Please also review the code change at https://cr.openjdk.java.net/~weijun/8213400/webrev.00/
Notes: - CertAndKeyGen.java: generate(String name): + try { + keyGen.initialize(new NamedParameterSpec(name), prng); + } catch (InvalidAlgorithmParameterException e) { + if (keyType.equalsIgnoreCase("EC")) { + // EC has another NamedParameterSpec + keyGen.initialize(new ECGenParameterSpec(name), prng); + } else { + throw e; + } + } This is for future algorithms that accept -groupname. In fact, our own ECKeyPairGenerator should have accepted NamedParameterSpec too. generate (int keyBits) allows keyBits == -1. This is for future algorithms that do not have a default -keysize. - keytool/Main.java: + private String ecGroupNameForSize(int size) throws Exception { + AlgorithmParameters ap = AlgorithmParameters.getInstance("EC"); + ap.init(new ECKeySizeParameterSpec(size)); + // The following line assumes the toString value is "name (oid)" + return ap.toString().split(" ")[0]; + } Hopefully the ap.toString().split(" ")[0] return value is not too ugly, but the toString() might contain alternative names. - CurveDB.java: - add("sect163r2 [NIST B-163]", "1.3.132.0.15", BD, + add("sect163r2 [NIST B-163]", "1.3.132.0.15", B, All other NIST B-*** curves do not have BD. This should have been a typo. - NamedCurve.java: A new field commonNames added, which is used by the new GroupName.java test. Thanks Max