Re: RSA and DSA key get methods returning BigInteger

David Brownell (David.Brownell@Eng)
Wed, 7 May 1997 09:50:18 -0700

Date: Wed, 7 May 1997 09:50:18 -0700
From: David.Brownell@Eng (David Brownell)
Message-Id: <199705071650.JAA05452@argon.eng.sun.com>
To: burnettS@RSA.COM, java-security@web2.javasoft.com
Subject: Re: RSA and DSA key get methods returning BigInteger

I had similar comments when I was working on the original BSAFE bindings!
Since then, the BigInteger class has improved.

In the big picture, I think it's best if you try to support the BigInteger
interface to your representations. You can just subclass BigInteger; if
you run into any problems doing that, let us know. The spots I'd watch
out for bugs involve operations which mix both implementations; I suspect
the conversion operations aren't well developed yet.

It's bad to have multiple interfaces to the same abstraction. But having
several implementations of an abstraction (BigInteger) with different
qualities of service is a Good Thing.

- Dave

> From burnettS@RSA.COM Wed May 7 09:34:31 1997
> From: Steve Burnett <burnettS@RSA.COM>
> To: "'JavaSoft crypto questions'" <java-security@web2.javasoft.com>
> Subject: RSA and DSA key get methods returning BigInteger
> Date: Wed, 7 May 1997 09:37:03 -0700
>
> When extracting elements of keys (modulus and exponent of an RSA key
> or p, q, g, x or y of a DSA key) the Security methods return a
> BigInteger. But suppose the underlying provider does not use the
> BigInteger class to perform the multi-precision arithmatic.
>
> Maybe it would be better for these methods to return canonical
> integers in byte arrays. These numbers will never be negative, so there
> is no need to worry about the sign.
>
> --Steve Burnett
> burnetts@rsa.com
>