8007483: attributes are ignored when loading keys from a PKCS12 keystore

Reviewed-by: mullan

src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java

@@ -1116,7 +1116,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
         if (privateKeyCount > 0 || secretKeyCount > 0) {
 
             if (debug != null) {
-                debug.println("Storing " + privateKeyCount +
+                debug.println("Storing " + (privateKeyCount + secretKeyCount) +
                     " protected key(s) in a PKCS#7 data content-type");
             }
 
@@ -2122,6 +2122,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
                 SecretKeyEntry kEntry = new SecretKeyEntry();
                 kEntry.protectedSecretKey = secretValue.getOctetString();
                 bagItem = kEntry;
+                secretKeyCount++;
             } else {
 
                 if (debug != null) {
@@ -2220,6 +2221,10 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
                 if (bagItem instanceof PrivateKeyEntry) {
                     keyList.add((PrivateKeyEntry) entry);
                 }
+                if (entry.attributes == null) {
+                    entry.attributes = new HashSet<>();
+                }
+                entry.attributes.addAll(attributes);
                 if (alias == null) {
                    alias = getUnfriendlyName();
                 }

test/sun/security/pkcs12/StorePasswordTest.java

@@ -51,8 +51,12 @@ public class StorePasswordTest {
         keystore.load(null, null);
 
         // Set entry
+        Set<KeyStore.Entry.Attribute> attrs = new HashSet<>();
+        attrs.add(new PKCS12Attribute("1.3.5.7.9", "printable1"));
+        attrs.add(new PKCS12Attribute("2.4.6.8.10", "1F:2F:3F:4F:5F"));
+        int originalAttrCount = attrs.size() + 2;
         keystore.setEntry(ALIAS,
-            new KeyStore.SecretKeyEntry(convertPassword(USER_PASSWORD)),
+            new KeyStore.SecretKeyEntry(convertPassword(USER_PASSWORD), attrs),
                 new KeyStore.PasswordProtection(PASSWORD));
 
         try (FileOutputStream outStream = new FileOutputStream(KEYSTORE)) {
@@ -69,7 +73,12 @@ public class StorePasswordTest {
 
         KeyStore.Entry entry = keystore.getEntry(ALIAS,
             new KeyStore.PasswordProtection(PASSWORD));
-        System.out.println("Retrieved entry: " + entry);
+        int attrCount = entry.getAttributes().size();
+        System.out.println("Retrieved entry with " + attrCount + " attrs: " +
+            entry);
+        if (attrCount != originalAttrCount) {
+            throw new Exception("Failed to recover all the entry attributes");
+        }
 
         SecretKey key = (SecretKey) keystore.getKey(ALIAS, PASSWORD);
         SecretKeyFactory factory =