3 files changed, 34 insertions, 12 deletions

diff --git a/luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java b/luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java
index f7fe7e8..cd3c1fa 100644
--- a/luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java
+++ b/luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java
@@ -41,6 +41,9 @@ public class KeyStoreBuilderParameters implements ManagerFactoryParameters {
      *            the key store builder.
      */
     public KeyStoreBuilderParameters(KeyStore.Builder builder) {
+        if (builder == null) {
+            throw new NullPointerException("builder == null");
+        }
         ksbuilders = Collections.singletonList(builder);
     }
 
@@ -55,10 +58,10 @@ public class KeyStoreBuilderParameters implements ManagerFactoryParameters {
      */
     public KeyStoreBuilderParameters(List<KeyStore.Builder> parameters) {
         if (parameters == null) {
-            throw new NullPointerException("Builders list is null");
+            throw new NullPointerException("parameters == null");
         }
         if (parameters.isEmpty()) {
-            throw new IllegalArgumentException("Builders list is empty");
+            throw new IllegalArgumentException("parameters.isEmpty()");
         }
         ksbuilders = Collections.unmodifiableList(new ArrayList<KeyStore.Builder>(parameters));
     }
diff --git a/luni/src/main/java/javax/net/ssl/SSLHandshakeException.java b/luni/src/main/java/javax/net/ssl/SSLHandshakeException.java
index 1c17ae7..1939433 100644
--- a/luni/src/main/java/javax/net/ssl/SSLHandshakeException.java
+++ b/luni/src/main/java/javax/net/ssl/SSLHandshakeException.java
@@ -26,12 +26,25 @@ public class SSLHandshakeException extends SSLException {
     private static final long serialVersionUID = -5045881315018326890L;
 
     /**
-     * Creates a new {@code SSLHandshakeException} with the specified message.
-     *
-     * @param reason
-     *            the detail message for the exception.
+     * Constructs a new instance with the given detail message.
      */
     public SSLHandshakeException(String reason) {
         super(reason);
     }
+
+    /**
+     * Constructs a new instance with given cause.
+     * @hide internal use only
+     */
+    public SSLHandshakeException(Throwable cause) {
+        super(cause);
+    }
+
+    /**
+     * Constructs a new instance with given detail message and cause.
+     * @hide internal use only
+     */
+    public SSLHandshakeException(String reason, Throwable cause) {
+        super(reason, cause);
+    }
 }
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
index 68ab952..eaaa678 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
@@ -18,7 +18,6 @@ package org.apache.harmony.xnet.provider.jsse;
 
 import dalvik.system.BlockGuard;
 import dalvik.system.CloseGuard;
-import java.io.FileDescriptor;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
@@ -34,12 +33,12 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;
-import java.util.concurrent.atomic.AtomicInteger;
 import java.util.logging.Logger;
 import javax.net.ssl.HandshakeCompletedEvent;
 import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLHandshakeException;
+import javax.net.ssl.SSLProtocolException;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.X509TrustManager;
 import javax.security.auth.x500.X500Principal;
@@ -520,6 +519,8 @@ public class OpenSSLSocketImpl
             }
 
             exception = false;
+        } catch (SSLProtocolException e) {
+            throw new SSLHandshakeException(e);
         } finally {
             // on exceptional exit, treat the socket as closed
             if (exception) {
@@ -551,13 +552,18 @@ public class OpenSSLSocketImpl
         if (alias == null) {
             return;
         }
-
         PrivateKey privateKey = sslParameters.getKeyManager().getPrivateKey(alias);
-        byte[] privateKeyBytes = privateKey.getEncoded();
-        NativeCrypto.SSL_use_PrivateKey(sslNativePointer, privateKeyBytes);
-
+        if (privateKey == null) {
+            return;
+        }
         X509Certificate[] certificates = sslParameters.getKeyManager().getCertificateChain(alias);
+        if (certificates == null) {
+            return;
+        }
+
+        byte[] privateKeyBytes = privateKey.getEncoded();
         byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates);
+        NativeCrypto.SSL_use_PrivateKey(sslNativePointer, privateKeyBytes);
         NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes);
 
         // checks the last installed private key and certificate,