Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8275748

KeyStore should have a getAttributes method

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P4 P4
    • 18
    • security-libs
    • None
    • source
    • minimal
    • New methods.
    • Java API
    • SE

      Summary

      Add a new KeyStore::getAttributes(String alias) method so that one can get the attributes of an entry without getting the entry first.

      Problem

      We used to only have a KeyStore$Entry::getAttributes method. This means we have to get the entry first to get its attributes. However, sometimes a private key entry is encrypted and we cannot get the entry without decrypting it first, even if the attributes themselves are not encrypted.

      Solution

      Add a new KeyStore::getAttributes(String alias) method.

      Specification

      java.security.KeyStore:

      /**
 * Retrieves the attributes associated with the given alias.
 *
 * @param alias the alias name
 * @return an unmodifiable {@code Set} of attributes. This set is
 *      empty if the {@code KeyStoreSpi} implementation has not overridden
 *      {@link KeyStoreSpi#engineGetAttributes(String)}, or the given
 *      alias does not exist, or there are no attributes associated
 *      with the alias. This set may also be empty for
 *      {@code PrivateKeyEntry} or {@code SecretKeyEntry}
 *      entries that contain protected attributes and are only available
 *      through the {@link Entry#getAttributes} method after the entry
 *      is extracted.
 *
 * @throws KeyStoreException if the keystore has not been initialized
 * (loaded).
 * @throws NullPointerException if {@code alias} is {@code null}
 *
 * @since 18
 */
public final Set<Entry.Attribute> getAttributes(String alias)
        throws KeyStoreException;

      java.security.KeyStoreSpi:

      /**
 * Retrieves the attributes associated with the given alias.
 *
 * @implSpec
 * The default implementation returns an empty {@code Set}.
 * {@code KeyStoreSpi} implementations that support attributes
 * should override this method.
 *
 * @param alias the alias name
 * @return an unmodifiable {@code Set} of attributes. This set is
 *      empty if the given alias does not exist or there are no
 *      attributes associated with the alias. This set may also be
 *      empty for {@code PrivateKeyEntry} or {@code SecretKeyEntry}
 *      entries that contain protected attributes. These protected
 *      attributes should be populated into the result returned by
 *      {@link #engineGetEntry} and can be retrieved by calling
 *      the {@link Entry#getAttributes} method.
 *
 * @throws KeyStoreException if the keystore has not been initialized
 * (loaded).
 *
 * @since 18
 */
public Set<Entry.Attribute> engineGetAttributes(String alias);

            weijun Weijun Wang
            weijun Weijun Wang
            Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: