Set default EC key size to 256-bits

NIST SP800 131A recommends 112-bits as the lowest security level
acceptable after December 31, 2013. Although the 239-bit EC group
meets that bar, the P-256, P-384, and P-521 are the more widely
supported options. Change the default to increase interoperability
while maintaining the security level recommended.

(cherry picked from commit c5a7ff00b9c78ce5e15de5b99dc78a7e8c83ecd3)

Bug: 21085656
Change-Id: Idb71fdc801bafc5ad38f0b87dc3847f48854563f

1 files changed, 3 insertions, 1 deletions

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
index 1239609..d858518 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
@@ -42,7 +42,9 @@ public abstract class KeyPairGeneratorSpi
         ECKeyGenerationParameters   param;
         ECKeyPairGenerator          engine = new ECKeyPairGenerator();
         Object                      ecParams = null;
-        int                         strength = 239;
+        // BEGIN android-changed
+        int                         strength = 256;
+        // BEGIN android-changed
         int                         certainty = 50;
         SecureRandom                random = new SecureRandom();
         boolean                     initialised = false;