In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Legion-of-the-bouncy-castle-java-crytography-api | Bouncycastle | * | 1.55 (including) |