Looks fine to me too. We should investigate how best to support similar behaviour for the SunPKCS11 provider. To track this issue I’ve filed a related bug 8184290 <https://bugs.openjdk.java.net/browse/JDK-8184290>: SunPKCS11 throws ProviderException for unsupported curves
> On 10 Jul 2017, at 17:03, Seán Coffey <sean.cof...@oracle.com> wrote: > > Thanks for the update! Looks fine to me. > > Regards, > Sean. > > On 10/07/17 16:13, Adam Petcher wrote: >> New webrev: http://cr.openjdk.java.net/~apetcher/8182999/webrev.01/ >> >> Yes, this is a good idea. I made this work by printing out the value from >> AlgorithmParameters.toString(), so hopefully that means you should always >> get a useful string. At the moment (with SunEC AlgorithmParameters), the >> string prints the friendly name followed by the OID: >> >> Unsupported curve: brainpoolP256r1 (1.3.36.3.3.2.8.1.1.7) >> >> On 7/7/2017 4:12 PM, Seán Coffey wrote: >>> Adam, >>> >>> would it be useful to get the curve name in the new exception ? I think it >>> would help with future debugging. Line 96 already gets the curve name if >>> we're dealing with ECGenParameterSpec instance. I think the same approach >>> could be applied to your new code. >>> >>> Regards, >>> Sean. >>> >>> >>> On 07/07/2017 19:59, Adam Petcher wrote: >>>> This is a bug fix related to invalid curves in the SunEC provider. During >>>> ECKeyPairGenerator.initialize(), the provider only checks whether the >>>> curve is known, but it doesn't check whether the curve is actually >>>> supported by the native code. So the call to generateKeyPair() can fail in >>>> the native code and throw a ProviderException. This change adds a new >>>> native method to check whether the curve is supported. This method is >>>> called by initialize(), which will set the state to uninitialized and >>>> throw the expected exception when the curve is not supported. >>>> >>>> JBS: https://bugs.openjdk.java.net/browse/JDK-8182999 >>>> Webrev: http://cr.openjdk.java.net/~apetcher/8182999/webrev.00/ >>>> >>> >> >
