RFR: JDK-8290532: Adjust PKCS11Exception and handle more PKCS11 error codes

Valerie Peng valeriep at openjdk.org
Tue Jul 19 20:41:01 UTC 2022


On Tue, 19 Jul 2022 13:14:17 GMT, Matthias Baesken <mbaesken at openjdk.org> wrote:

> The issue https://bugs.openjdk.org/browse/JDK-8282538 gave an example of the following PKCS11 exception (see attached jtr files of that bug) :
> 
> .... Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: 0xCE534351
> 
> Unfortunately the error code 0xCE534351 is currently not in the RV/errorMap table of PKCS11Exception, That's why we get this
> hex code and no more descriptive output, this could be improved.

None of the 3 proposed error codes in this PR is in the standard PKCS#11 header files - two of them are vendor specific. For vendor specific error code, such direct mapping may be incorrect. As for CKR_COPY_PROHIBITED, I can't find any reference in your cited PKCS#11 spec above. Do you have other standard source for it?

-------------

PR: https://git.openjdk.org/jdk/pull/9555



More information about the security-dev mailing list