bufIn.reset();
ASN1InputStream bIn = new ASN1InputStream(bufIn);
ASN1Sequence obj = (ASN1Sequence)bIn.readObject();
Pfx bag = new Pfx(obj);
ContentInfo info = bag.getAuthSafe();
Vector chain = new Vector();
boolean unmarkedKey = false;
boolean wrongPKCS12Zero = false;
if (bag.getMacData() != null) // check the mac code
{
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
BEROutputStream berOut = new BEROutputStream(bOut);
MacData mData = bag.getMacData();
DigestInfo dInfo = mData.getMac();
AlgorithmIdentifier algId = dInfo.getAlgorithmId();
byte[] salt = mData.getSalt();
int itCount = mData.getIterationCount().intValue();
berOut.writeObject(info);
byte[] data = ((ASN1OctetString)info.getContent()).getOctets();
try
{
Mac mac = Mac.getInstance(algId.getObjectId().getId(), "BC");
SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algId.getObjectId().getId(), "BC");
PBEParameterSpec defParams = new PBEParameterSpec(salt, itCount);
PBEKeySpec pbeSpec = new PBEKeySpec(password);
mac.init(keyFact.generateSecret(pbeSpec), defParams);
mac.update(data);
byte[] res = mac.doFinal();
byte[] dig = dInfo.getDigest();
if (res.length != dInfo.getDigest().length)
{
throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
}
boolean okay = true;
for (int i = 0; i != res.length; i++)
{
if (res[i] != dig[i])
{
if (password.length != 0) // may be dodgey zero password
{
throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
}
else
{
okay = false;
break;
}
}
}
//
// may be incorrect zero length password
//
if (!okay)
{
SecretKey k = keyFact.generateSecret(pbeSpec);
((JCEPBEKey)k).setTryWrongPKCS12Zero(true);
mac.init(k, defParams);
mac.update(data);
res = mac.doFinal();
dig = dInfo.getDigest();
for (int i = 0; i != res.length; i++)
{
if (res[i] != dig[i])
{
throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
}
}
wrongPKCS12Zero = true;
}
}
catch (IOException e)
{
throw e;
}
catch (Exception e)
{
throw new IOException("error constructing MAC: " + e.toString());
}
}
keys = new IgnoresCaseHashtable();
localIds = new Hashtable();
if (info.getContentType().equals(data))
{
bIn = new ASN1InputStream(((ASN1OctetString)info.getContent()).getOctets());
AuthenticatedSafe authSafe = new AuthenticatedSafe((ASN1Sequence)bIn.readObject());
ContentInfo[] c = authSafe.getContentInfo();
for (int i = 0; i != c.length; i++)