src/java.base/share/classes/sun/security/ssl/ServerHandshaker.java
Print this page
8072452 Support DHE sizes up to 8192-bits
@@ -136,15 +136,21 @@
} else {
useLegacyEphemeralDHKeys = false;
useSmartEphemeralDHKeys = false;
try {
+ // Note: the current supported pre-computed groups are of
+ // 512, 768, 1024, 1536, 2048, 3072, 4096, 6144, 8192 bits.
+ //
+ // Except for the customized groups, please DON'T use value
+ // other than the pre-computed sizes as DH parameter
+ // generation can be extremely slow.
customizedDHKeySize = Integer.parseUnsignedInt(property);
- if (customizedDHKeySize < 1024 || customizedDHKeySize > 2048) {
+ if (customizedDHKeySize < 1024) {
throw new IllegalArgumentException(
- "Customized DH key size should be positive integer " +
- "between 1024 and 2048 bits, inclusive");
+ "Customized DH key size should larger " +
+ "than 1024 bits");
}
} catch (NumberFormatException nfe) {
throw new IllegalArgumentException(
"Invalid system property jdk.tls.ephemeralDHKeySize");
}
@@ -1518,19 +1524,15 @@
* keys and key-exchange keys.
*
* Applications may also want to customize the ephemeral DH key size
* to a fixed length for non-exportable cipher suites. This can be
* approached by setting system property "jdk.tls.ephemeralDHKeySize"
- * to a valid positive integer between 1024 and 2048 bits, inclusive.
+ * to a valid positive integer larger than 1024 bits.
*
* Note that the minimum acceptable key size is 1024 bits except
* exportable cipher suites or legacy mode.
*
- * Note that the maximum acceptable key size is 2048 bits because
- * DH keys bigger than 2048 are not always supported by underlying
- * JCE providers.
- *
* Note that per RFC 2246, the key size limit of DH is 512 bits for
* exportable cipher suites. Because of the weakness, exportable
* cipher suites are deprecated since TLS v1.1 and they are not
* enabled by default in Oracle provider. The legacy behavior is
* reserved and 512 bits DH key is always used for exportable
@@ -1541,15 +1543,17 @@
if (useLegacyEphemeralDHKeys) { // legacy mode
keySize = 768;
} else if (useSmartEphemeralDHKeys) { // matched mode
if (key != null) {
int ks = KeyUtil.getKeySize(key);
- // Note that SunJCE provider only supports 2048 bits DH
- // keys bigger than 1024. Please DON'T use value other
- // than 1024 and 2048 at present. We may improve the
- // underlying providers and key size here in the future.
+ // Note: the current supported pre-computed groups are of
+ // 512, 768, 1024, 1536, 2048, 3072, 4096, 6144, 8192 bits.
//
+ // Except for the customized groups, please DON'T use value
+ // other than the pre-computed sizes as DH parameter
+ // generation can be extremely slow.
+ //
// keySize = ks <= 1024 ? 1024 : (ks >= 2048 ? 2048 : ks);
keySize = ks <= 1024 ? 1024 : 2048;
} // Otherwise, anonymous cipher suites, 1024-bit is used.
} else if (customizedDHKeySize > 0) { // customized mode
keySize = customizedDHKeySize;