RFR: JDK-6782021: It is not possible to read local computer certificates with the SunMSCAPI provider [v3]
Weijun Wang
weijun at openjdk.java.net
Thu May 5 14:08:23 UTC 2022
On Wed, 4 May 2022 20:32:30 GMT, Mat Carter <duke at openjdk.java.net> wrote:
>> On Windows you can now access the local machine keystores using the strings "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the application requires admin privileges.
>>
>> "Windows-MY" and "Windows-ROOT" remain unchanged, however given these original keystore strings mapped to the current user, I added "Windows-MY-CURRENTUSER" and "Windows-ROOT-CURRENTUSER" so that a developer can explicitly specify the current user location. These two new strings simply map to the original two strings, i.e. no duplication of code paths etc
>>
>> No new tests added, keystore functionality and API remains unchanged, the local machine keystore types would require the tests to run in admin mode
>>
>> Tested on windows, passes tier1 and tier2 tests
>
> Mat Carter has updated the pull request incrementally with one additional commit since the last revision:
>
> Removed whitespace and simply passing ints between java and C++
src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyStore.java line 860:
> 858:
> 859: /**
> 860: * Load keys and/or certificates from keystore into Collection.
Take this chance to modify `Load` to `Loads`.
src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyStore.java line 866:
> 864: */
> 865: private native void loadKeysOrCertificateChains(String name,
> 866: int location) throws KeyStoreException;
We usually indent 8 spaces in a continuation line.
-------------
PR: https://git.openjdk.java.net/jdk/pull/8211
More information about the security-dev
mailing list