I just filed https://bugs.openjdk.java.net/browse/JDK-8225181.
Thanks, Max > On Jun 3, 2019, at 10:18 PM, Sean Mullan <sean.mul...@oracle.com> wrote: > > On 6/2/19 10:28 PM, Weijun Wang wrote: >> I am playing with KeyStore.Entry.Attribute and found out it's only >> retrievable with Entry::getAttributes. This means for a PrivateKeyEntry that >> is protected with a password, you will have to provide that password to get >> the entry first to get the attributes. >> Is this by design? So there is no way to add public attributes to these >> entries? If I read PKCS12 correctly, the attributes is out of the bag value. >> Therefore even if I cannot decrypt a pkcs8ShroudedKeyBag, the attributes are >> still visible. >> Or am I missing something? > > Probably not. Maybe we need something like a KeyStore.getAttributes(String > alias) method? > > --Sean
