--- a/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java Mon May 21 11:14:44 2018 -0400
+++ b/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java Tue May 22 13:44:02 2018 -0400
@@ -36,6 +36,7 @@
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.InvalidParameterSpecException;
+import java.security.spec.NamedParameterSpec;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collections;
@@ -454,6 +455,8 @@
return SupportedGroups.getECGenParamSpec(this);
} else if (this.type == NamedGroupType.NAMED_GROUP_FFDHE) {
return SupportedGroups.getDHParameterSpec(this);
+ } else if (this.type == NamedGroupType.NAMED_GROUP_XDH) {
+ return new NamedParameterSpec(this.algorithm);
}
return null;
@@ -552,6 +555,10 @@
// non-NIST curves
NamedGroup.SECP256_K1,
+ // XDH
+ NamedGroup.X25519,
+ NamedGroup.X448,
+
// FFDHE 2048
NamedGroup.FFDHE_2048,
NamedGroup.FFDHE_3072,
@@ -601,6 +608,14 @@
} catch (NoSuchAlgorithmException e) {
return false;
}
+ } else if (namedGroup.type == NamedGroupType.NAMED_GROUP_XDH) {
+ try {
+ JsseJce.getKeyAgreement(namedGroup.algorithm);
+ // no parameters
+ return true;
+ } catch (NoSuchAlgorithmException e) {
+ return false;
+ }
} // Otherwise, unsupported.
if ((params != null) && (spec != null)) {