Code Review Request, JDK-8172869 4096 is not supported yet for the DH Parameter Generator

Xuelei Fan at
Tue Jan 24 20:09:03 UTC 2017

On 1/24/2017 11:46 AM, Anthony Scarpino wrote:
> On 01/24/2017 11:24 AM, Xuelei Fan wrote:
>> Hi,
>> Please review this spec documentation update:
>> In the specification, 4096
>> bits DH parameter generator is specified as a required feature.
>> However, the 4096 bits DH parameter generator is not supported yet in
>> JDK.  Although the 4096 bits DH key generation is supported, but it uses
>> the predefined DH parameters.
>> This update removes the 4096 bits DH parameter generator requirement
>> from the specification.
>> Thanks,
>> Xuelei
> The change looks fine, but does it make sense to mention that 4k bit DH
> uses predefined parameters in the this section or somewhere else?
As it is an implementation details of JDK, I was wondering to state it 
in the KeyPairGenerator section in Oracle Providers documentation.  I 
filed a sub-task of JDK-8015388 to track this doc update.


More information about the security-dev mailing list