RFR: JDK-8015388 : Required algorithms for JDK 9

Sean Mullan sean.mullan at oracle.com
Fri Sep 4 15:51:05 UTC 2015


The JDK includes a list of required security algorithms that all 
implementations must support: 
http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#impl

This list is reviewed before each major release to check if new 
algorithms should be added (or existing algorithms removed).

For JDK 9, we are proposing to add several new algorithms and keysizes 
that are recommended by standards bodies for cryptographic operations 
and security protocols. Adding these as requirements ensures that Java 
applications can depend on them to be available on all Java 9 
implementations. The new requirements are:

1. Signature: SHA256withDSA
2. KeyPairGenerator: DSA (2048), DiffieHellman (2048, 4096), RSA (4096)
3. AlgorithmParameterGenerator: DSA (2048), DiffieHellman (2048, 4096)
4. Cipher: AES/GCM/NoPadding (128), AES/GCM/PKCS5Padding (128)
5. SSLContext: TLSv1.1, TLSv1.2

webrev: http://cr.openjdk.java.net/~mullan/webrevs/8015388/webrev.00/

Thanks,
Sean



More information about the security-dev mailing list