archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8293554: Enhanced DH Key Exchanges

Browse source 
Reviewed-by: rhalade, mschoene, ascarpino, weijun
This commit is contained in:
Valerie Peng 2022-10-07 22:25:38 +00:00 committed by Henry Jen
parent 2e8073e4f9
commit 6c5aefe60c
5 changed files with 91 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

24
src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java
View file

@ -102,6 +102,30 @@ public final class SecurityProviderConstants {
}
}
public static final int getDefDHPrivateExpSize(int dhGroupSize) {
// use 2*security strength as default private exponent size
// as in table 2 of NIST SP 800-57 part 1 rev 5, sec 5.6.1.1
// and table 25 of NIST SP 800-56A rev 3, appendix D.
if (dhGroupSize >= 15360) {
return 512;
} else if (dhGroupSize >= 8192) {
return 400;
} else if (dhGroupSize >= 7680) {
return 384;
} else if (dhGroupSize >= 6144) {
return 352;
} else if (dhGroupSize >= 4096) {
return 304;
} else if (dhGroupSize >= 3072) {
return 256;
} else if (dhGroupSize >= 2048) {
return 224;
} else {
// min value for legacy key sizes
return 160;
}
}
public static final int getDefAESKeySize() {
int currVal = DEF_AES_KEY_SIZE.get();
if (currVal == -1) {