RFR: JDK-6782021: It is not possible to read local computer certificates with the SunMSCAPI provider [v6]
Mat Carter
duke at openjdk.java.net
Wed May 11 16:01:39 UTC 2022
> On Windows you can now access the local machine keystores using the strings "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the application requires admin privileges.
>
> "Windows-MY" and "Windows-ROOT" remain unchanged, however given these original keystore strings mapped to the current user, I added "Windows-MY-CURRENTUSER" and "Windows-ROOT-CURRENTUSER" so that a developer can explicitly specify the current user location. These two new strings simply map to the original two strings, i.e. no duplication of code paths etc
>
> No new tests added, keystore functionality and API remains unchanged, the local machine keystore types would require the tests to run in admin mode
>
> Tested on windows, passes tier1 and tier2 tests
Mat Carter has updated the pull request incrementally with one additional commit since the last revision:
Change admin privilege test to reliable method
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/8211/files
- new: https://git.openjdk.java.net/jdk/pull/8211/files/985378fb..6c1f181b
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=8211&range=05
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=8211&range=04-05
Stats: 15 lines in 1 file changed: 1 ins; 1 del; 13 mod
Patch: https://git.openjdk.java.net/jdk/pull/8211.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/8211/head:pull/8211
PR: https://git.openjdk.java.net/jdk/pull/8211
More information about the security-dev
mailing list