8150530: Improve javax.crypto.BadPaddingException messages

Reviewed-by: xuelei
2016-08-24 17:57:20 +01:00 · 2016-08-24 17:57:20 +01:00 · dde76394d5
commit dde76394d5
parent 60754ca0fb
4 changed files with 27 additions and 11 deletions
--- a/jdk/src/java.base/share/classes/com/sun/crypto/provider/CipherCore.java
+++ b/jdk/src/java.base/share/classes/com/sun/crypto/provider/CipherCore.java
@ -986,8 +986,9 @@ final class CipherCore {
            if (padding != null) {
                int padStart = padding.unpad(outWithPadding, 0, outLen);
                if (padStart < 0) {
-                    throw new BadPaddingException("Given final block not "
-                                                  + "properly padded");
+                    throw new BadPaddingException("Given final block not " +
+                    "properly padded. Such issues can arise if a bad key " +
+                    "is used during decryption.");
                }
                outLen = padStart;
            }
--- a/jdk/src/java.base/share/classes/sun/security/rsa/RSAPadding.java
+++ b/jdk/src/java.base/share/classes/sun/security/rsa/RSAPadding.java
@ -253,7 +253,8 @@ public final class RSAPadding {
    public byte[] pad(byte[] data) throws BadPaddingException {
        if (data.length > maxDataSize) {
            throw new BadPaddingException("Data must be shorter than "
-                + (maxDataSize + 1) + " bytes");
+                + (maxDataSize + 1) + " bytes but received "
+                + data.length + " bytes.");
        }
        switch (type) {
        case PAD_NONE:
@ -281,7 +282,9 @@ public final class RSAPadding {
     */
    public byte[] unpad(byte[] padded) throws BadPaddingException {
        if (padded.length != paddedSize) {
-            throw new BadPaddingException("Decryption error");
+            throw new BadPaddingException("Decryption error." +
+                "The padded array length (" + padded.length +
+                ") is not the specified padded size (" + paddedSize + ")");
        }
        switch (type) {
        case PAD_NONE:
--- a/jdk/src/java.base/share/classes/sun/security/ssl/CipherBox.java
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/CipherBox.java
@ -493,7 +493,9 @@ final class CipherBox {

                if (protocolVersion.useTLS11PlusSpec()) {
                    if (newLen < blockSize) {
-                        throw new BadPaddingException("invalid explicit IV");
+                        throw new BadPaddingException("The length after " +
+                        "padding removal (" + newLen + ") should be larger " +
+                        "than <" + blockSize + "> since explicit IV used");
                    }
                }
            }
@ -504,7 +506,6 @@ final class CipherBox {
        }
    }

-
    /*
     * Decrypts a block of data, returning the size of the
     * resulting block if padding was required.  position and limit
@ -575,7 +576,9 @@ final class CipherBox {
                // check the explicit IV of TLS v1.1 or later
                if (protocolVersion.useTLS11PlusSpec()) {
                    if (newLen < blockSize) {
-                        throw new BadPaddingException("invalid explicit IV");
+                        throw new BadPaddingException("The length after " +
+                        "padding removal (" + newLen + ") should be larger " +
+                        "than <" + blockSize + "> since explicit IV used");
                    }

                    // reset the position to the end of the decrypted data
@ -756,7 +759,9 @@ final class CipherBox {
            // so accept that as well
            // v3 does not require any particular value for the other bytes
            if (padLen > blockSize) {
-                throw new BadPaddingException("Invalid SSLv3 padding");
+                throw new BadPaddingException("Padding length (" +
+                padLen + ") of SSLv3 message should not be bigger " +
+                "than the block size (" + blockSize + ")");
            }
        }
        return newLen;
@ -802,7 +807,9 @@ final class CipherBox {
            // so accept that as well
            // v3 does not require any particular value for the other bytes
            if (padLen > blockSize) {
-                throw new BadPaddingException("Invalid SSLv3 padding");
+                throw new BadPaddingException("Padding length (" +
+                padLen + ") of SSLv3 message should not be bigger " +
+                "than the block size (" + blockSize + ")");
            }
        }

@ -925,7 +932,10 @@ final class CipherBox {
            case AEAD_CIPHER:
                if (bb.remaining() < (recordIvSize + tagSize)) {
                    throw new BadPaddingException(
-                                        "invalid AEAD cipher fragment");
+                        "Insufficient buffer remaining for AEAD cipher " +
+                        "fragment (" + bb.remaining() + "). Needs to be " +
+                        "more than or equal to IV size (" + recordIvSize +
+                         ") + tag size (" + tagSize + ")");
                }

                // initialize the AEAD cipher for the unique IV
--- a/jdk/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11RSACipher.java
+++ b/jdk/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11RSACipher.java
@ -358,7 +358,9 @@ final class P11RSACipher extends CipherSpi {
                System.arraycopy(buffer, 0, tmpBuffer, 0, bufOfs);
                tmpBuffer = p11.C_Sign(session.id(), tmpBuffer);
                if (tmpBuffer.length > outLen) {
-                    throw new BadPaddingException("Output buffer too small");
+                    throw new BadPaddingException(
+                        "Output buffer (" + outLen + ") is too small to " +
+                        "hold the produced data (" + tmpBuffer.length + ")");
                }
                System.arraycopy(tmpBuffer, 0, out, outOfs, tmpBuffer.length);
                n = tmpBuffer.length;