# HG changeset patch # User weijun # Date 1556360517 -28800 # Node ID 2cac7d48db4caabb6a63a50cc61f1dd77e8f8ac9 # Parent 9b8926bf85c18647cfe368ab609c39f1b301fa3b 8223003: SunMSCAPI keys are not cleaned up Reviewed-by: igerasim diff -r 9b8926bf85c1 -r 2cac7d48db4c src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java Fri Apr 26 11:33:32 2019 -0700 +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java Sat Apr 27 18:21:57 2019 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -75,9 +75,9 @@ protected final String algorithm; - protected CKey(String algorithm, long hCryptProv, long hCryptKey, int keyLength) { + protected CKey(String algorithm, NativeHandles handles, int keyLength) { this.algorithm = algorithm; - this.handles = new NativeHandles(hCryptProv, hCryptKey); + this.handles = handles; this.keyLength = keyLength; } diff -r 9b8926bf85c1 -r 2cac7d48db4c src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyPair.java --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyPair.java Fri Apr 26 11:33:32 2019 -0700 +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyPair.java Sat Apr 27 18:21:57 2019 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -36,9 +36,13 @@ private final CPublicKey publicKey; + /** + * This method is called by native codes in security.cpp. + */ CKeyPair(String alg, long hCryptProv, long hCryptKey, int keyLength) { - privateKey = CPrivateKey.of(alg, hCryptProv, hCryptKey, keyLength); - publicKey = CPublicKey.of(alg, hCryptProv, hCryptKey, keyLength); + CKey.NativeHandles handles = new CKey.NativeHandles(hCryptProv, hCryptKey); + privateKey = CPrivateKey.of(alg, handles, keyLength); + publicKey = CPublicKey.of(alg, handles, keyLength); } public CPrivateKey getPrivate() { diff -r 9b8926bf85c1 -r 2cac7d48db4c src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java Fri Apr 26 11:33:32 2019 -0700 +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java Sat Apr 27 18:21:57 2019 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -37,12 +37,18 @@ private static final long serialVersionUID = 8113152807912338063L; - private CPrivateKey(String alg, long hCryptProv, long hCryptKey, int keyLength) { - super(alg, hCryptProv, hCryptKey, keyLength); + private CPrivateKey(String alg, NativeHandles handles, int keyLength) { + super(alg, handles, keyLength); } - public static CPrivateKey of(String alg, long hCryptProv, long hCryptKey, int keyLength) { - return new CPrivateKey(alg, hCryptProv, hCryptKey, keyLength); + // Called by native code inside security.cpp + static CPrivateKey of( + String alg, long hCryptProv, long hCryptKey, int keyLength) { + return of(alg, new NativeHandles(hCryptProv, hCryptKey), keyLength); + } + + public static CPrivateKey of(String alg, NativeHandles handles, int keyLength) { + return new CPrivateKey(alg, handles, keyLength); } // this key does not support encoding diff -r 9b8926bf85c1 -r 2cac7d48db4c src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java Fri Apr 26 11:33:32 2019 -0700 +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java Sat Apr 27 18:21:57 2019 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -59,8 +59,8 @@ private ECPoint w = null; private static final long serialVersionUID = 12L; - CECPublicKey(long hCryptProv, int keyLength) { - super("EC", hCryptProv, 0, keyLength); + CECPublicKey(NativeHandles handles, int keyLength) { + super("EC", handles, keyLength); } @Override @@ -121,8 +121,8 @@ private BigInteger exponent = null; private static final long serialVersionUID = 12L; - CRSAPublicKey(long hCryptProv, long hCryptKey, int keyLength) { - super("RSA", hCryptProv, hCryptKey, keyLength); + CRSAPublicKey(NativeHandles handles, int keyLength) { + super("RSA", handles, keyLength); } public String toString() { @@ -181,21 +181,27 @@ private native byte[] getModulus(byte[] keyBlob) throws KeyException; } + // Called by native code inside security.cpp + static CPublicKey of( + String alg, long hCryptProv, long hCryptKey, int keyLength) { + return of(alg, new NativeHandles(hCryptProv, hCryptKey), keyLength); + } + public static CPublicKey of( - String alg, long hCryptProv, long hCryptKey, int keyLength) { + String alg, NativeHandles handles, int keyLength) { switch (alg) { case "RSA": - return new CRSAPublicKey(hCryptProv, hCryptKey, keyLength); + return new CRSAPublicKey(handles, keyLength); case "EC": - return new CECPublicKey(hCryptProv, keyLength); + return new CECPublicKey(handles, keyLength); default: throw new AssertionError("Unsupported algorithm: " + alg); } } protected CPublicKey( - String alg, long hCryptProv, long hCryptKey, int keyLength) { - super(alg, hCryptProv, hCryptKey, keyLength); + String alg, NativeHandles handles, int keyLength) { + super(alg, handles, keyLength); } @Override diff -r 9b8926bf85c1 -r 2cac7d48db4c src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp --- a/src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp Fri Apr 26 11:33:32 2019 -0700 +++ b/src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp Sat Apr 27 18:21:57 2019 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -692,18 +692,22 @@ /* - * Class: sun_security_mscapi_Key + * Class: sun_security_mscapi_CKey * Method: cleanUp * Signature: (JJ)V */ -JNIEXPORT void JNICALL Java_sun_security_mscapi_Key_cleanUp +JNIEXPORT void JNICALL Java_sun_security_mscapi_CKey_cleanUp (JNIEnv *env, jclass clazz, jlong hCryptProv, jlong hCryptKey) { - if (hCryptKey != NULL) - ::CryptDestroyKey((HCRYPTKEY) hCryptKey); // deprecated + if (hCryptKey == NULL && hCryptProv != NULL) { + NCryptFreeObject((NCRYPT_HANDLE)hCryptProv); + } else { + if (hCryptKey != NULL) + ::CryptDestroyKey((HCRYPTKEY) hCryptKey); // deprecated - if (hCryptProv != NULL) - ::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); // deprecated + if (hCryptProv != NULL) + ::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); // deprecated + } } /* diff -r 9b8926bf85c1 -r 2cac7d48db4c test/jdk/java/security/KeyPairGenerator/FinalizeHalf.java --- a/test/jdk/java/security/KeyPairGenerator/FinalizeHalf.java Fri Apr 26 11:33:32 2019 -0700 +++ b/test/jdk/java/security/KeyPairGenerator/FinalizeHalf.java Sat Apr 27 18:21:57 2019 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /** * @test - * @bug 8163896 + * @bug 8163896 8223003 * @summary Finalizing one key of a KeyPair invalidates the other key */