102 // Flag to use smart ephemeral DH key which size matches the corresponding
103 // authentication key
104 private static final boolean useSmartEphemeralDHKeys;
105
106 // Flag to use legacy ephemeral DH key which size is 512 bits for
107 // exportable cipher suites, and 768 bits for others
108 private static final boolean useLegacyEphemeralDHKeys;
109
110 // The customized ephemeral DH key size for non-exportable cipher suites.
111 private static final int customizedDHKeySize;
112
113 // legacy algorithm constraints
114 private static final AlgorithmConstraints legacyAlgorithmConstraints =
115 new LegacyAlgorithmConstraints(
116 LegacyAlgorithmConstraints.PROPERTY_TLS_LEGACY_ALGS,
117 new SSLAlgorithmDecomposer());
118
119 private long statusRespTimeout;
120
121 static {
122 String property = AccessController.doPrivileged(
123 new GetPropertyAction("jdk.tls.ephemeralDHKeySize"));
124 if (property == null || property.length() == 0) {
125 useLegacyEphemeralDHKeys = false;
126 useSmartEphemeralDHKeys = false;
127 customizedDHKeySize = -1;
128 } else if ("matched".equals(property)) {
129 useLegacyEphemeralDHKeys = false;
130 useSmartEphemeralDHKeys = true;
131 customizedDHKeySize = -1;
132 } else if ("legacy".equals(property)) {
133 useLegacyEphemeralDHKeys = true;
134 useSmartEphemeralDHKeys = false;
135 customizedDHKeySize = -1;
136 } else {
137 useLegacyEphemeralDHKeys = false;
138 useSmartEphemeralDHKeys = false;
139
140 try {
141 // DH parameter generation can be extremely slow, best to
142 // use one of the supported pre-computed DH parameters
143 // (see DHCrypt class).
|
102 // Flag to use smart ephemeral DH key which size matches the corresponding
103 // authentication key
104 private static final boolean useSmartEphemeralDHKeys;
105
106 // Flag to use legacy ephemeral DH key which size is 512 bits for
107 // exportable cipher suites, and 768 bits for others
108 private static final boolean useLegacyEphemeralDHKeys;
109
110 // The customized ephemeral DH key size for non-exportable cipher suites.
111 private static final int customizedDHKeySize;
112
113 // legacy algorithm constraints
114 private static final AlgorithmConstraints legacyAlgorithmConstraints =
115 new LegacyAlgorithmConstraints(
116 LegacyAlgorithmConstraints.PROPERTY_TLS_LEGACY_ALGS,
117 new SSLAlgorithmDecomposer());
118
119 private long statusRespTimeout;
120
121 static {
122 String property =
123 GetPropertyAction.getProperty("jdk.tls.ephemeralDHKeySize");
124 if (property == null || property.length() == 0) {
125 useLegacyEphemeralDHKeys = false;
126 useSmartEphemeralDHKeys = false;
127 customizedDHKeySize = -1;
128 } else if ("matched".equals(property)) {
129 useLegacyEphemeralDHKeys = false;
130 useSmartEphemeralDHKeys = true;
131 customizedDHKeySize = -1;
132 } else if ("legacy".equals(property)) {
133 useLegacyEphemeralDHKeys = true;
134 useSmartEphemeralDHKeys = false;
135 customizedDHKeySize = -1;
136 } else {
137 useLegacyEphemeralDHKeys = false;
138 useSmartEphemeralDHKeys = false;
139
140 try {
141 // DH parameter generation can be extremely slow, best to
142 // use one of the supported pre-computed DH parameters
143 // (see DHCrypt class).
|