RFR: 8225181: KeyStore should have a getAttributes method
Weijun Wang
weijun at openjdk.java.net
Wed Oct 27 20:14:18 UTC 2021
On Wed, 27 Oct 2021 19:40:16 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> This is complicated. Theoretically a KeyStore implementation can store some attributes in clear text and some encrypted, and it's probably not possible to know if there exist any encrypted ones before actually decrypting the entry. Maybe I should say "For a PrivateKeyEntry or SecretKeyEntry, some attributes might only be available after the entry is extracted by the getEntry() method. Try calling the entry's getAttributes() method to see if there are any".
>
> Yes, a sentence like that would help. Some suggested tweaks: "For a PrivateKeyEntry or SecretKeyEntry, some attributes may be protected and not available unless the entry is first extracted by the getEntry() method."
>
> I don't think you need the last sentence.
I wonder if someone will interpret this as "after I've called `getEntry` on a private key, I can get the encrypted attributes through `KeyStore::getAttributes`". How about something like "and only available through the {@link KeyEntry.getAttributres} method after the entry is extracted"?
-------------
PR: https://git.openjdk.java.net/jdk/pull/6026
More information about the security-dev
mailing list