RFR: JDK-8290532: Adjust PKCS11Exception and handle more PKCS11 error codes [v2]

Matthias Baesken mbaesken at openjdk.org
Wed Jul 27 11:44:58 UTC 2022


On Mon, 25 Jul 2022 21:27:34 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> Matthias Baesken has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   do not add the deprecated CKR_COPY_PROHIBITED, handle vendor pkcs11 error codes differently
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java line 206:
> 
>> 204:         // potential matches
>> 205:         if ((errorCode & 0x80000000L) != 0) {
>> 206:             // for unknown PKCS11 return values, just use hex as its string
> 
> nit: dup with line 201; can be removed.

Hi Valerie I removed the comment line, also removed the '(' ')' at one place where they seem to be not needed.
Regarding "adresses the new output my needs" - ideally I would like to see some error text like the ones we find at http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html  where the eror codes are explained.
But adding the (I think rather common) vendor errors is an improvement.

-------------

PR: https://git.openjdk.org/jdk/pull/9555



More information about the security-dev mailing list