RFR: 8365883: Fix P11Cipher to throw BadPaddingException for PKCS11 CKR_ENCRYPTED_DATA_INVALID error [v2]
Mikhail Yankelevich
myankelevich at openjdk.org
Wed Feb 4 11:59:56 UTC 2026
On Tue, 3 Feb 2026 22:32:05 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Mikhail Yankelevich has updated the pull request incrementally with one additional commit since the last revision:
>>
>> test changes
>
> test/jdk/sun/security/pkcs11/Cipher/TestPKCS5PaddingError.java line 103:
>
>> 101: // NOTE: Skip NSS since it reports CKR_DEVICE_ERROR when
>> 102: // the data passed to its EncryptUpdate/DecryptUpdate is
>> 103: // not multiple of blocks
>
> When I test against the NSS from the artifactory, I observed NSS returns CKR_ENCRYPTED_DATA_LEN_RANGE
> when the data passed to DecryptUpdate() is not multiple of blocks, update the comment accordingly?
Done in the next commit
> test/jdk/sun/security/pkcs11/Cipher/TestPKCS5PaddingError.java line 108:
>
>> 106: System.out.println("Testing with wrong cipherText length");
>> 107: c2.doFinal(cipherText, 0, cipherText.length - 2);
>> 108: throw new RuntimeException("Expected IBSE thrown");
>
> The error message should be "Expected IBSE NOT thrown"?
Done in the next commit
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/29503#discussion_r2763641252
PR Review Comment: https://git.openjdk.org/jdk/pull/29503#discussion_r2763641799
More information about the security-dev
mailing list