Is Entry.Attribute meant to be encrypted for a PrivateKeyEntry?
Weijun Wang
weijun.wang at oracle.com
Mon Jun 3 02:28:18 UTC 2019
I am playing with KeyStore.Entry.Attribute and found out it's only retrievable with Entry::getAttributes. This means for a PrivateKeyEntry that is protected with a password, you will have to provide that password to get the entry first to get the attributes.
Is this by design? So there is no way to add public attributes to these entries? If I read PKCS12 correctly, the attributes is out of the bag value. Therefore even if I cannot decrypt a pkcs8ShroudedKeyBag, the attributes are still visible.
Or am I missing something?
Thanks,
Max
More information about the security-dev
mailing list