8343772: Expected IAPE not thrown in KDF.getInstance (TCK)

Reviewed-by: valeriep
This commit is contained in:
Kevin Driver 2024-11-07 19:27:35 +00:00
parent fac89f471c
commit 2c7bea1cb2
2 changed files with 48 additions and 24 deletions

View File

@ -396,19 +396,21 @@ public final class KDF {
InvalidAlgorithmParameterException {
Objects.requireNonNull(algorithm, "algorithm must not be null");
Objects.requireNonNull(provider, "provider must not be null");
Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
algorithm,
kdfParameters,
provider);
if (!JceSecurity.canUseProvider(instance.provider)) {
String msg = "JCE cannot authenticate the provider "
+ instance.provider.getName();
throw new NoSuchProviderException(msg);
try {
Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
algorithm,
kdfParameters,
provider);
if (!JceSecurity.canUseProvider(instance.provider)) {
String msg = "JCE cannot authenticate the provider "
+ instance.provider.getName();
throw new NoSuchProviderException(msg);
}
return new KDF(new Delegate((KDFSpi) instance.impl,
instance.provider), algorithm);
} catch (NoSuchAlgorithmException nsae) {
return handleException(nsae);
}
return new KDF(new Delegate((KDFSpi) instance.impl,
instance.provider), algorithm
);
}
/**
@ -444,18 +446,31 @@ public final class KDF {
InvalidAlgorithmParameterException {
Objects.requireNonNull(algorithm, "algorithm must not be null");
Objects.requireNonNull(provider, "provider must not be null");
Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
algorithm,
kdfParameters,
provider);
if (!JceSecurity.canUseProvider(instance.provider)) {
String msg = "JCE cannot authenticate the provider "
+ instance.provider.getName();
throw new SecurityException(msg);
try {
Instance instance = GetInstance.getInstance("KDF", KDFSpi.class,
algorithm,
kdfParameters,
provider);
if (!JceSecurity.canUseProvider(instance.provider)) {
String msg = "JCE cannot authenticate the provider "
+ instance.provider.getName();
throw new SecurityException(msg);
}
return new KDF(new Delegate((KDFSpi) instance.impl,
instance.provider), algorithm);
} catch (NoSuchAlgorithmException nsae) {
return handleException(nsae);
}
return new KDF(new Delegate((KDFSpi) instance.impl,
instance.provider), algorithm
);
}
private static KDF handleException(NoSuchAlgorithmException e)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException {
Throwable cause = e.getCause();
if (cause instanceof InvalidAlgorithmParameterException iape) {
throw iape;
}
throw e;
}
/**
@ -671,7 +686,8 @@ public final class KDF {
if (hasOne) throw new InvalidAlgorithmParameterException(
"The KDFParameters supplied could not be used in combination "
+ "with the supplied algorithm for the selected Provider");
else throw new NoSuchAlgorithmException();
else throw new NoSuchAlgorithmException(
"No available provider supports the specified algorithm");
}
private static boolean checkSpiNonNull(Delegate d) {

View File

@ -69,6 +69,8 @@ public class HKDFExhaustiveTest {
private static final int LARGE_LENGTH = 1000;
private static final int NEGATIVE_LENGTH = -1;
static class TestKDFParams implements KDFParameters {}
private static final KdfVerifier<String, String, AlgorithmParameterSpec> KdfGetInstanceVerifier =
(a, p, s) -> {
@ -304,6 +306,12 @@ public class HKDFExhaustiveTest {
Utils.runAndCheckException(
() -> KDF.getInstance(KDF_ALGORITHMS[0], null, INVALID_STRING),
NoSuchProviderException.class);
Utils.runAndCheckException(
() -> KDF.getInstance(KDF_ALGORITHMS[0], new TestKDFParams(), SUNJCE),
InvalidAlgorithmParameterException.class);
Utils.runAndCheckException(
() -> KDF.getInstance(KDF_ALGORITHMS[0], new TestKDFParams(), SUNJCE_PROVIDER),
InvalidAlgorithmParameterException.class);
// getInstance(String algorithm, KDFParameters kdfParameters, Provider provider)
Utils.runAndCheckException(