Merge

src/java.base/share/classes/sun/security/rsa/RSAKeyFactory.java

@@ -100,7 +100,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
     private static void checkKeyAlgo(Key key, String expectedAlg)
             throws InvalidKeyException {
         String keyAlg = key.getAlgorithm();
-        if (!(keyAlg.equalsIgnoreCase(expectedAlg))) {
+        if (keyAlg == null || !(keyAlg.equalsIgnoreCase(expectedAlg))) {
             throw new InvalidKeyException("Expected a " + expectedAlg
                     + " key, but got " + keyAlg);
         }
@@ -123,8 +123,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
             return (RSAKey)key;
         } else {
             try {
-                String keyAlgo = key.getAlgorithm();
-                KeyType type = KeyType.lookup(keyAlgo);
+                KeyType type = KeyType.lookup(key.getAlgorithm());
                 RSAKeyFactory kf = RSAKeyFactory.getInstance(type);
                 return (RSAKey) kf.engineTranslateKey(key);
             } catch (ProviderException e) {
@@ -268,8 +267,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
                 throw new InvalidKeyException("Invalid key", e);
             }
         } else if ("X.509".equals(key.getFormat())) {
-            byte[] encoded = key.getEncoded();
-            RSAPublicKey translated = new RSAPublicKeyImpl(encoded);
+            RSAPublicKey translated = new RSAPublicKeyImpl(key.getEncoded());
             // ensure the key algorithm matches the current KeyFactory instance
             checkKeyAlgo(translated, type.keyAlgo());
             return translated;
@@ -313,8 +311,8 @@ public class RSAKeyFactory extends KeyFactorySpi {
                 throw new InvalidKeyException("Invalid key", e);
             }
         } else if ("PKCS#8".equals(key.getFormat())) {
-            byte[] encoded = key.getEncoded();
-            RSAPrivateKey translated = RSAPrivateCrtKeyImpl.newKey(encoded);
+            RSAPrivateKey translated =
+                RSAPrivateCrtKeyImpl.newKey(key.getEncoded());
             // ensure the key algorithm matches the current KeyFactory instance
             checkKeyAlgo(translated, type.keyAlgo());
             return translated;

src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java

@@ -123,6 +123,10 @@ public final class RSAPrivateCrtKeyImpl
      * Construct a key from its encoding. Called from newKey above.
      */
     RSAPrivateCrtKeyImpl(byte[] encoded) throws InvalidKeyException {
+        if (encoded == null || encoded.length == 0) {
+            throw new InvalidKeyException("Missing key encoding");
+        }
+
         decode(encoded);
         RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e);
         try {

src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java

@@ -116,6 +116,9 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
      * Construct a key from its encoding. Used by RSAKeyFactory.
      */
     RSAPublicKeyImpl(byte[] encoded) throws InvalidKeyException {
+        if (encoded == null || encoded.length == 0) {
+            throw new InvalidKeyException("Missing key encoding");
+        }
         decode(encoded); // this sets n and e value
         RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e);
         checkExponentRange(n, e);

src/java.base/share/classes/sun/security/rsa/RSAUtil.java

@@ -52,7 +52,11 @@ public class RSAUtil {
         public String keyAlgo() {
             return algo;
         }
-        public static KeyType lookup(String name) {
+        public static KeyType lookup(String name)
+                throws InvalidKeyException, ProviderException {
+            if (name == null) {
+                throw new InvalidKeyException("Null key algorithm");
+            }
             for (KeyType kt : KeyType.values()) {
                 if (kt.keyAlgo().equalsIgnoreCase(name)) {
                     return kt;
@@ -133,21 +137,24 @@ public class RSAUtil {
             throws ProviderException {
         if (params == null) return null;
 
-        String algName = params.getAlgorithm();
-        KeyType type = KeyType.lookup(algName);
-        Class<? extends AlgorithmParameterSpec> specCls;
-        switch (type) {
-            case RSA:
-                throw new ProviderException("No params accepted for " +
-                    type.keyAlgo());
-            case PSS:
-                specCls = PSSParameterSpec.class;
-                break;
-            default:
-                throw new ProviderException("Unsupported RSA algorithm: " + algName);
-        }
         try {
+            String algName = params.getAlgorithm();
+            KeyType type = KeyType.lookup(algName);
+            Class<? extends AlgorithmParameterSpec> specCls;
+            switch (type) {
+                case RSA:
+                    throw new ProviderException("No params accepted for " +
+                        type.keyAlgo());
+                case PSS:
+                    specCls = PSSParameterSpec.class;
+                    break;
+                default:
+                    throw new ProviderException("Unsupported RSA algorithm: " + algName);
+            }
             return params.getParameterSpec(specCls);
+        } catch (ProviderException pe) {
+            // pass it up
+            throw pe;
         } catch (Exception e) {
             throw new ProviderException(e);
         }

src/java.base/share/legal/public_suffix.md

@@ -1,7 +1,7 @@
 ## Mozilla Public Suffix List
 
 ### Public Suffix Notice
-<pre>
+```
 You are receiving a copy of the Mozilla Public Suffix List in the following
 file: <java-home>/lib/security/public_suffix_list.dat. The terms of the
 Oracle license do NOT apply to this file; it is licensed under the
@@ -11,17 +11,17 @@ If you do not wish to use the Public Suffix List, you may remove the
 
 The Source Code of this file is available under the
 Mozilla Public License, v. 2.0 and is located at
-https://github.com/publicsuffix/list/blob/03089bfe4aa5b7a2e291f33e07a28d20f875cb83/public_suffix_list.dat
+https://raw.githubusercontent.com/publicsuffix/list/2225db8d9f4a2a27ec697c883360632fa0c16261/public_suffix_list.dat.
 If a copy of the MPL was not distributed with this file, you can obtain one
-at http://mozilla.org/MPL/2.0/.
+at https://mozilla.org/MPL/2.0/.
 
 Software distributed under the License is distributed on an "AS IS" basis,
 WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 for the specific language governing rights and limitations under the License. 
-</pre>
+```
 
 ### MPL v2.0
-<pre>
+```
 Mozilla Public License Version 2.0
 ==================================
 
@@ -381,7 +381,7 @@ Exhibit A - Source Code Form License Notice
 
   This Source Code Form is subject to the terms of the Mozilla Public
   License, v. 2.0. If a copy of the MPL was not distributed with this
-  file, You can obtain one at http://mozilla.org/MPL/2.0/.
+  file, You can obtain one at https://mozilla.org/MPL/2.0/.
 
 If it is not possible or desirable to put the notice in a particular
 file, then You may include the notice in a location (such as a LICENSE
@@ -396,4 +396,4 @@ Exhibit B - "Incompatible With Secondary Licenses" Notice
   This Source Code Form is "Incompatible With Secondary Licenses", as
   defined by the Mozilla Public License, v. 2.0.
 
-</pre>
+```