< prev index next >
src/java.base/share/classes/sun/security/ssl/HandshakeMessage.java
Print this page
@@ -1197,11 +1197,11 @@
// Is it a local supported signature algorithm?
if (!localSupportedSignAlgs.contains(
preferableSignatureAlgorithm)) {
throw new SSLHandshakeException(
"Unsupported SignatureAndHashAlgorithm in " +
- "ServerKeyExchange message");
+ "ServerKeyExchange message: " + preferableSignatureAlgorithm);
}
} else {
this.preferableSignatureAlgorithm = null;
}
@@ -1230,11 +1230,11 @@
break;
case "RSA":
sig = RSASignature.getInstance();
break;
default:
- throw new SSLKeyException("neither an RSA or a DSA key");
+ throw new SSLKeyException("neither an RSA or a DSA key: " + algorithm);
}
}
sig.initVerify(publicKey);
updateSignature(sig, clntNonce, svrNonce);
@@ -1480,11 +1480,11 @@
// Is it a local supported signature algorithm?
if (!localSupportedSignAlgs.contains(
preferableSignatureAlgorithm)) {
throw new SSLHandshakeException(
"Unsupported SignatureAndHashAlgorithm in " +
- "ServerKeyExchange message");
+ "ServerKeyExchange message: " + preferableSignatureAlgorithm);
}
}
// read the signature
signatureBytes = input.getBytes16();
@@ -1520,11 +1520,12 @@
case "EC":
return JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA);
case "RSA":
return RSASignature.getInstance();
default:
- throw new NoSuchAlgorithmException("neither an RSA or a EC key");
+ throw new NoSuchAlgorithmException(
+ "neither an RSA or a EC key : " + keyAlgorithm);
}
}
private void updateSignature(Signature sig, byte[] clntNonce,
byte[] svrNonce) throws SignatureException {
@@ -1727,11 +1728,11 @@
// Read the supported_signature_algorithms for TLS 1.2 or later.
if (protocolVersion.useTLS12PlusSpec()) {
algorithmsLen = input.getInt16();
if (algorithmsLen < 2) {
throw new SSLProtocolException(
- "Invalid supported_signature_algorithms field");
+ "Invalid supported_signature_algorithms field: " + algorithmsLen);
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
int remains = algorithmsLen;
int sequence = 0;
@@ -1746,11 +1747,11 @@
remains -= 2; // one byte for hash, one byte for signature
}
if (remains != 0) {
throw new SSLProtocolException(
- "Invalid supported_signature_algorithms field");
+ "Invalid supported_signature_algorithms field. remains: " + remains);
}
} else {
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
algorithmsLen = 0;
}
@@ -1763,11 +1764,11 @@
v.add(dn);
len -= dn.length();
}
if (len != 0) {
- throw new SSLProtocolException("Bad CertificateRequest DN length");
+ throw new SSLProtocolException("Bad CertificateRequest DN length: " + len);
}
authorities = v.toArray(new DistinguishedName[v.size()]);
}
@@ -1994,11 +1995,11 @@
// Is it a local supported signature algorithm?
if (!localSupportedSignAlgs.contains(
preferableSignatureAlgorithm)) {
throw new SSLHandshakeException(
"Unsupported SignatureAndHashAlgorithm in " +
- "CertificateVerify message");
+ "CertificateVerify message: " + preferableSignatureAlgorithm);
}
}
// read the signature
signature = input.getBytes16();
@@ -2362,11 +2363,12 @@
KeyGenerator kg = JsseJce.getKeyGenerator(prfAlg);
kg.init(spec);
SecretKey prfKey = kg.generateKey();
if ("RAW".equals(prfKey.getFormat()) == false) {
throw new ProviderException(
- "Invalid PRF output, format must be RAW");
+ "Invalid PRF output, format must be RAW. Format received:" +
+ prfKey.getFormat());
}
byte[] finished = prfKey.getEncoded();
return finished;
} catch (GeneralSecurityException e) {
throw new RuntimeException("PRF failed", e);
< prev index next >