8007483: attributes are ignored when loading keys from a PKCS12 keystore

Reviewed-by: mullan
2026-05-31 15:53:41 +00:00 · 2013-02-05 14:25:47 +00:00 · 2013-02-05 14:25:47 +00:00 · 85c0519ca6
commit 85c0519ca6
parent 631c9a9bad
2 changed files with 17 additions and 3 deletions
--- a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
+++ b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
@ -1116,7 +1116,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
        if (privateKeyCount > 0 || secretKeyCount > 0) {

            if (debug != null) {
-                debug.println("Storing " + privateKeyCount +
+                debug.println("Storing " + (privateKeyCount + secretKeyCount) +
                    " protected key(s) in a PKCS#7 data content-type");
            }

@ -2122,6 +2122,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
                SecretKeyEntry kEntry = new SecretKeyEntry();
                kEntry.protectedSecretKey = secretValue.getOctetString();
                bagItem = kEntry;
+                secretKeyCount++;
            } else {

                if (debug != null) {
@ -2220,6 +2221,10 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
                if (bagItem instanceof PrivateKeyEntry) {
                    keyList.add((PrivateKeyEntry) entry);
                }
+                if (entry.attributes == null) {
+                    entry.attributes = new HashSet<>();
+                }
+                entry.attributes.addAll(attributes);
                if (alias == null) {
                   alias = getUnfriendlyName();
                }
--- a/jdk/test/sun/security/pkcs12/StorePasswordTest.java
+++ b/jdk/test/sun/security/pkcs12/StorePasswordTest.java
@ -51,8 +51,12 @@ public class StorePasswordTest {
        keystore.load(null, null);

        // Set entry
+        Set<KeyStore.Entry.Attribute> attrs = new HashSet<>();
+        attrs.add(new PKCS12Attribute("1.3.5.7.9", "printable1"));
+        attrs.add(new PKCS12Attribute("2.4.6.8.10", "1F:2F:3F:4F:5F"));
+        int originalAttrCount = attrs.size() + 2;
        keystore.setEntry(ALIAS,
-            new KeyStore.SecretKeyEntry(convertPassword(USER_PASSWORD)),
+            new KeyStore.SecretKeyEntry(convertPassword(USER_PASSWORD), attrs),
                new KeyStore.PasswordProtection(PASSWORD));

        try (FileOutputStream outStream = new FileOutputStream(KEYSTORE)) {
@ -69,7 +73,12 @@ public class StorePasswordTest {

        KeyStore.Entry entry = keystore.getEntry(ALIAS,
            new KeyStore.PasswordProtection(PASSWORD));
-        System.out.println("Retrieved entry: " + entry);
+        int attrCount = entry.getAttributes().size();
+        System.out.println("Retrieved entry with " + attrCount + " attrs: " +
+            entry);
+        if (attrCount != originalAttrCount) {
+            throw new Exception("Failed to recover all the entry attributes");
+        }

        SecretKey key = (SecretKey) keystore.getKey(ALIAS, PASSWORD);
        SecretKeyFactory factory =