summaryrefslogtreecommitdiffstats
path: root/luni/src/main
diff options
context:
space:
mode:
authorSergio Giro <sgiro@google.com>2015-07-09 12:55:25 +0100
committerSergio Giro <sgiro@google.com>2015-07-13 14:35:04 +0100
commit30bc3f8566f9b089ce02a7a22b51991d896f5524 (patch)
tree959832022d26163723a35e2fd1269daa44692406 /luni/src/main
parentbe80d8833a8058eba9e510a29b84dfac711cf5db (diff)
downloadlibcore-30bc3f8566f9b089ce02a7a22b51991d896f5524.zip
libcore-30bc3f8566f9b089ce02a7a22b51991d896f5524.tar.gz
libcore-30bc3f8566f9b089ce02a7a22b51991d896f5524.tar.bz2
javax.crypto.Cipher: try less specific Cipher/Mode/Padding combinations before throwing InvalidKeyException
Also, return saved spi in getSpi instead of recomputing a new one Bug: 22208820 (cherry picked from commit 8157603ccf1ff124c5bebc8755404a9a825f47d3) Change-Id: I30a06ef7d9234769b5592a0c7d665c8afa2a8ff8
Diffstat (limited to 'luni/src/main')
-rw-r--r--luni/src/main/java/javax/crypto/Cipher.java42
1 files changed, 19 insertions, 23 deletions
diff --git a/luni/src/main/java/javax/crypto/Cipher.java b/luni/src/main/java/javax/crypto/Cipher.java
index 9d6bd22..db40117 100644
--- a/luni/src/main/java/javax/crypto/Cipher.java
+++ b/luni/src/main/java/javax/crypto/Cipher.java
@@ -298,14 +298,7 @@ public class Cipher {
String[] transformParts = checkTransformation(transformation);
- boolean providerSupportsAlgorithm;
- try {
- providerSupportsAlgorithm =
- tryCombinations(null /* key */, provider, transformParts) != null;
- } catch (InvalidKeyException e) {
- throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
- }
- if (!providerSupportsAlgorithm) {
+ if (tryCombinations(null /* key */, provider, transformParts) == null) {
if (provider == null) {
throw new NoSuchAlgorithmException("No provider found for " + transformation);
} else {
@@ -349,6 +342,9 @@ public class Cipher {
/**
* Makes sure a CipherSpi that matches this type is selected.
*
+ * If {@code key != null} then it assumes that a suitable provider exists for this instance
+ * (used by {@link #init}.
+ *
* @throws InvalidKeyException if the specified key cannot be used to
* initialize this cipher.
*/
@@ -358,14 +354,26 @@ public class Cipher {
}
synchronized (initLock) {
+ // This is not only a matter of performance. Many methods like update, doFinal, etc.
+ // call {@code #getSpi()} (ie, {@code #getSpi(null /* key */)}) and without this
+ // shortcut they would override an spi that was chosen using the key.
if (spiImpl != null && key == null) {
return spiImpl;
}
final Engine.SpiAndProvider sap = tryCombinations(
key, specifiedProvider, transformParts);
+
if (sap == null) {
- throw new ProviderException("No provider for " + transformation);
+ if (key == null) {
+ throw new ProviderException("No provider for " + transformation);
+ }
+ // Since the key is not null, a suitable provider exists,
+ // and it is an InvalidKeyException.
+ throw new InvalidKeyException(
+ "No provider offers " + transformation + " for " + key.getAlgorithm()
+ + " key of class " + key.getClass().getName()
+ + " and export format " + key.getFormat());
}
spiImpl = (CipherSpi) sap.spi;
@@ -411,12 +419,9 @@ public class Cipher {
* [cipher]//[padding]
* [cipher]
* </pre>
- *
- * @throws InvalidKeyException if the specified key cannot be used to
- * initialize any provider.
*/
private static Engine.SpiAndProvider tryCombinations(Key key, Provider provider,
- String[] transformParts) throws InvalidKeyException {
+ String[] transformParts) {
Engine.SpiAndProvider sap = null;
if (transformParts[1] != null && transformParts[2] != null) {
@@ -446,12 +451,8 @@ public class Cipher {
return tryTransform(key, provider, transformParts[0], transformParts, NeedToSet.BOTH);
}
- /**
- * @throws InvalidKeyException if the specified key cannot be used to
- * initialize this cipher.
- */
private static Engine.SpiAndProvider tryTransform(Key key, Provider provider, String transform,
- String[] transformParts, NeedToSet type) throws InvalidKeyException {
+ String[] transformParts, NeedToSet type) {
if (provider != null) {
Provider.Service service = provider.getService(SERVICE, transform);
if (service == null) {
@@ -463,19 +464,14 @@ public class Cipher {
if (services == null || services.isEmpty()) {
return null;
}
- boolean keySupported = false;
for (Provider.Service service : services) {
if (key == null || service.supportsParameter(key)) {
- keySupported = true;
Engine.SpiAndProvider sap = tryTransformWithProvider(transformParts, type, service);
if (sap != null) {
return sap;
}
}
}
- if (!keySupported) {
- throw new InvalidKeyException("No provider supports the provided key");
- }
return null;
}