Details
-
Enhancement
-
Resolution: Duplicate
-
P4
-
None
-
8u51
-
x86
-
windows_8
Description
FULL PRODUCT VERSION :
A DESCRIPTION OF THE PROBLEM :
Some protocols of new sites use DHParameterSpec to the 4096-bit
for example ripple.com (CA : geotrust ssl ca - g3) data can not be read in java (.net ok)
Sun's JCE implementation imposes an artificial restriction on Diffie-Hellman primes. When passing a DHParameterSpec generated with a 4096-bit long modulus, class DHKeyPairGenerator will throw an exception indicating that "Prime size must be multiple of 64, and can only range from 512 to 2048 (inclusive)."
Please allow for module sizes beyond the 2048-bit limit.(Proposal to change 4096)
The same problem has been fixed in redhat:
https://bugzilla.redhat.com/attachment.cgi?id=1012238&action=diff
REPRODUCIBILITY :
This bug can be reproduced always.
A DESCRIPTION OF THE PROBLEM :
Some protocols of new sites use DHParameterSpec to the 4096-bit
for example ripple.com (CA : geotrust ssl ca - g3) data can not be read in java (.net ok)
Sun's JCE implementation imposes an artificial restriction on Diffie-Hellman primes. When passing a DHParameterSpec generated with a 4096-bit long modulus, class DHKeyPairGenerator will throw an exception indicating that "Prime size must be multiple of 64, and can only range from 512 to 2048 (inclusive)."
Please allow for module sizes beyond the 2048-bit limit.(Proposal to change 4096)
The same problem has been fixed in redhat:
https://bugzilla.redhat.com/attachment.cgi?id=1012238&action=diff
REPRODUCIBILITY :
This bug can be reproduced always.
Attachments
Issue Links
- duplicates
-
-
- Closed
-