8267319: Use larger default key sizes and algorithms based on CNSA

Reviewed-by: weijun, xuelei
2025-08-26 14:24:46 +02:00 · 2022-03-24 22:50:26 +00:00 · 2022-03-24 22:50:26 +00:00 · 313bc7f64f
commit 313bc7f64f
parent c1048021fe
29 changed files with 496 additions and 178 deletions
--- a/src/java.base/share/classes/sun/security/tools/keytool/Main.java
+++ b/src/java.base/share/classes/sun/security/tools/keytool/Main.java
@ -1917,6 +1917,8 @@ public final class Main {
                    keysize = SecurityProviderConstants.DEF_EC_KEY_SIZE;
                } else if ("RSA".equalsIgnoreCase(keyAlgName)) {
                    keysize = SecurityProviderConstants.DEF_RSA_KEY_SIZE;
+                } else if ("RSASSA-PSS".equalsIgnoreCase(keyAlgName)) {
+                    keysize = SecurityProviderConstants.DEF_RSASSA_PSS_KEY_SIZE;
                } else if ("DSA".equalsIgnoreCase(keyAlgName)) {
                    keysize = SecurityProviderConstants.DEF_DSA_KEY_SIZE;
                } else if ("EdDSA".equalsIgnoreCase(keyAlgName)) {