Merge pull request #717 from KostasTsiounis/eckeygen

Always revert to Java impl when OpenSSL fails
ibmruntimes · Oct 2, 2023 · b404781 · b404781
2 parents 18c8757 + adff3e7
commit b404781
Showing 1 changed file with 9 additions and 19 deletions.
diff --git a/closed/src/jdk.crypto.ec/share/classes/sun/security/ec/NativeECKeyPairGenerator.java b/closed/src/jdk.crypto.ec/share/classes/sun/security/ec/NativeECKeyPairGenerator.java
@@ -168,17 +168,13 @@ public KeyPair generateKeyPair() {
  return this.javaImplementation.generateKeyPair();
  }
 
- boolean absent;
  long nativePointer = NativeECUtil.encodeGroup(this.params);
 
  if (nativePointer == -1) {
- absent = NativeECUtil.putCurveIfAbsent(this.curve, Boolean.FALSE);
- if (!absent) {
- throw new ProviderException("Could not encode group");
- }
+ NativeECUtil.putCurveIfAbsent(this.curve, Boolean.FALSE);
  if (nativeCryptTrace) {
- System.err.println(this.curve +
- " is not supported by OpenSSL, using Java crypto implementation.");
+ System.err.println("Could not encode group for curve " + this.curve
+ + " in OpenSSL, using Java crypto implementation.");
  }
  try {
  this.initializeJavaImplementation();
@@ -195,13 +191,10 @@ public KeyPair generateKeyPair() {
  } else if (field instanceof ECFieldF2m) {
  fieldType = NativeCrypto.ECField_F2m;
  } else {
- absent = NativeECUtil.putCurveIfAbsent(this.curve, Boolean.FALSE);
- if (!absent) {
- throw new ProviderException("Field type not supported");
- }
+ NativeECUtil.putCurveIfAbsent(this.curve, Boolean.FALSE);
  if (nativeCryptTrace) {
- System.err.println(this.curve +
- " is not supported by OpenSSL, using Java crypto implementation.");
+ System.err.println("Field type not supported for curve " + this.curve
+ + " by OpenSSL, using Java crypto implementation.");
  }
  try {
  this.initializeJavaImplementation();
@@ -226,13 +219,10 @@ public KeyPair generateKeyPair() {
  fieldType);
 
  if (ret == -1) {
- absent = NativeECUtil.putCurveIfAbsent(this.curve, Boolean.FALSE);
- if (!absent) {
- throw new ProviderException("Could not generate key pair");
- }
+ NativeECUtil.putCurveIfAbsent(this.curve, Boolean.FALSE);
  if (nativeCryptTrace) {
- System.err.println(this.curve +
- " is not supported by OpenSSL, using Java crypto implementation for key generation.");
+ System.err.println("Could not generate key pair for curve " + this.curve
+ + " using OpenSSL, using Java crypto implementation for key generation.");
  }
  try {
  this.initializeJavaImplementation();