This method generates the DSS
p
,
q
, and
g
parameters only when
L
(the modulus length)
is not one of the following:
512
,
768
and
1024
. For those values of
L
, this implementation
uses pre-computed values of
p
,
q
, and
g
given in the document
CryptoSpec included in the
security guide documentation of the standard JDK distribution.
The DSS requires two primes ,
p
and
q
,
satisfying the following three conditions:
2159 < q < 2160
2L-1 < p < 2L
for a
specified L
, where L = 512 + 64j
for some
0 <= j <= 8
- q divides p - 1.
The algorithm used to find these primes is as described in FIPS-186,
section 2.2: GENERATION OF PRIMES. This prime generation scheme starts by
using the
Sha160
and a user supplied
SEED
to construct a prime,
q
, in the range 2
159 < q
< 2
160. Once this is accomplished, the same
SEED
value is used to construct an
X
in the range
2L-1
< X < 2L. The prime,
p
, is then
formed by rounding
X
to a number congruent to
1 mod
2q
. In this implementation we use the same
SEED value given
in FIPS-186, Appendix 5.