6732372: Some MSCAPI native methods not returning correct exceptions

Reviewed-by: mullan

jdk/src/share/classes/sun/security/ec/ECKeyPairGenerator.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -121,15 +121,16 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
         }
         random.nextBytes(seed);
 
-        long[] handles = generateECKeyPair(keySize, encodedParams, seed);
-
-        // The 'params' object supplied above is equivalent to the native one
-        // so there is no need to fetch it.
-
-        // handles[0] points to the native private key
-        BigInteger s = new BigInteger(1, getEncodedBytes(handles[0]));
-
         try {
+
+            long[] handles = generateECKeyPair(keySize, encodedParams, seed);
+
+            // The 'params' object supplied above is equivalent to the native
+            // one so there is no need to fetch it.
+
+            // handles[0] points to the native private key
+            BigInteger s = new BigInteger(1, getEncodedBytes(handles[0]));
+
             PrivateKey privateKey =
                 new ECPrivateKeyImpl(s, (ECParameterSpec)params);
 
@@ -163,7 +164,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
      * The first handle points to the private key, the second to the public key.
      */
     private static native long[] generateECKeyPair(int keySize,
-        byte[] encodedParams, byte[] seed);
+        byte[] encodedParams, byte[] seed) throws GeneralSecurityException;
 
     /*
      * Extracts the encoded key data using the supplied handle.

jdk/src/windows/classes/sun/security/mscapi/KeyStore.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,6 +31,7 @@ import java.io.InputStream;
 import java.io.OutputStream;
 import java.math.BigInteger;
 import java.security.AccessController;
+import java.security.InvalidKeyException;
 import java.security.KeyStoreSpi;
 import java.security.KeyStoreException;
 import java.security.UnrecoverableKeyException;
@@ -123,6 +124,7 @@ abstract class KeyStore extends KeyStoreSpi {
          * Sets the private key for the keystore entry.
          */
         void setPrivateKey(RSAPrivateCrtKey key)
+            throws InvalidKeyException, KeyStoreException
         {
             byte[] modulusBytes = key.getModulus().toByteArray();
 
@@ -158,7 +160,7 @@ abstract class KeyStore extends KeyStoreSpi {
          * Sets the certificate chain for the keystore entry.
          */
         void setCertificateChain(X509Certificate[] chain)
-            throws CertificateException
+            throws CertificateException, KeyStoreException
         {
             for (int i = 0; i < chain.length; i++) {
                 byte[] encoding = chain[i].getEncoded();
@@ -404,13 +406,16 @@ abstract class KeyStore extends KeyStoreSpi {
             }
 
             entry.setAlias(alias);
-            entry.setPrivateKey((RSAPrivateCrtKey) key);
 
             try {
+                entry.setPrivateKey((RSAPrivateCrtKey) key);
                 entry.setCertificateChain((X509Certificate[]) chain);
 
             } catch (CertificateException ce) {
                 throw new KeyStoreException(ce);
+
+            } catch (InvalidKeyException ike) {
+                throw new KeyStoreException(ike);
             }
 
         } else {
@@ -537,7 +542,7 @@ abstract class KeyStore extends KeyStoreSpi {
                         removeCertificate(getName(), alias, encoding,
                             encoding.length);
 
-                    } catch (CertificateEncodingException e) {
+                    } catch (CertificateException e) {
                         throw new KeyStoreException("Cannot remove entry: " +
                             e);
                     }
@@ -754,8 +759,14 @@ abstract class KeyStore extends KeyStoreSpi {
         // Clear all key entries
         entries.clear();
 
-        // Load keys and/or certificate chains
-        loadKeysOrCertificateChains(getName(), entries);
+        try {
+
+            // Load keys and/or certificate chains
+            loadKeysOrCertificateChains(getName(), entries);
+
+        } catch (KeyStoreException e) {
+            throw new IOException(e);
+        }
     }
 
     /**
@@ -868,7 +879,7 @@ abstract class KeyStore extends KeyStoreSpi {
      * @param entries Collection of key/certificate.
      */
     private native void loadKeysOrCertificateChains(String name,
-        Collection<KeyEntry> entries);
+        Collection<KeyEntry> entries) throws KeyStoreException;
 
     /**
      * Stores a DER-encoded certificate into the certificate store
@@ -879,7 +890,7 @@ abstract class KeyStore extends KeyStoreSpi {
      */
     private native void storeCertificate(String name, String alias,
         byte[] encoding, int encodingLength, long hCryptProvider,
-        long hCryptKey);
+        long hCryptKey) throws CertificateException, KeyStoreException;
 
     /**
      * Removes the certificate from the certificate store
@@ -889,14 +900,16 @@ abstract class KeyStore extends KeyStoreSpi {
      * @param encoding DER-encoded certificate.
      */
     private native void removeCertificate(String name, String alias,
-        byte[] encoding, int encodingLength);
+        byte[] encoding, int encodingLength)
+            throws CertificateException, KeyStoreException;
 
     /**
      * Destroys the key container.
      *
      * @param keyContainerName The name of the key container.
      */
-    private native void destroyKeyContainer(String keyContainerName);
+    private native void destroyKeyContainer(String keyContainerName)
+        throws KeyStoreException;
 
     /**
      * Generates a private-key BLOB from a key's components.
@@ -910,8 +923,8 @@ abstract class KeyStore extends KeyStoreSpi {
         byte[] primeQ,
         byte[] exponentP,
         byte[] exponentQ,
-        byte[] crtCoefficient);
+        byte[] crtCoefficient) throws InvalidKeyException;
 
     private native RSAPrivateKey storePrivateKey(byte[] keyBlob,
-        String keyContainerName, int keySize);
+        String keyContainerName, int keySize) throws KeyStoreException;
 }

jdk/src/windows/classes/sun/security/mscapi/RSACipher.java

@@ -219,7 +219,12 @@ public final class RSACipher extends CipherSpi {
                 byte[] keyBlob = RSASignature.generatePublicKeyBlob(
                     keyBitLength, modulusBytes, exponentBytes);
 
-                key = RSASignature.importPublicKey(keyBlob, keyBitLength);
+                try {
+                    key = RSASignature.importPublicKey(keyBlob, keyBitLength);
+
+                } catch (KeyStoreException e) {
+                    throw new InvalidKeyException(e);
+                }
 
             } else {
                 throw new InvalidKeyException("Unsupported key type: " + key);

jdk/src/windows/classes/sun/security/mscapi/RSAKeyPairGenerator.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -105,14 +105,20 @@ public final class RSAKeyPairGenerator extends KeyPairGeneratorSpi {
     // generate the keypair. See JCA doc
     public KeyPair generateKeyPair() {
 
-        // Generate each keypair in a unique key container
-        RSAKeyPair keys =
-            generateRSAKeyPair(keySize,
-                "{" + UUID.randomUUID().toString() + "}");
+        try {
 
-        return new KeyPair(keys.getPublic(), keys.getPrivate());
+            // Generate each keypair in a unique key container
+            RSAKeyPair keys =
+                generateRSAKeyPair(keySize,
+                    "{" + UUID.randomUUID().toString() + "}");
+
+            return new KeyPair(keys.getPublic(), keys.getPrivate());
+
+        } catch (KeyException e) {
+            throw new ProviderException(e);
+        }
     }
 
     private static native RSAKeyPair generateRSAKeyPair(int keySize,
-        String keyContainerName);
+        String keyContainerName) throws KeyException;
 }

jdk/src/windows/classes/sun/security/mscapi/RSAPublicKey.java

@@ -27,7 +27,9 @@ package sun.security.mscapi;
 
 import java.math.BigInteger;
 import java.security.InvalidKeyException;
+import java.security.KeyException;
 import java.security.KeyRep;
+import java.security.ProviderException;
 import java.security.PublicKey;
 
 import sun.security.rsa.RSAPublicKeyImpl;
@@ -89,9 +91,14 @@ class RSAPublicKey extends Key implements java.security.interfaces.RSAPublicKey
     public BigInteger getPublicExponent() {
 
         if (exponent == null) {
-            publicKeyBlob = getPublicKeyBlob(hCryptKey);
 
-            exponent = new BigInteger(1, getExponent(publicKeyBlob));
+            try {
+                publicKeyBlob = getPublicKeyBlob(hCryptKey);
+                exponent = new BigInteger(1, getExponent(publicKeyBlob));
+
+            } catch (KeyException e) {
+                throw new ProviderException(e);
+            }
         }
 
         return exponent;
@@ -103,8 +110,14 @@ class RSAPublicKey extends Key implements java.security.interfaces.RSAPublicKey
     public BigInteger getModulus() {
 
         if (modulus == null) {
-            publicKeyBlob = getPublicKeyBlob(hCryptKey);
-            modulus = new BigInteger(1, getModulus(publicKeyBlob));
+
+            try {
+                publicKeyBlob = getPublicKeyBlob(hCryptKey);
+                modulus = new BigInteger(1, getModulus(publicKeyBlob));
+
+            } catch (KeyException e) {
+                throw new ProviderException(e);
+            }
         }
 
         return modulus;
@@ -147,7 +160,7 @@ class RSAPublicKey extends Key implements java.security.interfaces.RSAPublicKey
                 encoding = new RSAPublicKeyImpl(getModulus(),
                     getPublicExponent()).getEncoded();
 
-            } catch (InvalidKeyException e) {
+            } catch (KeyException e) {
                 // ignore
             }
         }
@@ -164,15 +177,15 @@ class RSAPublicKey extends Key implements java.security.interfaces.RSAPublicKey
     /*
      * Returns the Microsoft CryptoAPI representation of the key.
      */
-    private native byte[] getPublicKeyBlob(long hCryptKey);
+    private native byte[] getPublicKeyBlob(long hCryptKey) throws KeyException;
 
     /*
      * Returns the key's public exponent (in big-endian 2's complement format).
      */
-    private native byte[] getExponent(byte[] keyBlob);
+    private native byte[] getExponent(byte[] keyBlob) throws KeyException;
 
     /*
      * Returns the key's modulus (in big-endian 2's complement format).
      */
-    private native byte[] getModulus(byte[] keyBlob);
+    private native byte[] getModulus(byte[] keyBlob) throws KeyException;
 }

jdk/src/windows/classes/sun/security/mscapi/RSASignature.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,6 +31,7 @@ import java.security.PrivateKey;
 import java.security.InvalidKeyException;
 import java.security.InvalidParameterException;
 import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.ProviderException;
 import java.security.MessageDigest;
@@ -146,7 +147,12 @@ abstract class RSASignature extends java.security.SignatureSpi
             byte[] keyBlob = generatePublicKeyBlob(
                 keyBitLength, modulusBytes, exponentBytes);
 
-            publicKey = importPublicKey(keyBlob, keyBitLength);
+            try {
+                publicKey = importPublicKey(keyBlob, keyBitLength);
+
+            } catch (KeyStoreException e) {
+                throw new InvalidKeyException(e);
+            }
 
         } else {
             publicKey = (sun.security.mscapi.RSAPublicKey) key;
@@ -381,11 +387,13 @@ abstract class RSASignature extends java.security.SignatureSpi
      */
     // used by RSACipher
     static native byte[] generatePublicKeyBlob(
-        int keyBitLength, byte[] modulus, byte[] publicExponent);
+        int keyBitLength, byte[] modulus, byte[] publicExponent)
+            throws InvalidKeyException;
 
     /**
      * Imports a public-key BLOB.
      */
     // used by RSACipher
-    static native RSAPublicKey importPublicKey(byte[] keyBlob, int keySize);
+    static native RSAPublicKey importPublicKey(byte[] keyBlob, int keySize)
+        throws KeyStoreException;
 }

jdk/src/windows/native/sun/security/mscapi/security.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,6 +40,8 @@
 
 #define CERTIFICATE_PARSING_EXCEPTION \
                             "java/security/cert/CertificateParsingException"
+#define INVALID_KEY_EXCEPTION \
+                            "java/security/InvalidKeyException"
 #define KEY_EXCEPTION       "java/security/KeyException"
 #define KEYSTORE_EXCEPTION  "java/security/KeyStoreException"
 #define PROVIDER_EXCEPTION  "java/security/ProviderException"
@@ -1398,7 +1400,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSAPublicKey_getPublicKeyB
 
     jbyteArray blob = NULL;
     DWORD dwBlobLen;
-    BYTE* pbKeyBlob;
+    BYTE* pbKeyBlob = NULL;
 
     __try
     {
@@ -1656,7 +1658,7 @@ jbyteArray generateKeyBlob(
         // Sanity check
         jsize jPublicExponentLength = env->GetArrayLength(jPublicExponent);
         if (jPublicExponentLength > sizeof(pRsaPubKey->pubexp)) {
-            ThrowException(env, KEY_EXCEPTION, NTE_BAD_TYPE);
+            ThrowException(env, INVALID_KEY_EXCEPTION, NTE_BAD_TYPE);
             __leave;
         }
         // The length argument must be the smaller of jPublicExponentLength