8153531: Improve exception messaging for RSAClientKeyExchange
Reviewed-by: xuelei
--- a/jdk/src/java.base/share/classes/sun/security/ssl/HandshakeMessage.java Thu Apr 07 17:52:01 2016 +0900
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/HandshakeMessage.java Thu Apr 07 10:11:38 2016 +0100
@@ -1198,8 +1198,9 @@
if (!localSupportedSignAlgs.contains(
preferableSignatureAlgorithm)) {
throw new SSLHandshakeException(
- "Unsupported SignatureAndHashAlgorithm in " +
- "ServerKeyExchange message");
+ "Unsupported SignatureAndHashAlgorithm in " +
+ "ServerKeyExchange message: " +
+ preferableSignatureAlgorithm);
}
} else {
this.preferableSignatureAlgorithm = null;
@@ -1232,7 +1233,8 @@
sig = RSASignature.getInstance();
break;
default:
- throw new SSLKeyException("neither an RSA or a DSA key");
+ throw new SSLKeyException(
+ "neither an RSA or a DSA key: " + algorithm);
}
}
@@ -1482,7 +1484,8 @@
preferableSignatureAlgorithm)) {
throw new SSLHandshakeException(
"Unsupported SignatureAndHashAlgorithm in " +
- "ServerKeyExchange message");
+ "ServerKeyExchange message: " +
+ preferableSignatureAlgorithm);
}
}
@@ -1522,7 +1525,8 @@
case "RSA":
return RSASignature.getInstance();
default:
- throw new NoSuchAlgorithmException("neither an RSA or a EC key");
+ throw new NoSuchAlgorithmException(
+ "neither an RSA or a EC key : " + keyAlgorithm);
}
}
@@ -1729,7 +1733,8 @@
algorithmsLen = input.getInt16();
if (algorithmsLen < 2) {
throw new SSLProtocolException(
- "Invalid supported_signature_algorithms field");
+ "Invalid supported_signature_algorithms field: " +
+ algorithmsLen);
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
@@ -1748,7 +1753,8 @@
if (remains != 0) {
throw new SSLProtocolException(
- "Invalid supported_signature_algorithms field");
+ "Invalid supported_signature_algorithms field. remains: " +
+ remains);
}
} else {
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
@@ -1765,7 +1771,8 @@
}
if (len != 0) {
- throw new SSLProtocolException("Bad CertificateRequest DN length");
+ throw new SSLProtocolException(
+ "Bad CertificateRequest DN length: " + len);
}
authorities = v.toArray(new DistinguishedName[v.size()]);
@@ -1995,8 +2002,8 @@
if (!localSupportedSignAlgs.contains(
preferableSignatureAlgorithm)) {
throw new SSLHandshakeException(
- "Unsupported SignatureAndHashAlgorithm in " +
- "CertificateVerify message");
+ "Unsupported SignatureAndHashAlgorithm in " +
+ "CertificateVerify message: " + preferableSignatureAlgorithm);
}
}
@@ -2364,7 +2371,8 @@
SecretKey prfKey = kg.generateKey();
if ("RAW".equals(prfKey.getFormat()) == false) {
throw new ProviderException(
- "Invalid PRF output, format must be RAW");
+ "Invalid PRF output, format must be RAW. " +
+ "Format received: " + prfKey.getFormat());
}
byte[] finished = prfKey.getEncoded();
return finished;
--- a/jdk/src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java Thu Apr 07 17:52:01 2016 +0900
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java Thu Apr 07 10:11:38 2016 +0100
@@ -68,7 +68,8 @@
ProtocolVersion maxVersion,
SecureRandom generator, PublicKey publicKey) throws IOException {
if (publicKey.getAlgorithm().equals("RSA") == false) {
- throw new SSLKeyException("Public key not of type RSA");
+ throw new SSLKeyException("Public key not of type RSA: " +
+ publicKey.getAlgorithm());
}
this.protocolVersion = protocolVersion;
@@ -100,7 +101,8 @@
int messageSize, PrivateKey privateKey) throws IOException {
if (privateKey.getAlgorithm().equals("RSA") == false) {
- throw new SSLKeyException("Private key not of type RSA");
+ throw new SSLKeyException("Private key not of type RSA: " +
+ privateKey.getAlgorithm());
}
if (currentVersion.useTLS10PlusSpec()) {
@@ -161,8 +163,8 @@
}
} catch (InvalidKeyException ibk) {
// the message is too big to process with RSA
- throw new SSLProtocolException(
- "Unable to process PreMasterSecret, may be too big");
+ throw new SSLException(
+ "Unable to process PreMasterSecret", ibk);
} catch (Exception e) {
// unlikely to happen, otherwise, must be a provider exception
if (debug != null && Debug.isOn("handshake")) {