[11u] RFR: 8213009: Refactoring existing SunMSCAPI classes

Lindenmaier, Goetz goetz.lindenmaier at sap.com
Thu Dec 19 10:59:25 UTC 2019 

Hi,

I would like to downport this change for parity with 11.0.7-oracle.
It required some non-trivial resolves:
http://cr.openjdk.java.net/~goetz/wr19/8213009-refactor_mscapi-jdk11/01/

Patching file src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/KeyStore.java
failed. The file was deleted.
11 differes a lot to the file deleted in 13. Most diffs are comments though, except for this:

@@ -47,6 +44,8 @@
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.*;
+import sun.security.util.Debug;
+
/**
  * Implementation of key store for Windows using the Microsoft Crypto API.
  *
@@ -188,6 +187,7 @@
     private static final String KEYSTORE_COMPATIBILITY_MODE_PROP =
         "sun.security.mscapi.keyStoreCompatibilityMode";
     private final boolean keyStoreCompatibilityMode;
+    private static final Debug debug = Debug.getInstance("keystore");
     /*
      * The keystore entries.
@@ -731,6 +731,11 @@
         } catch (KeyStoreException e) {
             throw new IOException(e);
         }
+
+        if (debug != null) {
+            debug.println("MSCAPI keystore load: entry count: " +
+                    entries.size());
+        }
     }
     /**

This code was introduced by "8218553: Enhance keystore load debug output"
which was downported to 11.0.5 and had to be modified.
I applied the coding to CKeyStore.java where it was in the original
patch of 8218553.

In
patching file src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp
Two hunks failed that were easy to resolve:

--- security.cpp
+++ security.cpp
@@ -570,9 +586,8 @@
                         // Determine key type: RSA or DSA
                         DWORD dwData = CALG_RSA_KEYX;
                         DWORD dwSize = sizeof(DWORD);
-                        ::CryptGetKeyParam(hUserKey, KP_ALGID, (BYTE*)&dwData,
+                        ::CryptGetKeyParam(hUserKey, KP_ALGID, (BYTE*)&dwData, //deprecated
                                 &dwSize, NULL);
-
                         if ((dwData & ALG_TYPE_RSA) == ALG_TYPE_RSA)
                         {
                             // Generate RSA certificate chain and store into cert
@@ -966,7 +981,7 @@
                 NULL,
                 &hk,
                 hCryptProv,
-                hKey,
+                hCryptKey,
                 NULL,
                 0));

Best regards,
  Goetz

More information about the jdk-updates-dev mailing list