JDK-8062834 : Allow DHKeyPair generation for bit lengths > 1024 in 6u, 7u
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 6u85
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2014-11-04
  • Updated: 2017-06-20
  • Resolved: 2015-04-30
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
6u105 b01Fixed 7u85Fixed
Related Reports
Duplicate :  
Relates :  
Relates :  
Generation of DHKeyPairs with bit lengths > 1024 is not supported in JDK 6u, 7u at moment. Proposal to increase the limit up to 2048 bits similar to that found in JDK 8. This functionality probably means that the SHA224 hash function support needs to be backported along with loosening of checks in the keygenerator classes.

java.lang.RuntimeException: Could not generate DH keypair and 
java.security.InvalidAlgorithmParameterException: Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive).