diff a/closed/src/java.base/share/specs/security/standard-names.md b/closed/src/java.base/share/specs/security/standard-names.md --- a/closed/src/java.base/share/specs/security/standard-names.md +++ b/closed/src/java.base/share/specs/security/standard-names.md @@ -3067,17 +3067,20 @@ --------------------------------------------- -------------------------------- Class Algorithm Name(s) --------------------------------------------- -------------------------------- `AlgorithmParameterGenerator` \ DiffieHellman (1024, 2048) \ -Implementations must support the key sizes \ DSA (1024, 2048) +Implementations must support the key sizes DSA (1024, 2048) in parentheses. -`AlgorithmParameters` AES \ - DESede \ - DiffieHellman \ - DSA +`AlgorithmParameters` \ AES \ +For the "EC" algorithm, implementations must ChaCha20-Poly1305 \ +support the curves in parentheses. For the DESede \ +"RSASSA-PSS" algorithm, implementations must DiffieHellman \ +support the parameters in parentheses. DSA \ + EC (secp256r1, secp384r1) \ + RSASSA-PSS (MGF1 mask generation function and SHA-256 or SHA-384 hash algorithms) `CertificateFactory` X.509 `CertPath` Encoding PKCS7 \ PkiPath @@ -3090,11 +3093,12 @@ `Cipher` \ AES/CBC/NoPadding (128) \ Implementations must support the key sizes AES/CBC/PKCS5Padding (128) \ in parentheses. AES/ECB/NoPadding (128) \ AES/ECB/PKCS5Padding (128) \ - AES/GCM/NoPadding (128) \ + AES/GCM/NoPadding (128, 256) \ + ChaCha20-Poly1305 \ DESede/CBC/NoPadding (168) \ DESede/CBC/PKCS5Padding (168) \ DESede/ECB/NoPadding (168) \ DESede/ECB/PKCS5Padding (168) \ RSA/ECB/PKCS1Padding (1024, 2048) \ @@ -3103,43 +3107,58 @@ RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048) \ `Configuration` [\[1\]](#footnote-1) -`KeyAgreement` DiffieHellman +`KeyAgreement` \ DiffieHellman \ +For the "ECDH" algorithm, implementations must ECDH (secp256r1, secp384r1) \ +support the curves in parentheses. X25519 `KeyFactory` DiffieHellman \ DSA \ - RSA - -`KeyGenerator` \ AES (128) \ -Implementations must support the key sizes in DESede (168) \ -parentheses. HmacSHA1 \ + EC \ + RSA \ + RSASSA-PSS \ + X25519 + +`KeyGenerator` \ AES (128, 256) \ +Implementations must support the key sizes in ChaCha20 \ +parentheses. DESede (168) \ + HmacSHA1 \ HmacSHA256 -`KeyPairGenerator` \ DiffieHellman (1024, 2048, 4096) \ -Implementations must support the key sizes in DSA (1024, 2048) \ -parentheses. RSA (1024, 2048, 4096) +`KeyPairGenerator` \ DiffieHellman (1024, 2048, 3072, 4096) \ +For the "EC" algorithm, implementations must DSA (1024, 2048) \ +support the curves in parentheses. For other EC (secp256r1, secp384r1) \ +algorithms, implementations must support the RSA (1024, 2048, 3072, 4096) \ +key sizes in parentheses. RSASSA-PSS (2048, 3072, 4096) \ + X25519 `KeyStore` PKCS12 `Mac` HmacSHA1 \ HmacSHA256 `MessageDigest` SHA-1 \ - SHA-256 + SHA-256 \ + SHA-384 `SecretKeyFactory` DESede `SecureRandom` [\[1\]](#footnote-1) -`Signature` SHA1withDSA \ - SHA1withRSA \ - SHA256withDSA \ - SHA256withRSA - -`SSLContext` TLSv1.2 +`Signature` \ RSASSA-PSS (MGF1 mask generation function and SHA-256 or SHA-384 hash algorithms) \ +For the "RSASSA-PSS" algorithm, SHA1withDSA \ +implementations must support the parameters SHA256withDSA \ +in parentheses. For the "SHA256withECDSA" and SHA256withECDSA (secp256r1) \ +"SHA384withECDSA" algorithms, implementations SHA384withECDSA (secp384r1) \ +must support the curves in parentheses. SHA1withRSA \ + SHA256withRSA \ + SHA384withRSA + +`SSLContext` TLSv1.2 \ + TLSv1.3 `TrustManagerFactory` PKIX --------------------------------------------- --------------------------------