public class DSAXmlSignature extends BaseXmlSignatureAlgorithm
The DSA family of algorithms is defined in FIPS 186-3 [DSS]. FIPS 186-3 defines DSA in terms of two security parameters L and N where L = |p|, N = |q|, p is the prime modulus, q is a prime divisor of (p-1). FIPS 186-3 defines four valid pairs of (L, N); they are: (1024, 160), (2048, 224), (2048, 256) and (3072, 256). The pair (1024, 160) corresponds to the algorithm DSAwithSHA1, which is identified in this specification by the URI http://www.w3.org/2000/09/xmldsig#dsa-sha1. The pairs (2048, 256) and (3072, 256) correspond to the algorithm DSAwithSHA256, which is identified in this specification by the URI http://www.w3.org/2009/xmldsig11#dsa-sha256. This specification does not use the (2048, 224) instance of DSA (which corresponds to DSAwithSHA224).
The output of the DSA algorithm consists of a pair of integers usually referred by the pair (r, s). The signature value consists of the base64 encoding of the concatenation of two octet-streams that respectively result from the octet-encoding of the values r and s in that order. Integer to octet-stream conversion must be done according to the I2OSP operation defined in the RFC 3447 [PKCS1] specification with a l parameter equal to 20.
DSA takes no explicit parameters.
Per FIPS 186-3 [DSS], the DSA security parameter L is defined to be 1024, 2048 or 3072 bits and the corresponding DSA q value is defined to be 160, 224/256 and 256 bits respectively. Special Publication SP 800-57 Part 1 [SP800-57], NIST recommends using at least at 2048-bit public keys for securing information beyond 2010 (and 3072-bit keys for securing information beyond 2030).
Since XML Signature 1.0 requires implementations to support DSA-based digital signatures, this XML Signature 1.1 revision REQUIRES signature verifiers to implement DSA only for keys of 1024 bits in order to guarantee interoperability with XML Signature 1.0 generators. XML Signature 1.1 implementations MAY but are NOT REQUIRED to support DSA-based signature generation, and given the short key size and the SP800-57 guidelines, DSA with 1024-bit prime moduli SHOULD NOT be used for signatures that will be verified beyond 2010.
| Modifier and Type | Class and Description |
|---|---|
static class |
DSAXmlSignature.DSAWithSHA1 |
mSign, mSignatureAlg, mSigner, mVerifier| Constructor and Description |
|---|
DSAXmlSignature(tr.gov.tubitak.uekae.esya.api.crypto.alg.SignatureAlg aSignatureAlg) |
| Modifier and Type | Method and Description |
|---|---|
byte[] |
sign() |
boolean |
verify(byte[] aSignatureValue) |
getAlgorithmName, initSign, initVerify, updatepublic DSAXmlSignature(tr.gov.tubitak.uekae.esya.api.crypto.alg.SignatureAlg aSignatureAlg)
public byte[] sign()
throws XMLSignatureException
sign in interface XmlSignatureAlgorithmsign in class BaseXmlSignatureAlgorithmXMLSignatureExceptionpublic boolean verify(byte[] aSignatureValue)
throws XMLSignatureException
verify in interface XmlSignatureAlgorithmverify in class BaseXmlSignatureAlgorithmXMLSignatureExceptionCopyright © 2025. All rights reserved.