My recollection is that the latest PKCS11 standard has been in the works
for a few years and there is no SHA-2 DSA signature support from Solaris
when we add the SHA-2 DSA support.
Valerie
On 2/24/2016 10:25 AM, Sean Mullan wrote:
On 02/24/2016 11:58 AM, Seán Coffey wrote:
I think you might
Hello Xuelei, et. al:
I have an updated webrev that does lazy instantiation of the
StatusResponseManager. It will happen if the enabling property is true
and a ServerHandshaker attempts to get the SRM from the context. If it
has not been created it will be at that point in time.
http://cr.
On 02/24/2016 11:58 AM, Seán Coffey wrote:
I think you might have forgotten the PKCS11 implementation Sean.
e.g.
src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java
Good catch, although I think we should only increase the size for RSA
key pairs, since we don't yet
I think you might have forgotten the PKCS11 implementation Sean.
e.g.
src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java
On a side note, I notice a discrepancy in the KeyPairGenerator javadoc.
It's more of an implNote issue :
If the algorithm is the/DSA/algorith
Please review this fix to improve security defaults by increasing the
default keysize of the RSA, DSA, and DiffieHellman implementations of
AlgorithmParameterGenerator and KeyPairGenerator from 1024 to 2048 bits:
http://cr.openjdk.java.net/~mullan/webrevs/8138653/webrev.00/
Thanks,
Sean
