Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails
authorvaleriep
Wed, 19 Dec 2018 02:27:44 +0000
changeset 53069 ba1a557b6ccd
parent 53068 7496df94b3b7
child 53070 fc10906d5831
8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails Summary: Changed SignatureUtil.specialSetParameter to ignore null signature parameters Reviewed-by: mullan, weijun
src/java.base/share/classes/sun/security/util/SignatureUtil.java file | annotate | diff | comparison | revisions
test/jdk/sun/security/util/misc/SetNullSigParams.java file | annotate | diff | comparison | revisions 
--- a/src/java.base/share/classes/sun/security/util/SignatureUtil.java	Tue Dec 18 16:36:26 2018 -0800
+++ b/src/java.base/share/classes/sun/security/util/SignatureUtil.java	Wed Dec 19 02:27:44 2018 +0000
@@ -28,8 +28,6 @@
 import java.io.IOException;
 import java.security.*;
 import java.security.spec.*;
-import sun.security.util.ObjectIdentifier;
-import sun.security.x509.AlgorithmId;
 import sun.security.rsa.RSAUtil;
 
 /**
@@ -86,13 +84,12 @@
     // specified Signature object as signature parameters.
     public static void specialSetParameter(Signature sig, byte[] paramBytes)
             throws InvalidAlgorithmParameterException, ProviderException {
-
-        AlgorithmParameters params = null;
         if (paramBytes != null) {
             String sigName = sig.getAlgorithm();
-            params = createAlgorithmParameters(sigName, paramBytes);
+            AlgorithmParameters params =
+                createAlgorithmParameters(sigName, paramBytes);
+            specialSetParameter(sig, params);
         }
-        specialSetParameter(sig, params);
     }
 
     // Special method for setting the specified AlgorithmParameter object
@@ -100,16 +97,9 @@
     public static void specialSetParameter(Signature sig,
             AlgorithmParameters params)
             throws InvalidAlgorithmParameterException, ProviderException {
-
-        String sigName = sig.getAlgorithm();
         if (params != null) {
+            String sigName = sig.getAlgorithm();
             sig.setParameter(getParamSpec(sigName, params));
-        } else {
-            try {
-                sig.setParameter(null);
-            } catch (UnsupportedOperationException e) {
-                // ignore for maintaining backward compatibility
-            }
         }
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/sun/security/util/misc/SetNullSigParams.java	Wed Dec 19 02:27:44 2018 +0000
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8214096
+ * @summary Make sure SignatureUtil can accept null algorithm parameters
+ * @modules java.base/sun.security.util
+ */
+import java.security.*;
+import java.security.spec.AlgorithmParameterSpec;
+import sun.security.util.SignatureUtil;
+
+public class SetNullSigParams {
+
+    public static void main(String[] args) throws Exception {
+        Signature sig = new SpecialSigImpl();
+        SignatureUtil.specialSetParameter(sig, (byte[]) null);
+        SignatureUtil.specialSetParameter(sig, (AlgorithmParameters) null);
+    }
+
+    // Sample Signature impl class which simulates 3rd party provider behavior
+    // and throws NPE when given null algorithm parameters
+    // For max backward-compatibility, sun.security.util.SignatureUtil class
+    // now calls setParameter() only when algorithm parameters is non-null
+    private static class SpecialSigImpl extends Signature {
+        SpecialSigImpl() {
+            super("ANY");
+        }
+        @Override
+        protected void engineInitVerify(PublicKey publicKey)
+                throws InvalidKeyException {}
+        @Override
+        protected void engineInitSign(PrivateKey privateKey)
+                throws InvalidKeyException {}
+        @Override
+        protected void engineUpdate(byte b) throws SignatureException {}
+        @Override
+        protected void engineUpdate(byte[] b, int off, int len)
+                throws SignatureException {}
+        @Override
+        protected byte[] engineSign() throws SignatureException { return null; }
+        @Override
+        protected boolean engineVerify(byte[] sigBytes)
+                throws SignatureException { return false; }
+        @Override
+        protected void engineSetParameter(String param, Object value)
+                throws InvalidParameterException {}
+        @Override
+        protected void engineSetParameter(AlgorithmParameterSpec params)
+                throws InvalidAlgorithmParameterException {
+            if (params == null) throw new NullPointerException("Test Failed");
+        }
+        @Override
+        protected Object engineGetParameter(String param)
+                throws InvalidParameterException { return null; }
+    }
+}
jdk-sandbox