8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows jdk-13+25 jdk-14+0
authorweijun
Thu, 13 Jun 2019 23:53:21 +0800
changeset 55380 22b3b7983ada
parent 55379 865775b86780
child 55381 7c9151c7dc40
child 55406 d69faba543ec
8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows Reviewed-by: mullan
src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CSignature.java
test/jdk/sun/security/mscapi/NullKey.java
--- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CSignature.java	Thu Jun 13 15:24:34 2019 +0100
+++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CSignature.java	Thu Jun 13 23:53:21 2019 +0800
@@ -118,7 +118,9 @@
         // initialize for signing. See JCA doc
         @Override
         protected void engineInitSign(PrivateKey key) throws InvalidKeyException {
-
+            if (key == null) {
+                throw new InvalidKeyException("Key cannot be null");
+            }
             if ((key instanceof CPrivateKey) == false
                     || !key.getAlgorithm().equalsIgnoreCase("RSA")) {
                 throw new InvalidKeyException("Key type not supported: "
@@ -139,9 +141,13 @@
         // initialize for signing. See JCA doc
         @Override
         protected void engineInitVerify(PublicKey key) throws InvalidKeyException {
+            if (key == null) {
+                throw new InvalidKeyException("Key cannot be null");
+            }
             // This signature accepts only RSAPublicKey
             if ((key instanceof RSAPublicKey) == false) {
-                throw new InvalidKeyException("Key type not supported");
+                throw new InvalidKeyException("Key type not supported: "
+                        + key.getClass());
             }
 
 
@@ -427,9 +433,13 @@
         // initialize for signing. See JCA doc
         @Override
         protected void engineInitSign(PrivateKey key) throws InvalidKeyException {
+            if (key == null) {
+                throw new InvalidKeyException("Key cannot be null");
+            }
             if ((key instanceof CPrivateKey) == false
                     || !key.getAlgorithm().equalsIgnoreCase("EC")) {
-                throw new InvalidKeyException("Key type not supported");
+                throw new InvalidKeyException("Key type not supported: "
+                        + key.getClass() + " " + key.getAlgorithm());
             }
             privateKey = (CPrivateKey) key;
 
@@ -440,12 +450,15 @@
         // initialize for signing. See JCA doc
         @Override
         protected void engineInitVerify(PublicKey key) throws InvalidKeyException {
+            if (key == null) {
+                throw new InvalidKeyException("Key cannot be null");
+            }
             // This signature accepts only ECPublicKey
             if ((key instanceof ECPublicKey) == false) {
-                throw new InvalidKeyException("Key type not supported");
+                throw new InvalidKeyException("Key type not supported: "
+                        + key.getClass());
             }
 
-
             if ((key instanceof CPublicKey) == false) {
                 try {
                     publicKey = importECPublicKey("EC",
@@ -508,9 +521,13 @@
 
         @Override
         protected void engineInitVerify(PublicKey key) throws InvalidKeyException {
+            if (key == null) {
+                throw new InvalidKeyException("Key cannot be null");
+            }
             // This signature accepts only RSAPublicKey
             if ((key instanceof java.security.interfaces.RSAPublicKey) == false) {
-                throw new InvalidKeyException("Key type not supported");
+                throw new InvalidKeyException("Key type not supported: "
+                        + key.getClass());
             }
 
             this.privateKey = null;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/sun/security/mscapi/NullKey.java	Thu Jun 13 23:53:21 2019 +0800
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.util.List;
+
+/**
+ * @test
+ * @bug 8225180
+ * @requires os.family == "windows"
+ * @summary SunMSCAPI Signature should throw InvalidKeyException when
+ *          initialized with a null key
+ */
+
+public class NullKey {
+    public static void main(String[] args) throws Exception {
+        for (String alg : List.of(
+                "SHA256withRSA", "SHA256withECDSA", "RSASSA-PSS")) {
+            Signature sig = Signature.getInstance(alg, "SunMSCAPI");
+            try {
+                sig.initSign(null);
+            } catch (InvalidKeyException e) {
+                // Expected
+            }
+            try {
+                sig.initVerify((PublicKey)null);
+            } catch (InvalidKeyException e) {
+                // Expected
+            }
+        }
+    }
+}