We released Nexus1 on December 1st 2006 and it already used 2048 RSA for the keyfile. No key-generator has been released.
We used the same for Nexus2 expansion-licenses and even now for Nexus3.
Still no key-gen.
512 is way too weak. It was too weak in 2006, it’s ridiculously weak in 2020.
I think it’s viable to start having a discussion now about whether we should be thinking about 4096 bit keys if we are interested in future-proofing for another 13 years!
In response to the original question about libraries, OpenSSL is always good choice. The Intel IPP libraries also contain crypto routines that can be used for public/private keying.
