Mercurial > hg > icedtea8-forest > jdk
changeset 12098:5d5b55014d0d jdk8u102-b02
8153531: Improve exception messaging for RSAClientKeyExchange
Reviewed-by: xuelei
author | coffeys |
---|---|
date | Thu, 07 Apr 2016 10:11:38 +0100 |
parents | 0901dc70ae2b |
children | 5b7b2c1d3d21 69ace4513aad |
files | src/share/classes/sun/security/ssl/HandshakeMessage.java src/share/classes/sun/security/ssl/RSAClientKeyExchange.java |
diffstat | 2 files changed, 25 insertions(+), 15 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/ssl/HandshakeMessage.java Wed Apr 06 08:27:01 2016 +0300 +++ b/src/share/classes/sun/security/ssl/HandshakeMessage.java Thu Apr 07 10:11:38 2016 +0100 @@ -812,8 +812,9 @@ if (!localSupportedSignAlgs.contains( preferableSignatureAlgorithm)) { throw new SSLHandshakeException( - "Unsupported SignatureAndHashAlgorithm in " + - "ServerKeyExchange message"); + "Unsupported SignatureAndHashAlgorithm in " + + "ServerKeyExchange message: " + + preferableSignatureAlgorithm); } } else { this.preferableSignatureAlgorithm = null; @@ -846,7 +847,8 @@ sig = RSASignature.getInstance(); break; default: - throw new SSLKeyException("neither an RSA or a DSA key"); + throw new SSLKeyException( + "neither an RSA or a DSA key: " + algorithm); } } @@ -1096,7 +1098,8 @@ preferableSignatureAlgorithm)) { throw new SSLHandshakeException( "Unsupported SignatureAndHashAlgorithm in " + - "ServerKeyExchange message"); + "ServerKeyExchange message: " + + preferableSignatureAlgorithm); } } @@ -1136,7 +1139,8 @@ case "RSA": return RSASignature.getInstance(); default: - throw new NoSuchAlgorithmException("neither an RSA or a EC key"); + throw new NoSuchAlgorithmException( + "neither an RSA or a EC key : " + keyAlgorithm); } } @@ -1343,7 +1347,8 @@ algorithmsLen = input.getInt16(); if (algorithmsLen < 2) { throw new SSLProtocolException( - "Invalid supported_signature_algorithms field"); + "Invalid supported_signature_algorithms field: " + + algorithmsLen); } algorithms = new ArrayList<SignatureAndHashAlgorithm>(); @@ -1362,7 +1367,8 @@ if (remains != 0) { throw new SSLProtocolException( - "Invalid supported_signature_algorithms field"); + "Invalid supported_signature_algorithms field. remains: " + + remains); } } else { algorithms = new ArrayList<SignatureAndHashAlgorithm>(); @@ -1379,7 +1385,8 @@ } if (len != 0) { - throw new SSLProtocolException("Bad CertificateRequest DN length"); + throw new SSLProtocolException( + "Bad CertificateRequest DN length: " + len); } authorities = v.toArray(new DistinguishedName[v.size()]); @@ -1609,8 +1616,8 @@ if (!localSupportedSignAlgs.contains( preferableSignatureAlgorithm)) { throw new SSLHandshakeException( - "Unsupported SignatureAndHashAlgorithm in " + - "CertificateVerify message"); + "Unsupported SignatureAndHashAlgorithm in " + + "CertificateVerify message: " + preferableSignatureAlgorithm); } } @@ -1977,7 +1984,8 @@ SecretKey prfKey = kg.generateKey(); if ("RAW".equals(prfKey.getFormat()) == false) { throw new ProviderException( - "Invalid PRF output, format must be RAW"); + "Invalid PRF output, format must be RAW. " + + "Format received: " + prfKey.getFormat()); } byte[] finished = prfKey.getEncoded(); return finished;
--- a/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java Wed Apr 06 08:27:01 2016 +0300 +++ b/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java Thu Apr 07 10:11:38 2016 +0100 @@ -67,7 +67,8 @@ ProtocolVersion maxVersion, SecureRandom generator, PublicKey publicKey) throws IOException { if (publicKey.getAlgorithm().equals("RSA") == false) { - throw new SSLKeyException("Public key not of type RSA"); + throw new SSLKeyException("Public key not of type RSA: " + + publicKey.getAlgorithm()); } this.protocolVersion = protocolVersion; @@ -98,7 +99,8 @@ int messageSize, PrivateKey privateKey) throws IOException { if (privateKey.getAlgorithm().equals("RSA") == false) { - throw new SSLKeyException("Private key not of type RSA"); + throw new SSLKeyException("Private key not of type RSA: " + + privateKey.getAlgorithm()); } if (currentVersion.v >= ProtocolVersion.TLS10.v) { @@ -159,8 +161,8 @@ } } catch (InvalidKeyException ibk) { // the message is too big to process with RSA - throw new SSLProtocolException( - "Unable to process PreMasterSecret, may be too big"); + throw new SSLException( + "Unable to process PreMasterSecret", ibk); } catch (Exception e) { // unlikely to happen, otherwise, must be a provider exception if (debug != null && Debug.isOn("handshake")) {