--- a/jdk/src/java.base/share/classes/com/sun/crypto/provider/CipherCore.java	Wed Aug 24 16:11:21 2016 +0200
+++ b/jdk/src/java.base/share/classes/com/sun/crypto/provider/CipherCore.java	Wed Aug 24 17:57:20 2016 +0100
@@ -986,8 +986,9 @@
             if (padding != null) {
                 int padStart = padding.unpad(outWithPadding, 0, outLen);
                 if (padStart < 0) {
-                    throw new BadPaddingException("Given final block not "
-                                                  + "properly padded");
+                    throw new BadPaddingException("Given final block not " +
+                    "properly padded. Such issues can arise if a bad key " +
+                    "is used during decryption.");
                 }
                 outLen = padStart;
             }

--- a/jdk/src/java.base/share/classes/sun/security/rsa/RSAPadding.java	Wed Aug 24 16:11:21 2016 +0200
+++ b/jdk/src/java.base/share/classes/sun/security/rsa/RSAPadding.java	Wed Aug 24 17:57:20 2016 +0100
@@ -253,7 +253,8 @@
     public byte[] pad(byte[] data) throws BadPaddingException {
         if (data.length > maxDataSize) {
             throw new BadPaddingException("Data must be shorter than "
-                + (maxDataSize + 1) + " bytes");
+                + (maxDataSize + 1) + " bytes but received "
+                + data.length + " bytes.");
         }
         switch (type) {
         case PAD_NONE:
@@ -281,7 +282,9 @@
      */
     public byte[] unpad(byte[] padded) throws BadPaddingException {
         if (padded.length != paddedSize) {
-            throw new BadPaddingException("Decryption error");
+            throw new BadPaddingException("Decryption error." +
+                "The padded array length (" + padded.length +
+                ") is not the specified padded size (" + paddedSize + ")");
         }
         switch (type) {
         case PAD_NONE:

--- a/jdk/src/java.base/share/classes/sun/security/ssl/CipherBox.java	Wed Aug 24 16:11:21 2016 +0200
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/CipherBox.java	Wed Aug 24 17:57:20 2016 +0100
@@ -493,7 +493,9 @@
 
                 if (protocolVersion.useTLS11PlusSpec()) {
                     if (newLen < blockSize) {
-                        throw new BadPaddingException("invalid explicit IV");
+                        throw new BadPaddingException("The length after " +
+                        "padding removal (" + newLen + ") should be larger " +
+                        "than <" + blockSize + "> since explicit IV used");
                     }
                 }
             }
@@ -504,7 +506,6 @@
         }
     }
 
-
     /*
      * Decrypts a block of data, returning the size of the
      * resulting block if padding was required.  position and limit
@@ -575,7 +576,9 @@
                 // check the explicit IV of TLS v1.1 or later
                 if (protocolVersion.useTLS11PlusSpec()) {
                     if (newLen < blockSize) {
-                        throw new BadPaddingException("invalid explicit IV");
+                        throw new BadPaddingException("The length after " +
+                        "padding removal (" + newLen + ") should be larger " +
+                        "than <" + blockSize + "> since explicit IV used");
                     }
 
                     // reset the position to the end of the decrypted data
@@ -756,7 +759,9 @@
             // so accept that as well
             // v3 does not require any particular value for the other bytes
             if (padLen > blockSize) {
-                throw new BadPaddingException("Invalid SSLv3 padding");
+                throw new BadPaddingException("Padding length (" +
+                padLen + ") of SSLv3 message should not be bigger " +
+                "than the block size (" + blockSize + ")");
             }
         }
         return newLen;
@@ -802,7 +807,9 @@
             // so accept that as well
             // v3 does not require any particular value for the other bytes
             if (padLen > blockSize) {
-                throw new BadPaddingException("Invalid SSLv3 padding");
+                throw new BadPaddingException("Padding length (" +
+                padLen + ") of SSLv3 message should not be bigger " +
+                "than the block size (" + blockSize + ")");
             }
         }
 
@@ -925,7 +932,10 @@
             case AEAD_CIPHER:
                 if (bb.remaining() < (recordIvSize + tagSize)) {
                     throw new BadPaddingException(
-                                        "invalid AEAD cipher fragment");
+                        "Insufficient buffer remaining for AEAD cipher " +
+                        "fragment (" + bb.remaining() + "). Needs to be " +
+                        "more than or equal to IV size (" + recordIvSize +
+                         ") + tag size (" + tagSize + ")");
                 }
 
                 // initialize the AEAD cipher for the unique IV

--- a/jdk/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11RSACipher.java	Wed Aug 24 16:11:21 2016 +0200
+++ b/jdk/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11RSACipher.java	Wed Aug 24 17:57:20 2016 +0100
@@ -358,7 +358,9 @@
                 System.arraycopy(buffer, 0, tmpBuffer, 0, bufOfs);
                 tmpBuffer = p11.C_Sign(session.id(), tmpBuffer);
                 if (tmpBuffer.length > outLen) {
-                    throw new BadPaddingException("Output buffer too small");
+                    throw new BadPaddingException(
+                        "Output buffer (" + outLen + ") is too small to " +
+                        "hold the produced data (" + tmpBuffer.length + ")");
                 }
                 System.arraycopy(tmpBuffer, 0, out, outOfs, tmpBuffer.length);
                 n = tmpBuffer.length;