RFR: 8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation [v4]
rebarbora-mckvak
duke at openjdk.org
Wed Apr 10 21:10:19 UTC 2024
On Wed, 10 Apr 2024 14:38:04 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> rebarbora-mckvak has updated the pull request incrementally with one additional commit since the last revision:
>>
>> 8313367: signHash looks for a key in either user or machine store
>
> src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp line 807:
>
>> 805: // Acquire an alternative CSP handle
>> 806: if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), NULL, //deprecated
>> 807: PROV_RSA_AES, 0 | keysetType) == FALSE)
>
> There is no need for `0 |`.
The parameter is a bitmask, the code tries to say `set flags returned by CryptGetProvParam(..., PP_CONTAINER, ...)`. I can remove `0 |` if you prefer such code.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/16687#discussion_r1560037206
More information about the security-dev
mailing list