1

I am trying to perform a Diffie Hellman Hey agreement, and as part of the parameter definition, I have 3 values:

a prime modulus p a base generator g a subprime q

looking at the various constructors for creating the keys necessary to perform this agreement, I don't seem to be able to set the q value:

https://docs.oracle.com/en/java/javase/11/docs/api/java.base/javax/crypto/spec/DHParameterSpec.html

DHParameterSpec​(BigInteger p, BigInteger g)
Constructs a parameter set for Diffie-Hellman, using a prime modulus p and a base generator g. DHParameterSpec​(BigInteger p, BigInteger g, int l)
Constructs a parameter set for Diffie-Hellman, using a prime modulus p, a base generator g, and the size in bits, l, of the random exponent (private value).

and https://docs.oracle.com/javase/9/docs/api/javax/crypto/spec/DHPublicKeySpec.html

DHPublicKeySpec​(BigInteger y, BigInteger p, BigInteger g)
Constructor that takes a public value y, a prime modulus p, and a base generator g.

https://docs.oracle.com/javase/9/docs/api/javax/crypto/spec/DHPrivateKeySpec.html

DHPrivateKeySpec​(BigInteger x, BigInteger p, BigInteger g)
Constructor that takes a private value x, a prime modulus p, and a base generator g.

Now, I know that Bouncy Castle has an implementation that supports this:

https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/crypto/params/DHParameters.html

But I cannot use Bouncy Castle.

Is there a way to still use DHParameterSpec/DHPublicKey/DHPrivateKey with the q value that I am missing?

factor2
  • 155
  • 9
  • You have already asked the **same** [question](https://stackoverflow.com/questions/68475181/diffie-hellman-key-agreement-using-dhparameterspec-with-optional-subprime-q). It was closed (_seeking recommendations for books, tools, software libraries, and more not allowed on SO_), whereupon you deleted it. Do you think it will work the 2nd time? – Topaco Jul 22 '21 at 13:23
  • I reworded how I asked it at the end of the question to adjust the question more towards how to use dhparameterspec, so I am hoping that will bring it into compliance. I'm not trying anything nefarious, just looking for some help with my problem. I made sure to modify my question so it would not be the same – factor2 Jul 22 '21 at 13:30
  • Sorry, I don't see any significant difference compared to the old question, but maybe you're lucky. – Topaco Jul 22 '21 at 13:39
  • I removed the portion asking about any other methods and refocused the question on how to specifically use dhparameterspec with a q value. I also edited the previous question, but then deleted it instead. You may be comparing to my edited closed question. I apologize if I have broken the rules too significantly – factor2 Jul 22 '21 at 13:42
  • Why do you want to set the q value? What do you expect the q value to be used for? Do you even know what this q value is? – President James K. Polk Jul 22 '21 at 15:54
  • **No**, not with JCA. For your own side, you can use l~log2(q) as an approximation, or 'manually' generate x outside JCA as random BigInteger [2,p-1] and compute y with .modPow. Or even more kludgily, treat your p,g,q as _DSA_ parameters for key generation, and map the result to DH. (JCE itself does this to _generate_ DH parameters.) The harder part is if you need to transmit or receive these parameters or keys in standard (X.509 SPKI or PKCS8) forms. Ideally you could switch to _ECDH_ which is more efficient, sexier, checklistier, AND avoids this silly encoding inconsistency :-) :-) – dave_thompson_085 Jul 22 '21 at 16:11

1 Answers1

0

Use DSA BigInteger getG() Returns the base g. BigInteger getP() Returns the prime p. BigInteger getQ() Returns the sub-prime q. https://docs.oracle.com/javase/7/docs/api/java/security/spec/DSAParameterSpec.html

Rakesh Nayak
  • 49
  • 2