/[packages]/updates/8/java-1.8.0-openjdk/current/SOURCES/rh1163501-increase_2048_bit_dh_upper_bound_fedora_infrastructure_in_dhparametergenerator.patch
ViewVC logotype

Annotation of /updates/8/java-1.8.0-openjdk/current/SOURCES/rh1163501-increase_2048_bit_dh_upper_bound_fedora_infrastructure_in_dhparametergenerator.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1083674 - (hide annotations) (download)
Fri Jan 27 22:31:45 2017 UTC (7 years, 2 months ago) by luigiwalser
Original Path: cauldron/java-1.8.0-openjdk/current/SOURCES/rh1163501.patch
File size: 5134 byte(s)
sync with fedora as of 2017-01-25, update to u121b14
1 luigiwalser 1083674 diff --git a/src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java b/src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java
2     --- openjdk/jdk/src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java
3     +++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java
4     @@ -1,5 +1,6 @@
5 luigiwalser 820279 /*
6     * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
7     + * Copyright (c) 2014 Red Hat Inc.
8     * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
9     *
10     * This code is free software; you can redistribute it and/or modify it
11 luigiwalser 1083674 @@ -74,10 +75,10 @@
12     private static void checkKeySize(int keysize)
13     throws InvalidParameterException {
14 luigiwalser 820279
15 luigiwalser 1083674 - if ((keysize < 512) || (keysize > 2048) || ((keysize & 0x3F) != 0)) {
16     + if ((keysize < 512) || (keysize > 4096) || ((keysize & 0x3F) != 0)) {
17     throw new InvalidParameterException(
18     "DH key size must be multiple of 64, and can only range " +
19     - "from 512 to 2048 (inclusive). " +
20     + "from 512 to 4096 (inclusive). " +
21     "The specific key size " + keysize + " is not supported");
22 luigiwalser 820279 }
23 luigiwalser 1083674 }
24     diff --git a/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java b/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java
25     --- openjdk/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java
26     +++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java
27     @@ -1,5 +1,6 @@
28 luigiwalser 820279 /*
29     * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
30     + * Copyright (c) 2014 Red Hat Inc.
31     * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
32     *
33     * This code is free software; you can redistribute it and/or modify it
34 luigiwalser 1083674 @@ -60,11 +61,11 @@
35 luigiwalser 820279
36     private static void checkKeySize(int keysize)
37 luigiwalser 1083674 throws InvalidParameterException {
38     - if ((keysize != 2048) &&
39     + if ((keysize != 2048) && (keysize != 4096) &&
40 luigiwalser 820279 ((keysize < 512) || (keysize > 1024) || (keysize % 64 != 0))) {
41 luigiwalser 1083674 throw new InvalidParameterException(
42     "DH key size must be multiple of 64 and range " +
43     - "from 512 to 1024 (inclusive), or 2048. " +
44     + "from 512 to 1024 (inclusive), or 2048, or 4096. " +
45     "The specific key size " + keysize + " is not supported");
46 luigiwalser 820279 }
47     }
48 luigiwalser 1083674 diff --git a/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java b/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java
49     --- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java
50     +++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java
51     @@ -285,11 +285,11 @@
52 luigiwalser 820279 // this restriction is in the spec for DSA
53     // since we currently use DSA parameters for DH as well,
54     // it also applies to DH if no parameters are specified
55     - if ((keySize != 2048) &&
56     + if ((keySize != 2048) && (keySize != 4096) &&
57     ((keySize > 1024) || ((keySize & 0x3f) != 0))) {
58     throw new InvalidAlgorithmParameterException(algorithm +
59     " key must be multiples of 64 if less than 1024 bits" +
60 luigiwalser 1083674 - ", or 2048 bits. " +
61     + ", or 2048 bits, or 4096 bits. " +
62     "The specific key size " +
63     keySize + " is not supported");
64 luigiwalser 820279 }
65 luigiwalser 1083674 diff --git a/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java b/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java
66     --- openjdk/jdk/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java
67     +++ openjdk/jdk/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java
68     @@ -1,5 +1,6 @@
69 luigiwalser 820279 /*
70     * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
71     + * Copyright (c) 2014 Red Hat Inc.
72     * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
73     *
74     * This code is free software; you can redistribute it and/or modify it
75 luigiwalser 1083674 @@ -58,7 +59,7 @@
76 luigiwalser 820279 */
77     private enum Sizes {
78     two56(256), three84(384), five12(512), seven68(768), ten24(1024),
79     - twenty48(2048);
80     + twenty48(2048), forty96(4096);
81    
82     private final int intSize;
83     private final BigInteger bigIntValue;
84 luigiwalser 1083674 @@ -130,6 +131,19 @@
85 luigiwalser 820279 kp = kpg.generateKeyPair();
86     checkKeyPair(kp, Sizes.twenty48, Sizes.five12);
87    
88     + kpg.initialize(Sizes.forty96.getIntSize());
89     + kp = kpg.generateKeyPair();
90     + checkKeyPair(kp, Sizes.forty96, Sizes.twenty48);
91     +
92     + publicKey = (DHPublicKey)kp.getPublic();
93     + p = publicKey.getParams().getP();
94     + g = publicKey.getParams().getG();
95     +
96     + // test w/ all values specified
97     + kpg.initialize(new DHParameterSpec(p, g, Sizes.ten24.getIntSize()));
98     + kp = kpg.generateKeyPair();
99     + checkKeyPair(kp, Sizes.forty96, Sizes.ten24);
100     +
101     System.out.println("OK");
102     }
103    

  ViewVC Help
Powered by ViewVC 1.1.30