8223003: SunMSCAPI keys are not cleaned up
Reviewed-by: igerasim
This commit is contained in:
parent
e6ace7be6f
commit
21d50973d1
src/jdk.crypto.mscapi/windows
classes/sun/security/mscapi
native/libsunmscapi
test/jdk/java/security/KeyPairGenerator
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -75,9 +75,9 @@ abstract class CKey implements Key, Length {
|
|||||||
|
|
||||||
protected final String algorithm;
|
protected final String algorithm;
|
||||||
|
|
||||||
protected CKey(String algorithm, long hCryptProv, long hCryptKey, int keyLength) {
|
protected CKey(String algorithm, NativeHandles handles, int keyLength) {
|
||||||
this.algorithm = algorithm;
|
this.algorithm = algorithm;
|
||||||
this.handles = new NativeHandles(hCryptProv, hCryptKey);
|
this.handles = handles;
|
||||||
this.keyLength = keyLength;
|
this.keyLength = keyLength;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -36,9 +36,13 @@ class CKeyPair {
|
|||||||
|
|
||||||
private final CPublicKey publicKey;
|
private final CPublicKey publicKey;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method is called by native codes in security.cpp.
|
||||||
|
*/
|
||||||
CKeyPair(String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
CKeyPair(String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
||||||
privateKey = CPrivateKey.of(alg, hCryptProv, hCryptKey, keyLength);
|
CKey.NativeHandles handles = new CKey.NativeHandles(hCryptProv, hCryptKey);
|
||||||
publicKey = CPublicKey.of(alg, hCryptProv, hCryptKey, keyLength);
|
privateKey = CPrivateKey.of(alg, handles, keyLength);
|
||||||
|
publicKey = CPublicKey.of(alg, handles, keyLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
public CPrivateKey getPrivate() {
|
public CPrivateKey getPrivate() {
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -37,12 +37,18 @@ class CPrivateKey extends CKey implements PrivateKey {
|
|||||||
|
|
||||||
private static final long serialVersionUID = 8113152807912338063L;
|
private static final long serialVersionUID = 8113152807912338063L;
|
||||||
|
|
||||||
private CPrivateKey(String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
private CPrivateKey(String alg, NativeHandles handles, int keyLength) {
|
||||||
super(alg, hCryptProv, hCryptKey, keyLength);
|
super(alg, handles, keyLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static CPrivateKey of(String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
// Called by native code inside security.cpp
|
||||||
return new CPrivateKey(alg, hCryptProv, hCryptKey, keyLength);
|
static CPrivateKey of(
|
||||||
|
String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
||||||
|
return of(alg, new NativeHandles(hCryptProv, hCryptKey), keyLength);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static CPrivateKey of(String alg, NativeHandles handles, int keyLength) {
|
||||||
|
return new CPrivateKey(alg, handles, keyLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
// this key does not support encoding
|
// this key does not support encoding
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -59,8 +59,8 @@ public abstract class CPublicKey extends CKey implements PublicKey {
|
|||||||
private ECPoint w = null;
|
private ECPoint w = null;
|
||||||
private static final long serialVersionUID = 12L;
|
private static final long serialVersionUID = 12L;
|
||||||
|
|
||||||
CECPublicKey(long hCryptProv, int keyLength) {
|
CECPublicKey(NativeHandles handles, int keyLength) {
|
||||||
super("EC", hCryptProv, 0, keyLength);
|
super("EC", handles, keyLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@ -121,8 +121,8 @@ public abstract class CPublicKey extends CKey implements PublicKey {
|
|||||||
private BigInteger exponent = null;
|
private BigInteger exponent = null;
|
||||||
private static final long serialVersionUID = 12L;
|
private static final long serialVersionUID = 12L;
|
||||||
|
|
||||||
CRSAPublicKey(long hCryptProv, long hCryptKey, int keyLength) {
|
CRSAPublicKey(NativeHandles handles, int keyLength) {
|
||||||
super("RSA", hCryptProv, hCryptKey, keyLength);
|
super("RSA", handles, keyLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
public String toString() {
|
public String toString() {
|
||||||
@ -181,21 +181,27 @@ public abstract class CPublicKey extends CKey implements PublicKey {
|
|||||||
private native byte[] getModulus(byte[] keyBlob) throws KeyException;
|
private native byte[] getModulus(byte[] keyBlob) throws KeyException;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static CPublicKey of(
|
// Called by native code inside security.cpp
|
||||||
|
static CPublicKey of(
|
||||||
String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
||||||
|
return of(alg, new NativeHandles(hCryptProv, hCryptKey), keyLength);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static CPublicKey of(
|
||||||
|
String alg, NativeHandles handles, int keyLength) {
|
||||||
switch (alg) {
|
switch (alg) {
|
||||||
case "RSA":
|
case "RSA":
|
||||||
return new CRSAPublicKey(hCryptProv, hCryptKey, keyLength);
|
return new CRSAPublicKey(handles, keyLength);
|
||||||
case "EC":
|
case "EC":
|
||||||
return new CECPublicKey(hCryptProv, keyLength);
|
return new CECPublicKey(handles, keyLength);
|
||||||
default:
|
default:
|
||||||
throw new AssertionError("Unsupported algorithm: " + alg);
|
throw new AssertionError("Unsupported algorithm: " + alg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
protected CPublicKey(
|
protected CPublicKey(
|
||||||
String alg, long hCryptProv, long hCryptKey, int keyLength) {
|
String alg, NativeHandles handles, int keyLength) {
|
||||||
super(alg, hCryptProv, hCryptKey, keyLength);
|
super(alg, handles, keyLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -692,18 +692,22 @@ JNIEXPORT void JNICALL Java_sun_security_mscapi_CKeyStore_loadKeysOrCertificateC
|
|||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Class: sun_security_mscapi_Key
|
* Class: sun_security_mscapi_CKey
|
||||||
* Method: cleanUp
|
* Method: cleanUp
|
||||||
* Signature: (JJ)V
|
* Signature: (JJ)V
|
||||||
*/
|
*/
|
||||||
JNIEXPORT void JNICALL Java_sun_security_mscapi_Key_cleanUp
|
JNIEXPORT void JNICALL Java_sun_security_mscapi_CKey_cleanUp
|
||||||
(JNIEnv *env, jclass clazz, jlong hCryptProv, jlong hCryptKey)
|
(JNIEnv *env, jclass clazz, jlong hCryptProv, jlong hCryptKey)
|
||||||
{
|
{
|
||||||
if (hCryptKey != NULL)
|
if (hCryptKey == NULL && hCryptProv != NULL) {
|
||||||
::CryptDestroyKey((HCRYPTKEY) hCryptKey); // deprecated
|
NCryptFreeObject((NCRYPT_HANDLE)hCryptProv);
|
||||||
|
} else {
|
||||||
|
if (hCryptKey != NULL)
|
||||||
|
::CryptDestroyKey((HCRYPTKEY) hCryptKey); // deprecated
|
||||||
|
|
||||||
if (hCryptProv != NULL)
|
if (hCryptProv != NULL)
|
||||||
::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); // deprecated
|
::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); // deprecated
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -23,7 +23,7 @@
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @test
|
* @test
|
||||||
* @bug 8163896
|
* @bug 8163896 8223003
|
||||||
* @summary Finalizing one key of a KeyPair invalidates the other key
|
* @summary Finalizing one key of a KeyPair invalidates the other key
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user