8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows
Reviewed-by: mullan
--- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CSignature.java Thu Jun 13 15:24:34 2019 +0100
+++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CSignature.java Thu Jun 13 23:53:21 2019 +0800
@@ -118,7 +118,9 @@
// initialize for signing. See JCA doc
@Override
protected void engineInitSign(PrivateKey key) throws InvalidKeyException {
-
+ if (key == null) {
+ throw new InvalidKeyException("Key cannot be null");
+ }
if ((key instanceof CPrivateKey) == false
|| !key.getAlgorithm().equalsIgnoreCase("RSA")) {
throw new InvalidKeyException("Key type not supported: "
@@ -139,9 +141,13 @@
// initialize for signing. See JCA doc
@Override
protected void engineInitVerify(PublicKey key) throws InvalidKeyException {
+ if (key == null) {
+ throw new InvalidKeyException("Key cannot be null");
+ }
// This signature accepts only RSAPublicKey
if ((key instanceof RSAPublicKey) == false) {
- throw new InvalidKeyException("Key type not supported");
+ throw new InvalidKeyException("Key type not supported: "
+ + key.getClass());
}
@@ -427,9 +433,13 @@
// initialize for signing. See JCA doc
@Override
protected void engineInitSign(PrivateKey key) throws InvalidKeyException {
+ if (key == null) {
+ throw new InvalidKeyException("Key cannot be null");
+ }
if ((key instanceof CPrivateKey) == false
|| !key.getAlgorithm().equalsIgnoreCase("EC")) {
- throw new InvalidKeyException("Key type not supported");
+ throw new InvalidKeyException("Key type not supported: "
+ + key.getClass() + " " + key.getAlgorithm());
}
privateKey = (CPrivateKey) key;
@@ -440,12 +450,15 @@
// initialize for signing. See JCA doc
@Override
protected void engineInitVerify(PublicKey key) throws InvalidKeyException {
+ if (key == null) {
+ throw new InvalidKeyException("Key cannot be null");
+ }
// This signature accepts only ECPublicKey
if ((key instanceof ECPublicKey) == false) {
- throw new InvalidKeyException("Key type not supported");
+ throw new InvalidKeyException("Key type not supported: "
+ + key.getClass());
}
-
if ((key instanceof CPublicKey) == false) {
try {
publicKey = importECPublicKey("EC",
@@ -508,9 +521,13 @@
@Override
protected void engineInitVerify(PublicKey key) throws InvalidKeyException {
+ if (key == null) {
+ throw new InvalidKeyException("Key cannot be null");
+ }
// This signature accepts only RSAPublicKey
if ((key instanceof java.security.interfaces.RSAPublicKey) == false) {
- throw new InvalidKeyException("Key type not supported");
+ throw new InvalidKeyException("Key type not supported: "
+ + key.getClass());
}
this.privateKey = null;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/sun/security/mscapi/NullKey.java Thu Jun 13 23:53:21 2019 +0800
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.util.List;
+
+/**
+ * @test
+ * @bug 8225180
+ * @requires os.family == "windows"
+ * @summary SunMSCAPI Signature should throw InvalidKeyException when
+ * initialized with a null key
+ */
+
+public class NullKey {
+ public static void main(String[] args) throws Exception {
+ for (String alg : List.of(
+ "SHA256withRSA", "SHA256withECDSA", "RSASSA-PSS")) {
+ Signature sig = Signature.getInstance(alg, "SunMSCAPI");
+ try {
+ sig.initSign(null);
+ } catch (InvalidKeyException e) {
+ // Expected
+ }
+ try {
+ sig.initVerify((PublicKey)null);
+ } catch (InvalidKeyException e) {
+ // Expected
+ }
+ }
+ }
+}