Cryptix/java.security

[Bill Frantz]

I have spent some time with the Cryptix 3.0.3 FAQ.  It appears that they
use DSA (The NIST Digital Signature Algorithm) as it appears in the
JavaSoft release.  (i.e. the Sun provider implementation.)  They also note
that they have not tested against non-JavaSoft JVMs.

Given that Kaffe doesn't have DSA, and the current E DataComm system
requires it, someone has to implement it on Kaffe.  The only good news in
this story is that the implementor can be a US citizen, since DSA is not an
encryption algorithm.

A glance thru Schneier shows that DSA uses only normal BigInteger
operations (modPow, add, modInverse, and multiply).  It uses the default
1024 bit public parameters:

SEED = 8d515589 4229d5e6 89ee01e6 018a237e 2cae64cd

counter = 92

p = fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80
    b6512669 455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b
    801d346f f26660b7 6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6
    1bf83b57 e7c6a8a6 150f04fb 83f6d3c5 1ec30235 54135a16 9132f675
    f3ae2b61 d72aeff2 2203199d d14801c7

q = 9760508f 15230bcc b292b982 a2eb840b f0581cf5
                        
g = f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b
    3d078267 5159578e bad4594f e6710710 8180b449 167123e8 4c281613
    b7cf0932 8cc8a6e1 3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f
    0bfa2135 62f1fb62 7a01243b cca4f1be a8519089 a883dfe1 5ae59f06
    928b665e 807b5525 64014c3b fecf492a

Using the JavaSoft implementation to generate test vectors will insure
interoperability.  Doing DSA doesn't seem like a large effort given
java.math.BigInteger.