RFR: 8303607: SunMSCAPI provider leaks memory and keys
Weijun Wang
weijun at openjdk.org
Tue Mar 7 02:00:06 UTC 2023
On Mon, 6 Mar 2023 21:27:07 GMT, Mat Carter <macarte at openjdk.org> wrote:
> Use the correct API for freeing key handles when directed to by the output of CryptAcquireCertificatePrivateKey [1].
> Specifically when [out] pfCallerFreeProvOrNCryptKey is true we test [out] pdwKeySpec for the CERT_NCRYPT_KEY_SPEC flag. When flag bit is set we now call NCryptFreeObject, otherwise we continue to call CryptReleaseContext (as before)
>
> [1] https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecertificateprivatekey
Looks fine to me. Thanks.
-------------
Marked as reviewed by weijun (Reviewer).
PR: https://git.openjdk.org/jdk/pull/12891
More information about the security-dev
mailing list