Mercurial > hg > release > icedtea7-forest-2.5 > jdk
changeset 8239:51dc195935a6
8042982: Unexpected RuntimeExceptions being thrown by SSLEngine
Reviewed-by: wetmore, xuelei
| author | robm |
|---|---|
| date | Tue, 05 Aug 2014 20:17:08 +0100 |
| parents | c49082e34ada |
| children | a0feab3bb26e |
| files | src/share/classes/sun/security/ssl/DHCrypt.java src/share/classes/sun/security/ssl/ECDHCrypt.java |
| diffstat | 2 files changed, 13 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/ssl/DHCrypt.java Mon Jul 06 19:54:15 2015 +0100 +++ b/src/share/classes/sun/security/ssl/DHCrypt.java Tue Aug 05 20:17:08 2014 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -188,7 +188,7 @@ * the same size as the Diffie-Hellman modulus. */ SecretKey getAgreedSecret(BigInteger peerPublicValue, - boolean keyIsValidated) throws IOException { + boolean keyIsValidated) throws SSLHandshakeException { try { KeyFactory kf = JsseJce.getKeyFactory("DiffieHellman"); DHPublicKeySpec spec = @@ -211,7 +211,8 @@ ka.doPhase(publicKey, true); return ka.generateSecret("TlsPremasterSecret"); } catch (GeneralSecurityException e) { - throw new RuntimeException("Could not generate secret", e); + throw (SSLHandshakeException) new SSLHandshakeException( + "Could not generate secret").initCause(e); } }
--- a/src/share/classes/sun/security/ssl/ECDHCrypt.java Mon Jul 06 19:54:15 2015 +0100 +++ b/src/share/classes/sun/security/ssl/ECDHCrypt.java Tue Aug 05 20:17:08 2014 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,7 @@ import javax.crypto.SecretKey; import javax.crypto.KeyAgreement; import javax.crypto.spec.*; +import javax.net.ssl.SSLHandshakeException; /** * Helper class for the ECDH key exchange. It generates the appropriate @@ -89,19 +90,20 @@ } // called by ClientHandshaker with either the server's static or ephemeral public key - SecretKey getAgreedSecret(PublicKey peerPublicKey) { + SecretKey getAgreedSecret(PublicKey peerPublicKey) throws SSLHandshakeException { try { KeyAgreement ka = JsseJce.getKeyAgreement("ECDH"); ka.init(privateKey); ka.doPhase(peerPublicKey, true); return ka.generateSecret("TlsPremasterSecret"); } catch (GeneralSecurityException e) { - throw new RuntimeException("Could not generate secret", e); + throw (SSLHandshakeException) new SSLHandshakeException( + "Could not generate secret").initCause(e); } } // called by ServerHandshaker - SecretKey getAgreedSecret(byte[] encodedPoint) { + SecretKey getAgreedSecret(byte[] encodedPoint) throws SSLHandshakeException { try { ECParameterSpec params = publicKey.getParams(); ECPoint point = JsseJce.decodePoint(encodedPoint, params.getCurve()); @@ -109,10 +111,9 @@ ECPublicKeySpec spec = new ECPublicKeySpec(point, params); PublicKey peerPublicKey = kf.generatePublic(spec); return getAgreedSecret(peerPublicKey); - } catch (GeneralSecurityException e) { - throw new RuntimeException("Could not generate secret", e); - } catch (java.io.IOException e) { - throw new RuntimeException("Could not generate secret", e); + } catch (GeneralSecurityException | java.io.IOException e) { + throw (SSLHandshakeException) new SSLHandshakeException( + "Could not generate secret").initCause(e); } }