Followup changes for custom DH groups

peterdettman · peterdettman · commit 80f81a5840ff · 2024-05-30T22:01:20.000+07:00
diff --git a/CONTRIBUTORS.html b/CONTRIBUTORS.html
@@ -547,6 +547,7 @@
 <li>Seung Yeon &lt;https://github.com/seungyeonpark&gt; - addition of Memoable method implementations to CertPathValidationContext and CertificatePoliciesValidation.</li>
 <li>yuhh0328 &lt;https://github.com/yuhh0328&gt; - initial patch for adding ML-KEM support to TLS.</li>
 <li>Jan Oupick&yacute; &lt;https://github.com/Honzaik&gt; - update to draft 13 of composite PQC signatures.</li>
+<li>Karsten Otto &lt;https://github.com/ottoka&gt; - finished the support for jdk.tls.server.defaultDHEParameters.</li>
 </ul>
 </body>
 </html>
diff --git a/docs/releasenotes.html b/docs/releasenotes.html
@@ -19,12 +19,18 @@ <h2>1.0 Introduction</h2>
 <h2>2.0 Release History</h2>
 
 <a id="r1rv79"><h3>2.1.1 Version</h3></a>
+Release: 1.79<br/>
 Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2024, TBD.
 <h3>2.1.2 Defects Fixed</h3>
 <ul>
 </ul>
+<h3>2.1.3 Additional Features and Functionality</h3>
+<ul>
+<li>BCJSSE: Added support for security property "jdk.tls.server.defaultDHEParameters" (disabled in FIPS mode).</li>
+</ul>
 
 <a id="r1rv78d1"><h3>2.2.1 Version</h3></a>
+Release: 1.78.1<br/>
 Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2024, 18th April.
 <h3>2.2.2 Defects Fixed</h3>
 <ul>
diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java
@@ -165,6 +165,28 @@ static class PerContext
         }
     }
 
+    static class DefaultedResult
+    {
+        private final int result;
+        private final boolean defaulted;
+
+        DefaultedResult(int result, boolean defaulted)
+        {
+            this.result = result;
+            this.defaulted = defaulted;
+        }
+
+        int getResult()
+        {
+            return result;
+        }
+
+        boolean isDefaulted()
+        {
+            return defaulted;
+        }
+    }
+
     static PerConnection createPerConnectionClient(PerContext perContext, ProvSSLParameters sslParameters,
         ProtocolVersion[] activeProtocolVersions)
     {
@@ -227,7 +249,7 @@ static PerContext createPerContext(boolean isFipsContext, JcaTlsCrypto crypto)
         return new PerContext(index, candidates);
     }
 
-    static int getMaximumBitsServerECDH(PerConnection perConnection)
+    static DefaultedResult getMaximumBitsServerECDH(PerConnection perConnection)
     {
         int maxBits = 0;
         List<NamedGroupInfo> peer = perConnection.getPeer();
@@ -257,10 +279,10 @@ static int getMaximumBitsServerECDH(PerConnection perConnection)
                 maxBits = Math.max(maxBits, namedGroupInfo.getBitsECDH());
             }
         }
-        return maxBits;
+        return new DefaultedResult(maxBits, peer == null);
     }
 
-    static int getMaximumBitsServerFFDHE(PerConnection perConnection)
+    static DefaultedResult getMaximumBitsServerFFDHE(PerConnection perConnection)
     {
         int maxBits = 0;
         boolean anyPeerFF = false;
@@ -294,7 +316,7 @@ static int getMaximumBitsServerFFDHE(PerConnection perConnection)
                 maxBits = Math.max(maxBits, namedGroupInfo.getBitsFFDHE());
             }
         }
-        return maxBits;
+        return new DefaultedResult(maxBits, !anyPeerFF);
     }
 
     static NamedGroupInfo getNamedGroup(PerContext perContext, int namedGroup)
@@ -329,7 +351,7 @@ static boolean hasLocal(PerConnection perConnection, int namedGroup)
         return perConnection.local.containsKey(namedGroup);
     }
 
-    static int selectServerECDH(PerConnection perConnection, int minimumBitsECDH)
+    static DefaultedResult selectServerECDH(PerConnection perConnection, int minimumBitsECDH)
     {
         List<NamedGroupInfo> peer = perConnection.getPeer();
         if (peer != null)
@@ -341,7 +363,7 @@ static int selectServerECDH(PerConnection perConnection, int minimumBitsECDH)
                     int namedGroup = namedGroupInfo.getNamedGroup();
                     if (perConnection.local.containsKey(namedGroup))
                     {
-                        return namedGroup;
+                        return new DefaultedResult(namedGroup, false);
                     }
                 }
             }
@@ -357,14 +379,14 @@ static int selectServerECDH(PerConnection perConnection, int minimumBitsECDH)
             {
                 if (namedGroupInfo.getBitsECDH() >= minimumBitsECDH)
                 {
-                    return namedGroupInfo.getNamedGroup();
+                    return new DefaultedResult(namedGroupInfo.getNamedGroup(), true);
                 }
             }
         }
-        return -1;
+        return new DefaultedResult(-1, peer == null);
     }
 
-    static int selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)
+    static DefaultedResult selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)
     {
         boolean anyPeerFF = false;
         List<NamedGroupInfo> peer = perConnection.getPeer();
@@ -379,7 +401,7 @@ static int selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)
                 {
                     if (perConnection.local.containsKey(namedGroup))
                     {
-                        return namedGroup;
+                        return new DefaultedResult(namedGroup, false);
                     }
                 }
             }
@@ -395,11 +417,11 @@ static int selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)
             {
                 if (namedGroupInfo.getBitsFFDHE() >= minimumBitsFFDHE)
                 {
-                    return namedGroupInfo.getNamedGroup();
+                    return new DefaultedResult(namedGroupInfo.getNamedGroup(), true);
                 }
             }
         }
-        return -1;
+        return new DefaultedResult(-1, !anyPeerFF);
     }
 
     private static void addNamedGroup(boolean isFipsContext, JcaTlsCrypto crypto, boolean disableChar2,
diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/ProvTlsServer.java b/tls/src/main/java/org/bouncycastle/jsse/provider/ProvTlsServer.java
@@ -31,6 +31,7 @@
 import org.bouncycastle.tls.ClientCertificateType;
 import org.bouncycastle.tls.DefaultTlsServer;
 import org.bouncycastle.tls.KeyExchangeAlgorithm;
+import org.bouncycastle.tls.NamedGroup;
 import org.bouncycastle.tls.ProtocolName;
 import org.bouncycastle.tls.ProtocolVersion;
 import org.bouncycastle.tls.SecurityParameters;
@@ -62,10 +63,6 @@ class ProvTlsServer
     // TODO[jsse] Integrate this into NamedGroupInfo
     private static final int provEphemeralDHKeySize = PropertyUtils.getIntegerSystemProperty("jdk.tls.ephemeralDHKeySize", 2048, 1024, 8192);
 
-    /*
-     * TODO[jsse] Does this selection override the restriction from 'jdk.tls.ephemeralDHKeySize'?
-     * TODO[fips] Probably should be ignored in fips mode?
-     */
     private static final DHGroup[] provServerDefaultDHEParameters = getDefaultDHEParameters();
 
     private static final boolean provServerEnableCA = PropertyUtils
@@ -100,7 +97,7 @@ private static DHGroup[] getDefaultDHEParameters()
             return null;
         }
 
-        ArrayList<DHGroup> result = new ArrayList<DHGroup>();
+        ArrayList<DHGroup> dhGroups = new ArrayList<DHGroup>();
         int outerComma = -1;
         do
         {
@@ -134,7 +131,7 @@ private static DHGroup[] getDefaultDHEParameters()
                 DHGroup dhGroup = TlsDHUtils.getStandardGroupForDHParameters(p, g);
                 if (null != dhGroup)
                 {
-                    result.add(dhGroup);
+                    dhGroups.add(dhGroup);
                 }
                 else if (!p.isProbablePrime(120))
                 {
@@ -143,7 +140,7 @@ else if (!p.isProbablePrime(120))
                 }
                 else
                 {
-                    result.add(new DHGroup(p, null, g, 0));
+                    dhGroups.add(new DHGroup(p, null, g, 0));
                 }
             }
             catch (Exception e)
@@ -154,15 +151,15 @@ else if (!p.isProbablePrime(120))
             outerComma = closeBrace + 1;
             if (outerComma >= limit)
             {
-                result.sort(new Comparator<DHGroup>()
+                DHGroup[] result = dhGroups.toArray(new DHGroup[dhGroups.size()]);
+                java.util.Arrays.sort(result, new Comparator<DHGroup>()
                 {
-                    @Override
                     public int compare(DHGroup a, DHGroup b)
                     {
                         return a.getP().bitLength() - b.getP().bitLength();
                     }
                 });
-                return result.toArray(new DHGroup[result.size()]);
+                return result;
             }
         }
         while (',' == input.charAt(outerComma));
@@ -268,13 +265,29 @@ protected String getDetailMessageNoCipherSuite()
     @Override
     protected int getMaximumNegotiableCurveBits()
     {
-        return NamedGroupInfo.getMaximumBitsServerECDH(jsseSecurityParameters.namedGroups);
+        NamedGroupInfo.DefaultedResult maxBitsResult = NamedGroupInfo.getMaximumBitsServerECDH(
+            jsseSecurityParameters.namedGroups);
+
+        int maxBits = maxBitsResult.getResult();
+
+        return maxBits;
     }
 
     @Override
     protected int getMaximumNegotiableFiniteFieldBits()
     {
-        int maxBits = NamedGroupInfo.getMaximumBitsServerFFDHE(jsseSecurityParameters.namedGroups);
+        NamedGroupInfo.DefaultedResult maxBitsResult = NamedGroupInfo.getMaximumBitsServerFFDHE(
+            jsseSecurityParameters.namedGroups);
+
+        int maxBits = maxBitsResult.getResult();
+
+        if (maxBitsResult.isDefaulted() &&
+            !TlsUtils.isNullOrEmpty(provServerDefaultDHEParameters) &&
+            !manager.getContextData().getContext().isFips())
+        {
+            DHGroup largest = provServerDefaultDHEParameters[provServerDefaultDHEParameters.length - 1];
+            maxBits = Math.max(maxBits, largest.getP().bitLength());
+        }
 
         return maxBits >= provEphemeralDHKeySize ? maxBits : 0;
     }
@@ -336,28 +349,39 @@ protected boolean selectCipherSuite(int cipherSuite) throws IOException
     @Override
     public TlsDHConfig getDHConfig() throws IOException
     {
-        if (provServerDefaultDHEParameters != null)
-        {
-            int minimumFiniteFieldBits = Math.max(
-                TlsDHUtils.getMinimumFiniteFieldBits(selectedCipherSuite), provEphemeralDHKeySize);
+        int minimumFiniteFieldBits = TlsDHUtils.getMinimumFiniteFieldBits(selectedCipherSuite);
+        minimumFiniteFieldBits = Math.max(minimumFiniteFieldBits, provEphemeralDHKeySize);
+
+        NamedGroupInfo.DefaultedResult namedGroupResult = NamedGroupInfo.selectServerFFDHE(
+            jsseSecurityParameters.namedGroups, minimumFiniteFieldBits);
 
-            for (DHGroup group: provServerDefaultDHEParameters)
+        int namedGroup = namedGroupResult.getResult();
+
+        if (namedGroupResult.isDefaulted() &&
+            !TlsUtils.isNullOrEmpty(provServerDefaultDHEParameters) &&
+            !manager.getContextData().getContext().isFips())
+        {
+            for (DHGroup dhGroup : provServerDefaultDHEParameters)
             {
-                if (group.getP().bitLength() >= minimumFiniteFieldBits)
+                int bits = dhGroup.getP().bitLength();
+                if (bits >= minimumFiniteFieldBits)
                 {
-                    return new TlsDHConfig(group);
+                    if (namedGroup < 0 || bits <= NamedGroup.getFiniteFieldBits(namedGroup))
+                    {
+                        return new TlsDHConfig(dhGroup);
+                    }
+                    break;
                 }
             }
         }
-        return super.getDHConfig();
+
+        return TlsDHUtils.createNamedDHConfig(context, namedGroup);
     }
 
     @Override
     protected int selectDH(int minimumFiniteFieldBits)
     {
-        minimumFiniteFieldBits = Math.max(minimumFiniteFieldBits, provEphemeralDHKeySize);
-
-        return NamedGroupInfo.selectServerFFDHE(jsseSecurityParameters.namedGroups, minimumFiniteFieldBits);
+        throw new UnsupportedOperationException();
     }
 
     @Override
@@ -369,7 +393,7 @@ protected int selectDHDefault(int minimumFiniteFieldBits)
     @Override
     protected int selectECDH(int minimumCurveBits)
     {
-        return NamedGroupInfo.selectServerECDH(jsseSecurityParameters.namedGroups, minimumCurveBits);
+        return NamedGroupInfo.selectServerECDH(jsseSecurityParameters.namedGroups, minimumCurveBits).getResult();
     }
 
     @Override

Original file line number	Diff line number	Diff line change
`@@ -165,6 +165,28 @@ static class PerContext`
`165`	`165`	`}`
`166`	`166`	`}`
`167`	`167`
	`168`	`+ static class DefaultedResult`
	`169`	`+ {`
	`170`	`+ private final int result;`
	`171`	`+ private final boolean defaulted;`
	`172`	`+`
	`173`	`+ DefaultedResult(int result, boolean defaulted)`
	`174`	`+ {`
	`175`	`+ this.result = result;`
	`176`	`+ this.defaulted = defaulted;`
	`177`	`+ }`
	`178`	`+`
	`179`	`+ int getResult()`
	`180`	`+ {`
	`181`	`+ return result;`
	`182`	`+ }`
	`183`	`+`
	`184`	`+ boolean isDefaulted()`
	`185`	`+ {`
	`186`	`+ return defaulted;`
	`187`	`+ }`
	`188`	`+ }`
	`189`	`+`
`168`	`190`	`static PerConnection createPerConnectionClient(PerContext perContext, ProvSSLParameters sslParameters,`
`169`	`191`	`ProtocolVersion[] activeProtocolVersions)`
`170`	`192`	`{`
`@@ -227,7 +249,7 @@ static PerContext createPerContext(boolean isFipsContext, JcaTlsCrypto crypto)`
`227`	`249`	`return new PerContext(index, candidates);`
`228`	`250`	`}`
`229`	`251`
`230`		`- static int getMaximumBitsServerECDH(PerConnection perConnection)`
	`252`	`+ static DefaultedResult getMaximumBitsServerECDH(PerConnection perConnection)`
`231`	`253`	`{`
`232`	`254`	`int maxBits = 0;`
`233`	`255`	`List<NamedGroupInfo> peer = perConnection.getPeer();`
`@@ -257,10 +279,10 @@ static int getMaximumBitsServerECDH(PerConnection perConnection)`
`257`	`279`	`maxBits = Math.max(maxBits, namedGroupInfo.getBitsECDH());`
`258`	`280`	`}`
`259`	`281`	`}`
`260`		`- return maxBits;`
	`282`	`+ return new DefaultedResult(maxBits, peer == null);`
`261`	`283`	`}`
`262`	`284`
`263`		`- static int getMaximumBitsServerFFDHE(PerConnection perConnection)`
	`285`	`+ static DefaultedResult getMaximumBitsServerFFDHE(PerConnection perConnection)`
`264`	`286`	`{`
`265`	`287`	`int maxBits = 0;`
`266`	`288`	`boolean anyPeerFF = false;`
`@@ -294,7 +316,7 @@ static int getMaximumBitsServerFFDHE(PerConnection perConnection)`
`294`	`316`	`maxBits = Math.max(maxBits, namedGroupInfo.getBitsFFDHE());`
`295`	`317`	`}`
`296`	`318`	`}`
`297`		`- return maxBits;`
	`319`	`+ return new DefaultedResult(maxBits, !anyPeerFF);`
`298`	`320`	`}`
`299`	`321`
`300`	`322`	`static NamedGroupInfo getNamedGroup(PerContext perContext, int namedGroup)`
`@@ -329,7 +351,7 @@ static boolean hasLocal(PerConnection perConnection, int namedGroup)`
`329`	`351`	`return perConnection.local.containsKey(namedGroup);`
`330`	`352`	`}`
`331`	`353`
`332`		`- static int selectServerECDH(PerConnection perConnection, int minimumBitsECDH)`
	`354`	`+ static DefaultedResult selectServerECDH(PerConnection perConnection, int minimumBitsECDH)`
`333`	`355`	`{`
`334`	`356`	`List<NamedGroupInfo> peer = perConnection.getPeer();`
`335`	`357`	`if (peer != null)`
`@@ -341,7 +363,7 @@ static int selectServerECDH(PerConnection perConnection, int minimumBitsECDH)`
`341`	`363`	`int namedGroup = namedGroupInfo.getNamedGroup();`
`342`	`364`	`if (perConnection.local.containsKey(namedGroup))`
`343`	`365`	`{`
`344`		`- return namedGroup;`
	`366`	`+ return new DefaultedResult(namedGroup, false);`
`345`	`367`	`}`
`346`	`368`	`}`
`347`	`369`	`}`
`@@ -357,14 +379,14 @@ static int selectServerECDH(PerConnection perConnection, int minimumBitsECDH)`
`357`	`379`	`{`
`358`	`380`	`if (namedGroupInfo.getBitsECDH() >= minimumBitsECDH)`
`359`	`381`	`{`
`360`		`- return namedGroupInfo.getNamedGroup();`
	`382`	`+ return new DefaultedResult(namedGroupInfo.getNamedGroup(), true);`
`361`	`383`	`}`
`362`	`384`	`}`
`363`	`385`	`}`
`364`		`- return -1;`
	`386`	`+ return new DefaultedResult(-1, peer == null);`
`365`	`387`	`}`
`366`	`388`
`367`		`- static int selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)`
	`389`	`+ static DefaultedResult selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)`
`368`	`390`	`{`
`369`	`391`	`boolean anyPeerFF = false;`
`370`	`392`	`List<NamedGroupInfo> peer = perConnection.getPeer();`
`@@ -379,7 +401,7 @@ static int selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)`
`379`	`401`	`{`
`380`	`402`	`if (perConnection.local.containsKey(namedGroup))`
`381`	`403`	`{`
`382`		`- return namedGroup;`
	`404`	`+ return new DefaultedResult(namedGroup, false);`
`383`	`405`	`}`
`384`	`406`	`}`
`385`	`407`	`}`
`@@ -395,11 +417,11 @@ static int selectServerFFDHE(PerConnection perConnection, int minimumBitsFFDHE)`
`395`	`417`	`{`
`396`	`418`	`if (namedGroupInfo.getBitsFFDHE() >= minimumBitsFFDHE)`
`397`	`419`	`{`
`398`		`- return namedGroupInfo.getNamedGroup();`
	`420`	`+ return new DefaultedResult(namedGroupInfo.getNamedGroup(), true);`
`399`	`421`	`}`
`400`	`422`	`}`
`401`	`423`	`}`
`402`		`- return -1;`
	`424`	`+ return new DefaultedResult(-1, !anyPeerFF);`
`403`	`425`	`}`
`404`	`426`
`405`	`427`	`private static void addNamedGroup(boolean isFipsContext, JcaTlsCrypto crypto, boolean disableChar2,`
Original file line number	Diff line number	Diff line change
`@@ -31,6 +31,7 @@`
`31`	`31`	`import org.bouncycastle.tls.ClientCertificateType;`
`32`	`32`	`import org.bouncycastle.tls.DefaultTlsServer;`
`33`	`33`	`import org.bouncycastle.tls.KeyExchangeAlgorithm;`
	`34`	`+import org.bouncycastle.tls.NamedGroup;`
`34`	`35`	`import org.bouncycastle.tls.ProtocolName;`
`35`	`36`	`import org.bouncycastle.tls.ProtocolVersion;`
`36`	`37`	`import org.bouncycastle.tls.SecurityParameters;`
`@@ -62,10 +63,6 @@ class ProvTlsServer`
`62`	`63`	`// TODO[jsse] Integrate this into NamedGroupInfo`
`63`	`64`	`private static final int provEphemeralDHKeySize = PropertyUtils.getIntegerSystemProperty("jdk.tls.ephemeralDHKeySize", 2048, 1024, 8192);`
`64`	`65`
`65`		`- /*`
`66`		`- * TODO[jsse] Does this selection override the restriction from 'jdk.tls.ephemeralDHKeySize'?`
`67`		`- * TODO[fips] Probably should be ignored in fips mode?`
`68`		`- */`
`69`	`66`	`private static final DHGroup[] provServerDefaultDHEParameters = getDefaultDHEParameters();`
`70`	`67`
`71`	`68`	`private static final boolean provServerEnableCA = PropertyUtils`
`@@ -100,7 +97,7 @@ private static DHGroup[] getDefaultDHEParameters()`
`100`	`97`	`return null;`
`101`	`98`	`}`
`102`	`99`
`103`		`- ArrayList<DHGroup> result = new ArrayList<DHGroup>();`
	`100`	`+ ArrayList<DHGroup> dhGroups = new ArrayList<DHGroup>();`
`104`	`101`	`int outerComma = -1;`
`105`	`102`	`do`
`106`	`103`	`{`
`@@ -134,7 +131,7 @@ private static DHGroup[] getDefaultDHEParameters()`
`134`	`131`	`DHGroup dhGroup = TlsDHUtils.getStandardGroupForDHParameters(p, g);`
`135`	`132`	`if (null != dhGroup)`
`136`	`133`	`{`
`137`		`- result.add(dhGroup);`
	`134`	`+ dhGroups.add(dhGroup);`
`138`	`135`	`}`
`139`	`136`	`else if (!p.isProbablePrime(120))`
`140`	`137`	`{`
`@@ -143,7 +140,7 @@ else if (!p.isProbablePrime(120))`
`143`	`140`	`}`
`144`	`141`	`else`
`145`	`142`	`{`
`146`		`- result.add(new DHGroup(p, null, g, 0));`
	`143`	`+ dhGroups.add(new DHGroup(p, null, g, 0));`
`147`	`144`	`}`
`148`	`145`	`}`
`149`	`146`	`catch (Exception e)`
`@@ -154,15 +151,15 @@ else if (!p.isProbablePrime(120))`
`154`	`151`	`outerComma = closeBrace + 1;`
`155`	`152`	`if (outerComma >= limit)`
`156`	`153`	`{`
`157`		`- result.sort(new Comparator<DHGroup>()`
	`154`	`+ DHGroup[] result = dhGroups.toArray(new DHGroup[dhGroups.size()]);`
	`155`	`+ java.util.Arrays.sort(result, new Comparator<DHGroup>()`
`158`	`156`	`{`
`159`		`- @Override`
`160`	`157`	`public int compare(DHGroup a, DHGroup b)`
`161`	`158`	`{`
`162`	`159`	`return a.getP().bitLength() - b.getP().bitLength();`
`163`	`160`	`}`
`164`	`161`	`});`
`165`		`- return result.toArray(new DHGroup[result.size()]);`
	`162`	`+ return result;`
`166`	`163`	`}`
`167`	`164`	`}`
`168`	`165`	`while (',' == input.charAt(outerComma));`
`@@ -268,13 +265,29 @@ protected String getDetailMessageNoCipherSuite()`
`268`	`265`	`@Override`
`269`	`266`	`protected int getMaximumNegotiableCurveBits()`
`270`	`267`	`{`
`271`		`- return NamedGroupInfo.getMaximumBitsServerECDH(jsseSecurityParameters.namedGroups);`
	`268`	`+ NamedGroupInfo.DefaultedResult maxBitsResult = NamedGroupInfo.getMaximumBitsServerECDH(`
	`269`	`+ jsseSecurityParameters.namedGroups);`
	`270`	`+`
	`271`	`+ int maxBits = maxBitsResult.getResult();`
	`272`	`+`
	`273`	`+ return maxBits;`
`272`	`274`	`}`
`273`	`275`
`274`	`276`	`@Override`
`275`	`277`	`protected int getMaximumNegotiableFiniteFieldBits()`
`276`	`278`	`{`
`277`		`- int maxBits = NamedGroupInfo.getMaximumBitsServerFFDHE(jsseSecurityParameters.namedGroups);`
	`279`	`+ NamedGroupInfo.DefaultedResult maxBitsResult = NamedGroupInfo.getMaximumBitsServerFFDHE(`
	`280`	`+ jsseSecurityParameters.namedGroups);`
	`281`	`+`
	`282`	`+ int maxBits = maxBitsResult.getResult();`
	`283`	`+`
	`284`	`+ if (maxBitsResult.isDefaulted() &&`
	`285`	`+ !TlsUtils.isNullOrEmpty(provServerDefaultDHEParameters) &&`
	`286`	`+ !manager.getContextData().getContext().isFips())`
	`287`	`+ {`
	`288`	`+ DHGroup largest = provServerDefaultDHEParameters[provServerDefaultDHEParameters.length - 1];`
	`289`	`+ maxBits = Math.max(maxBits, largest.getP().bitLength());`
	`290`	`+ }`
`278`	`291`
`279`	`292`	`return maxBits >= provEphemeralDHKeySize ? maxBits : 0;`
`280`	`293`	`}`
`@@ -336,28 +349,39 @@ protected boolean selectCipherSuite(int cipherSuite) throws IOException`
`336`	`349`	`@Override`
`337`	`350`	`public TlsDHConfig getDHConfig() throws IOException`
`338`	`351`	`{`
`339`		`- if (provServerDefaultDHEParameters != null)`
`340`		`- {`
`341`		`- int minimumFiniteFieldBits = Math.max(`
`342`		`- TlsDHUtils.getMinimumFiniteFieldBits(selectedCipherSuite), provEphemeralDHKeySize);`
	`352`	`+ int minimumFiniteFieldBits = TlsDHUtils.getMinimumFiniteFieldBits(selectedCipherSuite);`
	`353`	`+ minimumFiniteFieldBits = Math.max(minimumFiniteFieldBits, provEphemeralDHKeySize);`
	`354`	`+`
	`355`	`+ NamedGroupInfo.DefaultedResult namedGroupResult = NamedGroupInfo.selectServerFFDHE(`
	`356`	`+ jsseSecurityParameters.namedGroups, minimumFiniteFieldBits);`
`343`	`357`
`344`		`- for (DHGroup group: provServerDefaultDHEParameters)`
	`358`	`+ int namedGroup = namedGroupResult.getResult();`
	`359`	`+`
	`360`	`+ if (namedGroupResult.isDefaulted() &&`
	`361`	`+ !TlsUtils.isNullOrEmpty(provServerDefaultDHEParameters) &&`
	`362`	`+ !manager.getContextData().getContext().isFips())`
	`363`	`+ {`
	`364`	`+ for (DHGroup dhGroup : provServerDefaultDHEParameters)`
`345`	`365`	`{`
`346`		`- if (group.getP().bitLength() >= minimumFiniteFieldBits)`
	`366`	`+ int bits = dhGroup.getP().bitLength();`
	`367`	`+ if (bits >= minimumFiniteFieldBits)`
`347`	`368`	`{`
`348`		`- return new TlsDHConfig(group);`
	`369`	`+ if (namedGroup < 0 \|\| bits <= NamedGroup.getFiniteFieldBits(namedGroup))`
	`370`	`+ {`
	`371`	`+ return new TlsDHConfig(dhGroup);`
	`372`	`+ }`
	`373`	`+ break;`
`349`	`374`	`}`
`350`	`375`	`}`
`351`	`376`	`}`
`352`		`- return super.getDHConfig();`
	`377`	`+`
	`378`	`+ return TlsDHUtils.createNamedDHConfig(context, namedGroup);`
`353`	`379`	`}`
`354`	`380`
`355`	`381`	`@Override`
`356`	`382`	`protected int selectDH(int minimumFiniteFieldBits)`
`357`	`383`	`{`
`358`		`- minimumFiniteFieldBits = Math.max(minimumFiniteFieldBits, provEphemeralDHKeySize);`
`359`		`-`
`360`		`- return NamedGroupInfo.selectServerFFDHE(jsseSecurityParameters.namedGroups, minimumFiniteFieldBits);`
	`384`	`+ throw new UnsupportedOperationException();`
`361`	`385`	`}`
`362`	`386`
`363`	`387`	`@Override`
`@@ -369,7 +393,7 @@ protected int selectDHDefault(int minimumFiniteFieldBits)`
`369`	`393`	`@Override`
`370`	`394`	`protected int selectECDH(int minimumCurveBits)`
`371`	`395`	`{`
`372`		`- return NamedGroupInfo.selectServerECDH(jsseSecurityParameters.namedGroups, minimumCurveBits);`
	`396`	`+ return NamedGroupInfo.selectServerECDH(jsseSecurityParameters.namedGroups, minimumCurveBits).getResult();`
`373`	`397`	`}`
`374`	`398`
`375`	`399`	`@Override`