JDK-8147969 : Print size of DH keysize when errors are encountered
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 9
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2016-01-21
  • Updated: 2018-03-21
  • Resolved: 2016-06-27
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 8 Other
8u112 b03Fixed openjdk7uFixed
Related Reports
Duplicate :  
JDK-8072452 - Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
Description
We should print the size of DH keysizes encountered when we throw exceptions in related code.

sun/security/ssl/ServerHandshaker.java :

136            try {
137                customizedDHKeySize = Integer.parseUnsignedInt(property);
138                if (customizedDHKeySize < 1024 || customizedDHKeySize > 2048) {
139                    throw new IllegalArgumentException(
140                        "Customized DH key size should be positive integer " +
141                        "between 1024 and 2048 bits, inclusive");
142                }
143            } catch (NumberFormatException nfe) {
144                throw new IllegalArgumentException(
145                        "Invalid system property jdk.tls.ephemeralDHKeySize");
146            }

sun/security/pkcs11/P11KeyPairGenerator.java
281                    if ((keySize != 2048) &&
282                        ((keySize > 1024) || ((keySize & 0x3f) != 0))) {
283                        throw new InvalidAlgorithmParameterException(algorithm +
284                            " key must be multiples of 64 if less than 1024 bits" +
285                            ", or 2048 bits");
Comments
Sean, I believe I can take care of backporting part with exception messages. Should I re-assigne this bug to my self or it's batter to create a backport?
22-06-2016
We should still consider using this record for backport records. <TBD>
15-06-2016
This issue has been addressed in the update for JDK-8072452.
15-06-2016