changeset 12817:6920e7e273e6

8072452: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits 8154344: sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java fails on solaris Reviewed-by: xuelei
author coffeys
date Mon, 23 Oct 2017 02:28:19 -0700
parents ae96c5b7ce99
children 9ab9cd4f23a5
files src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java src/share/classes/sun/security/provider/DSAKeyPairGenerator.java src/share/classes/sun/security/provider/DSAParameterGenerator.java src/share/classes/sun/security/provider/ParameterCache.java src/share/classes/sun/security/ssl/DHCrypt.java src/share/classes/sun/security/ssl/ServerHandshaker.java test/com/sun/crypto/provider/KeyAgreement/SupportedDHKeys.java test/com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java test/com/sun/crypto/provider/KeyAgreement/UnsupportedDHKeys.java test/sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java test/sun/security/pkcs11/KeyAgreement/UnsupportedDHKeys.java test/sun/security/pkcs11/KeyPairGenerator/TestDH2048.java test/sun/security/provider/DSA/SupportedDSAParamGen.java test/sun/security/provider/DSA/TestKeyPairGenerator.java
diffstat 16 files changed, 1142 insertions(+), 120 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java	Mon Oct 23 02:28:19 2017 -0700
@@ -74,10 +74,10 @@
     private static void checkKeySize(int keysize)
             throws InvalidParameterException {
 
-        if ((keysize < 512) || (keysize > 2048) || ((keysize & 0x3F) != 0)) {
+        if ((keysize < 512) || (keysize > 8192) || ((keysize & 0x3F) != 0)) {
             throw new InvalidParameterException(
                     "DH key size must be multiple of 64, and can only range " +
-                    "from 512 to 2048 (inclusive). " +
+                    "from 512 to 8192 (inclusive). " +
                     "The specific key size " + keysize + " is not supported");
         }
     }
@@ -91,12 +91,23 @@
      * @param random the source of randomness
      */
     public void initialize(int keysize, SecureRandom random) {
+
         checkKeySize(keysize);
 
+        // Use the built-in parameters (ranging from 512 to 8192)
+        // when available.
+        this.params = ParameterCache.getCachedDHParameterSpec(keysize);
+
+        // Due to performance issue, only support DH parameters generation
+        // up to 1024 bits.
+        if ((this.params == null) && (keysize > 1024)) {
+            throw new InvalidParameterException(
+                "Unsupported " + keysize + "-bit DH parameter generation");
+        }
+
         this.pSize = keysize;
         this.lSize = 0;
         this.random = random;
-        this.params = null;
     }
 
     /**
--- a/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java	Mon Oct 23 02:28:19 2017 -0700
@@ -25,6 +25,7 @@
 
 package com.sun.crypto.provider;
 
+import java.math.BigInteger;
 import java.security.*;
 import java.security.spec.*;
 import javax.crypto.spec.DHParameterSpec;
@@ -47,8 +48,7 @@
  * @see java.security.spec.AlgorithmParameterSpec
  * @see DHParameters
  */
-public final class DHParameterGenerator
-extends AlgorithmParameterGeneratorSpi {
+public final class DHParameterGenerator extends AlgorithmParameterGeneratorSpi {
 
     // The size in bits of the prime modulus
     private int primeSize = DEF_DH_KEY_SIZE;
@@ -61,11 +61,13 @@
 
     private static void checkKeySize(int keysize)
             throws InvalidParameterException {
-            if ((keysize != 2048) &&
-            ((keysize < 512) || (keysize > 1024) || (keysize % 64 != 0))) {
+        boolean supported = ((keysize == 2048) || (keysize == 3072) ||
+            ((keysize >= 512) && (keysize <= 1024) && ((keysize & 0x3F) == 0)));
+
+        if (!supported) {
             throw new InvalidParameterException(
                     "DH key size must be multiple of 64 and range " +
-                    "from 512 to 1024 (inclusive), or 2048. " +
+                    "from 512 to 1024 (inclusive), or 2048, 3072. " +
                     "The specific key size " + keysize + " is not supported");
         }
     }
@@ -78,8 +80,8 @@
      * @param keysize the keysize (size of prime modulus) in bits
      * @param random the source of randomness
      */
+    @Override
     protected void engineInit(int keysize, SecureRandom random) {
-        // Re-uses DSA parameters and thus have the same range
         checkKeySize(keysize);
         this.primeSize = keysize;
         this.random = random;
@@ -96,36 +98,31 @@
      * @exception InvalidAlgorithmParameterException if the given parameter
      * generation values are inappropriate for this parameter generator
      */
+    @Override
     protected void engineInit(AlgorithmParameterSpec genParamSpec,
-                              SecureRandom random)
-        throws InvalidAlgorithmParameterException {
+          SecureRandom random) throws InvalidAlgorithmParameterException {
+
         if (!(genParamSpec instanceof DHGenParameterSpec)) {
             throw new InvalidAlgorithmParameterException
                 ("Inappropriate parameter type");
         }
 
         DHGenParameterSpec dhParamSpec = (DHGenParameterSpec)genParamSpec;
-
         primeSize = dhParamSpec.getPrimeSize();
-
-        // Re-uses DSA parameters and thus have the same range
+        exponentSize = dhParamSpec.getExponentSize();
+        if ((exponentSize <= 0) || (exponentSize >= primeSize)) {
+            throw new InvalidAlgorithmParameterException(
+                    "Exponent size (" + exponentSize +
+                    ") must be positive and less than modulus size (" +
+                    primeSize + ")");
+        }
         try {
             checkKeySize(primeSize);
         } catch (InvalidParameterException ipe) {
             throw new InvalidAlgorithmParameterException(ipe.getMessage());
         }
 
-        exponentSize = dhParamSpec.getExponentSize();
-        if (exponentSize <= 0) {
-            throw new InvalidAlgorithmParameterException
-                ("Exponent size must be greater than zero");
-        }
-
-        // Require exponentSize < primeSize
-        if (exponentSize >= primeSize) {
-            throw new InvalidAlgorithmParameterException
-                ("Exponent size must be less than modulus size");
-        }
+        this.random = random;
     }
 
     /**
@@ -133,24 +130,22 @@
      *
      * @return the new AlgorithmParameters object
      */
+    @Override
     protected AlgorithmParameters engineGenerateParameters() {
-        AlgorithmParameters algParams = null;
 
-        if (this.exponentSize == 0) {
-            this.exponentSize = this.primeSize - 1;
+        if (random == null) {
+            random = SunJCE.getRandom();
         }
 
-        if (this.random == null)
-            this.random = SunJCE.getRandom();
-
+        BigInteger paramP = null;
+        BigInteger paramG = null;
         try {
-            AlgorithmParameterGenerator paramGen;
-            DSAParameterSpec dsaParamSpec;
-
-            paramGen = AlgorithmParameterGenerator.getInstance("DSA");
-            paramGen.init(this.primeSize, random);
-            algParams = paramGen.generateParameters();
-            dsaParamSpec = algParams.getParameterSpec(DSAParameterSpec.class);
+            AlgorithmParameterGenerator dsaParamGen =
+                    AlgorithmParameterGenerator.getInstance("DSA");
+            dsaParamGen.init(primeSize, random);
+            AlgorithmParameters dsaParams = dsaParamGen.generateParameters();
+            DSAParameterSpec dsaParamSpec =
+                    dsaParams.getParameterSpec(DSAParameterSpec.class);
 
             DHParameterSpec dhParamSpec;
             if (this.exponentSize > 0) {
@@ -161,16 +156,13 @@
                 dhParamSpec = new DHParameterSpec(dsaParamSpec.getP(),
                                                   dsaParamSpec.getG());
             }
-            algParams = AlgorithmParameters.getInstance("DH",
-                    SunJCE.getInstance());
+            AlgorithmParameters algParams =
+                    AlgorithmParameters.getInstance("DH", SunJCE.getInstance());
             algParams.init(dhParamSpec);
-        } catch (InvalidParameterSpecException e) {
-            // this should never happen
-            throw new RuntimeException(e.getMessage());
-        } catch (NoSuchAlgorithmException e) {
-            // this should never happen, because we provide it
-            throw new RuntimeException(e.getMessage());
+
+            return algParams;
+        } catch (Exception ex) {
+            throw new ProviderException("Unexpected exception", ex);
         }
-        return algParams;
     }
 }
--- a/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java	Mon Oct 23 02:28:19 2017 -0700
@@ -141,6 +141,7 @@
     }
 
     // see JCA spec
+    @Override
     public void initialize(int keySize, SecureRandom random) {
         token.ensureValid();
         try {
@@ -162,6 +163,7 @@
     }
 
     // see JCA spec
+    @Override
     public void initialize(AlgorithmParameterSpec params, SecureRandom random)
             throws InvalidAlgorithmParameterException {
         token.ensureValid();
@@ -173,7 +175,7 @@
             }
             DHParameterSpec dhParams = (DHParameterSpec) params;
             tmpKeySize = dhParams.getP().bitLength();
-            checkKeySize(tmpKeySize, null);
+            checkKeySize(tmpKeySize, dhParams);
             // XXX sanity check params
         } else if (algorithm.equals("RSA")) {
             if (params instanceof RSAKeyGenParameterSpec == false) {
@@ -195,7 +197,7 @@
             }
             DSAParameterSpec dsaParams = (DSAParameterSpec) params;
             tmpKeySize = dsaParams.getP().bitLength();
-            checkKeySize(tmpKeySize, null);
+            checkKeySize(tmpKeySize, dsaParams);
             // XXX sanity check params
         } else if (algorithm.equals("EC")) {
             ECParameterSpec ecParams;
@@ -220,7 +222,7 @@
                     ("ECParameterSpec or ECGenParameterSpec required for EC");
             }
             tmpKeySize = ecParams.getCurve().getField().getFieldSize();
-            checkKeySize(tmpKeySize, null);
+            checkKeySize(tmpKeySize, ecParams);
         } else {
             throw new ProviderException("Unknown algorithm: " + algorithm);
         }
@@ -229,8 +231,7 @@
         this.random = random;
     }
 
-    // NOTE: 'params' is only used for checking RSA keys currently.
-    private void checkKeySize(int keySize, RSAKeyGenParameterSpec params)
+    private void checkKeySize(int keySize, AlgorithmParameterSpec params)
         throws InvalidAlgorithmParameterException {
         // check native range first
         if ((minKeySize != -1) && (keySize < minKeySize)) {
@@ -267,7 +268,8 @@
             if (algorithm.equals("RSA")) {
                 BigInteger tmpExponent = rsaPublicExponent;
                 if (params != null) {
-                    tmpExponent = params.getPublicExponent();
+                    tmpExponent =
+                        ((RSAKeyGenParameterSpec)params).getPublicExponent();
                 }
                 try {
                     // Reuse the checking in SunRsaSign provider.
@@ -277,10 +279,10 @@
                         minKeySize,
                         (maxKeySize==-1? Integer.MAX_VALUE:maxKeySize));
                 } catch (InvalidKeyException e) {
-                    throw new InvalidAlgorithmParameterException(e.getMessage());
+                    throw new InvalidAlgorithmParameterException(e);
                 }
-            } else {
-                if (algorithm.equals("DH") && (params != null)) {
+            } else if (algorithm.equals("DH")) {
+                if (params != null) {   // initialized with specified parameters
                     // sanity check, nobody really wants keys this large
                     if (keySize > 64 * 1024) {
                         throw new InvalidAlgorithmParameterException(
@@ -288,24 +290,44 @@
                             "The specific key size " +
                             keySize + " is not supported");
                     }
-                } else {
-                    // this restriction is in the spec for DSA
-                    // since we currently use DSA parameters for DH as well,
-                    // it also applies to DH if no parameters are specified
-                    if ((keySize != 2048) &&
-                        ((keySize > 1024) || ((keySize & 0x3f) != 0))) {
-                        throw new InvalidAlgorithmParameterException(algorithm +
-                            " key must be multiples of 64 if less than 1024 bits" +
-                            ", or 2048 bits. " +
+                } else {        // default parameters will be used.
+                    // Range is based on the values in
+                    // sun.security.provider.ParameterCache class.
+                    if ((keySize > 8192) || (keySize < 512) ||
+                            ((keySize & 0x3f) != 0)) {
+                        throw new InvalidAlgorithmParameterException(
+                            "DH key size must be multiple of 64, and can " +
+                            "only range from 512 to 8192 (inclusive). " +
                             "The specific key size " +
                             keySize + " is not supported");
                     }
+
+                    DHParameterSpec cache =
+                            ParameterCache.getCachedDHParameterSpec(keySize);
+                    // Except 2048 and 3072, not yet support generation of
+                    // parameters bigger than 1024 bits.
+                    if ((cache == null) && (keySize > 1024)) {
+                        throw new InvalidAlgorithmParameterException(
+                                "Unsupported " + keySize +
+                                "-bit DH parameter generation");
+                    }
+                }
+            } else {
+                // this restriction is in the spec for DSA
+                if ((keySize != 3072) && (keySize != 2048) &&
+                        ((keySize > 1024) || ((keySize & 0x3f) != 0))) {
+                    throw new InvalidAlgorithmParameterException(
+                        "DSA key must be multiples of 64 if less than " +
+                        "1024 bits, or 2048, 3072 bits. " +
+                        "The specific key size " +
+                        keySize + " is not supported");
                 }
             }
         }
     }
 
     // see JCA spec
+    @Override
     public KeyPair generateKeyPair() {
         token.ensureValid();
         CK_ATTRIBUTE[] publicKeyTemplate;
--- a/src/share/classes/sun/security/provider/DSAKeyPairGenerator.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/sun/security/provider/DSAKeyPairGenerator.java	Mon Oct 23 02:28:19 2017 -0700
@@ -75,6 +75,8 @@
             // N=160
         } else if (sizeP == 2048 && (sizeQ == 224 || sizeQ == 256)) {
             // L=2048, N=224 or 256
+        } else if (sizeP == 3072 && sizeQ == 256) {
+            // L=3072, N=256
         } else {
             throw new InvalidParameterException
                 ("Unsupported prime and subprime size combination: " +
--- a/src/share/classes/sun/security/provider/DSAParameterGenerator.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/sun/security/provider/DSAParameterGenerator.java	Mon Oct 23 02:28:19 2017 -0700
@@ -68,7 +68,6 @@
     private SecureRandom random;
 
     // useful constants
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
     private static final BigInteger ONE = BigInteger.valueOf(1);
     private static final BigInteger TWO = BigInteger.valueOf(2);
 
@@ -84,11 +83,16 @@
      */
     @Override
     protected void engineInit(int strength, SecureRandom random) {
-        if ((strength != 2048) &&
-            ((strength < 512) || (strength > 1024) || (strength % 64 != 0))) {
+        if ((strength >= 512) && (strength <= 1024) && (strength % 64 == 0)) {
+            this.valueN = 160;
+        } else if (strength == 2048) {
+            this.valueN = 224;
+        } else if (strength == 3072) {
+            this.valueN = 256;
+        } else {
             throw new InvalidParameterException(
-                "Unexpected strength (size of prime): " + strength +
-                ". Prime size should be 512-1024, or 2048");
+                "Unexpected strength (size of prime): " + strength + ". " +
+                "Prime size should be 512 - 1024, or 2048, 3072");
         }
         this.valueL = strength;
         this.valueN = getDefDSASubprimeSize(strength);
@@ -114,13 +118,9 @@
             throw new InvalidAlgorithmParameterException("Invalid parameter");
         }
         DSAGenParameterSpec dsaGenParams = (DSAGenParameterSpec)genParamSpec;
-        int primePLen = dsaGenParams.getPrimePLength();
-        if (primePLen > 2048) {
-            throw new InvalidParameterException
-                ("No support for prime size " + primePLen);
-        }
+
         // directly initialize using the already validated values
-        this.valueL = primePLen;
+        this.valueL = dsaGenParams.getPrimePLength();
         this.valueN = dsaGenParams.getSubprimeQLength();
         this.seedLen = dsaGenParams.getSeedLength();
         this.random = random;
@@ -131,6 +131,7 @@
      *
      * @return the new AlgorithmParameters object
      */
+    @Override
     protected AlgorithmParameters engineGenerateParameters() {
         AlgorithmParameters algParams = null;
         try {
@@ -204,11 +205,13 @@
         int b = (valueL - 1) % outLen;
         byte[] seedBytes = new byte[seedLen/8];
         BigInteger twoSl = TWO.pow(seedLen);
-        int primeCertainty = -1;
+        int primeCertainty = 80; // for 1024-bit prime P
         if (valueL <= 1024) {
             primeCertainty = 80;
         } else if (valueL == 2048) {
             primeCertainty = 112;
+        } else if (valueL == 3072) {
+            primeCertainty = 128;
         }
 
         if (primeCertainty < 0) {
@@ -227,7 +230,10 @@
                     mod(TWO.pow(valueN - 1));
 
                 /* Step 7 */
-                resultQ = TWO.pow(valueN - 1).add(U).add(ONE). subtract(U.mod(TWO));
+                resultQ = TWO.pow(valueN - 1)
+                            .add(U)
+                            .add(ONE)
+                            .subtract(U.mod(TWO));
             } while (!resultQ.isProbablePrime(primeCertainty));
 
             /* Step 10 */
@@ -247,7 +253,8 @@
                 for (int i = 1; i < n; i++) {
                     W = W.add(V[i].multiply(TWO.pow(i * outLen)));
                 }
-                W = W.add((V[n].mod(TWO.pow(b))).multiply(TWO.pow(n * outLen)));
+                W = W.add((V[n].mod(TWO.pow(b)))
+                               .multiply(TWO.pow(n * outLen)));
                 /* Step 11.3 */
                 BigInteger twoLm1 = TWO.pow(valueL - 1);
                 BigInteger X = W.add(twoLm1);
--- a/src/share/classes/sun/security/provider/ParameterCache.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/sun/security/provider/ParameterCache.java	Mon Oct 23 02:28:19 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
         // case#1: (512 <= p <= 1024) AND q=160
         // case#2: p=2048 AND q=224
         // case#3: p=2048 AND q=256
-        // (NOT-YET-SUPPORTED)case#4: p=3072 AND q=256
+        // case#4: p=3072 AND q=256
         return dsaCache.get(Integer.valueOf(primeLen+subprimeLen));
     }
 
@@ -90,6 +90,8 @@
             return getDSAParameterSpec(primeLen, 160, random);
         } else if (primeLen == 2048) {
             return getDSAParameterSpec(primeLen, 224, random);
+        } else if (primeLen == 3072) {
+            return getDSAParameterSpec(primeLen, 256, random);
         } else {
             return null;
         }
@@ -165,8 +167,8 @@
 
         /*
          * We support precomputed parameter for legacy 512, 768 bit moduli,
-         * and (L, N) combinations of (1024, 160), (2048, 224), (2048, 256).
-         * In this file we provide both the seed and counter
+         * and (L, N) combinations of (1024, 160), (2048, 224), (2048, 256),
+         * (3072, 256). In this file we provide both the seed and counter
          * value of the generation process for each of these seeds,
          * for validation purposes. We also include the test vectors
          * from the DSA specification, FIPS 186, and the FIPS 186
@@ -288,12 +290,14 @@
                            "af02112b0d1f02da30973224fe27aeda8b9d4b2922" +
                            "d9ba8be39ed9e103a63c52810bc688b7e2ed4316e1" +
                            "ef17dbde", 16);
+
         dsaCache.put(Integer.valueOf(2048+224),
                      new DSAParameterSpec(p2048_224, q2048_224, g2048_224));
 
         /*
          * L = 2048, N = 256
-         * SEED = b0b4417601b59cbc9d8ac8f935cadaec4f5fbb2f23785609ae466748d9b5a536
+         * SEED = b0b4417601b59cbc9d8ac8f935cadaec \
+         *        4f5fbb2f23785609ae466748d9b5a536
          * counter = 497
          */
         BigInteger p2048_256 =
@@ -329,14 +333,245 @@
                            "8d15bbac65212a55239cfc7e58fae38d7250ab9991" +
                            "ffbc97134025fe8ce04c4399ad96569be91a546f49" +
                            "78693c7a", 16);
+
         dsaCache.put(Integer.valueOf(2048+256),
                                 new DSAParameterSpec(p2048_256, q2048_256, g2048_256));
 
-        // use DSA parameters for DH as well
+
+        /*
+         * L = 3072, N = 256
+         * SEED = 9fe304be4d6b9919559f39d5911d12e9 \
+         *        5158d6946598cd59775b8f3b8fff3a3f
+         * counter = 1186
+         */
+        BigInteger p3072_256 = new BigInteger(
+                "ea9cda9f5fbda66dd830494609405687ab7cf38538e058d1" +
+                "e2f68dea95364866e1c05beacded24227edee28cad80bcec" +
+                "ad39913be3b713267b3b96c8d9f0f6a03b5dfc9222d5cfe4" +
+                "afcc9982f33784f760c3b759aebe3bbe9098a6b84c96f1fd" +
+                "e44ce11c084c2a082c7a76a0ef142928b4f328406ab9beb2" +
+                "4f84577dd0f46ce86fd8f08488269998bf4742d6425f7a0e" +
+                "c75d8660c5dd6f4e3b3d3bee81b2c21afe8c9e8b84b87192" +
+                "e2cc20f961d2bcd8133afcf3675ab80681cb374c78f33e29" +
+                "d1011083d89f9c5728b94676fccb1b57bc60288c15d85ae8" +
+                "38ae1941c5a20ae2b2049b3583fe30da455ddb3e6ad9b995" +
+                "5cd9bb5681431622beb0f92da533fcab496cebc447aa1bb5" +
+                "a8039522f2da98ff416289323a64df626ab6881870927dce" +
+                "e387f13b5c9d24d6cba1d82ed375a082506ee87bc7ae3006" +
+                "7f4a94e2ee363d992c40f2725b5db4b3525ebde22bbbfd0f" +
+                "a124a588b0f5a4acb3a86951aff09f8c8198fb5b53da0c93" +
+                "1cedc598b4f835b779d04d99026c7ba08c4b27f118ac1e3d", 16);
+
+        BigInteger q3072_256 = new BigInteger(
+                "c4eeac2bbab79bd831946d717a56a6e687547aa8e9c5494a" +
+                "5a4b2f4ca13d6c11", 16);
+
+        BigInteger g3072_256 = new BigInteger(
+                "42e5fa7844f8fa9d8998d830d004e7b15b1d276bcbe5f12c" +
+                "35ec90c1a25f5832018a6724bd9cdbe803b675509bed167f" +
+                "3d7cf8599fc865c6d5a0f79158c1bc918f00a944d0ad0f38" +
+                "f520fb91d85d82674d0d5f874faa5fcdfe56cd178c1afdc7" +
+                "ce8795727b7dee966ed0b3c5cedcef8aca628befebf2d105" +
+                "c7aff8eb0da9c9610737dd64dce1237b82c1b2bc8608d55f" +
+                "fda98d7189444e65883315669c05716bde36c78b130aa3df" +
+                "2e4d609914c7c8dc470f4e300187c775f81e7b1a9c0dce40" +
+                "5d6eab2cbb9d9c4ef44412ba573dd403c4ed7bc2364772f5" +
+                "6a30c48de78f5003f9371c55262d2c8ac2246ade3b02fdcf" +
+                "cf5cbfde74fbcbfe6e0e0fdf3160764f84d311c179a40af6" +
+                "79a8f47ab13c8f706893245eb11edcce451fa2ab98001998" +
+                "7f125d8dc96622d419ba0d71f16c6024dce9d364c3b26d8e" +
+                "c1a3c828f6c9d14b1d0333b95db77bfdbe3c6bce5337a1a5" +
+                "a7ace10111219448447197e2a344cc423be768bb89e27be6" +
+                "cbd22085614a5a3360be23b1bfbb6e6e6471363d32c85d31", 16);
+
+        dsaCache.put(Integer.valueOf(3072+256),
+                new DSAParameterSpec(p3072_256, q3072_256, g3072_256));
+
+        //
+        // Diffie-Hellman Groups
+        //
+
+        // the common generator
+        BigInteger dhG = BigInteger.valueOf(2);
+
+        //
+        // From RFC 7296
+
+        // The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
+        BigInteger dhP768 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", 16);
+
+        // The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }
+        BigInteger dhP1024 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
+                "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" +
+                "FFFFFFFFFFFFFFFF", 16);
+
+        //
+        // From RFC 3526
+
+        // The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
+        BigInteger dhP1536 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
+                "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" +
+                "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" +
+                "83655D23DCA3AD961C62F356208552BB9ED529077096966D" +
+                "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", 16);
+
+        // This prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
+        BigInteger dhP2048 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
+                "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" +
+                "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" +
+                "83655D23DCA3AD961C62F356208552BB9ED529077096966D" +
+                "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" +
+                "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" +
+                "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" +
+                "15728E5A8AACAA68FFFFFFFFFFFFFFFF", 16);
+
+        // This prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
+        BigInteger dhP3072 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
+                "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" +
+                "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" +
+                "83655D23DCA3AD961C62F356208552BB9ED529077096966D" +
+                "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" +
+                "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" +
+                "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" +
+                "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" +
+                "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" +
+                "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" +
+                "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" +
+                "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" +
+                "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF", 16);
+
+        // This prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
+        BigInteger dhP4096 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
+                "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" +
+                "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" +
+                "83655D23DCA3AD961C62F356208552BB9ED529077096966D" +
+                "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" +
+                "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" +
+                "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" +
+                "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" +
+                "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" +
+                "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" +
+                "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" +
+                "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" +
+                "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" +
+                "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" +
+                "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" +
+                "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" +
+                "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" +
+                "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" +
+                "FFFFFFFFFFFFFFFF", 16);
+
+        // This prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
+        BigInteger dhP6144 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" +
+                "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" +
+                "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" +
+                "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" +
+                "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" +
+                "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" +
+                "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" +
+                "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" +
+                "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" +
+                "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" +
+                "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" +
+                "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" +
+                "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" +
+                "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" +
+                "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" +
+                "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" +
+                "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" +
+                "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" +
+                "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" +
+                "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" +
+                "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" +
+                "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" +
+                "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" +
+                "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" +
+                "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" +
+                "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" +
+                "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" +
+                "6DCC4024FFFFFFFFFFFFFFFF", 16);
+
+        // This prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
+        BigInteger dhP8192 = new BigInteger(
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
+                "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" +
+                "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" +
+                "83655D23DCA3AD961C62F356208552BB9ED529077096966D" +
+                "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" +
+                "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" +
+                "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" +
+                "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" +
+                "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" +
+                "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" +
+                "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" +
+                "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" +
+                "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" +
+                "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" +
+                "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" +
+                "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" +
+                "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" +
+                "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" +
+                "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" +
+                "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831" +
+                "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" +
+                "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF" +
+                "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" +
+                "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3" +
+                "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" +
+                "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328" +
+                "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" +
+                "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE" +
+                "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4" +
+                "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300" +
+                "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568" +
+                "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9" +
+                "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B" +
+                "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A" +
+                "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36" +
+                "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1" +
+                "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92" +
+                "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47" +
+                "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" +
+                "60C980DD98EDD3DFFFFFFFFFFFFFFFFF", 16);
+
+        // use DSA parameters for DH for sizes not defined in RFC 7296, 3526
         dhCache.put(Integer.valueOf(512), new DHParameterSpec(p512, g512));
-        dhCache.put(Integer.valueOf(768), new DHParameterSpec(p768, g768));
-        dhCache.put(Integer.valueOf(1024), new DHParameterSpec(p1024, g1024));
-        dhCache.put(Integer.valueOf(2048), new DHParameterSpec(p2048_224, g2048_224));
+
+        dhCache.put(Integer.valueOf(768), new DHParameterSpec(dhP768, dhG));
+        dhCache.put(Integer.valueOf(1024), new DHParameterSpec(dhP1024, dhG));
+        dhCache.put(Integer.valueOf(1536), new DHParameterSpec(dhP1536, dhG));
+        dhCache.put(Integer.valueOf(2048), new DHParameterSpec(dhP2048, dhG));
+        dhCache.put(Integer.valueOf(3072), new DHParameterSpec(dhP3072, dhG));
+        dhCache.put(Integer.valueOf(4096), new DHParameterSpec(dhP4096, dhG));
+        dhCache.put(Integer.valueOf(6144), new DHParameterSpec(dhP6144, dhG));
+        dhCache.put(Integer.valueOf(8192), new DHParameterSpec(dhP8192, dhG));
     }
-
 }
--- a/src/share/classes/sun/security/ssl/DHCrypt.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/sun/security/ssl/DHCrypt.java	Mon Oct 23 02:28:19 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -151,7 +151,7 @@
                                     params.getP(), params.getG());
         }
         try {
-            KeyFactory factory = JsseJce.getKeyFactory("DH");
+            KeyFactory factory = JsseJce.getKeyFactory("DiffieHellman");
             return factory.getKeySpec(key, DHPublicKeySpec.class);
         } catch (Exception e) {
             throw new RuntimeException(e);
@@ -302,7 +302,16 @@
                 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
                 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" +
                 "FFFFFFFFFFFFFFFF", 16);
-        private static final BigInteger p2048 = new BigInteger(  // TLS FEDHE
+        private static final BigInteger p1536 = new BigInteger(  // RFC 3526
+                "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
+                "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
+                "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
+                "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
+                "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" +
+                "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" +
+                "83655D23DCA3AD961C62F356208552BB9ED529077096966D" +
+                "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", 16);
+        private static final BigInteger p2048 = new BigInteger(  // TLS FFDHE
                 "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" +
                 "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" +
                 "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" +
@@ -314,9 +323,126 @@
                 "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" +
                 "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" +
                 "886B423861285C97FFFFFFFFFFFFFFFF", 16);
+        private static final BigInteger p3072 = new BigInteger(  // TLS FFDHE
+                "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" +
+                "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" +
+                "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" +
+                "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" +
+                "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" +
+                "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" +
+                "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" +
+                "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" +
+                "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" +
+                "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" +
+                "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" +
+                "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" +
+                "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" +
+                "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" +
+                "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" +
+                "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF", 16);
+        private static final BigInteger p4096 = new BigInteger(  // TLS FFDHE
+                "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" +
+                "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" +
+                "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" +
+                "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" +
+                "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" +
+                "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" +
+                "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" +
+                "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" +
+                "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" +
+                "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" +
+                "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" +
+                "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" +
+                "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" +
+                "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" +
+                "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" +
+                "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" +
+                "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" +
+                "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" +
+                "A907600A918130C46DC778F971AD0038092999A333CB8B7A" +
+                "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" +
+                "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A" +
+                "FFFFFFFFFFFFFFFF", 16);
+        private static final BigInteger p6144 = new BigInteger(  // TLS FFDHE
+                "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" +
+                "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" +
+                "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" +
+                "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" +
+                "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" +
+                "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" +
+                "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" +
+                "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" +
+                "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" +
+                "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" +
+                "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" +
+                "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" +
+                "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" +
+                "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" +
+                "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" +
+                "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" +
+                "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" +
+                "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" +
+                "A907600A918130C46DC778F971AD0038092999A333CB8B7A" +
+                "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" +
+                "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" +
+                "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" +
+                "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" +
+                "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" +
+                "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" +
+                "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" +
+                "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" +
+                "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" +
+                "D72B03746AE77F5E62292C311562A846505DC82DB854338A" +
+                "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" +
+                "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" +
+                "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF", 16);
+        private static final BigInteger p8192 = new BigInteger(  // TLS FFDHE
+                "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" +
+                "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" +
+                "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" +
+                "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" +
+                "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" +
+                "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" +
+                "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" +
+                "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" +
+                "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" +
+                "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" +
+                "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" +
+                "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" +
+                "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" +
+                "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" +
+                "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" +
+                "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" +
+                "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" +
+                "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" +
+                "A907600A918130C46DC778F971AD0038092999A333CB8B7A" +
+                "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" +
+                "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" +
+                "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" +
+                "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" +
+                "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" +
+                "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" +
+                "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" +
+                "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" +
+                "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" +
+                "D72B03746AE77F5E62292C311562A846505DC82DB854338A" +
+                "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" +
+                "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" +
+                "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838" +
+                "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E" +
+                "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665" +
+                "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282" +
+                "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022" +
+                "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C" +
+                "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9" +
+                "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457" +
+                "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30" +
+                "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D" +
+                "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C" +
+                "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF", 16);
 
         private static final BigInteger[] supportedPrimes = {
-                p512, p768, p1024, p2048};
+                p512, p768, p1024, p1536, p2048, p3072, p4096, p6144, p8192};
 
         // a measure of the uncertainty that prime modulus p is not a prime
         //
--- a/src/share/classes/sun/security/ssl/ServerHandshaker.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/src/share/classes/sun/security/ssl/ServerHandshaker.java	Mon Oct 23 02:28:19 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -135,13 +135,17 @@
             useSmartEphemeralDHKeys = false;
 
             try {
+                // DH parameter generation can be extremely slow, best to
+                // use one of the supported pre-computed DH parameters
+                // (see DHCrypt class).
                 customizedDHKeySize = Integer.parseUnsignedInt(property);
-                if (customizedDHKeySize < 1024 || customizedDHKeySize > 2048) {
+                if (customizedDHKeySize < 1024 || customizedDHKeySize > 8192 ||
+                        (customizedDHKeySize & 0x3f) != 0) {
                     throw new IllegalArgumentException(
                         "Unsupported customized DH key size: " +
                         customizedDHKeySize + ". " +
-                        "The key size can only range from 1024" +
-                        " to 2048 (inclusive)");
+                        "The key size must be multiple of 64, " +
+                        "and can only range from 1024 to 8192 (inclusive)");
                 }
             } catch (NumberFormatException nfe) {
                 throw new IllegalArgumentException(
@@ -1377,15 +1381,11 @@
          * Applications may also want to customize the ephemeral DH key size
          * to a fixed length for non-exportable cipher suites. This can be
          * approached by setting system property "jdk.tls.ephemeralDHKeySize"
-         * to a valid positive integer between 1024 and 2048 bits, inclusive.
+         * to a valid positive integer between 1024 and 8192 bits, inclusive.
          *
          * Note that the minimum acceptable key size is 1024 bits except
          * exportable cipher suites or legacy mode.
          *
-         * Note that the maximum acceptable key size is 2048 bits because
-         * DH keys bigger than 2048 are not always supported by underlying
-         * JCE providers.
-         *
          * Note that per RFC 2246, the key size limit of DH is 512 bits for
          * exportable cipher suites.  Because of the weakness, exportable
          * cipher suites are deprecated since TLS v1.1 and they are not
@@ -1400,10 +1400,17 @@
             } else if (useSmartEphemeralDHKeys) {    // matched mode
                 if (key != null) {
                     int ks = KeyUtil.getKeySize(key);
-                    // Note that SunJCE provider only supports 2048 bits DH
-                    // keys bigger than 1024.  Please DON'T use value other
-                    // than 1024 and 2048 at present.  We may improve the
-                    // underlying providers and key size here in the future.
+
+                    // DH parameter generation can be extremely slow, make
+                    // sure to use one of the supported pre-computed DH
+                    // parameters (see DHCrypt class).
+                    //
+                    // Old deployed applications may not be ready to support
+                    // DH key sizes bigger than 2048 bits.  Please DON'T use
+                    // value other than 1024 and 2048 at present.  May improve
+                    // the underlying providers and key size limit in the
+                    // future when the compatibility and interoperability
+                    // impact is limited.
                     //
                     // keySize = ks <= 1024 ? 1024 : (ks >= 2048 ? 2048 : ks);
                     keySize = ks <= 1024 ? 1024 : 2048;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/crypto/provider/KeyAgreement/SupportedDHKeys.java	Mon Oct 23 02:28:19 2017 -0700
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8072452
+ * @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
+ */
+
+import java.math.BigInteger;
+
+import java.security.*;
+import javax.crypto.*;
+import javax.crypto.interfaces.*;
+import javax.crypto.spec.*;
+
+public class SupportedDHKeys {
+
+    /*
+     * Sizes and values for various lengths.
+     */
+    private enum SupportedKeySize {
+        dhp512(512),   dhp768(768),    dhp832(832),
+        dhp1024(1024), dhp1536(1536),  dhp2048(2048),
+        dhp3072(3072), dhp4096(4096),  dhp6144(6144),
+        dhp8192(8192);
+
+        final int primeSize;
+
+        SupportedKeySize(int primeSize) {
+            this.primeSize = primeSize;
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        for (SupportedKeySize keySize : SupportedKeySize.values()) {
+            System.out.println("Checking " + keySize.primeSize + " ...");
+            KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", "SunJCE");
+            kpg.initialize(keySize.primeSize);
+            KeyPair kp = kpg.generateKeyPair();
+            checkKeyPair(kp, keySize.primeSize);
+
+            DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
+            BigInteger p = publicKey.getParams().getP();
+            BigInteger g = publicKey.getParams().getG();
+            kpg.initialize(new DHParameterSpec(p, g));
+            kp = kpg.generateKeyPair();
+            checkKeyPair(kp, keySize.primeSize);
+        }
+    }
+
+    private static void checkKeyPair(KeyPair kp, int pSize) throws Exception {
+
+        DHPrivateKey privateKey = (DHPrivateKey)kp.getPrivate();
+        BigInteger p = privateKey.getParams().getP();
+        if (p.bitLength() != pSize) {
+            throw new Exception(
+                "Invalid modulus size: " + p.bitLength() + "/" + pSize);
+        }
+
+        // System.out.println("P(" + pSize + "): " + p.toString());
+        if (!p.isProbablePrime(128)) {
+            throw new Exception("Good luck, the modulus is composite!");
+        }
+
+        DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
+        p = publicKey.getParams().getP();
+        if (p.bitLength() != pSize) {
+            throw new Exception(
+                "Invalid modulus size: " + p.bitLength() + "/" + pSize);
+        }
+
+        BigInteger leftOpen = BigInteger.ONE;
+        BigInteger rightOpen = p.subtract(BigInteger.ONE);
+
+        BigInteger x = privateKey.getX();
+        if ((x.compareTo(leftOpen) <= 0) ||
+                (x.compareTo(rightOpen) >= 0)) {
+            throw new Exception(
+                "X outside range [2, p - 2]:  x: " + x + " p: " + p);
+        }
+
+        BigInteger y = publicKey.getY();
+        if ((y.compareTo(leftOpen) <= 0) ||
+                (y.compareTo(rightOpen) >= 0)) {
+            throw new Exception(
+                "Y outside range [2, p - 2]:  x: " + x + " p: " + p);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java	Mon Oct 23 02:28:19 2017 -0700
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8072452
+ * @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
+ * @run main/timeout=300 SupportedDHParamGens 512
+ * @run main/timeout=300 SupportedDHParamGens 768
+ * @run main/timeout=300 SupportedDHParamGens 832
+ * @run main/timeout=300 SupportedDHParamGens 1024
+ * @run main/timeout=300 SupportedDHParamGens 2048
+ * @run main/timeout=450 SupportedDHParamGens 3072
+ */
+
+import java.math.BigInteger;
+
+import java.security.*;
+import javax.crypto.*;
+import javax.crypto.interfaces.*;
+import javax.crypto.spec.*;
+
+public class SupportedDHParamGens {
+
+    public static void main(String[] args) throws Exception {
+        int primeSize = Integer.valueOf(args[0]).intValue();
+
+        System.out.println("Checking " + primeSize + " ...");
+        AlgorithmParameterGenerator apg =
+                AlgorithmParameterGenerator.getInstance("DH", "SunJCE");
+        apg.init(primeSize);
+        AlgorithmParameters ap = apg.generateParameters();
+        DHParameterSpec spec = ap.getParameterSpec(DHParameterSpec.class);
+
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", "SunJCE");
+        kpg.initialize(spec);
+        KeyPair kp = kpg.generateKeyPair();
+        checkKeyPair(kp, primeSize);
+    }
+
+    private static void checkKeyPair(KeyPair kp, int pSize) throws Exception {
+
+        DHPrivateKey privateKey = (DHPrivateKey)kp.getPrivate();
+        BigInteger p = privateKey.getParams().getP();
+        if (p.bitLength() != pSize) {
+            throw new Exception(
+                "Invalid modulus size: " + p.bitLength() + "/" + pSize);
+        }
+
+        if (!p.isProbablePrime(128)) {
+            throw new Exception("Good luck, the modulus is composite!");
+        }
+
+        DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
+        p = publicKey.getParams().getP();
+        if (p.bitLength() != pSize) {
+            throw new Exception(
+                "Invalid modulus size: " + p.bitLength() + "/" + pSize);
+        }
+
+        BigInteger leftOpen = BigInteger.ONE;
+        BigInteger rightOpen = p.subtract(BigInteger.ONE);
+
+        BigInteger x = privateKey.getX();
+        if ((x.compareTo(leftOpen) <= 0) ||
+                (x.compareTo(rightOpen) >= 0)) {
+            throw new Exception(
+                "X outside range [2, p - 2]:  x: " + x + " p: " + p);
+        }
+
+        BigInteger y = publicKey.getY();
+        if ((y.compareTo(leftOpen) <= 0) ||
+                (y.compareTo(rightOpen) >= 0)) {
+            throw new Exception(
+                "Y outside range [2, p - 2]:  x: " + x + " p: " + p);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/crypto/provider/KeyAgreement/UnsupportedDHKeys.java	Mon Oct 23 02:28:19 2017 -0700
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8072452
+ * @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
+ */
+
+import java.math.BigInteger;
+
+import java.security.*;
+import javax.crypto.*;
+import javax.crypto.interfaces.*;
+import javax.crypto.spec.*;
+
+public class UnsupportedDHKeys {
+
+    /*
+     * Sizes and values for various lengths.
+     */
+    private enum UnsupportedKeySize {
+        // not multiple of 64
+        dhp513(513),    dhp769(769),    dhp895(895),
+        dhp1023(1023),  dhp1535(1535),  dhp2047(2047),
+
+        // unsupported
+        dhp2176(2176),  dhp3008(3008),  dhp4032(4032),
+        dhp5120(5120),  dhp6400(6400),  dhp7680(7680),
+        dhp8191(8191),  dhp8128(8128),  dhp8260(8260);
+
+        final int primeSize;
+
+        UnsupportedKeySize(int primeSize) {
+            this.primeSize = primeSize;
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        for (UnsupportedKeySize keySize : UnsupportedKeySize.values()) {
+            try {
+                System.out.println("Checking " + keySize.primeSize + " ...");
+                KeyPairGenerator kpg =
+                        KeyPairGenerator.getInstance("DH", "SunJCE");
+                kpg.initialize(keySize.primeSize);
+
+                throw new Exception("Should not support " + keySize.primeSize);
+            } catch (InvalidParameterException ipe) {
+                System.out.println("\tOk, unsupported");
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java	Mon Oct 23 02:28:19 2017 -0700
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8072452
+ * @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
+ * @library ..
+ * @run main/othervm SupportedDHKeys
+ */
+
+import java.math.BigInteger;
+
+import java.security.*;
+import javax.crypto.*;
+import javax.crypto.interfaces.*;
+import javax.crypto.spec.*;
+
+public class SupportedDHKeys extends PKCS11Test {
+
+    /*
+     * Sizes and values for various lengths.
+     */
+    private enum SupportedKeySize {
+        dhp512(512),   dhp768(768),    dhp832(832),
+        dhp1024(1024), dhp1536(1536),  dhp2048(2048);
+
+        // the underlying pkcs11 may not support the following sizes yet
+        //
+        // dhp3072(3072), dhp4096(4096),  dhp6144(6144),
+        // dhp8192(8192);
+
+        final int primeSize;
+
+        SupportedKeySize(int primeSize) {
+            this.primeSize = primeSize;
+        }
+    }
+
+    @Override
+    public void main(Provider provider) throws Exception {
+        if (provider.getService("KeyPairGenerator", "DiffieHellman") == null) {
+            System.out.println("No support of DH KeyPairGenerator, skipping");
+            return;
+        }
+
+        for (SupportedKeySize keySize : SupportedKeySize.values()) {
+            System.out.println("Checking " + keySize.primeSize + " ...");
+            KeyPairGenerator kpg =
+                    KeyPairGenerator.getInstance("DiffieHellman", provider);
+            kpg.initialize(keySize.primeSize);
+            KeyPair kp = kpg.generateKeyPair();
+            checkKeyPair(kp, keySize.primeSize, provider);
+
+            DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
+            BigInteger p = publicKey.getParams().getP();
+            BigInteger g = publicKey.getParams().getG();
+            kpg.initialize(new DHParameterSpec(p, g));
+            kp = kpg.generateKeyPair();
+            checkKeyPair(kp, keySize.primeSize, provider);
+        }
+    }
+
+    private static void checkKeyPair(KeyPair kp, int pSize,
+                Provider provider) throws Exception {
+
+        DHPrivateKey privateKey = (DHPrivateKey)kp.getPrivate();
+        BigInteger p = privateKey.getParams().getP();
+        if (p.bitLength() != pSize) {
+            throw new Exception(
+                "Invalid modulus size: " + p.bitLength() + "/" + pSize);
+        }
+
+        // System.out.println("P(" + pSize + "): " + p.toString());
+        if (!p.isProbablePrime(128)) {
+            throw new Exception("Good luck, the modulus is composite!");
+        }
+
+        DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
+        p = publicKey.getParams().getP();
+        if (p.bitLength() != pSize) {
+            throw new Exception(
+                "Invalid modulus size: " + p.bitLength() + "/" + pSize);
+        }
+
+        BigInteger leftOpen = BigInteger.ONE;
+        BigInteger rightOpen = p.subtract(BigInteger.ONE);
+
+        // ignore the private key range checking on Solaris at present
+        if (provider.getName().equals("SunPKCS11-Solaris") &&
+                !System.getProperty("os.name").equals("SunOS")) {
+            BigInteger x = privateKey.getX();
+            if ((x.compareTo(leftOpen) <= 0) ||
+                    (x.compareTo(rightOpen) >= 0)) {
+                throw new Exception(
+                    "X outside range [2, p - 2]:  x: " + x + " p: " + p);
+            }
+        }
+
+        BigInteger y = publicKey.getY();
+        if ((y.compareTo(leftOpen) <= 0) ||
+                (y.compareTo(rightOpen) >= 0)) {
+            throw new Exception(
+                "Y outside range [2, p - 2]:  y: " + y + " p: " + p);
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        main(new SupportedDHKeys());
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/pkcs11/KeyAgreement/UnsupportedDHKeys.java	Mon Oct 23 02:28:19 2017 -0700
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8072452
+ * @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
+ * @library ..
+ * @run main/othervm UnsupportedDHKeys
+ */
+
+import java.math.BigInteger;
+
+import java.security.*;
+import javax.crypto.*;
+import javax.crypto.interfaces.*;
+import javax.crypto.spec.*;
+
+public class UnsupportedDHKeys extends PKCS11Test {
+
+    /*
+     * Sizes and values for various lengths.
+     */
+    private enum UnsupportedKeySize {
+        // not multiple of 64
+        dhp513(513),    dhp769(769),    dhp895(895),
+        dhp1023(1023),  dhp1535(1535),  dhp2047(2047),
+
+        // unsupported
+        dhp2176(2176),  dhp3008(3008),  dhp4032(4032),
+        dhp5120(5120),  dhp6400(6400),  dhp7680(7680),
+        dhp8191(8191),  dhp8128(8128),  dhp8260(8260);
+
+        final int primeSize;
+
+        UnsupportedKeySize(int primeSize) {
+            this.primeSize = primeSize;
+        }
+    }
+
+    @Override
+    public void main(Provider provider) throws Exception {
+        if (provider.getService("KeyPairGenerator", "DiffieHellman") == null) {
+            System.out.println("No supported of DH KeyPairGenerator, skipping");
+            return;
+        }
+
+        for (UnsupportedKeySize keySize : UnsupportedKeySize.values()) {
+            try {
+                System.out.println("Checking " + keySize.primeSize + " ...");
+                KeyPairGenerator kpg =
+                        KeyPairGenerator.getInstance("DiffieHellman", provider);
+                kpg.initialize(keySize.primeSize);
+
+                throw new Exception("Should not support " + keySize.primeSize);
+            } catch (InvalidParameterException ipe) {
+                System.out.println("\tOk, unsupported");
+            }
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        main(new UnsupportedDHKeys());
+    }
+}
--- a/test/sun/security/pkcs11/KeyPairGenerator/TestDH2048.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/test/sun/security/pkcs11/KeyPairGenerator/TestDH2048.java	Mon Oct 23 02:28:19 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,8 +23,8 @@
 
 /**
  * @test
- * @bug 7196382
- * @summary Ensure that 2048-bit DH key pairs can be generated
+ * @bug 7196382 8072452
+ * @summary Ensure that DH key pairs can be generated for 512 - 8192 bits
  * @author Valerie Peng
  * @library ..
  */
@@ -53,11 +53,45 @@
             return;
         }
         KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", p);
+        kpg.initialize(512);
+        KeyPair kp1 = kpg.generateKeyPair();
+
+        kpg.initialize(768);
+        kp1 = kpg.generateKeyPair();
+
+        kpg.initialize(1024);
+        kp1 = kpg.generateKeyPair();
+
+        kpg.initialize(1536);
+        kp1 = kpg.generateKeyPair();
+
         kpg.initialize(2048);
-        KeyPair kp1 = kpg.generateKeyPair();
-        checkUnsupportedKeySize(kpg, 1536);
-        checkUnsupportedKeySize(kpg, 2176);
-        checkUnsupportedKeySize(kpg, 3072);
+        kp1 = kpg.generateKeyPair();
+
+        try {
+            kpg.initialize(3072);
+            kp1 = kpg.generateKeyPair();
+
+            kpg.initialize(4096);
+            kp1 = kpg.generateKeyPair();
+
+            kpg.initialize(6144);
+            kp1 = kpg.generateKeyPair();
+
+            kpg.initialize(8192);
+            kp1 = kpg.generateKeyPair();
+        } catch (InvalidParameterException ipe) {
+            // NSS (as of version 3.13) has a hard coded maximum limit
+            // of 2236 or 3072 bits for DHE keys.
+            System.out.println("4096-bit DH key pair generation: " + ipe);
+            if (!p.getName().equals("SunPKCS11-NSS")) {
+                throw ipe;
+            }
+        }
+
+        // key size must be multiples of 64 though
+        checkUnsupportedKeySize(kpg, 2048 + 63);
+        checkUnsupportedKeySize(kpg, 3072 + 32);
     }
 
     public static void main(String[] args) throws Exception {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/provider/DSA/SupportedDSAParamGen.java	Mon Oct 23 02:28:19 2017 -0700
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8072452
+ * @key intermittent
+ * @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
+ * @run main/timeout=300 SupportedDSAParamGen 1024 160
+ * @run main/timeout=300 SupportedDSAParamGen 2048 224
+ * @run main/timeout=300 SupportedDSAParamGen 2048 256
+ * @run main/timeout=450 SupportedDSAParamGen 3072 256
+ */
+import java.security.*;
+import java.security.spec.*;
+import java.security.interfaces.*;
+
+public class SupportedDSAParamGen {
+
+    public static void main(String[] args) throws Exception {
+        AlgorithmParameterGenerator apg =
+            AlgorithmParameterGenerator.getInstance("DSA", "SUN");
+
+        DSAGenParameterSpec spec = new DSAGenParameterSpec(
+                Integer.valueOf(args[0]).intValue(),
+                Integer.valueOf(args[1]).intValue());
+
+        System.out.println("Generating (" + spec.getPrimePLength() +
+                ", " + spec.getSubprimeQLength() + ") DSA Parameters");
+        long start = System.currentTimeMillis();
+        apg.init(spec, null);
+        AlgorithmParameters param = apg.generateParameters();
+        long stop = System.currentTimeMillis();
+        System.out.println("Time: " + (stop - start) + " ms.");
+        checkParamStrength(param, spec);
+    }
+
+    private static void checkParamStrength(AlgorithmParameters param,
+            DSAGenParameterSpec genParam) throws Exception {
+
+        String algo = param.getAlgorithm();
+        if (!algo.equalsIgnoreCase("DSA")) {
+            throw new Exception("Unexpected type of parameters: " + algo);
+        }
+
+        DSAParameterSpec spec = param.getParameterSpec(DSAParameterSpec.class);
+        int valueL = spec.getP().bitLength();
+        int strength = genParam.getPrimePLength();
+        if (strength != valueL) {
+            System.out.println(
+                    "P: Expected " + strength + " but actual " + valueL);
+            throw new Exception("Wrong P strength");
+        }
+
+        int valueN = spec.getQ().bitLength();
+        strength = genParam.getSubprimeQLength();
+        if (strength != valueN) {
+            System.out.println(
+                    "Q: Expected " + strength + " but actual " + valueN);
+            throw new Exception("Wrong Q strength");
+        }
+    }
+}
--- a/test/sun/security/provider/DSA/TestKeyPairGenerator.java	Tue Oct 24 13:13:16 2017 -0700
+++ b/test/sun/security/provider/DSA/TestKeyPairGenerator.java	Mon Oct 23 02:28:19 2017 -0700
@@ -23,15 +23,18 @@
 
 /*
  * @test
- * @bug 4800108 8181048
- * @summary verify that precomputed DSA parameters are always used (512, 768, 1024, 2048 bit)
+ * @bug 4800108 8181048 8072452
+ * @summary verify that precomputed DSA parameters are always used (512, 768,
+ *          1024, 2048, 3072 bit)
  * @run main/othervm/timeout=15 TestKeyPairGenerator
  */
 
-// this fix is really a performance fix, so this test is not foolproof
-// without it, it will take a minute or more (unless you have a very fast machine)
-// with the fix, the test should complete in <2 seconds
-// use 15 second timeout to leave some room
+//
+// This fix is really a performance fix, so this test is not foolproof.
+// Without the precomputed parameters, it will take a minute or more
+// (unless you have a very fast machine).  With the fix, the test should
+// complete in less than 2 seconds.  Use 15 second timeout to leave some room.
+//
 
 import java.security.*;
 import java.security.interfaces.*;
@@ -79,8 +82,11 @@
         kp = kpg.generateKeyPair();
         checkKeyLength(kp, 2048);
 
+        kpg.initialize(3072);
+        kp = kpg.generateKeyPair();
+        checkKeyLength(kp, 3072);
+
         long stop = System.currentTimeMillis();
         System.out.println("Time: " + (stop - start) + " ms.");
     }
-
 }