@Override public AsymmetricCipherKeyPairGenerator createAsymmetricCipherKeyPairGenerator(final boolean initWithDefaults) { final ElGamalKeyPairGenerator generator = new ElGamalKeyPairGenerator(); if (initWithDefaults) { /* * How certain do we want to be that the chosen primes are really primes. * <p> * The higher this number, the more tests are done to make sure they are primes (and not composites). * <p> * See: <a href="http://crypto.stackexchange.com/questions/3114/what-is-the-correct-value-for-certainty-in-rsa-key-pair-generation">What is the correct value for “certainty” in RSA key pair generation?</a> * and * <a href="http://crypto.stackexchange.com/questions/3126/does-a-high-exponent-compensate-for-a-low-degree-of-certainty?lq=1">Does a high exponent compensate for a low degree of certainty?</a> */ final int certainty = 12; final SecureRandom random = new SecureRandom(); ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); pGen.init(4096, certainty, random); ElGamalParameters elGamalParameters = pGen.generateParameters(); generator.init(new ElGamalKeyGenerationParameters(random, elGamalParameters)); } return generator; }
private ElGamalKeyGenerationParameters createElGamalKeyGenerationParameters(final CreatePgpKeyParam createPgpKeyParam) { /* * How certain do we want to be that the chosen primes are really primes. * <p> * The higher this number, the more tests are done to make sure they are primes (and not composites). * <p> * See: <a href="http://crypto.stackexchange.com/questions/3114/what-is-the-correct-value-for-certainty-in-rsa-key-pair-generation">What is the correct value for “certainty” in RSA key pair generation?</a> * and * <a href="http://crypto.stackexchange.com/questions/3126/does-a-high-exponent-compensate-for-a-low-degree-of-certainty?lq=1">Does a high exponent compensate for a low degree of certainty?</a> */ final int certainty = 8; // 12 takes ages - and DSA+El-Gamal is anyway a bad idea and discouraged. Reducing this to make it bearable. final SecureRandom random = getSecureRandom(); ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); pGen.init(createPgpKeyParam.getStrength(), certainty, random); ElGamalParameters elGamalParameters = pGen.generateParameters(); // Maybe we should generate our "DH safe primes" only once and store them somewhere? Or maybe we should provide a long list // of them in the resources? DHParametersHelper.generateSafePrimes(size, certainty, random); takes really really very long. // BUT BEWARE: Attacks on El Gamal can re-use expensively calculated stuff, if p (one of the "safe primes) is the same. // However, it is still not *so* easy. Hmmm... don't know. Security is really important here. return new ElGamalKeyGenerationParameters(random, elGamalParameters); }
protected AlgorithmParameters engineGenerateParameters() { ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); if (random != null) { pGen.init(strength, 20, random); } else { pGen.init(strength, 20, new SecureRandom()); } ElGamalParameters p = pGen.generateParameters(); AlgorithmParameters params; try { params = AlgorithmParameters.getInstance("ElGamal", BouncyCastleProvider.PROVIDER_NAME); params.init(new DHParameterSpec(p.getP(), p.getG(), l)); } catch (Exception e) { throw new RuntimeException(e.getMessage()); } return params; }
protected AlgorithmParameters engineGenerateParameters() { ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); if ( random != null ) { pGen.init(strength, 20, random); } else { pGen.init(strength, 20, new SecureRandom()); } ElGamalParameters p = pGen.generateParameters(); AlgorithmParameters params; try { params = AlgorithmParameters.getInstance("ElGamal", BouncyCastleProvider.PROVIDER_NAME); params.init(new ElGamalParameterSpec(p.getP(), p.getG())); } catch (Exception e) { throw new RuntimeException(e.getMessage()); } return params; }
protected AlgorithmParameters engineGenerateParameters() { ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); if (random != null) { pGen.init(strength, 20, random); } else { pGen.init(strength, 20, new SecureRandom()); } ElGamalParameters p = pGen.generateParameters(); AlgorithmParameters params; try { params = createParametersInstance("ElGamal"); params.init(new DHParameterSpec(p.getP(), p.getG(), l)); } catch (Exception e) { throw new RuntimeException(e.getMessage()); } return params; }
/** * this test is can take quiet a while * * @param size size of key in bits. */ private void testGeneration( int size) { ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); pGen.init(size, 10, new SecureRandom()); ElGamalParameters elParams = pGen.generateParameters(); if (elParams.getL() != 0) { fail("ElGamalParametersGenerator failed to set L to 0 in generated ElGamalParameters"); } ElGamalKeyGenerationParameters params = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams); ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator(); kpGen.init(params); // // generate first pair // AsymmetricCipherKeyPair pair = kpGen.generateKeyPair(); ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters)pair.getPublic(); ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters)pair.getPrivate(); ElGamalEngine e = new ElGamalEngine(); e.init(true, new ParametersWithRandom(pu, new SecureRandom())); byte[] message = Hex.decode("5468697320697320612074657374"); byte[] pText = message; byte[] cText = e.processBlock(pText, 0, pText.length); e.init(false, pv); pText = e.processBlock(cText, 0, cText.length); if (!Arrays.areEqual(message, pText)) { fail("generation test failed"); } }
