I was wondering if there are any key store implementations out there that allow to store key attributes, say as name/value-pairs, along with a symmetric key's value? Looks like JKS and JCEKS only allow storing the key value and the key's alias, so looking for other options, if any.
Doesn't matter how name/value-pairs are treated, as long as they can be stored (it's up to the application to make sense of them, really).
So what I would like to put in the key store is:
alias1 - keyvalue1 - metadata1=[md1=value11 md2=value12 md3=value13 ...]
alias2 - keyvalue2 - metadata2=[md1=value21 md2=value22 md3=value23 ...]
...
Don't care about the coding of the metadata, but it should be retrievable separately.
Edit:
KeyStore.SecretKeyEntry has a CTOR accepting a Set of Attributes and using KeyStore.setEntry one could pass such a SecretKeyEntry including its metadata. Unfortunately, it looks like the default JCEKS implementation just ignores the attributes.
If it is the applications job to make sense of the key, why don`t you do something like the below?
For a String key.
Or you could parse to base64 and have
The issue I see here is that for a string you won't be able to disassociate the key "rabbit" from the attributes. For instance, on JKS you would have the key above as the
-alias cmFiYml0P2NvbG9yPXdoaXRlJnNpemU9c21hbGwmZmx1ZmZ5PXRydWU=, which would force you to iterate through all the keys in order to find the correct one.