7171982: Cipher getParameters() throws RuntimeException: Cannot find SunJCE provider
Reviewed-by: vinnie, wetmore
Contributed-by: Tony Scarpino <anthony.scarpino@oracle.com>
--- a/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java Thu Apr 11 17:57:08 2013 +0100
@@ -426,17 +426,13 @@
}
}
try {
- params = AlgorithmParameters.getInstance(algName, "SunJCE");
+ params = AlgorithmParameters.getInstance(algName,
+ SunJCE.getInstance());
+ params.init(spec);
} catch (NoSuchAlgorithmException nsae) {
// should never happen
throw new RuntimeException("Cannot find " + algName +
" AlgorithmParameters implementation in SunJCE provider");
- } catch (NoSuchProviderException nspe) {
- // should never happen
- throw new RuntimeException("Cannot find SunJCE provider");
- }
- try {
- params.init(spec);
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException(spec.getClass() + " not supported");
--- a/jdk/src/share/classes/com/sun/crypto/provider/CipherWithWrappingSpi.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherWithWrappingSpi.java Thu Apr 11 17:57:08 2013 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -169,7 +169,8 @@
try {
KeyFactory keyFactory =
- KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE");
+ KeyFactory.getInstance(encodedKeyAlgorithm,
+ SunJCE.getInstance());
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
key = keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException nsae) {
@@ -191,8 +192,6 @@
}
} catch (InvalidKeySpecException ikse) {
// Should never happen.
- } catch (NoSuchProviderException nspe) {
- // Should never happen.
}
return key;
@@ -215,7 +214,8 @@
try {
KeyFactory keyFactory =
- KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE");
+ KeyFactory.getInstance(encodedKeyAlgorithm,
+ SunJCE.getInstance());
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
return keyFactory.generatePrivate(keySpec);
} catch (NoSuchAlgorithmException nsae) {
@@ -237,8 +237,6 @@
}
} catch (InvalidKeySpecException ikse) {
// Should never happen.
- } catch (NoSuchProviderException nspe) {
- // Should never happen.
}
return key;
--- a/jdk/src/share/classes/com/sun/crypto/provider/ConstructKeys.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/ConstructKeys.java Thu Apr 11 17:57:08 2013 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -30,7 +30,6 @@
import java.security.PrivateKey;
import java.security.KeyFactory;
import java.security.InvalidKeyException;
-import java.security.NoSuchProviderException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
@@ -66,7 +65,8 @@
try {
KeyFactory keyFactory =
- KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE");
+ KeyFactory.getInstance(encodedKeyAlgorithm,
+ SunJCE.getInstance());
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
key = keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException nsae) {
@@ -94,8 +94,6 @@
new InvalidKeyException("Cannot construct public key");
ike.initCause(ikse);
throw ike;
- } catch (NoSuchProviderException nspe) {
- // Should never happen.
}
return key;
@@ -118,7 +116,8 @@
try {
KeyFactory keyFactory =
- KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE");
+ KeyFactory.getInstance(encodedKeyAlgorithm,
+ SunJCE.getInstance());
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
return keyFactory.generatePrivate(keySpec);
} catch (NoSuchAlgorithmException nsae) {
@@ -146,8 +145,6 @@
new InvalidKeyException("Cannot construct private key");
ike.initCause(ikse);
throw ike;
- } catch (NoSuchProviderException nspe) {
- // Should never happen.
}
return key;
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Thu Apr 11 17:57:08 2013 +0100
@@ -389,17 +389,13 @@
if (iv != null) {
String algo = cipherKey.getAlgorithm();
try {
- params = AlgorithmParameters.getInstance(algo, "SunJCE");
+ params = AlgorithmParameters.getInstance(algo,
+ SunJCE.getInstance());
+ params.init(new IvParameterSpec(iv));
} catch (NoSuchAlgorithmException nsae) {
// should never happen
throw new RuntimeException("Cannot find " + algo +
" AlgorithmParameters implementation in SunJCE provider");
- } catch (NoSuchProviderException nspe) {
- // should never happen
- throw new RuntimeException("Cannot find SunJCE provider");
- }
- try {
- params.init(new IvParameterSpec(iv));
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException("IvParameterSpec not supported");
--- a/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java Thu Apr 11 17:57:08 2013 +0100
@@ -151,7 +151,8 @@
dhParamSpec = new DHParameterSpec(dsaParamSpec.getP(),
dsaParamSpec.getG());
}
- algParams = AlgorithmParameters.getInstance("DH", "SunJCE");
+ algParams = AlgorithmParameters.getInstance("DH",
+ SunJCE.getInstance());
algParams.init(dhParamSpec);
} catch (InvalidParameterSpecException e) {
// this should never happen
@@ -159,11 +160,7 @@
} catch (NoSuchAlgorithmException e) {
// this should never happen, because we provide it
throw new RuntimeException(e.getMessage());
- } catch (NoSuchProviderException e) {
- // this should never happen, because we provide it
- throw new RuntimeException(e.getMessage());
}
-
return algParams;
}
}
--- a/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java Thu Apr 11 17:57:08 2013 +0100
@@ -81,8 +81,6 @@
// key protector
private char[] password;
- private static final Provider PROV = Security.getProvider("SunJCE");
-
KeyProtector(char[] password) {
if (password == null) {
throw new IllegalArgumentException("password can't be null");
@@ -119,7 +117,7 @@
// wrap encrypted private key in EncryptedPrivateKeyInfo
// (as defined in PKCS#8)
AlgorithmParameters pbeParams =
- AlgorithmParameters.getInstance("PBE", PROV);
+ AlgorithmParameters.getInstance("PBE", SunJCE.getInstance());
pbeParams.init(pbeSpec);
AlgorithmId encrAlg = new AlgorithmId
@@ -299,7 +297,7 @@
PBEWithMD5AndTripleDESCipher cipherSpi;
cipherSpi = new PBEWithMD5AndTripleDESCipher();
- cipher = new CipherForKeyProtector(cipherSpi, PROV,
+ cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(),
"PBEWithMD5AndTripleDES");
cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec);
return new SealedObjectForKeyProtector(key, cipher);
@@ -330,8 +328,9 @@
}
PBEWithMD5AndTripleDESCipher cipherSpi;
cipherSpi = new PBEWithMD5AndTripleDESCipher();
- Cipher cipher = new CipherForKeyProtector(cipherSpi, PROV,
- "PBEWithMD5AndTripleDES");
+ Cipher cipher = new CipherForKeyProtector(cipherSpi,
+ SunJCE.getInstance(),
+ "PBEWithMD5AndTripleDES");
cipher.init(Cipher.DECRYPT_MODE, skey, params);
return (Key)soForKeyProtector.getObject(cipher);
} catch (NoSuchAlgorithmException ex) {
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java Thu Apr 11 17:57:08 2013 +0100
@@ -169,16 +169,12 @@
PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount);
try {
params = AlgorithmParameters.getInstance("PBEWithMD5And" +
- (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"), "SunJCE");
+ (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"),
+ SunJCE.getInstance());
+ params.init(pbeSpec);
} catch (NoSuchAlgorithmException nsae) {
// should never happen
throw new RuntimeException("SunJCE called, but not configured");
- } catch (NoSuchProviderException nspe) {
- // should never happen
- throw new RuntimeException("SunJCE called, but not configured");
- }
- try {
- params.init(pbeSpec);
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException("PBEParameterSpec not supported");
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBES1Core.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/PBES1Core.java Thu Apr 11 17:57:08 2013 +0100
@@ -169,16 +169,12 @@
PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount);
try {
params = AlgorithmParameters.getInstance("PBEWithMD5And" +
- (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"), "SunJCE");
+ (algo.equalsIgnoreCase("DES")? "DES":"TripleDES"),
+ SunJCE.getInstance());
+ params.init(pbeSpec);
} catch (NoSuchAlgorithmException nsae) {
// should never happen
throw new RuntimeException("SunJCE called, but not configured");
- } catch (NoSuchProviderException nspe) {
- // should never happen
- throw new RuntimeException("SunJCE called, but not configured");
- }
- try {
- params.init(pbeSpec);
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException("PBEParameterSpec not supported");
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBES2Core.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/PBES2Core.java Thu Apr 11 17:57:08 2013 +0100
@@ -25,11 +25,9 @@
package com.sun.crypto.provider;
-import java.io.UnsupportedEncodingException;
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
-import javax.crypto.interfaces.*;
import javax.crypto.spec.*;
/**
@@ -145,16 +143,12 @@
}
PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount, ivSpec);
try {
- params = AlgorithmParameters.getInstance(pbeAlgo, "SunJCE");
+ params = AlgorithmParameters.getInstance(pbeAlgo,
+ SunJCE.getInstance());
+ params.init(pbeSpec);
} catch (NoSuchAlgorithmException nsae) {
// should never happen
throw new RuntimeException("SunJCE called, but not configured");
- } catch (NoSuchProviderException nspe) {
- // should never happen
- throw new RuntimeException("SunJCE called, but not configured");
- }
- try {
- params.init(pbeSpec);
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException("PBEParameterSpec not supported");
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Thu Apr 11 17:57:08 2013 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -33,7 +33,6 @@
import java.security.KeyRep;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
@@ -106,17 +105,12 @@
throw new InvalidKeySpecException("Key length is negative");
}
try {
- this.prf = Mac.getInstance(prfAlgo, "SunJCE");
+ this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
- } catch (NoSuchProviderException nspe) {
- // Again, not gonna happen; re-throw just in case
- InvalidKeySpecException ike = new InvalidKeySpecException();
- ike.initCause(nspe);
- throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}
--- a/jdk/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Thu Apr 11 17:57:08 2013 +0100
@@ -25,7 +25,6 @@
package com.sun.crypto.provider;
-import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.*;
import java.security.spec.*;
@@ -232,14 +231,13 @@
}
PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount);
try {
- params = AlgorithmParameters.getInstance(pbeAlgo, "SunJCE");
- } catch (GeneralSecurityException gse) {
+ params = AlgorithmParameters.getInstance(pbeAlgo,
+ SunJCE.getInstance());
+ params.init(pbeSpec);
+ } catch (NoSuchAlgorithmException nsae) {
// should never happen
throw new RuntimeException(
"SunJCE provider is not configured properly");
- }
- try {
- params.init(pbeSpec);
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException("PBEParameterSpec not supported");
--- a/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java Thu Apr 11 17:57:08 2013 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -178,16 +178,14 @@
if (spec != null) {
try {
AlgorithmParameters params =
- AlgorithmParameters.getInstance("OAEP", "SunJCE");
+ AlgorithmParameters.getInstance("OAEP",
+ SunJCE.getInstance());
params.init(spec);
return params;
} catch (NoSuchAlgorithmException nsae) {
// should never happen
throw new RuntimeException("Cannot find OAEP " +
" AlgorithmParameters implementation in SunJCE provider");
- } catch (NoSuchProviderException nspe) {
- // should never happen
- throw new RuntimeException("Cannot find SunJCE provider");
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException("OAEPParameterSpec not supported");
--- a/jdk/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java Thu Apr 11 17:57:08 2013 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -46,14 +46,15 @@
AlgorithmParameters params = null;
if (super.encodedParams != null) {
try {
- params = AlgorithmParameters.getInstance("PBE", "SunJCE");
+ params = AlgorithmParameters.getInstance("PBE",
+ SunJCE.getInstance());
params.init(super.encodedParams);
- } catch (NoSuchProviderException nspe) {
- // eat.
} catch (NoSuchAlgorithmException nsae) {
- //eat.
- } catch (IOException ioe) {
- //eat.
+ throw new RuntimeException(
+ "SunJCE provider is not configured properly");
+ } catch (IOException io) {
+ throw new RuntimeException("Parameter failure: "+
+ io.getMessage());
}
}
return params;
--- a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Thu Apr 11 12:22:23 2013 +0900
+++ b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Thu Apr 11 17:57:08 2013 +0100
@@ -91,6 +91,10 @@
/* Are we debugging? -- for developers */
static final boolean debug = false;
+ // Instance of this provider, so we don't have to call the provider list
+ // to find ourselves or run the risk of not being in the list.
+ private static volatile SunJCE instance = null;
+
// lazy initialize SecureRandom to avoid potential recursion if Sun
// provider has not been installed yet
private static class SecureRandomHolder {
@@ -770,5 +774,17 @@
return null;
}
});
+
+ if (instance == null) {
+ instance = this;
+ }
+ }
+
+ // Return the instance of this class or create one if needed.
+ static SunJCE getInstance() {
+ if (instance == null) {
+ return new SunJCE();
+ }
+ return instance;
}
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/UTIL/SunJCEGetInstance.java Thu Apr 11 17:57:08 2013 +0100
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7171982
+ * @summary Test that SunJCE.getInstance() is retrieving a provider when
+ * SunJCE has been removed from the provider list.
+ */
+
+import java.security.Security;
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+
+
+public class SunJCEGetInstance {
+ public static void main(String[] args) throws Exception {
+ Cipher jce;
+
+ try{
+ // Remove SunJCE from Provider list
+ Security.removeProvider("SunJCE");
+
+ // Create our own instance of SunJCE provider. Purposefully not
+ // using SunJCE.getInstance() so we can have our own instance
+ // for the test.
+ jce = Cipher.getInstance("AES/CBC/PKCS5Padding",
+ new com.sun.crypto.provider.SunJCE());
+
+ jce.init(Cipher.ENCRYPT_MODE,
+ new SecretKeySpec("1234567890abcedf".getBytes(), "AES"));
+ jce.doFinal("PlainText".getBytes());
+ } catch (Exception e) {
+ System.err.println("Setup failure: ");
+ throw e;
+ }
+
+ // Get parameters which will call SunJCE.getInstance(). Failure
+ // would occur on this line.
+ try {
+ jce.getParameters().getEncoded();
+
+ } catch (Exception e) {
+ System.err.println("Test Failure");
+ throw e;
+ }
+ System.out.println("Passed");
+ }
+}