Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8206864

Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized

    XMLWordPrintable

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P3
    • Resolution: Approved
    • Fix Version/s: 11
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Compatibility Risk:
      low
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      Existing javadoc of java.security.Signature.getParameters() specifies that it returns that the parameters used with this signature object. Additionally, it mentions that

      • null is returned when the signature algorithm does not use parameters and

      • parameters containing a combination of default and randomly generated parameter values is returned if this signature requires algorithm parameters but was not initialized with any.

      However, for the second item above, if there is no provider-specific default parameters, Signature.getParameters() should return null.

      Problem

      Please see Summary.

      Solution

      Update javadoc of java.security.Signature.getParameters() to specify null to be returned if no default parameters are generated. Same update is applied to the javadoc of java.security.SignatureSpi.engineGetParameters() which inherits much of its spec from java.security.Signature.getParameters().

      Specification

      1) java.security.Signature.getParameters(): Inline patch included as below:

      @@ -895,18 +895,19 @@
           }
      
           /**
            * Returns the parameters used with this signature object.
            *
      -     * <p>The returned parameters may be the same that were used to initialize
      -     * this signature, or may contain a combination of default and randomly
      -     * generated parameter values used by the underlying signature
      -     * implementation if this signature requires algorithm parameters but
      -     * was not initialized with any.
      +     * <p> If this signature has been previously initialized with parameters
      +     * (by calling the {@code setParameter} method), this method returns
      +     * the same parameters. If this signature has not been initialized with
      +     * parameters, this method may return a combination of default and
      +     * randomly generated parameter values if the underlying
      +     * signature implementation supports it and can successfully generate
      +     * them. Otherwise, {@code null} is returned. 
            *
      -     * @return the parameters used with this signature, or null if this
      -     * signature does not use any parameters.
      +     * @return the parameters used with this signature, or {@code null}
            *
            * @see #setParameter(AlgorithmParameterSpec)
            * @since 1.4
            */
           public final AlgorithmParameters getParameters() {

      2) java.security.SignatureSpi.engineGetParameters(): Inline patch included as below:

      @@ -324,22 +324,22 @@
               throws InvalidAlgorithmParameterException {
                   throw new UnsupportedOperationException();
           }
      
           /**
      -     * <p>This method is overridden by providers to return the
      -     * parameters used with this signature engine, or null
      -     * if this signature engine does not use any parameters.
      +     * <p>This method is overridden by providers to return the parameters
      +     * used with this signature engine.
            *
      -     * <p>The returned parameters may be the same that were used to initialize
      -     * this signature engine, or may contain a combination of default and
      -     * randomly generated parameter values used by the underlying signature
      -     * implementation if this signature engine requires algorithm parameters
      -     * but was not initialized with any.
      +     * <p> If this signature engine has been previously initialized with
      +     * parameters (by calling the {@code setParameter} method), this method
      +     * returns the same parameters. If this signature engine has not been
      +     * initialized with parameters, this method may return a combination of
      +     * default and randomly generated parameter values if the underlying
      +     * signature implementation supports it and can successfully generate
      +     * them. Otherwise, {@code null} is returned. 
            *
      -     * @return the parameters used with this signature engine, or null if this
      -     * signature engine does not use any parameters
      +     * @return the parameters used with this signature engine, or {@code null}
            *
            * @exception UnsupportedOperationException if this method is
            * not overridden by a provider
            * @since 1.4
            */

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              valeriep Valerie Peng
              Reporter:
              bnallakaluva Bharath Nallakaluva (Inactive)
              Reviewed By:
              Sean Mullan, Weijun Wang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: