From: "Vincent yu"<vyu@certco.com>
To: java-security@web2.javasoft.com
Date: Mon, 18 Aug 1997 17:39:53 -0400
Subject: Re: Question on DSA Verify
In my application, I have already had the public key. That means I cannot
use the key gen and then serialize the public key component. It seems that
I need to wait for JDK1.2 or wite my own class. Do you know when JDK 1.2
will come out.
Also how can I be the source code licensee so that I can write my own class
from your source code.
Thanks again.
Vincent
------------------------------------------------------
Vincent:
> I am still very confuse after reading the document CryptoSpec.html. I
need > to verify a DSA Signature. I have already public key, p, q, g, r, s
and > the text to be verify. From the example, it only require public key,
data, > and signature. It seems that it doesn't requre p, q. g. I see
that p,q,g > are only required in key-generation.
p, q, and g are encoded with the public key, i.e., the PublicKey
object contains p, q, and g. That's why you do not have to specify
them separately.
> But I think p,q,g are required to
> perform the calculation of DSA verify.
Right. They are retrieved from the public key.
You can verify this by casting PublicKey to DSAKey, and call the
getParams() method of that interface. This will give you access
to p, q, and g via the getP(), getQ(), and getG() methods.
> It will be very helpful if you can
> give me an example on DSA Verify and also DSA Sign assuming that I
already > have public key/private key, p, q, g, text and r,s(if verify).
Currently, it is impossible to instantiate a public key from given
key material. We have addressed this deficiency in the next JDK release
(JDK1.2).
A work-around for JDK1.1 is to serialize the public/private components
from the generated key pair, and then de-serialize them when you want
to use them again.
r and s are encoded in the signature.
> Also the document mention about default provider "SUN". Where can I find
> the source java code for that package.
The SUN provider code is located in the sun.security.provider package.
Are you a source code licensee?
Hope this helps.
Jan