JDK-4524097 : 2048 bit keylength restriction for RSA keys should be removed
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 1.4.0,1.4.1,5.0
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic,solaris_8
  • CPU: generic,sparc
  • Submitted: 2001-11-07
  • Updated: 2003-07-11
  • Resolved: 2003-07-11
Related Reports
Duplicate :  
Duplicate :  
Relates :  
Relates :  
Description
The JSafe RSA implementation we are currently using in both the SunRsaSign and the SunJSSE provider enforces a maximum length of 2048 bit for RSA keys. Keys of longer length cannot be parsed and signatures generated with such keys cannot be verified.

We should see if this restriction can be lifted in a future release. See bug 4522417 for a real world certificate that includes a much longer key (16384 bit).

Comments
EVALUATION ###@###.### 2002-09-04 Yes, we should look into this. --- We will try to address this in Tiger. ###@###.### 2002-12-04
2002-09-04