Throw InvalidKeyException when keystore key malformed
When a keystore implementation can't decode a key for some reason, throw
InvalidKeyException instead of RuntimeException. This will allow
applications to handle the error instead of crashing.
Bug: 20488918
Change-Id: I89215b5bc728ad1c266031bead940268025018a8
diff --git a/src/main/java/org/conscrypt/NativeCrypto.java b/src/main/java/org/conscrypt/NativeCrypto.java
index c842747..a407931 100644
--- a/src/main/java/org/conscrypt/NativeCrypto.java
+++ b/src/main/java/org/conscrypt/NativeCrypto.java
@@ -20,6 +20,7 @@
import java.io.IOException;
import java.io.OutputStream;
import java.net.SocketTimeoutException;
+import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
@@ -78,7 +79,7 @@
public static native int ENGINE_free(long e);
- public static native long ENGINE_load_private_key(long e, String key_id);
+ public static native long ENGINE_load_private_key(long e, String key_id) throws InvalidKeyException;
public static native String ENGINE_get_id(long engineRef);
diff --git a/src/main/native/org_conscrypt_NativeCrypto.cpp b/src/main/native/org_conscrypt_NativeCrypto.cpp
index 6c70bbd..8661705 100644
--- a/src/main/native/org_conscrypt_NativeCrypto.cpp
+++ b/src/main/native/org_conscrypt_NativeCrypto.cpp
@@ -2332,7 +2332,7 @@
Unique_EVP_PKEY pkey(ENGINE_load_private_key(e, id.c_str(), NULL, NULL));
if (pkey.get() == NULL) {
- throwExceptionIfNecessary(env, "ENGINE_load_private_key");
+ throwExceptionIfNecessary(env, "ENGINE_load_private_key", throwInvalidKeyException);
return 0;
}
@@ -2346,7 +2346,7 @@
#else
Unique_EVP_PKEY pkey(EVP_PKEY_from_keystore(id.c_str()));
if (pkey.get() == NULL) {
- throwExceptionIfNecessary(env, "ENGINE_load_private_key");
+ throwExceptionIfNecessary(env, "ENGINE_load_private_key", throwInvalidKeyException);
return 0;
}
return reinterpret_cast<uintptr_t>(pkey.release());