On Thu, 4 Nov 2021 13:44:52 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> src/java.base/share/classes/java/security/KeyStore.java line 1027:
>>
>>> 1025: *
>>> 1026: * @implSpec
>>> 1027: * The default implementation returns an empty {@code Set}.
>>
>> Would it make more sense for the default impl to throw
>> `UnsupportedOperationException` or maybe call `getEntry(alias, null)`?
>> Otherwise, an application cannot know the difference between an alias that
>> has no attributes and an alias that has attributes but is from a `KeyStore`
>> impl that has not overridden the corresponding Spi method.
>
> The one benefit I can think of to throw a UOE is that the caller can fallback
> to `getEntry(...).getAttributes()` when an exception is thrown. However, as
> far as I know, our PKCS12KeyStore is the only KeyStore implementation that
> has made use of attributes. Therefore it's still not late for another
> implementation to start supporting both at the same time. For most of the
> KeyStore implementations, both `ks.getAttributes()` and
> `ks.getEntry(...).getAttributes()` returning empty seems more consistent.
But we could just override those other implementations to always return an
empty Set. I would prefer if an application could distinguish between these two
cases w/o knowing whether the underlying implementation supports attributes or
not.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6026
