On Tue, 12 Apr 2022 19:03:40 GMT, Mat Carter <d...@openjdk.java.net> wrote:
> On Windows you can now access the local machine keystores using the strings > "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the > application requires admin privileges. > > "Windows-MY" and "Windows-ROOT" remain unchanged, however given these > original keystore strings mapped to the current user, I added > "Windows-MY-CURRENTUSER" and "Windows-ROOT-CURRENTUSER" so that a developer > can explicitly specify the current user location. These two new strings > simply map to the original two strings, i.e. no duplication of code paths etc > > No new tests added, keystore functionality and API remains unchanged, the > local machine keystore types would require the tests to run in admin mode > > Tested on windows, passes tier1 and tier2 tests src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp line 487: > 485: // Check if private key available - client authentication > certificate > 486: // must have private key available. > 487: HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProv = NULL; It is not quite clear from the CSR, was this a bug (previous JDK-8026953 incomplete) or is that only a type cleanup and using ncrypt keys worked before? (In that Case does it need to be mentioned in csr?) ------------- PR: https://git.openjdk.java.net/jdk/pull/8211
