OpenJDK / jdk / jdk

--- a/jdk/src/java.base/share/classes/sun/security/ssl/HandshakeMessage.java	Thu Apr 07 17:52:01 2016 +0900
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/HandshakeMessage.java	Thu Apr 07 10:11:38 2016 +0100
@@ -1198,8 +1198,9 @@
             if (!localSupportedSignAlgs.contains(
                     preferableSignatureAlgorithm)) {
                 throw new SSLHandshakeException(
-                        "Unsupported SignatureAndHashAlgorithm in " +
-                        "ServerKeyExchange message");
+                    "Unsupported SignatureAndHashAlgorithm in " +
+                    "ServerKeyExchange message: " +
+                    preferableSignatureAlgorithm);
             }
         } else {
             this.preferableSignatureAlgorithm = null;
@@ -1232,7 +1233,8 @@
                         sig = RSASignature.getInstance();
                         break;
                     default:
-                        throw new SSLKeyException("neither an RSA or a DSA key");
+                        throw new SSLKeyException(
+                            "neither an RSA or a DSA key: " + algorithm);
                 }
         }

@@ -1482,7 +1484,8 @@
                     preferableSignatureAlgorithm)) {
                 throw new SSLHandshakeException(
                         "Unsupported SignatureAndHashAlgorithm in " +
-                        "ServerKeyExchange message");
+                        "ServerKeyExchange message: " +
+                        preferableSignatureAlgorithm);
             }
         }

@@ -1522,7 +1525,8 @@
                 case "RSA":
                     return RSASignature.getInstance();
                 default:
-                    throw new NoSuchAlgorithmException("neither an RSA or a EC key");
+                    throw new NoSuchAlgorithmException(
+                        "neither an RSA or a EC key : " + keyAlgorithm);
             }
     }

@@ -1729,7 +1733,8 @@
             algorithmsLen = input.getInt16();
             if (algorithmsLen < 2) {
                 throw new SSLProtocolException(
-                        "Invalid supported_signature_algorithms field");
+                    "Invalid supported_signature_algorithms field: " +
+                    algorithmsLen);
             }

             algorithms = new ArrayList<SignatureAndHashAlgorithm>();
@@ -1748,7 +1753,8 @@

             if (remains != 0) {
                 throw new SSLProtocolException(
-                        "Invalid supported_signature_algorithms field");
+                    "Invalid supported_signature_algorithms field. remains: " +
+                    remains);
             }
         } else {
             algorithms = new ArrayList<SignatureAndHashAlgorithm>();
@@ -1765,7 +1771,8 @@
         }

         if (len != 0) {
-            throw new SSLProtocolException("Bad CertificateRequest DN length");
+            throw new SSLProtocolException(
+                "Bad CertificateRequest DN length: " + len);
         }

         authorities = v.toArray(new DistinguishedName[v.size()]);
@@ -1995,8 +2002,8 @@
             if (!localSupportedSignAlgs.contains(
                     preferableSignatureAlgorithm)) {
                 throw new SSLHandshakeException(
-                        "Unsupported SignatureAndHashAlgorithm in " +
-                        "CertificateVerify message");
+                    "Unsupported SignatureAndHashAlgorithm in " +
+                    "CertificateVerify message: " + preferableSignatureAlgorithm);
             }
         }

@@ -2364,7 +2371,8 @@
                 SecretKey prfKey = kg.generateKey();
                 if ("RAW".equals(prfKey.getFormat()) == false) {
                     throw new ProviderException(
-                        "Invalid PRF output, format must be RAW");
+                        "Invalid PRF output, format must be RAW. " +
+                        "Format received: " + prfKey.getFormat());
                 }
                 byte[] finished = prfKey.getEncoded();
                 return finished;
--- a/jdk/src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java	Thu Apr 07 17:52:01 2016 +0900
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java	Thu Apr 07 10:11:38 2016 +0100
@@ -68,7 +68,8 @@
             ProtocolVersion maxVersion,
             SecureRandom generator, PublicKey publicKey) throws IOException {
         if (publicKey.getAlgorithm().equals("RSA") == false) {
-            throw new SSLKeyException("Public key not of type RSA");
+            throw new SSLKeyException("Public key not of type RSA: " +
+                publicKey.getAlgorithm());
         }
         this.protocolVersion = protocolVersion;

@@ -100,7 +101,8 @@
             int messageSize, PrivateKey privateKey) throws IOException {

         if (privateKey.getAlgorithm().equals("RSA") == false) {
-            throw new SSLKeyException("Private key not of type RSA");
+            throw new SSLKeyException("Private key not of type RSA: " +
+                 privateKey.getAlgorithm());
         }

         if (currentVersion.useTLS10PlusSpec()) {
@@ -161,8 +163,8 @@
             }
         } catch (InvalidKeyException ibk) {
             // the message is too big to process with RSA
-            throw new SSLProtocolException(
-                "Unable to process PreMasterSecret, may be too big");
+            throw new SSLException(
+                "Unable to process PreMasterSecret", ibk);
         } catch (Exception e) {
             // unlikely to happen, otherwise, must be a provider exception
             if (debug != null && Debug.isOn("handshake")) {