RFR: 8306688: Support Windows serialized keystores (SST files)

Sean Mullan mullan at openjdk.org
Tue May 30 12:43:06 UTC 2023


On Fri, 26 May 2023 21:09:35 GMT, Mat Carter <macarte at openjdk.org> wrote:

> Added ability to load keystores from SST files on Windows.  Example usage:
> 
> KeyStore keyStore = KeyStore.getInstance("Windows-SST");
> try (FileInputStream fis = new FileInputStream("mykeystore.sst")) {
>    keyStore.load(fis, null);
> }
> 
> Note that its not limited to file streams, it can be any stream.
> 
> The feature is behind a runtime flag ("sun.security.mscapi.keyStoreSSTSupport") as the KeyStore must have an input stream, but the JCK tests assume an input stream is optional
> 
> tier1 tests for linux/macos/Windows for x86_64

This Enhancement requires a CSR as you are introducing a new KeyStore type and system property. RDP 1 for JDK 21 is on June 8, so there is not much time left to review and approve the CSR and code for this issue. I recommend you retarget this to JDK 22.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/14187#issuecomment-1568364970



More information about the security-dev mailing list