Mercurial > hg > openjdk > jdk6 > jdk

changeset 1743:c4c55e626604

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8178466: Better RSA parameters Reviewed-by: mullan, ahgross
author igerasim
date Thu, 07 Sep 2017 16:12:33 -0700
parents 67fd7b8b46d4
children 47f88326bdcd
files src/share/classes/sun/security/tools/keytool/Main.java src/share/classes/sun/security/util/SecurityProviderConstants.java test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java
diffstat 3 files changed, 11 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/keytool/Main.java	Tue Oct 24 03:44:21 2017 -0700
+++ b/src/share/classes/sun/security/tools/keytool/Main.java	Thu Sep 07 16:12:33 2017 -0700
@@ -1264,11 +1264,9 @@
             if ("EC".equalsIgnoreCase(keyAlgName)) {
                 keysize = SecurityProviderConstants.DEF_EC_KEY_SIZE;
             } else if ("RSA".equalsIgnoreCase(keyAlgName)) {
-                // hardcode for now as DEF_RSA_KEY_SIZE is still 1024
-                keysize = 2048; // SecurityProviderConstants.DEF_RSA_KEY_SIZE;
+                keysize = SecurityProviderConstants.DEF_RSA_KEY_SIZE;
             } else if ("DSA".equalsIgnoreCase(keyAlgName)) {
-                // hardcode for now as DEF_DSA_KEY_SIZE is still 1024
-                keysize = 2048;
+                keysize = SecurityProviderConstants.DEF_DSA_KEY_SIZE;
             }
         }
 
--- a/src/share/classes/sun/security/util/SecurityProviderConstants.java	Tue Oct 24 03:44:21 2017 -0700
+++ b/src/share/classes/sun/security/util/SecurityProviderConstants.java	Thu Sep 07 16:12:33 2017 -0700
@@ -64,9 +64,9 @@
     static {
         String keyLengthStr = GetPropertyAction.privilegedGetProperty
             (KEY_LENGTH_PROP);
-        int dsaKeySize = 1024;
-        int rsaKeySize = 1024;
-        int dhKeySize = 1024;
+        int dsaKeySize = 2048;
+        int rsaKeySize = 2048;
+        int dhKeySize = 2048;
         int ecKeySize = 256;
 
         if (keyLengthStr != null) {
--- a/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java	Tue Oct 24 03:44:21 2017 -0700
+++ b/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java	Thu Sep 07 16:12:33 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -83,10 +83,10 @@
         KeyPair kp;
         KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", "SunJCE");
 
-        // Sun's default uses a default psize of 1024 and
+        // Sun's default uses a default psize of 2048 and
         // lsize of (pSize / 2) but at least 384 bits
         kp = kpg.generateKeyPair();
-        checkKeyPair(kp, Sizes.ten24, Sizes.five12);
+        checkKeyPair(kp, Sizes.twenty48, Sizes.ten24);
 
         DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
         BigInteger p = publicKey.getParams().getP();
@@ -98,15 +98,15 @@
 
         kpg.initialize(new DHParameterSpec(p, g, Sizes.ten24.getIntSize()));
         kp = kpg.generateKeyPair();
-        checkKeyPair(kp, Sizes.ten24, Sizes.ten24);
+        checkKeyPair(kp, Sizes.twenty48, Sizes.ten24);
 
         kpg.initialize(new DHParameterSpec(p, g, Sizes.five12.getIntSize()));
         kp = kpg.generateKeyPair();
-        checkKeyPair(kp, Sizes.ten24, Sizes.five12);
+        checkKeyPair(kp, Sizes.twenty48, Sizes.five12);
 
         kpg.initialize(new DHParameterSpec(p, g, Sizes.two56.getIntSize()));
         kp = kpg.generateKeyPair();
-        checkKeyPair(kp, Sizes.ten24, Sizes.two56);
+        checkKeyPair(kp, Sizes.twenty48, Sizes.two56);
 
         kpg.initialize(Sizes.five12.getIntSize());
         kp = kpg.generateKeyPair();