Mercurial > hg > openjdk > jdk6 > jdk
changeset 1743:c4c55e626604
8178466: Better RSA parameters
Reviewed-by: mullan, ahgross
author | igerasim |
---|---|
date | Thu, 07 Sep 2017 16:12:33 -0700 |
parents | 67fd7b8b46d4 |
children | 47f88326bdcd |
files | src/share/classes/sun/security/tools/keytool/Main.java src/share/classes/sun/security/util/SecurityProviderConstants.java test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java |
diffstat | 3 files changed, 11 insertions(+), 13 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/keytool/Main.java Tue Oct 24 03:44:21 2017 -0700 +++ b/src/share/classes/sun/security/tools/keytool/Main.java Thu Sep 07 16:12:33 2017 -0700 @@ -1264,11 +1264,9 @@ if ("EC".equalsIgnoreCase(keyAlgName)) { keysize = SecurityProviderConstants.DEF_EC_KEY_SIZE; } else if ("RSA".equalsIgnoreCase(keyAlgName)) { - // hardcode for now as DEF_RSA_KEY_SIZE is still 1024 - keysize = 2048; // SecurityProviderConstants.DEF_RSA_KEY_SIZE; + keysize = SecurityProviderConstants.DEF_RSA_KEY_SIZE; } else if ("DSA".equalsIgnoreCase(keyAlgName)) { - // hardcode for now as DEF_DSA_KEY_SIZE is still 1024 - keysize = 2048; + keysize = SecurityProviderConstants.DEF_DSA_KEY_SIZE; } }
--- a/src/share/classes/sun/security/util/SecurityProviderConstants.java Tue Oct 24 03:44:21 2017 -0700 +++ b/src/share/classes/sun/security/util/SecurityProviderConstants.java Thu Sep 07 16:12:33 2017 -0700 @@ -64,9 +64,9 @@ static { String keyLengthStr = GetPropertyAction.privilegedGetProperty (KEY_LENGTH_PROP); - int dsaKeySize = 1024; - int rsaKeySize = 1024; - int dhKeySize = 1024; + int dsaKeySize = 2048; + int rsaKeySize = 2048; + int dhKeySize = 2048; int ecKeySize = 256; if (keyLengthStr != null) {
--- a/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java Tue Oct 24 03:44:21 2017 -0700 +++ b/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java Thu Sep 07 16:12:33 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -83,10 +83,10 @@ KeyPair kp; KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", "SunJCE"); - // Sun's default uses a default psize of 1024 and + // Sun's default uses a default psize of 2048 and // lsize of (pSize / 2) but at least 384 bits kp = kpg.generateKeyPair(); - checkKeyPair(kp, Sizes.ten24, Sizes.five12); + checkKeyPair(kp, Sizes.twenty48, Sizes.ten24); DHPublicKey publicKey = (DHPublicKey)kp.getPublic(); BigInteger p = publicKey.getParams().getP(); @@ -98,15 +98,15 @@ kpg.initialize(new DHParameterSpec(p, g, Sizes.ten24.getIntSize())); kp = kpg.generateKeyPair(); - checkKeyPair(kp, Sizes.ten24, Sizes.ten24); + checkKeyPair(kp, Sizes.twenty48, Sizes.ten24); kpg.initialize(new DHParameterSpec(p, g, Sizes.five12.getIntSize())); kp = kpg.generateKeyPair(); - checkKeyPair(kp, Sizes.ten24, Sizes.five12); + checkKeyPair(kp, Sizes.twenty48, Sizes.five12); kpg.initialize(new DHParameterSpec(p, g, Sizes.two56.getIntSize())); kp = kpg.generateKeyPair(); - checkKeyPair(kp, Sizes.ten24, Sizes.two56); + checkKeyPair(kp, Sizes.twenty48, Sizes.two56); kpg.initialize(Sizes.five12.getIntSize()); kp = kpg.generateKeyPair();