Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/java.base/share/conf/security/java.security
changeset 50768 68fa3d4026ea
parent 50722 bc104aaf24e9
child 51236 a90d8198d7e4
equal deleted inserted replaced
50767:356eaea05bf0 50768:68fa3d4026ea 
   798 #       E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
 
   798 #       E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
 
   799 #       EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
 
   799 #       EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
 
   800 #       FFFFFFFF FFFFFFFF, 2}
 
   800 #       FFFFFFFF FFFFFFFF, 2}
 
   801 
   801 
   802 #
 
   802 #
 
       
   803 # TLS key limits on symmetric cryptographic algorithms
 
       
   804 #
 
       
   805 # This security property sets limits on algorithms key usage in TLS 1.3.
 
       
   806 # When the amount of data encrypted exceeds the algorithm value listed below,
 
       
   807 # a KeyUpdate message will trigger a key change.  This is for symmetric ciphers
 
       
   808 # with TLS 1.3 only.
 
       
   809 #
 
       
   810 # The syntax for the property is described below:
 
       
   811 #   KeyLimits:
 
       
   812 #       " KeyLimit { , KeyLimit } "
 
       
   813 #
 
       
   814 #   WeakKeyLimit:
 
       
   815 #       AlgorithmName Action Length
 
       
   816 #
 
       
   817 #   AlgorithmName:
 
       
   818 #       A full algorithm transformation.
 
       
   819 #
 
       
   820 #   Action:
 
       
   821 #       KeyUpdate
 
       
   822 #
 
       
   823 #   Length:
 
       
   824 #       The amount of encrypted data in a session before the Action occurs
 
       
   825 #       This value may be an integer value in bytes, or as a power of two, 2^29.
 
       
   826 #
 
       
   827 #   KeyUpdate:
 
       
   828 #       The TLS 1.3 KeyUpdate handshake process begins when the Length amount
 
       
   829 #       is fulfilled.
 
       
   830 #
 
       
   831 # Note: This property is currently used by OpenJDK's JSSE implementation. It
 
       
   832 # is not guaranteed to be examined and used by other implementations.
 
       
   833 #
 
       
   834 jdk.tls.keyLimits=AES/GCM/NoPadding KeyUpdate 2^37
 
       
   835 
       
   836 #
 
   803 # Cryptographic Jurisdiction Policy defaults
 
   837 # Cryptographic Jurisdiction Policy defaults
 
   804 #
 
   838 #
 
   805 # Import and export control rules on cryptographic software vary from
 
   839 # Import and export control rules on cryptographic software vary from
 
   806 # country to country.  By default, Java provides two different sets of
 
   840 # country to country.  By default, Java provides two different sets of
 
   807 # cryptographic policy files[1]:
 
   841 # cryptographic policy files[1]:
jdk-sandbox