Please take a review at https://cr.openjdk.java.net/~weijun/8213010/webrev.00/
A Windows keystore is now able to load EC keys and uses them in signing and verifying with SHA<n>withECDSA. Not supported: 1. No EC KeyPairGenerator yet. 2. Cannot store a EC key (from SunEC) into a Windows keystore. I still haven't figured out how to call NCryptImportKey, NCryptCreatePersistedKey and CertAddCertificateContextToStore together correctly to associate a EC private key to a cert and store them. 3. SHA<n>withECDSAinP1363Format not supported, but it's easy to add them. 4. NONEwithECDSA not supported. Currently I can only use certmgr.exe to import a pkcs12 file and then run a manual test with it. Therefore no automatic test is included. Like RSA support in SunMSCAPI, Signature::initSign only support native keys. Signature::initVerify supports both native and SunEC keys. That said, since we do not have EC KeyPairGenerator yet you won't meet a real native EC public key. Thanks Max
