RFR: 8306688: Support Windows serialized keystores (SST files)
Mat Carter
macarte at openjdk.org
Thu Jun 1 16:56:05 UTC 2023
On Fri, 26 May 2023 21:09:35 GMT, Mat Carter <macarte at openjdk.org> wrote:
> Added ability to load keystores from SST files on Windows. Example usage:
>
> KeyStore keyStore = KeyStore.getInstance("Windows-SST");
> try (FileInputStream fis = new FileInputStream("mykeystore.sst")) {
> keyStore.load(fis, null);
> }
>
> Note that its not limited to file streams, it can be any stream.
>
> The feature is behind a runtime flag ("sun.security.mscapi.keyStoreSSTSupport") as the KeyStore must have an input stream, but the JCK tests assume an input stream is optional
>
> tier1 tests for linux/macos/Windows for x86_64
The SunMSCAPI CKeyStore which implements KeyStoreSpi does nothing in the engineStore, ie. its essential a NOP (No Operation), so right now the dev cannot overwrite original SST file
-------------
PR Comment: https://git.openjdk.org/jdk/pull/14187#issuecomment-1572417325
More information about the security-dev
mailing list