8225181: KeyStore should have a getAttributes method

Reviewed-by: mullan

src/java.base/share/classes/java/security/KeyStore.java

@@ -1020,6 +1020,34 @@ public class KeyStore {
         return this.type;
     }
 
+    /**
+     * Retrieves the attributes associated with the given alias.
+     *
+     * @param alias the alias name
+     * @return an unmodifiable {@code Set} of attributes. This set is
+     *      empty if the {@code KeyStoreSpi} implementation has not overridden
+     *      {@link KeyStoreSpi#engineGetAttributes(String)}, or the given
+     *      alias does not exist, or there are no attributes associated
+     *      with the alias. This set may also be empty for
+     *      {@code PrivateKeyEntry} or {@code SecretKeyEntry}
+     *      entries that contain protected attributes and are only available
+     *      through the {@link Entry#getAttributes} method after the entry
+     *      is extracted.
+     *
+     * @throws KeyStoreException if the keystore has not been initialized
+     * (loaded).
+     * @throws NullPointerException if {@code alias} is {@code null}
+     *
+     * @since 18
+     */
+    public final Set<Entry.Attribute> getAttributes(String alias)
+            throws KeyStoreException {
+        if (!initialized) {
+            throw new KeyStoreException("Uninitialized keystore");
+        }
+        return keyStoreSpi.engineGetAttributes(Objects.requireNonNull(alias));
+    }
+
     /**
      * Returns the key associated with the given alias, using the given
      * password to recover it.  The key must have been associated with

src/java.base/share/classes/java/security/KeyStoreSpi.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -447,6 +447,33 @@ public abstract class KeyStoreSpi {
         return;
     }
 
+    /**
+     * Retrieves the attributes associated with the given alias.
+     *
+     * @implSpec
+     * The default implementation returns an empty {@code Set}.
+     * {@code KeyStoreSpi} implementations that support attributes
+     * should override this method.
+     *
+     * @param alias the alias name
+     * @return an unmodifiable {@code Set} of attributes. This set is
+     *      empty if the given alias does not exist or there are no
+     *      attributes associated with the alias. This set may also be
+     *      empty for {@code PrivateKeyEntry} or {@code SecretKeyEntry}
+     *      entries that contain protected attributes. These protected
+     *      attributes should be populated into the result returned by
+     *      {@link #engineGetEntry} and can be retrieved by calling
+     *      the {@link Entry#getAttributes} method.
+     *
+     * @throws KeyStoreException if the keystore has not been initialized
+     * (loaded).
+     *
+     * @since 18
+     */
+    public Set<Entry.Attribute> engineGetAttributes(String alias) {
+        return Collections.emptySet();
+    }
+
     /**
      * Gets a {@code KeyStore.Entry} for the specified alias
      * with the specified protection parameter.

src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java

@@ -1307,6 +1307,15 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
         stream.flush();
     }
 
+    @Override
+    public Set<KeyStore.Entry.Attribute> engineGetAttributes(String alias) {
+        if (!engineContainsAlias(alias)) {
+            return super.engineGetAttributes(alias);
+        }
+        Entry entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
+        return getAttributes(entry);
+    }
+
     /**
      * Gets a <code>KeyStore.Entry</code> for the specified alias
      * with the specified protection parameter.

src/java.base/share/classes/sun/security/provider/DomainKeyStore.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -236,6 +236,28 @@ abstract class DomainKeyStore extends KeyStoreSpi {
         return date;
     }
 
+    @Override
+    public Set<KeyStore.Entry.Attribute> engineGetAttributes(String alias) {
+
+        AbstractMap.SimpleEntry<String, Collection<KeyStore>> pair =
+                getKeystoresForReading(alias);
+        Set<KeyStore.Entry.Attribute> result = Collections.emptySet();
+
+        try {
+            String entryAlias = pair.getKey();
+            for (KeyStore keystore : pair.getValue()) {
+                result = keystore.getAttributes(entryAlias);
+                if (result != null) {
+                    break;
+                }
+            }
+        } catch (KeyStoreException e) {
+            throw new IllegalStateException(e);
+        }
+
+        return result;
+    }
+
     /**
      * Assigns the given private key to the given alias, protecting
      * it with the given password as defined in PKCS8.

src/java.base/share/classes/sun/security/util/KeyStoreDelegator.java

@@ -129,6 +129,11 @@ public class KeyStoreDelegator extends KeyStoreSpi {
         keystore.engineDeleteEntry(alias);
     }
 
+    @Override
+    public Set<KeyStore.Entry.Attribute> engineGetAttributes(String alias) {
+        return keystore.engineGetAttributes(alias);
+    }
+
     @Override
     public Enumeration<String> engineAliases() {
         return keystore.engineAliases();