On Fri, 22 Mar 2024 22:25:47 GMT, rebarbora-mckvak <d...@openjdk.org> wrote:
>> This fixes the defect described at >> https://bugs.openjdk.org/browse/JDK-8313367 >> >> If the process does not have write permissions, the store is opened as >> read-only (instead of failing). >> >> Please note that permissions to use a certificate in a local machine store >> must be granted - in a management console, select a certificate, right-click >> -> All tasks... -> Manage Private Keys... -> add Full control to user. > > rebarbora-mckvak has updated the pull request incrementally with one > additional commit since the last revision: > > 8313367: signHash looks for a key in either user or machine store src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp line 807: > 805: // Acquire an alternative CSP handle > 806: if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), > NULL, //deprecated > 807: PROV_RSA_AES, 0 | keysetType) == FALSE) There is no need for `0 |`. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/16687#discussion_r1559568721
