This is the first of three backports to 7u designed to retain SSL compatibility with servers implemented in other languages switching to larger key sizes (notably DH >=2048 in Apache 2.4.7 [0]).
This patch is a per-requisite of the patch which brings NSA Suite B support to 7. It applies largely unchanged, bar the following: * Copyright header adjustment * Removal of change to java.security.spec.MGF1ParameterSpec to avoid introducing a new public variable. The SHA-224 variant is constructed directly in com.sun.crypto.provider.OAEPParameters instead. * A change to OAEPParameters is dropped as it was already incorporated in the backport of 7180907 & 8049480 (addition of SHA-224 to convertToStandardName) Bug: https://bugs.openjdk.java.net/browse/JDK-4963723 Webrev: http://cr.openjdk.java.net/~andrew/jdk7u/4963723/webrev.01/ [0] https://httpd.apache.org/docs/2.4/mod/mod_ssl.html Ok to push? Thanks, -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07
