On Fri, 12 May 2023 16:23:53 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> When parsing a byte array to a private or public key, it's now converted to a
> `ByteArrayInputStream` and the parser does not report an error if there are
> extra bytes at the end.
src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java line 99:
> 97: } catch (IOException e) {
> 98: throw new InvalidKeyException("IOException: " +
> 99: e.getMessage());
How about including the cause in the IKE? Also, I suggest an error message such
as "unable to decode key".
Same comments for `X509Key`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13958#discussion_r1196897272
