8150530: Improve javax.crypto.BadPaddingException messages

Reviewed-by: xuelei

8150530: Improve javax.crypto.BadPaddingException messages
Reviewed-by: xuelei
6774b980 · igerasim · 8954331d · 6774b980 · 6774b980 · 6774b980
4 changed file
--- a/src/share/classes/com/sun/crypto/provider/CipherCore.java
+++ b/src/share/classes/com/sun/crypto/provider/CipherCore.java
@@ -988,8 +988,9 @@ final class CipherCore {
            if (padding != null) {
                int padStart = padding.unpad(outWithPadding, 0, outLen);
                if (padStart < 0) {
-                    throw new BadPaddingException("Given final block not "
-                                                  + "properly padded");
+                    throw new BadPaddingException("Given final block not " +
+                    "properly padded. Such issues can arise if a bad key " +
+                    "is used during decryption.");
                }
                outLen = padStart;
            }

--- a/src/share/classes/sun/security/pkcs11/P11RSACipher.java
+++ b/src/share/classes/sun/security/pkcs11/P11RSACipher.java
@@ -357,7 +357,9 @@ final class P11RSACipher extends CipherSpi {
                System.arraycopy(buffer, 0, tmpBuffer, 0, bufOfs);
                tmpBuffer = p11.C_Sign(session.id(), tmpBuffer);
                if (tmpBuffer.length > outLen) {
-                    throw new BadPaddingException("Output buffer too small");
+                    throw new BadPaddingException(
+                        "Output buffer (" + outLen + ") is too small to " +
+                        "hold the produced data (" + tmpBuffer.length + ")");
                }
                System.arraycopy(tmpBuffer, 0, out, outOfs, tmpBuffer.length);
                n = tmpBuffer.length;

--- a/src/share/classes/sun/security/rsa/RSAPadding.java
+++ b/src/share/classes/sun/security/rsa/RSAPadding.java
@@ -253,7 +253,8 @@ public final class RSAPadding {
    public byte[] pad(byte[] data) throws BadPaddingException {
        if (data.length > maxDataSize) {
            throw new BadPaddingException("Data must be shorter than "
-                + (maxDataSize + 1) + " bytes");
+                + (maxDataSize + 1) + " bytes but received "
+                + data.length + " bytes.");
        }
        switch (type) {
        case PAD_NONE:
@@ -281,7 +282,9 @@ public final class RSAPadding {
     */
    public byte[] unpad(byte[] padded) throws BadPaddingException {
        if (padded.length != paddedSize) {
-            throw new BadPaddingException("Decryption error");
+            throw new BadPaddingException("Decryption error." +
+                "The padded array length (" + padded.length +
+                ") is not the specified padded size (" + paddedSize + ")");
        }
        switch (type) {
        case PAD_NONE:

--- a/src/share/classes/sun/security/ssl/CipherBox.java
+++ b/src/share/classes/sun/security/ssl/CipherBox.java
@@ -493,7 +493,9 @@ final class CipherBox {

                if (protocolVersion.v >= ProtocolVersion.TLS11.v) {
                    if (newLen < blockSize) {
-                        throw new BadPaddingException("invalid explicit IV");
+                        throw new BadPaddingException("The length after " +
+                        "padding removal (" + newLen + ") should be larger " +
+                        "than <" + blockSize + "> since explicit IV used");
                    }
                }
            }
@@ -504,7 +506,6 @@ final class CipherBox {
        }
    }

-
    /*
     * Decrypts a block of data, returning the size of the
     * resulting block if padding was required.  position and limit
@@ -575,7 +576,9 @@ final class CipherBox {
                // check the explicit IV of TLS v1.1 or later
                if (protocolVersion.v >= ProtocolVersion.TLS11.v) {
                    if (newLen < blockSize) {
-                        throw new BadPaddingException("invalid explicit IV");
+                        throw new BadPaddingException("The length after " +
+                        "padding removal (" + newLen + ") should be larger " +
+                        "than <" + blockSize + "> since explicit IV used");
                    }

                    // reset the position to the end of the decrypted data
@@ -756,7 +759,9 @@ final class CipherBox {
            // so accept that as well
            // v3 does not require any particular value for the other bytes
            if (padLen > blockSize) {
-                throw new BadPaddingException("Invalid SSLv3 padding");
+                throw new BadPaddingException("Padding length (" +
+                padLen + ") of SSLv3 message should not be bigger " +
+                "than the block size (" + blockSize + ")");
            }
        }
        return newLen;
@@ -802,7 +807,9 @@ final class CipherBox {
            // so accept that as well
            // v3 does not require any particular value for the other bytes
            if (padLen > blockSize) {
-                throw new BadPaddingException("Invalid SSLv3 padding");
+                throw new BadPaddingException("Padding length (" +
+                padLen + ") of SSLv3 message should not be bigger " +
+                "than the block size (" + blockSize + ")");
            }
        }

@@ -925,7 +932,10 @@ final class CipherBox {
            case AEAD_CIPHER:
                if (bb.remaining() < (recordIvSize + tagSize)) {
                    throw new BadPaddingException(
-                                        "invalid AEAD cipher fragment");
+                        "Insufficient buffer remaining for AEAD cipher " +
+                        "fragment (" + bb.remaining() + "). Needs to be " +
+                        "more than or equal to IV size (" + recordIvSize +
+                         ") + tag size (" + tagSize + ")");
                }

                // initialize the AEAD cipher for the unique IV