From a44ced8aaf94e95a47a815a33470aaa25b175c7c Mon Sep 17 00:00:00 2001 From: robm Date: Fri, 1 Aug 2014 19:44:52 +0100 Subject: [PATCH] 8042982: Unexpected RuntimeExceptions being thrown by SSLEngine Reviewed-by: wetmore, xuelei --- src/share/classes/sun/security/ssl/DHCrypt.java | 7 ++++--- .../classes/sun/security/ssl/ECDHCrypt.java | 17 +++++++++-------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/src/share/classes/sun/security/ssl/DHCrypt.java b/src/share/classes/sun/security/ssl/DHCrypt.java index ae9118f4b..6deae7e26 100644 --- a/src/share/classes/sun/security/ssl/DHCrypt.java +++ b/src/share/classes/sun/security/ssl/DHCrypt.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -188,7 +188,7 @@ final class DHCrypt { * the same size as the Diffie-Hellman modulus. */ SecretKey getAgreedSecret(BigInteger peerPublicValue, - boolean keyIsValidated) throws IOException { + boolean keyIsValidated) throws SSLHandshakeException { try { KeyFactory kf = JsseJce.getKeyFactory("DiffieHellman"); DHPublicKeySpec spec = @@ -211,7 +211,8 @@ final class DHCrypt { ka.doPhase(publicKey, true); return ka.generateSecret("TlsPremasterSecret"); } catch (GeneralSecurityException e) { - throw new RuntimeException("Could not generate secret", e); + throw (SSLHandshakeException) new SSLHandshakeException( + "Could not generate secret").initCause(e); } } diff --git a/src/share/classes/sun/security/ssl/ECDHCrypt.java b/src/share/classes/sun/security/ssl/ECDHCrypt.java index df52bc594..c1ce4e93c 100644 --- a/src/share/classes/sun/security/ssl/ECDHCrypt.java +++ b/src/share/classes/sun/security/ssl/ECDHCrypt.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,6 +31,7 @@ import java.security.spec.*; import javax.crypto.SecretKey; import javax.crypto.KeyAgreement; +import javax.net.ssl.SSLHandshakeException; /** * Helper class for the ECDH key exchange. It generates the appropriate @@ -88,19 +89,20 @@ final class ECDHCrypt { } // called by ClientHandshaker with either the server's static or ephemeral public key - SecretKey getAgreedSecret(PublicKey peerPublicKey) { + SecretKey getAgreedSecret(PublicKey peerPublicKey) throws SSLHandshakeException { try { KeyAgreement ka = JsseJce.getKeyAgreement("ECDH"); ka.init(privateKey); ka.doPhase(peerPublicKey, true); return ka.generateSecret("TlsPremasterSecret"); } catch (GeneralSecurityException e) { - throw new RuntimeException("Could not generate secret", e); + throw (SSLHandshakeException) new SSLHandshakeException( + "Could not generate secret").initCause(e); } } // called by ServerHandshaker - SecretKey getAgreedSecret(byte[] encodedPoint) { + SecretKey getAgreedSecret(byte[] encodedPoint) throws SSLHandshakeException { try { ECParameterSpec params = publicKey.getParams(); ECPoint point = JsseJce.decodePoint(encodedPoint, params.getCurve()); @@ -108,10 +110,9 @@ final class ECDHCrypt { ECPublicKeySpec spec = new ECPublicKeySpec(point, params); PublicKey peerPublicKey = kf.generatePublic(spec); return getAgreedSecret(peerPublicKey); - } catch (GeneralSecurityException e) { - throw new RuntimeException("Could not generate secret", e); - } catch (java.io.IOException e) { - throw new RuntimeException("Could not generate secret", e); + } catch (GeneralSecurityException | java.io.IOException e) { + throw (SSLHandshakeException) new SSLHandshakeException( + "Could not generate secret").initCause(e); } } -- GitLab