diff --git a/src/java.base/share/classes/javax/crypto/KDF.java b/src/java.base/share/classes/javax/crypto/KDF.java
index ea2a0375813..0ee0904c1c2 100644
--- a/src/java.base/share/classes/javax/crypto/KDF.java
+++ b/src/java.base/share/classes/javax/crypto/KDF.java
@@ -396,19 +396,21 @@ public final class KDF {
                    InvalidAlgorithmParameterException {
         Objects.requireNonNull(algorithm, "algorithm must not be null");
         Objects.requireNonNull(provider, "provider must not be null");
-
-        Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
-                                                    algorithm,
-                                                    kdfParameters,
-                                                    provider);
-        if (!JceSecurity.canUseProvider(instance.provider)) {
-            String msg = "JCE cannot authenticate the provider "
-                         + instance.provider.getName();
-            throw new NoSuchProviderException(msg);
+        try {
+            Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
+                                                        algorithm,
+                                                        kdfParameters,
+                                                        provider);
+            if (!JceSecurity.canUseProvider(instance.provider)) {
+                String msg = "JCE cannot authenticate the provider "
+                             + instance.provider.getName();
+                throw new NoSuchProviderException(msg);
+            }
+            return new KDF(new Delegate((KDFSpi) instance.impl,
+                                        instance.provider), algorithm);
+        } catch (NoSuchAlgorithmException nsae) {
+            return handleException(nsae);
         }
-        return new KDF(new Delegate((KDFSpi) instance.impl,
-                                    instance.provider), algorithm
-        );
     }
 
     /**
@@ -444,18 +446,31 @@ public final class KDF {
                    InvalidAlgorithmParameterException {
         Objects.requireNonNull(algorithm, "algorithm must not be null");
         Objects.requireNonNull(provider, "provider must not be null");
-        Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
-                                                    algorithm,
-                                                    kdfParameters,
-                                                    provider);
-        if (!JceSecurity.canUseProvider(instance.provider)) {
-            String msg = "JCE cannot authenticate the provider "
-                         + instance.provider.getName();
-            throw new SecurityException(msg);
+        try {
+            Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
+                                                        algorithm,
+                                                        kdfParameters,
+                                                        provider);
+            if (!JceSecurity.canUseProvider(instance.provider)) {
+                String msg = "JCE cannot authenticate the provider "
+                             + instance.provider.getName();
+                throw new SecurityException(msg);
+            }
+            return new KDF(new Delegate((KDFSpi) instance.impl,
+                                        instance.provider), algorithm);
+        } catch (NoSuchAlgorithmException nsae) {
+            return handleException(nsae);
         }
-        return new KDF(new Delegate((KDFSpi) instance.impl,
-                                    instance.provider), algorithm
-        );
+    }
+
+    private static KDF handleException(NoSuchAlgorithmException e)
+            throws NoSuchAlgorithmException,
+                   InvalidAlgorithmParameterException {
+        Throwable cause = e.getCause();
+        if (cause instanceof InvalidAlgorithmParameterException iape) {
+            throw iape;
+        }
+        throw e;
     }
 
     /**
@@ -671,7 +686,8 @@ public final class KDF {
         if (hasOne) throw new InvalidAlgorithmParameterException(
                 "The KDFParameters supplied could not be used in combination "
                 + "with the supplied algorithm for the selected Provider");
-        else throw new NoSuchAlgorithmException();
+        else throw new NoSuchAlgorithmException(
+                "No available provider supports the specified algorithm");
     }
 
     private static boolean checkSpiNonNull(Delegate d) {
diff --git a/test/jdk/com/sun/crypto/provider/KDF/HKDFExhaustiveTest.java b/test/jdk/com/sun/crypto/provider/KDF/HKDFExhaustiveTest.java
index 0088fe54a80..fd33337a3c0 100644
--- a/test/jdk/com/sun/crypto/provider/KDF/HKDFExhaustiveTest.java
+++ b/test/jdk/com/sun/crypto/provider/KDF/HKDFExhaustiveTest.java
@@ -69,6 +69,8 @@ public class HKDFExhaustiveTest {
   private static final int LARGE_LENGTH = 1000;
   private static final int NEGATIVE_LENGTH = -1;
 
+  static class TestKDFParams implements KDFParameters {}
+
   private static final KdfVerifier<String, String, AlgorithmParameterSpec> KdfGetInstanceVerifier =
       (a, p, s) -> {
 
@@ -304,6 +306,12 @@ public class HKDFExhaustiveTest {
     Utils.runAndCheckException(
         () -> KDF.getInstance(KDF_ALGORITHMS[0], null, INVALID_STRING),
         NoSuchProviderException.class);
+    Utils.runAndCheckException(
+        () -> KDF.getInstance(KDF_ALGORITHMS[0], new TestKDFParams(), SUNJCE),
+        InvalidAlgorithmParameterException.class);
+    Utils.runAndCheckException(
+        () -> KDF.getInstance(KDF_ALGORITHMS[0], new TestKDFParams(), SUNJCE_PROVIDER),
+        InvalidAlgorithmParameterException.class);
 
     // getInstance(String algorithm, KDFParameters kdfParameters, Provider provider)
     Utils.runAndCheckException(