8039921: SHA1WithDSA with key > 1024 bits not working

Summary: Removed the key size limits for all SHAXXXWithDSA signatures
Reviewed-by: weijun

src/share/classes/sun/security/provider/DSA.java

 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -117,7 +117,6 @@ abstract class DSA extends SignatureSpi {
         if (params == null) {
             throw new InvalidKeyException("DSA private key lacks parameters");
         }
-        checkKey(params);
 
         this.params = params;
         this.presetX = priv.getX();
@@ -149,7 +148,6 @@ abstract class DSA extends SignatureSpi {
         if (params == null) {
             throw new InvalidKeyException("DSA public key lacks parameters");
         }
-        checkKey(params);
 
         this.params = params;
         this.presetY = pub.getY();
@@ -291,16 +289,6 @@ abstract class DSA extends SignatureSpi {
         return null;
     }
 
-    protected void checkKey(DSAParams params) throws InvalidKeyException {
-        // FIPS186-3 states in sec4.2 that a hash function which provides
-        // a lower security strength than the (L, N) pair ordinarily should
-        // not be used.
-        int valueN = params.getQ().bitLength();
-        if (valueN > md.getDigestLength()*8) {
-            throw new InvalidKeyException("Key is too strong for this signature algorithm");
-        }
-    }
-
     private BigInteger generateR(BigInteger p, BigInteger q, BigInteger g,
                          BigInteger k) {
         BigInteger temp = g.modPow(k, p);
@@ -480,14 +468,6 @@ abstract class DSA extends SignatureSpi {
            }
         }
 
-        @Override
-        protected void checkKey(DSAParams params) throws InvalidKeyException {
-            int valueL = params.getP().bitLength();
-            if (valueL > 1024) {
-                throw new InvalidKeyException("Key is too long for this algorithm");
-            }
-        }
-
         /*
          * Please read bug report 4044247 for an alternative, faster,
          * NON-FIPS approved method to generate K

test/sun/security/provider/DSA/TestDSA2.java

 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,7 +50,7 @@ public class TestDSA2 {
     public static void main(String[] args) throws Exception {
         boolean[] expectedToPass = { true, true, true };
         test(1024, expectedToPass);
-        boolean[] expectedToPass2 = { false, true, true };
+        boolean[] expectedToPass2 = { true, true, true };
         test(2048, expectedToPass2);
     }