On Thu, 24 Oct 2024 07:07:35 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Update Copyright > > src/java.base/share/classes/sun/security/ssl/SSLCipher.java line 1878: > >> 1876: } >> 1877: >> 1878: throw new BadPaddingException(msg); > > Is BadPaddingException still good enough for alert messages? Is the exception > message description accurate for both client and server cases? Yes, I think `SSLProtocolException` would be more appropriate here. So we throw `GeneralSecurityException` in SSLCipher which is being caught by SSLEngineInputRecord/SSLSocketInputRecord and wrapped with SSLProtocolException. DTLSInputRecord on the other hand ignores GeneralSecurityException as it should (this issue doesn't apply to DTLS). ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1815645198
