I think you might have forgotten the PKCS11 implementation Sean.
e.g.
src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java
On a side note, I notice a discrepancy in the KeyPairGenerator javadoc.
It's more of an implNote issue :
If the algorithm is the/DSA/algorithm, and the keysize (modulus size)
is 512, 768, or 1024, then the/Sun/provider uses a set of precomputed
values for the|p|,|q|, and|g|parameters.
I think we also cache 2048 bit values. Maybe you can modify.
Regards,
Sean.
On 24/02/16 14:54, Sean Mullan wrote:
Please review this fix to improve security defaults by increasing the
default keysize of the RSA, DSA, and DiffieHellman implementations of
AlgorithmParameterGenerator and KeyPairGenerator from 1024 to 2048 bits:
http://cr.openjdk.java.net/~mullan/webrevs/8138653/webrev.00/
Thanks,
Sean
