On Wed, 17 May 2023 18:14:38 GMT, Sean Mullan <[email protected]> wrote:
>> When parsing a byte array to a private or public key, it's now converted to
>> a `ByteArrayInputStream` and the parser does not report an error if there
>> are extra bytes at the end.
>
> src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java line 99:
>
>> 97: } catch (IOException e) {
>> 98: throw new InvalidKeyException("IOException: " +
>> 99: e.getMessage());
>
> How about including the cause in the IKE? Also, I suggest an error message
> such as "unable to decode key".
>
> Same comments for `X509Key`.
Oh, that was old behavior. Would you like the same for
https://github.com/openjdk/jdk/blob/199c84a0a2b74f855d75871a26205e05bcf8dc4b/src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java#L138
as well?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13958#discussion_r1196933541
