RFR: 8225181: KeyStore should have a getAttributes method [v3]
Weijun Wang
weijun at openjdk.java.net
Thu Nov 4 13:48:21 UTC 2021
On Thu, 4 Nov 2021 13:21:19 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> more clear and precise spec
>
> src/java.base/share/classes/java/security/KeyStore.java line 1027:
>
>> 1025: *
>> 1026: * @implSpec
>> 1027: * The default implementation returns an empty {@code Set}.
>
> Would it make more sense for the default impl to throw `UnsupportedOperationException` or maybe call `getEntry(alias, null)`? Otherwise, an application cannot know the difference between an alias that has no attributes and an alias that has attributes but is from a `KeyStore` impl that has not overridden the corresponding Spi method.
The one benefit I can think of to throw a UOE is that the caller can fallback to `getEntry(...).getAttributes()` when an exception is thrown. However, as far as I know, our PKCS12KeyStore is the only KeyStore implementation that has made use of attributes. Therefore it's still not late for another implementation to start supporting both at the same time. For most of the KeyStore implementations, both `ks.getAttributes()` and `ks.getEntry(...).getAttributes()` returning empty seems more consistent.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6026
More information about the security-dev
mailing list