summaryrefslogtreecommitdiffstats
path: root/luni/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'luni/src/main')
-rw-r--r--luni/src/main/java/java/security/Signature.java42
-rw-r--r--luni/src/main/java/javax/crypto/Cipher.java59
-rw-r--r--luni/src/main/java/javax/crypto/KeyAgreement.java49
-rw-r--r--luni/src/main/java/javax/crypto/Mac.java50
4 files changed, 145 insertions, 55 deletions
diff --git a/luni/src/main/java/java/security/Signature.java b/luni/src/main/java/java/security/Signature.java
index 795ccad..b11abaa 100644
--- a/luni/src/main/java/java/security/Signature.java
+++ b/luni/src/main/java/java/security/Signature.java
@@ -172,7 +172,12 @@ public abstract class Signature extends SignatureSpi {
throw new NoSuchAlgorithmException("Unknown algorithm: " + algorithm);
}
- SpiAndProvider spiAndProvider = tryAlgorithm(null, provider, algorithm);
+ SpiAndProvider spiAndProvider;
+ try {
+ spiAndProvider = tryAlgorithm(null, provider, algorithm);
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
if (spiAndProvider == null) {
if (provider == null) {
throw new NoSuchAlgorithmException("No provider found for " + algorithm);
@@ -187,7 +192,12 @@ public abstract class Signature extends SignatureSpi {
return new SignatureImpl(algorithm, provider);
}
- private static Engine.SpiAndProvider tryAlgorithm(Key key, Provider provider, String algorithm) {
+ /**
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize any provider.
+ */
+ private static Engine.SpiAndProvider tryAlgorithm(
+ Key key, Provider provider, String algorithm) throws InvalidKeyException {
if (provider != null) {
Provider.Service service = provider.getService(SERVICE, algorithm);
if (service == null) {
@@ -196,15 +206,22 @@ public abstract class Signature extends SignatureSpi {
return tryAlgorithmWithProvider(null, service);
}
ArrayList<Provider.Service> services = ENGINE.getServices(algorithm);
- if (services == null) {
+ if (services == null || services.isEmpty()) {
return null;
}
+ boolean keySupported = false;
for (Provider.Service service : services) {
- Engine.SpiAndProvider sap = tryAlgorithmWithProvider(key, service);
- if (sap != null) {
- return sap;
+ if (key == null || service.supportsParameter(key)) {
+ keySupported = true;
+ Engine.SpiAndProvider sap = tryAlgorithmWithProvider(key, service);
+ if (sap != null) {
+ return sap;
+ }
}
}
+ if (!keySupported) {
+ throw new InvalidKeyException("No provider supports the provided key");
+ }
return null;
}
@@ -661,7 +678,7 @@ public abstract class Signature extends SignatureSpi {
@Override
void ensureProviderChosen() {
- getSpi(null);
+ getSpi();
}
@Override
@@ -719,8 +736,11 @@ public abstract class Signature extends SignatureSpi {
/**
* Makes sure a CipherSpi that matches this type is selected.
+ *
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize this signature.
*/
- private SignatureSpi getSpi(Key key) {
+ private SignatureSpi getSpi(Key key) throws InvalidKeyException {
synchronized (initLock) {
if (spiImpl != null && key == null) {
return spiImpl;
@@ -742,7 +762,11 @@ public abstract class Signature extends SignatureSpi {
* Convenience call when the Key is not available.
*/
private SignatureSpi getSpi() {
- return getSpi(null);
+ try {
+ return getSpi(null);
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
}
@Override
diff --git a/luni/src/main/java/javax/crypto/Cipher.java b/luni/src/main/java/javax/crypto/Cipher.java
index 5a66c20..9d6bd22 100644
--- a/luni/src/main/java/javax/crypto/Cipher.java
+++ b/luni/src/main/java/javax/crypto/Cipher.java
@@ -297,7 +297,15 @@ public class Cipher {
}
String[] transformParts = checkTransformation(transformation);
- if (tryCombinations(null, provider, transformParts) == null) {
+
+ boolean providerSupportsAlgorithm;
+ try {
+ providerSupportsAlgorithm =
+ tryCombinations(null /* key */, provider, transformParts) != null;
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
+ if (!providerSupportsAlgorithm) {
if (provider == null) {
throw new NoSuchAlgorithmException("No provider found for " + transformation);
} else {
@@ -340,8 +348,11 @@ public class Cipher {
/**
* Makes sure a CipherSpi that matches this type is selected.
+ *
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize this cipher.
*/
- private CipherSpi getSpi(Key key) {
+ private CipherSpi getSpi(Key key) throws InvalidKeyException {
if (specifiedSpi != null) {
return specifiedSpi;
}
@@ -351,8 +362,8 @@ public class Cipher {
return spiImpl;
}
- final Engine.SpiAndProvider sap = tryCombinations(key, specifiedProvider,
- transformParts);
+ final Engine.SpiAndProvider sap = tryCombinations(
+ key, specifiedProvider, transformParts);
if (sap == null) {
throw new ProviderException("No provider for " + transformation);
}
@@ -368,7 +379,11 @@ public class Cipher {
* Convenience call when the Key is not available.
*/
private CipherSpi getSpi() {
- return getSpi(null);
+ try {
+ return getSpi(null);
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
}
/**
@@ -396,9 +411,12 @@ public class Cipher {
* [cipher]//[padding]
* [cipher]
* </pre>
+ *
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize any provider.
*/
private static Engine.SpiAndProvider tryCombinations(Key key, Provider provider,
- String[] transformParts) {
+ String[] transformParts) throws InvalidKeyException {
Engine.SpiAndProvider sap = null;
if (transformParts[1] != null && transformParts[2] != null) {
@@ -428,35 +446,42 @@ public class Cipher {
return tryTransform(key, provider, transformParts[0], transformParts, NeedToSet.BOTH);
}
+ /**
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize this cipher.
+ */
private static Engine.SpiAndProvider tryTransform(Key key, Provider provider, String transform,
- String[] transformParts, NeedToSet type) {
+ String[] transformParts, NeedToSet type) throws InvalidKeyException {
if (provider != null) {
Provider.Service service = provider.getService(SERVICE, transform);
if (service == null) {
return null;
}
- return tryTransformWithProvider(null, transformParts, type, service);
+ return tryTransformWithProvider(transformParts, type, service);
}
ArrayList<Provider.Service> services = ENGINE.getServices(transform);
- if (services == null) {
+ if (services == null || services.isEmpty()) {
return null;
}
+ boolean keySupported = false;
for (Provider.Service service : services) {
- Engine.SpiAndProvider sap = tryTransformWithProvider(key, transformParts, type, service);
- if (sap != null) {
- return sap;
+ if (key == null || service.supportsParameter(key)) {
+ keySupported = true;
+ Engine.SpiAndProvider sap = tryTransformWithProvider(transformParts, type, service);
+ if (sap != null) {
+ return sap;
+ }
}
}
+ if (!keySupported) {
+ throw new InvalidKeyException("No provider supports the provided key");
+ }
return null;
}
- private static Engine.SpiAndProvider tryTransformWithProvider(Key key, String[] transformParts,
+ private static Engine.SpiAndProvider tryTransformWithProvider(String[] transformParts,
NeedToSet type, Provider.Service service) {
try {
- if (key != null && !service.supportsParameter(key)) {
- return null;
- }
-
/*
* Check to see if the Cipher even supports the attributes before
* trying to instantiate it.
diff --git a/luni/src/main/java/javax/crypto/KeyAgreement.java b/luni/src/main/java/javax/crypto/KeyAgreement.java
index 1ba660d..22c2f3f 100644
--- a/luni/src/main/java/javax/crypto/KeyAgreement.java
+++ b/luni/src/main/java/javax/crypto/KeyAgreement.java
@@ -178,7 +178,13 @@ public class KeyAgreement {
throw new NullPointerException("algorithm == null");
}
- if (tryAlgorithm(null, provider, algorithm) == null) {
+ boolean providerSupportsAlgorithm;
+ try {
+ providerSupportsAlgorithm = tryAlgorithm(null /* key */, provider, algorithm) != null;
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
+ if (!providerSupportsAlgorithm) {
if (provider == null) {
throw new NoSuchAlgorithmException("No provider found for " + algorithm);
} else {
@@ -189,33 +195,41 @@ public class KeyAgreement {
return new KeyAgreement(null, provider, algorithm);
}
- private static Engine.SpiAndProvider tryAlgorithm(Key key, Provider provider, String algorithm) {
+ /**
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize any provider.
+ */
+ private static Engine.SpiAndProvider tryAlgorithm(Key key, Provider provider, String algorithm)
+ throws InvalidKeyException {
if (provider != null) {
Provider.Service service = provider.getService(SERVICE, algorithm);
if (service == null) {
return null;
}
- return tryAlgorithmWithProvider(null, service);
+ return tryAlgorithmWithProvider(service);
}
ArrayList<Provider.Service> services = ENGINE.getServices(algorithm);
- if (services == null) {
+ if (services == null || services.isEmpty()) {
return null;
}
+ boolean keySupported = false;
for (Provider.Service service : services) {
- Engine.SpiAndProvider sap = tryAlgorithmWithProvider(key, service);
- if (sap != null) {
- return sap;
+ if (key == null || service.supportsParameter(key)) {
+ keySupported = true;
+ Engine.SpiAndProvider sap = tryAlgorithmWithProvider(service);
+ if (sap != null) {
+ return sap;
+ }
}
}
+ if (!keySupported) {
+ throw new InvalidKeyException("No provider supports the provided key");
+ }
return null;
}
- private static Engine.SpiAndProvider tryAlgorithmWithProvider(Key key, Provider.Service service) {
+ private static Engine.SpiAndProvider tryAlgorithmWithProvider(Provider.Service service) {
try {
- if (key != null && !service.supportsParameter(key)) {
- return null;
- }
-
Engine.SpiAndProvider sap = ENGINE.getInstance(service, null);
if (sap.spi == null || sap.provider == null) {
return null;
@@ -231,8 +245,11 @@ public class KeyAgreement {
/**
* Makes sure a KeyAgreementSpi that matches this type is selected.
+ *
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize this key agreement.
*/
- private KeyAgreementSpi getSpi(Key key) {
+ private KeyAgreementSpi getSpi(Key key) throws InvalidKeyException {
synchronized (initLock) {
if (spiImpl != null && key == null) {
return spiImpl;
@@ -254,7 +271,11 @@ public class KeyAgreement {
* Convenience call when the Key is not available.
*/
private KeyAgreementSpi getSpi() {
- return getSpi(null);
+ try {
+ return getSpi(null /* key */);
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
}
/**
diff --git a/luni/src/main/java/javax/crypto/Mac.java b/luni/src/main/java/javax/crypto/Mac.java
index 7da84e6..b8fb947 100644
--- a/luni/src/main/java/javax/crypto/Mac.java
+++ b/luni/src/main/java/javax/crypto/Mac.java
@@ -182,7 +182,13 @@ public class Mac implements Cloneable {
throw new NullPointerException("algorithm == null");
}
- if (tryAlgorithm(null, provider, algorithm) == null) {
+ boolean providerSupportsAlgorithm;
+ try {
+ providerSupportsAlgorithm = tryAlgorithm(null /* key */, provider, algorithm) != null;
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
+ if (!providerSupportsAlgorithm) {
if (provider == null) {
throw new NoSuchAlgorithmException("No provider found for " + algorithm);
} else {
@@ -192,34 +198,41 @@ public class Mac implements Cloneable {
}
return new Mac(null, provider, algorithm);
}
-
- private static Engine.SpiAndProvider tryAlgorithm(Key key, Provider provider, String algorithm) {
+ /**
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize this mac.
+ */
+ private static Engine.SpiAndProvider tryAlgorithm(
+ Key key, Provider provider, String algorithm) throws InvalidKeyException {
if (provider != null) {
Provider.Service service = provider.getService(SERVICE, algorithm);
if (service == null) {
return null;
}
- return tryAlgorithmWithProvider(null, service);
+ return tryAlgorithmWithProvider(service);
}
ArrayList<Provider.Service> services = ENGINE.getServices(algorithm);
- if (services == null) {
+ if (services == null || services.isEmpty()) {
return null;
}
+ boolean keySupported = false;
for (Provider.Service service : services) {
- Engine.SpiAndProvider sap = tryAlgorithmWithProvider(key, service);
- if (sap != null) {
- return sap;
+ if (key == null || service.supportsParameter(key)) {
+ keySupported = true;
+ Engine.SpiAndProvider sap = tryAlgorithmWithProvider(service);
+ if (sap != null) {
+ return sap;
+ }
}
}
+ if (!keySupported) {
+ throw new InvalidKeyException("No provider supports the provided key");
+ }
return null;
}
- private static Engine.SpiAndProvider tryAlgorithmWithProvider(Key key, Provider.Service service) {
+ private static Engine.SpiAndProvider tryAlgorithmWithProvider(Provider.Service service) {
try {
- if (key != null && !service.supportsParameter(key)) {
- return null;
- }
-
Engine.SpiAndProvider sap = ENGINE.getInstance(service, null);
if (sap.spi == null || sap.provider == null) {
return null;
@@ -235,8 +248,11 @@ public class Mac implements Cloneable {
/**
* Makes sure a MacSpi that matches this type is selected.
+ *
+ * @throws InvalidKeyException if the specified key cannot be used to
+ * initialize this mac.
*/
- private MacSpi getSpi(Key key) {
+ private MacSpi getSpi(Key key) throws InvalidKeyException {
synchronized (initLock) {
if (spiImpl != null && provider != null && key == null) {
return spiImpl;
@@ -268,7 +284,11 @@ public class Mac implements Cloneable {
* Convenience call when the Key is not available.
*/
private MacSpi getSpi() {
- return getSpi(null);
+ try {
+ return getSpi(null);
+ } catch (InvalidKeyException e) {
+ throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
+ }
}
/**