Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8223003: SunMSCAPI keys are not cleaned up
authorweijun
Sat, 27 Apr 2019 18:21:57 +0800
changeset 54639 2cac7d48db4c
parent 54638 9b8926bf85c1
child 54640 2f4393ec54d4
8223003: SunMSCAPI keys are not cleaned up Reviewed-by: igerasim
src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java file | annotate | diff | comparison | revisions
src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyPair.java file | annotate | diff | comparison | revisions
src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java file | annotate | diff | comparison | revisions
src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java file | annotate | diff | comparison | revisions
src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp file | annotate | diff | comparison | revisions
test/jdk/java/security/KeyPairGenerator/FinalizeHalf.java file | annotate | diff | comparison | revisions 
--- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java	Fri Apr 26 11:33:32 2019 -0700
+++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java	Sat Apr 27 18:21:57 2019 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -75,9 +75,9 @@
 
     protected final String algorithm;
 
-    protected CKey(String algorithm, long hCryptProv, long hCryptKey, int keyLength) {
+    protected CKey(String algorithm, NativeHandles handles, int keyLength) {
         this.algorithm = algorithm;
-        this.handles = new NativeHandles(hCryptProv, hCryptKey);
+        this.handles = handles;
         this.keyLength = keyLength;
     }
 
--- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyPair.java	Fri Apr 26 11:33:32 2019 -0700
+++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyPair.java	Sat Apr 27 18:21:57 2019 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -36,9 +36,13 @@
 
     private final CPublicKey publicKey;
 
+    /**
+     * This method is called by native codes in security.cpp.
+     */
     CKeyPair(String alg, long hCryptProv, long hCryptKey, int keyLength) {
-        privateKey = CPrivateKey.of(alg, hCryptProv, hCryptKey, keyLength);
-        publicKey = CPublicKey.of(alg, hCryptProv, hCryptKey, keyLength);
+        CKey.NativeHandles handles = new CKey.NativeHandles(hCryptProv, hCryptKey);
+        privateKey = CPrivateKey.of(alg, handles, keyLength);
+        publicKey = CPublicKey.of(alg, handles, keyLength);
     }
 
     public CPrivateKey getPrivate() {
--- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java	Fri Apr 26 11:33:32 2019 -0700
+++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java	Sat Apr 27 18:21:57 2019 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -37,12 +37,18 @@
 
     private static final long serialVersionUID = 8113152807912338063L;
 
-    private CPrivateKey(String alg, long hCryptProv, long hCryptKey, int keyLength) {
-        super(alg, hCryptProv, hCryptKey, keyLength);
+    private CPrivateKey(String alg, NativeHandles handles, int keyLength) {
+        super(alg, handles, keyLength);
     }
 
-    public static CPrivateKey of(String alg, long hCryptProv, long hCryptKey, int keyLength) {
-        return new CPrivateKey(alg, hCryptProv, hCryptKey, keyLength);
+    // Called by native code inside security.cpp
+    static CPrivateKey of(
+            String alg, long hCryptProv, long hCryptKey, int keyLength) {
+        return of(alg, new NativeHandles(hCryptProv, hCryptKey), keyLength);
+    }
+
+    public static CPrivateKey of(String alg, NativeHandles handles, int keyLength) {
+        return new CPrivateKey(alg, handles, keyLength);
     }
 
     // this key does not support encoding
--- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java	Fri Apr 26 11:33:32 2019 -0700
+++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java	Sat Apr 27 18:21:57 2019 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -59,8 +59,8 @@
         private ECPoint w = null;
         private static final long serialVersionUID = 12L;
 
-        CECPublicKey(long hCryptProv, int keyLength) {
-            super("EC", hCryptProv, 0, keyLength);
+        CECPublicKey(NativeHandles handles, int keyLength) {
+            super("EC", handles, keyLength);
         }
 
         @Override
@@ -121,8 +121,8 @@
         private BigInteger exponent = null;
         private static final long serialVersionUID = 12L;
 
-        CRSAPublicKey(long hCryptProv, long hCryptKey, int keyLength) {
-            super("RSA", hCryptProv, hCryptKey, keyLength);
+        CRSAPublicKey(NativeHandles handles, int keyLength) {
+            super("RSA", handles, keyLength);
         }
 
         public String toString() {
@@ -181,21 +181,27 @@
         private native byte[] getModulus(byte[] keyBlob) throws KeyException;
     }
 
+    // Called by native code inside security.cpp
+    static CPublicKey of(
+            String alg, long hCryptProv, long hCryptKey, int keyLength) {
+        return of(alg, new NativeHandles(hCryptProv, hCryptKey), keyLength);
+    }
+
     public static CPublicKey of(
-            String alg, long hCryptProv, long hCryptKey, int keyLength) {
+            String alg, NativeHandles handles, int keyLength) {
         switch (alg) {
             case "RSA":
-                return new CRSAPublicKey(hCryptProv, hCryptKey, keyLength);
+                return new CRSAPublicKey(handles, keyLength);
             case "EC":
-                return new CECPublicKey(hCryptProv, keyLength);
+                return new CECPublicKey(handles, keyLength);
             default:
                 throw new AssertionError("Unsupported algorithm: " + alg);
         }
     }
 
     protected CPublicKey(
-            String alg, long hCryptProv, long hCryptKey, int keyLength) {
-        super(alg, hCryptProv, hCryptKey, keyLength);
+            String alg, NativeHandles handles, int keyLength) {
+        super(alg, handles, keyLength);
     }
 
     @Override
--- a/src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp	Fri Apr 26 11:33:32 2019 -0700
+++ b/src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp	Sat Apr 27 18:21:57 2019 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -692,18 +692,22 @@
 
 
 /*
- * Class:     sun_security_mscapi_Key
+ * Class:     sun_security_mscapi_CKey
  * Method:    cleanUp
  * Signature: (JJ)V
  */
-JNIEXPORT void JNICALL Java_sun_security_mscapi_Key_cleanUp
+JNIEXPORT void JNICALL Java_sun_security_mscapi_CKey_cleanUp
   (JNIEnv *env, jclass clazz, jlong hCryptProv, jlong hCryptKey)
 {
-    if (hCryptKey != NULL)
-        ::CryptDestroyKey((HCRYPTKEY) hCryptKey); // deprecated
+    if (hCryptKey == NULL && hCryptProv != NULL) {
+        NCryptFreeObject((NCRYPT_HANDLE)hCryptProv);
+    } else {
+        if (hCryptKey != NULL)
+            ::CryptDestroyKey((HCRYPTKEY) hCryptKey); // deprecated
 
-    if (hCryptProv != NULL)
-        ::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); // deprecated
+        if (hCryptProv != NULL)
+            ::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); // deprecated
+    }
 }
 
 /*
--- a/test/jdk/java/security/KeyPairGenerator/FinalizeHalf.java	Fri Apr 26 11:33:32 2019 -0700
+++ b/test/jdk/java/security/KeyPairGenerator/FinalizeHalf.java	Sat Apr 27 18:21:57 2019 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 8163896
+ * @bug 8163896 8223003
  * @summary Finalizing one key of a KeyPair invalidates the other key
  */
jdk-sandbox