JDK-7106773 : 512 bits RSA key cannot work with SHA384 and SHA512
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 7,8
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2011-10-31
  • Updated: 2016-03-14
  • Resolved: 2012-04-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
7u4Fixed 8 b25Fixed
Related Reports
Duplicate :  
Signature algorithms, such as "SHA384withRSA" and "SHA512withRSA", requie that the hash length should be less than the key size. If the RSA key size is 512 bits, it will not be able to use with the SHA384 and SHA512.

We may need an improvement to check the key size with the hash length while selecting a preferable signature algorithm from supported_signature_algorithms hello extension.

EVALUATION should support hash function filter for small key size