pr3083-rh1346460-for_ssl_debug_return_null_instead_of_exception_when_theres_no_ecc_provider.patch

# HG changeset patch
# User andrew
# Date 1467652889 -3600
#      Mon Jul 04 18:21:29 2016 +0100
# Node ID a4541d1d8609cadb08d3e31b40b9184ff32dd6c3
# Parent  bc6eab2038c603afb2eb2b4644f3b900c8fd0c46
PR3083, RH1346460: Regression in SSL debug output without an ECC provider
Summary: Return null rather than throwing an exception when there's no ECC provider.

diff --git openjdk.orig/jdk/src/share/classes/sun/security/ec/ECKeyPairGenerator.java openjdk/jdk/src/share/classes/sun/security/ec/ECKeyPairGenerator.java
--- openjdk.orig/jdk/src/share/classes/sun/security/ec/ECKeyPairGenerator.java
+++ openjdk/jdk/src/share/classes/sun/security/ec/ECKeyPairGenerator.java
@@ -121,7 +121,7 @@
     private static void ensureCurveIsSupported(ECParameterSpec ecSpec)
         throws InvalidAlgorithmParameterException {
 
-        AlgorithmParameters ecParams = ECUtil.getECParameters(null);
+        AlgorithmParameters ecParams = ECUtil.getECParameters(null, true);
         byte[] encodedParams;
         try {
             ecParams.init(ecSpec);
diff --git openjdk.orig/jdk/src/share/classes/sun/security/util/Debug.java openjdk/jdk/src/share/classes/sun/security/util/Debug.java
--- openjdk.orig/jdk/src/share/classes/sun/security/util/Debug.java
+++ openjdk/jdk/src/share/classes/sun/security/util/Debug.java
@@ -73,6 +73,7 @@
         System.err.println("certpath      PKIX CertPathBuilder and");
         System.err.println("              CertPathValidator debugging");
         System.err.println("combiner      SubjectDomainCombiner debugging");
+        System.err.println("ecc           Elliptic Curve Cryptography debugging");
         System.err.println("gssloginconfig");
         System.err.println("              GSS LoginConfigImpl debugging");
         System.err.println("configfile    JAAS ConfigFile loading");
diff --git openjdk.orig/jdk/src/share/classes/sun/security/util/ECUtil.java openjdk/jdk/src/share/classes/sun/security/util/ECUtil.java
--- openjdk.orig/jdk/src/share/classes/sun/security/util/ECUtil.java
+++ openjdk/jdk/src/share/classes/sun/security/util/ECUtil.java
@@ -41,6 +41,9 @@
 
 public final class ECUtil {
 
+    /* Are we debugging ? */
+    private static final Debug debug = Debug.getInstance("ecc");
+
     // Used by SunPKCS11 and SunJSSE.
     public static ECPoint decodePoint(byte[] data, EllipticCurve curve)
             throws IOException {
@@ -90,6 +93,10 @@
     }
 
     public static AlgorithmParameters getECParameters(Provider p) {
+        return getECParameters(p, false);
+    }
+
+    public static AlgorithmParameters getECParameters(Provider p, boolean throwException) {
         try {
             if (p != null) {
                 return AlgorithmParameters.getInstance("EC", p);
@@ -97,13 +104,21 @@
 
             return AlgorithmParameters.getInstance("EC");
         } catch (NoSuchAlgorithmException nsae) {
-            throw new RuntimeException(nsae);
+            if (throwException) {
+                throw new RuntimeException(nsae);
+            } else {
+                // ECC provider is optional so just return null
+                if (debug != null) {
+                    debug.println("Provider unavailable: " + nsae);
+                }
+                return null;
+            }
         }
     }
 
     public static byte[] encodeECParameterSpec(Provider p,
                                                ECParameterSpec spec) {
-        AlgorithmParameters parameters = getECParameters(p);
+        AlgorithmParameters parameters = getECParameters(p, true);
 
         try {
             parameters.init(spec);
@@ -122,11 +137,16 @@
     public static ECParameterSpec getECParameterSpec(Provider p,
                                                      ECParameterSpec spec) {
         AlgorithmParameters parameters = getECParameters(p);
+        if (parameters == null)
+            return null;
 
         try {
             parameters.init(spec);
             return parameters.getParameterSpec(ECParameterSpec.class);
         } catch (InvalidParameterSpecException ipse) {
+            if (debug != null) {
+                debug.println("Invalid parameter specification: " + ipse);
+            }
             return null;
         }
     }
@@ -135,34 +155,49 @@
                                                      byte[] params)
             throws IOException {
         AlgorithmParameters parameters = getECParameters(p);
+        if (parameters == null)
+            return null;
 
         parameters.init(params);
 
         try {
             return parameters.getParameterSpec(ECParameterSpec.class);
         } catch (InvalidParameterSpecException ipse) {
+            if (debug != null) {
+                debug.println("Invalid parameter specification: " + ipse);
+            }
             return null;
         }
     }
 
     public static ECParameterSpec getECParameterSpec(Provider p, String name) {
         AlgorithmParameters parameters = getECParameters(p);
+        if (parameters == null)
+            return null;
 
         try {
             parameters.init(new ECGenParameterSpec(name));
             return parameters.getParameterSpec(ECParameterSpec.class);
         } catch (InvalidParameterSpecException ipse) {
+            if (debug != null) {
+                debug.println("Invalid parameter specification: " + ipse);
+            }
             return null;
         }
     }
 
     public static ECParameterSpec getECParameterSpec(Provider p, int keySize) {
         AlgorithmParameters parameters = getECParameters(p);
+        if (parameters == null)
+            return null;
 
         try {
             parameters.init(new ECKeySizeParameterSpec(keySize));
             return parameters.getParameterSpec(ECParameterSpec.class);
         } catch (InvalidParameterSpecException ipse) {
+            if (debug != null) {
+                debug.println("Invalid parameter specification: " + ipse);
+            }
             return null;
         }
 
@@ -171,11 +206,16 @@
     public static String getCurveName(Provider p, ECParameterSpec spec) {
         ECGenParameterSpec nameSpec;
         AlgorithmParameters parameters = getECParameters(p);
+        if (parameters == null)
+            return null;
 
         try {
             parameters.init(spec);
             nameSpec = parameters.getParameterSpec(ECGenParameterSpec.class);
         } catch (InvalidParameterSpecException ipse) {
+            if (debug != null) {
+                debug.println("Invalid parameter specification: " + ipse);
+            }
             return null;
         }