RFR: 8365883: Fix P11Cipher to throw BadPaddingException for PKCS11 CKR_ENCRYPTED_DATA_INVALID error
Valerie Peng
valeriep at openjdk.org
Sat Jan 31 00:05:03 UTC 2026
On Fri, 30 Jan 2026 10:57:23 GMT, Mikhail Yankelevich <myankelevich at openjdk.org> wrote:
> Underlying issue: if provider returns `PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID` instead of BadPaddingException - `java.security.ProviderException: doFinal()` is thrown
test/jdk/sun/security/pkcs11/Cipher/TestPKCS5PaddingError.java line 73:
> 71: // Checking for SunJCE first
> 72: System.out.println("Checking SunJCE provider");
> 73: doTest(Security.getProvider("SunJCE"));
I am not too sure if this is really needed as this is the test for PKCS11 provider. If you really want to keep this, how about adding a static String variable whose value is `System.getProperty("test.provider.name", "SunJCE")`? This way it's consistent with line 90 inside the `doTest()` method.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/29503#discussion_r2748491998
More information about the security-dev
mailing list