RFR: JDK-8290532: Adjust PKCS11Exception and handle more PKCS11 error codes [v2]
Matthias Baesken
mbaesken at openjdk.org
Wed Jul 27 11:44:58 UTC 2022
On Mon, 25 Jul 2022 21:27:34 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Matthias Baesken has updated the pull request incrementally with one additional commit since the last revision:
>>
>> do not add the deprecated CKR_COPY_PROHIBITED, handle vendor pkcs11 error codes differently
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java line 206:
>
>> 204: // potential matches
>> 205: if ((errorCode & 0x80000000L) != 0) {
>> 206: // for unknown PKCS11 return values, just use hex as its string
>
> nit: dup with line 201; can be removed.
Hi Valerie I removed the comment line, also removed the '(' ')' at one place where they seem to be not needed.
Regarding "adresses the new output my needs" - ideally I would like to see some error text like the ones we find at http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html where the eror codes are explained.
But adding the (I think rather common) vendor errors is an improvement.
-------------
PR: https://git.openjdk.org/jdk/pull/9555
More information about the security-dev
mailing list