On Wed, 27 Jul 2022 11:41:07 GMT, Matthias Baesken <mbaes...@openjdk.org> wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java
>> line 206:
>>
>>> 204: // potential matches
>>> 205: if ((errorCode & 0x80000000L) != 0) {
>>> 206: // for unknown PKCS11 return values, just use hex as its
>>> string
>>
>> nit: dup with line 201; can be removed.
>
> Hi Valerie I removed the comment line, also removed the '(' ')' at one place
> where they seem to be not needed.
> Regarding "adresses the new output my needs" - ideally I would like to see
> some error text like the ones we find at
> http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html
> where the eror codes are explained.
> But adding the (I think rather common) vendor errors is an improvement.
For standard errors (except the deprecated one), the output is their name (e.g.
CKR_xxx) instead of the value (0xABxxx hex). Vendor error code is vendor
specific. It'd be nice if PKCS#11 API would provide an method for retrieving a
String info based on error code, then callers won't have to refer to vendor's
doc for the meaning.
Changes look good to me. Test result looks clean too.
-------------
PR: https://git.openjdk.org/jdk/pull/9555
