On Fri, 6 Feb 2026 23:03:19 GMT, Valerie Peng <[email protected]> wrote:
>> Currently implementation of the test relies on changing the last byte of the >> cypher to mess up the padding lines. However if the last bit is already 0 >> the padding will not be taken into account and the result will have no error >> but will be a garbage output. Current test doesn't take this into account. >> >> The fix should encode the test text without padding and decode with padding >> to make sure that the bad padding exception is thrown. >> >> Kudos to @djelinski for assisting with finding the issue vs RFC! >> >> Also added a bug id which was missing > > test/jdk/sun/security/pkcs11/Cipher/TestPKCS5PaddingError.java line 128: > >> 126: final String errorDescription = >> 127: "Decrypted text " + >> Arrays.toString(result) + >> 128: " " + new String(result); > > The "new String(result)" part doesn't add much value and can be omitted. > Not sure how useful to dump out the result when the key is generated on the > fly. Without the key and parameters, not sure how useful this is. It was helpful to me when I was experimenting to see the behaviour at a glance from logs. We have some other information about which transformation and algorithm was used. My thoughts were to have something is better than nothing if this ever gets triggered. I'm happy to remove it if you believe it best though. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/29612#discussion_r2786883191
