# HG changeset patch # User vinnie # Date 1365699428 -3600 # Node ID 78a1749a43e225721981272377b6e4064edca07a # Parent f6f6c2182678a138795d41708dd366a1f4e60e04 7171982: Cipher getParameters() throws RuntimeException: Cannot find SunJCE provider Reviewed-by: vinnie, wetmore Contributed-by: Tony Scarpino diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java --- a/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java Thu Apr 11 17:57:08 2013 +0100 @@ -426,17 +426,13 @@ } } try { - params = AlgorithmParameters.getInstance(algName, "SunJCE"); + params = AlgorithmParameters.getInstance(algName, + SunJCE.getInstance()); + params.init(spec); } catch (NoSuchAlgorithmException nsae) { // should never happen throw new RuntimeException("Cannot find " + algName + " AlgorithmParameters implementation in SunJCE provider"); - } catch (NoSuchProviderException nspe) { - // should never happen - throw new RuntimeException("Cannot find SunJCE provider"); - } - try { - params.init(spec); } catch (InvalidParameterSpecException ipse) { // should never happen throw new RuntimeException(spec.getClass() + " not supported"); diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/CipherWithWrappingSpi.java --- a/jdk/src/share/classes/com/sun/crypto/provider/CipherWithWrappingSpi.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherWithWrappingSpi.java Thu Apr 11 17:57:08 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -169,7 +169,8 @@ try { KeyFactory keyFactory = - KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE"); + KeyFactory.getInstance(encodedKeyAlgorithm, + SunJCE.getInstance()); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey); key = keyFactory.generatePublic(keySpec); } catch (NoSuchAlgorithmException nsae) { @@ -191,8 +192,6 @@ } } catch (InvalidKeySpecException ikse) { // Should never happen. - } catch (NoSuchProviderException nspe) { - // Should never happen. } return key; @@ -215,7 +214,8 @@ try { KeyFactory keyFactory = - KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE"); + KeyFactory.getInstance(encodedKeyAlgorithm, + SunJCE.getInstance()); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey); return keyFactory.generatePrivate(keySpec); } catch (NoSuchAlgorithmException nsae) { @@ -237,8 +237,6 @@ } } catch (InvalidKeySpecException ikse) { // Should never happen. - } catch (NoSuchProviderException nspe) { - // Should never happen. } return key; diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/ConstructKeys.java --- a/jdk/src/share/classes/com/sun/crypto/provider/ConstructKeys.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/ConstructKeys.java Thu Apr 11 17:57:08 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,7 +30,6 @@ import java.security.PrivateKey; import java.security.KeyFactory; import java.security.InvalidKeyException; -import java.security.NoSuchProviderException; import java.security.NoSuchAlgorithmException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; @@ -66,7 +65,8 @@ try { KeyFactory keyFactory = - KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE"); + KeyFactory.getInstance(encodedKeyAlgorithm, + SunJCE.getInstance()); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey); key = keyFactory.generatePublic(keySpec); } catch (NoSuchAlgorithmException nsae) { @@ -94,8 +94,6 @@ new InvalidKeyException("Cannot construct public key"); ike.initCause(ikse); throw ike; - } catch (NoSuchProviderException nspe) { - // Should never happen. } return key; @@ -118,7 +116,8 @@ try { KeyFactory keyFactory = - KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE"); + KeyFactory.getInstance(encodedKeyAlgorithm, + SunJCE.getInstance()); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey); return keyFactory.generatePrivate(keySpec); } catch (NoSuchAlgorithmException nsae) { @@ -146,8 +145,6 @@ new InvalidKeyException("Cannot construct private key"); ike.initCause(ikse); throw ike; - } catch (NoSuchProviderException nspe) { - // Should never happen. } return key; diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java --- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Thu Apr 11 17:57:08 2013 +0100 @@ -389,17 +389,13 @@ if (iv != null) { String algo = cipherKey.getAlgorithm(); try { - params = AlgorithmParameters.getInstance(algo, "SunJCE"); + params = AlgorithmParameters.getInstance(algo, + SunJCE.getInstance()); + params.init(new IvParameterSpec(iv)); } catch (NoSuchAlgorithmException nsae) { // should never happen throw new RuntimeException("Cannot find " + algo + " AlgorithmParameters implementation in SunJCE provider"); - } catch (NoSuchProviderException nspe) { - // should never happen - throw new RuntimeException("Cannot find SunJCE provider"); - } - try { - params.init(new IvParameterSpec(iv)); } catch (InvalidParameterSpecException ipse) { // should never happen throw new RuntimeException("IvParameterSpec not supported"); diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java --- a/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java Thu Apr 11 17:57:08 2013 +0100 @@ -151,7 +151,8 @@ dhParamSpec = new DHParameterSpec(dsaParamSpec.getP(), dsaParamSpec.getG()); } - algParams = AlgorithmParameters.getInstance("DH", "SunJCE"); + algParams = AlgorithmParameters.getInstance("DH", + SunJCE.getInstance()); algParams.init(dhParamSpec); } catch (InvalidParameterSpecException e) { // this should never happen @@ -159,11 +160,7 @@ } catch (NoSuchAlgorithmException e) { // this should never happen, because we provide it throw new RuntimeException(e.getMessage()); - } catch (NoSuchProviderException e) { - // this should never happen, because we provide it - throw new RuntimeException(e.getMessage()); } - return algParams; } } diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java --- a/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java Thu Apr 11 17:57:08 2013 +0100 @@ -81,8 +81,6 @@ // key protector private char[] password; - private static final Provider PROV = Security.getProvider("SunJCE"); - KeyProtector(char[] password) { if (password == null) { throw new IllegalArgumentException("password can't be null"); @@ -119,7 +117,7 @@ // wrap encrypted private key in EncryptedPrivateKeyInfo // (as defined in PKCS#8) AlgorithmParameters pbeParams = - AlgorithmParameters.getInstance("PBE", PROV); + AlgorithmParameters.getInstance("PBE", SunJCE.getInstance()); pbeParams.init(pbeSpec); AlgorithmId encrAlg = new AlgorithmId @@ -299,7 +297,7 @@ PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); - cipher = new CipherForKeyProtector(cipherSpi, PROV, + cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); @@ -330,8 +328,9 @@ } PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); - Cipher cipher = new CipherForKeyProtector(cipherSpi, PROV, - "PBEWithMD5AndTripleDES"); + Cipher cipher = new CipherForKeyProtector(cipherSpi, + SunJCE.getInstance(), + "PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, skey, params); return (Key)soForKeyProtector.getObject(cipher); } catch (NoSuchAlgorithmException ex) { diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java --- a/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java Thu Apr 11 17:57:08 2013 +0100 @@ -169,16 +169,12 @@ PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount); try { params = AlgorithmParameters.getInstance("PBEWithMD5And" + - (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"), "SunJCE"); + (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"), + SunJCE.getInstance()); + params.init(pbeSpec); } catch (NoSuchAlgorithmException nsae) { // should never happen throw new RuntimeException("SunJCE called, but not configured"); - } catch (NoSuchProviderException nspe) { - // should never happen - throw new RuntimeException("SunJCE called, but not configured"); - } - try { - params.init(pbeSpec); } catch (InvalidParameterSpecException ipse) { // should never happen throw new RuntimeException("PBEParameterSpec not supported"); diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/PBES1Core.java --- a/jdk/src/share/classes/com/sun/crypto/provider/PBES1Core.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBES1Core.java Thu Apr 11 17:57:08 2013 +0100 @@ -169,16 +169,12 @@ PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount); try { params = AlgorithmParameters.getInstance("PBEWithMD5And" + - (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"), "SunJCE"); + (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"), + SunJCE.getInstance()); + params.init(pbeSpec); } catch (NoSuchAlgorithmException nsae) { // should never happen throw new RuntimeException("SunJCE called, but not configured"); - } catch (NoSuchProviderException nspe) { - // should never happen - throw new RuntimeException("SunJCE called, but not configured"); - } - try { - params.init(pbeSpec); } catch (InvalidParameterSpecException ipse) { // should never happen throw new RuntimeException("PBEParameterSpec not supported"); diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/PBES2Core.java --- a/jdk/src/share/classes/com/sun/crypto/provider/PBES2Core.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBES2Core.java Thu Apr 11 17:57:08 2013 +0100 @@ -25,11 +25,9 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.security.*; import java.security.spec.*; import javax.crypto.*; -import javax.crypto.interfaces.*; import javax.crypto.spec.*; /** @@ -145,16 +143,12 @@ } PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount, ivSpec); try { - params = AlgorithmParameters.getInstance(pbeAlgo, "SunJCE"); + params = AlgorithmParameters.getInstance(pbeAlgo, + SunJCE.getInstance()); + params.init(pbeSpec); } catch (NoSuchAlgorithmException nsae) { // should never happen throw new RuntimeException("SunJCE called, but not configured"); - } catch (NoSuchProviderException nspe) { - // should never happen - throw new RuntimeException("SunJCE called, but not configured"); - } - try { - params.init(pbeSpec); } catch (InvalidParameterSpecException ipse) { // should never happen throw new RuntimeException("PBEParameterSpec not supported"); diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java --- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Thu Apr 11 17:57:08 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -33,7 +33,6 @@ import java.security.KeyRep; import java.security.GeneralSecurityException; import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; import java.security.spec.InvalidKeySpecException; import javax.crypto.Mac; import javax.crypto.SecretKey; @@ -106,17 +105,12 @@ throw new InvalidKeySpecException("Key length is negative"); } try { - this.prf = Mac.getInstance(prfAlgo, "SunJCE"); + this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; - } catch (NoSuchProviderException nspe) { - // Again, not gonna happen; re-throw just in case - InvalidKeySpecException ike = new InvalidKeySpecException(); - ike.initCause(nspe); - throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); } diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java --- a/jdk/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Thu Apr 11 17:57:08 2013 +0100 @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.security.*; import java.security.spec.*; @@ -232,14 +231,13 @@ } PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount); try { - params = AlgorithmParameters.getInstance(pbeAlgo, "SunJCE"); - } catch (GeneralSecurityException gse) { + params = AlgorithmParameters.getInstance(pbeAlgo, + SunJCE.getInstance()); + params.init(pbeSpec); + } catch (NoSuchAlgorithmException nsae) { // should never happen throw new RuntimeException( "SunJCE provider is not configured properly"); - } - try { - params.init(pbeSpec); } catch (InvalidParameterSpecException ipse) { // should never happen throw new RuntimeException("PBEParameterSpec not supported"); diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java --- a/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java Thu Apr 11 17:57:08 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -178,16 +178,14 @@ if (spec != null) { try { AlgorithmParameters params = - AlgorithmParameters.getInstance("OAEP", "SunJCE"); + AlgorithmParameters.getInstance("OAEP", + SunJCE.getInstance()); params.init(spec); return params; } catch (NoSuchAlgorithmException nsae) { // should never happen throw new RuntimeException("Cannot find OAEP " + " AlgorithmParameters implementation in SunJCE provider"); - } catch (NoSuchProviderException nspe) { - // should never happen - throw new RuntimeException("Cannot find SunJCE provider"); } catch (InvalidParameterSpecException ipse) { // should never happen throw new RuntimeException("OAEPParameterSpec not supported"); diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java --- a/jdk/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java Thu Apr 11 17:57:08 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -46,14 +46,15 @@ AlgorithmParameters params = null; if (super.encodedParams != null) { try { - params = AlgorithmParameters.getInstance("PBE", "SunJCE"); + params = AlgorithmParameters.getInstance("PBE", + SunJCE.getInstance()); params.init(super.encodedParams); - } catch (NoSuchProviderException nspe) { - // eat. } catch (NoSuchAlgorithmException nsae) { - //eat. - } catch (IOException ioe) { - //eat. + throw new RuntimeException( + "SunJCE provider is not configured properly"); + } catch (IOException io) { + throw new RuntimeException("Parameter failure: "+ + io.getMessage()); } } return params; diff -r f6f6c2182678 -r 78a1749a43e2 jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java --- a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Thu Apr 11 12:22:23 2013 +0900 +++ b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Thu Apr 11 17:57:08 2013 +0100 @@ -91,6 +91,10 @@ /* Are we debugging? -- for developers */ static final boolean debug = false; + // Instance of this provider, so we don't have to call the provider list + // to find ourselves or run the risk of not being in the list. + private static volatile SunJCE instance = null; + // lazy initialize SecureRandom to avoid potential recursion if Sun // provider has not been installed yet private static class SecureRandomHolder { @@ -770,5 +774,17 @@ return null; } }); + + if (instance == null) { + instance = this; + } + } + + // Return the instance of this class or create one if needed. + static SunJCE getInstance() { + if (instance == null) { + return new SunJCE(); + } + return instance; } } diff -r f6f6c2182678 -r 78a1749a43e2 jdk/test/com/sun/crypto/provider/Cipher/UTIL/SunJCEGetInstance.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/com/sun/crypto/provider/Cipher/UTIL/SunJCEGetInstance.java Thu Apr 11 17:57:08 2013 +0100 @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 7171982 + * @summary Test that SunJCE.getInstance() is retrieving a provider when + * SunJCE has been removed from the provider list. + */ + +import java.security.Security; +import javax.crypto.Cipher; +import javax.crypto.spec.SecretKeySpec; + + +public class SunJCEGetInstance { + public static void main(String[] args) throws Exception { + Cipher jce; + + try{ + // Remove SunJCE from Provider list + Security.removeProvider("SunJCE"); + + // Create our own instance of SunJCE provider. Purposefully not + // using SunJCE.getInstance() so we can have our own instance + // for the test. + jce = Cipher.getInstance("AES/CBC/PKCS5Padding", + new com.sun.crypto.provider.SunJCE()); + + jce.init(Cipher.ENCRYPT_MODE, + new SecretKeySpec("1234567890abcedf".getBytes(), "AES")); + jce.doFinal("PlainText".getBytes()); + } catch (Exception e) { + System.err.println("Setup failure: "); + throw e; + } + + // Get parameters which will call SunJCE.getInstance(). Failure + // would occur on this line. + try { + jce.getParameters().getEncoded(); + + } catch (Exception e) { + System.err.println("Test Failure"); + throw e; + } + System.out.println("Passed"); + } +}