Failure in decrypting invalid ciphertext should not return CKR_GENERAL_ERROR

[hansonchar]

According to PKCS#11 spec, a CKR_GENERAL_ERROR is returned if some unrecoverable error has occurred:

CKR_GENERAL_ERROR: Some horrible, unrecoverable error has occurred. In the worst case, it is possible that the function only partially succeeded, and that the computer and/or token is in an inconsistent state.

In general, failure in decryption is most likely due to invalid ciphertext, and if so either CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE should be returned instead of CKR_GENERAL_ERROR since such decryption failure does not lead to unrecoverable error and does not cause the token to be in an inconsistent state.