[11u] RFR: 8213009: Refactoring existing SunMSCAPI classes

Mon Dec 23 11:28:03 UTC 2019

Hi Götz,

src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyStore.java:
The manually integrated Debug code for "java.security.debug" or " java.security.auth.debug" = "keystore" looks correct.

src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp:
I'd consider these changes trivial: comment insertion, variable renamed.

Reviewed.

Best regards,
Martin

> -----Original Message-----
> From: jdk-updates-dev <jdk-updates-dev-bounces at openjdk.java.net> On
> Behalf Of Lindenmaier, Goetz
> Sent: Donnerstag, 19. Dezember 2019 11:59
> To: jdk-updates-dev at openjdk.java.net
> Subject: [11u] RFR: 8213009: Refactoring existing SunMSCAPI
> classes
> 
> Hi,
> 
> I would like to downport this change for parity with 11.0.7-oracle.
> It required some non-trivial resolves:
> http://cr.openjdk.java.net/~goetz/wr19/8213009-refactor_mscapi-jdk11/01/
> 
> Patching file
> src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/KeyStore.java
> failed. The file was deleted.
> 11 differes a lot to the file deleted in 13. Most diffs are comments though,
> except for this:
> 
> @@ -47,6 +44,8 @@
> import java.security.interfaces.RSAPrivateCrtKey;
> import java.util.*;
> +import sun.security.util.Debug;
> +
> /**
>   * Implementation of key store for Windows using the Microsoft Crypto API.
>   *
> @@ -188,6 +187,7 @@
>      private static final String KEYSTORE_COMPATIBILITY_MODE_PROP =
>          "sun.security.mscapi.keyStoreCompatibilityMode";
>      private final boolean keyStoreCompatibilityMode;
> +    private static final Debug debug = Debug.getInstance("keystore");
>      /*
>       * The keystore entries.
> @@ -731,6 +731,11 @@
>          } catch (KeyStoreException e) {
>              throw new IOException(e);
>          }
> +
> +        if (debug != null) {
> +            debug.println("MSCAPI keystore load: entry count: " +
> +                    entries.size());
> +        }
>      }
>      /**
> 
> This code was introduced by "8218553: Enhance keystore load debug output"
> which was downported to 11.0.5 and had to be modified.
> I applied the coding to CKeyStore.java where it was in the original
> patch of 8218553.
> 
> In
> patching file
> src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp
> Two hunks failed that were easy to resolve:
> 
> --- security.cpp
> +++ security.cpp
> @@ -570,9 +586,8 @@
>                          // Determine key type: RSA or DSA
>                          DWORD dwData = CALG_RSA_KEYX;
>                          DWORD dwSize = sizeof(DWORD);
> -                        ::CryptGetKeyParam(hUserKey, KP_ALGID, (BYTE*)&dwData,
> +                        ::CryptGetKeyParam(hUserKey, KP_ALGID, (BYTE*)&dwData,
> //deprecated
>                                  &dwSize, NULL);
> -
>                          if ((dwData & ALG_TYPE_RSA) == ALG_TYPE_RSA)
>                          {
>                              // Generate RSA certificate chain and store into cert
> @@ -966,7 +981,7 @@
>                  NULL,
>                  &hk,
>                  hCryptProv,
> -                hKey,
> +                hCryptKey,
>                  NULL,
>                  0));
> 
> Best regards,
>   Goetz
> 
> 