8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized

Changed SunRsaSign and SunMSCAPI provider to return null and updated javadoc Reviewed-by: weijun, mullan
2018-07-23 23:18:19 +00:00 · 2018-07-23 23:18:19 +00:00 · df08003471
commit df08003471
parent 7723d3a1e9
4 changed files with 40 additions and 41 deletions
--- a/src/java.base/share/classes/java/security/Signature.java
+++ b/src/java.base/share/classes/java/security/Signature.java
@ -700,7 +700,7 @@ public abstract class Signature extends SignatureSpi {
     * encoded or of the wrong type, if this signature algorithm is unable to
     * process the input data provided, etc.
     * @exception IllegalArgumentException if the {@code signature}
-     * byte array is null, or the {@code offset} or {@code length}
+     * byte array is {@code null}, or the {@code offset} or {@code length}
     * is less than 0, or the sum of the {@code offset} and
     * {@code length} is greater than the length of the
     * {@code signature} byte array.
@ -897,14 +897,15 @@ public abstract class Signature extends SignatureSpi {
    /**
     * Returns the parameters used with this signature object.
     *
-     * <p>The returned parameters may be the same that were used to initialize
-     * this signature, or may contain a combination of default and randomly
-     * generated parameter values used by the underlying signature
-     * implementation if this signature requires algorithm parameters but
-     * was not initialized with any.
+     * <p> If this signature has been previously initialized with parameters
+     * (by calling the {@code setParameter} method), this method returns
+     * the same parameters. If this signature has not been initialized with
+     * parameters, this method may return a combination of default and
+     * randomly generated parameter values if the underlying
+     * signature implementation supports it and can successfully generate
+     * them. Otherwise, {@code null} is returned.
     *
-     * @return the parameters used with this signature, or null if this
-     * signature does not use any parameters.
+     * @return the parameters used with this signature, or {@code null}
     *
     * @see #setParameter(AlgorithmParameterSpec)
     * @since 1.4
@ -925,7 +926,7 @@ public abstract class Signature extends SignatureSpi {
     *
     * @param param the string name of the parameter.
     *
-     * @return the object that represents the parameter value, or null if
+     * @return the object that represents the parameter value, or {@code null} if
     * there is none.
     *
     * @exception InvalidParameterException if {@code param} is an invalid
--- a/src/java.base/share/classes/java/security/SignatureSpi.java
+++ b/src/java.base/share/classes/java/security/SignatureSpi.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -326,18 +326,18 @@ public abstract class SignatureSpi {
    }

    /**
-     * <p>This method is overridden by providers to return the
-     * parameters used with this signature engine, or null
-     * if this signature engine does not use any parameters.
+     * <p>This method is overridden by providers to return the parameters
+     * used with this signature engine.
     *
-     * <p>The returned parameters may be the same that were used to initialize
-     * this signature engine, or may contain a combination of default and
-     * randomly generated parameter values used by the underlying signature
-     * implementation if this signature engine requires algorithm parameters
-     * but was not initialized with any.
+     * <p> If this signature engine has been previously initialized with
+     * parameters (by calling the {@code engineSetParameter} method), this
+     * method returns the same parameters. If this signature engine has not been
+     * initialized with parameters, this method may return a combination of
+     * default and randomly generated parameter values if the underlying
+     * signature implementation supports it and can successfully generate
+     * them. Otherwise, {@code null} is returned.
     *
-     * @return the parameters used with this signature engine, or null if this
-     * signature engine does not use any parameters
+     * @return the parameters used with this signature engine, or {@code null}
     *
     * @exception UnsupportedOperationException if this method is
     * not overridden by a provider
@ -360,7 +360,7 @@ public abstract class SignatureSpi {
     *
     * @param param the string name of the parameter.
     *
-     * @return the object that represents the parameter value, or null if
+     * @return the object that represents the parameter value, or {@code null} if
     * there is none.
     *
     * @exception InvalidParameterException if {@code param} is an
--- a/src/java.base/share/classes/sun/security/rsa/RSAPSSSignature.java
+++ b/src/java.base/share/classes/sun/security/rsa/RSAPSSSignature.java
@ -605,16 +605,15 @@ public class RSAPSSSignature extends SignatureSpi {

    @Override
    protected AlgorithmParameters engineGetParameters() {
-        if (this.sigParams == null) {
-            throw new ProviderException("Missing required PSS parameters");
-        }
-        try {
-            AlgorithmParameters ap =
-                AlgorithmParameters.getInstance("RSASSA-PSS");
-            ap.init(this.sigParams);
-            return ap;
-        } catch (GeneralSecurityException gse) {
-            throw new ProviderException(gse.getMessage());
+        AlgorithmParameters ap = null;
+        if (this.sigParams != null) {
+            try {
+                ap = AlgorithmParameters.getInstance("RSASSA-PSS");
+                ap.init(this.sigParams);
+            } catch (GeneralSecurityException gse) {
+                throw new ProviderException(gse.getMessage());
+            }
        }
+        return ap;
    }
 }
--- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/RSASignature.java
+++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/RSASignature.java
@ -363,17 +363,16 @@ abstract class RSASignature extends java.security.SignatureSpi

        @Override
        protected AlgorithmParameters engineGetParameters() {
-            if (this.pssParams == null) {
-                throw new ProviderException("Missing required PSS parameters");
-            }
-            try {
-                AlgorithmParameters ap =
-                        AlgorithmParameters.getInstance("RSASSA-PSS");
-                ap.init(this.pssParams);
-                return ap;
-            } catch (GeneralSecurityException gse) {
-                throw new ProviderException(gse.getMessage());
+            AlgorithmParameters ap = null;
+            if (this.pssParams != null) {
+                try {
+                    ap = AlgorithmParameters.getInstance("RSASSA-PSS");
+                    ap.init(this.pssParams);
+                } catch (GeneralSecurityException gse) {
+                    throw new ProviderException(gse.getMessage());
+                }
            }
+            return ap;
        }

        private void ensureInit() throws SignatureException {