signature
DsaSignatureGenerator.java Test Results
DsaSignatureVerifier.java - Verifying DSA Digital Signature
DsaSignatureVerifier.java Test Results
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Cipher - Public Key Encryption and Decryption
OpenSSL Introduction and Installation
OpenSSL Generating and Managing RSA Keys
OpenSSL Generating and Signing CSR
OpenSSL Validating Certificate Path
"keytool" and "keystore" from JDK
"OpenSSL" Signing CSR Generated by "keytool"
Migrating Keys from "keystore" to "OpenSSL" Key Files
Certificate X.509 Standard and DER/PEM Formats
Migrating Keys from "OpenSSL" Key Files to "keystore"