[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] JCE 2.5.1 ArrayIndexOutOfBoundsException decrypting PKCS12 certificates



Hello,

I have two PKCS12 certificates that the IAIK JCE 2.5.1 toolkit cannot seem
to read.  They're both PKCS12.  Microsoft's Internet Information Server is
able to load them both.  When I load them and decrypt them, I get an
ArrayIndexOutOfBoundsException with the following stack trace:

java.lang.ArrayIndexOutOfBoundsException
	at iaik/asn1/ConstructedType.getComponentAt
	at iaik/pkcs/pkcs8/PrivateKeyInfo.getPrivateKey
	at iaik/pkcs/pkcs8/PrivateKeyInfo.getPrivateKey
	at iaik/pkcs/pkcs8/EncryptedPrivateKeyInfo.decrypt
	at iaik/pkcs/pkcs12/PKCS8ShroudedKeyBag.decrypt
	at iaik/pkcs/pkcs12/AuthenticatedSafe.decrypt
	at iaik/pkcs/pkcs12/PKCS12.decrypt
	at (my code)

My code is below.  What am I doing wrong?  Or is there a bug in the toolkit?
I've read about problems with encryption/decryption modes, but I'm only
decrypting here.  I've also heard about problems with Microsoft PKCS12
formats in previous versions of the JCE, but they should be fixed in 2.5.1.

---------- begin code

String fileName = "someFile.pfx";
File file = new File (fileName);
		
FileInputStream fileIn = null;
try
{
	fileIn = new FileInputStream (file);
	BufferedInputStream in = new BufferedInputStream (fileIn);
	PKCS12 pkcs12 = new PKCS12 (in);
				
	String password = EMPTY_STRING;
				
	do
	{
		try
		{
			pkcs12.decrypt (password.toCharArray ());
			break;
		}
		catch (PKCSException exception)
		{
			// Ask for the password.
			SingleEditPage page = new SingleEditPage ();
			page.setSize (300, page.getSize ().y);
			page.setLabelText ("The certificate is password
protected. Enter the password now:");
			page.getEdit ().setPasswordChar ('*');
			StandardDialog dialog = new StandardDialog
(getParentForm (), page);
			dialog.checkOk ();
			dialog.setText ("Enter Password");
			dialog.setOwner (getParentForm ());
			int result = dialog.showDialog ();
			if (result == StandardDialog.OK)
				password = page.getEditText ();
			else
				throw exception;
		}					
	}
	while (true);
}
finally
{
	if (fileIn != null)
		try
		{
			fileIn.close ();
		}
		catch (Throwable throwable)
		{
			// ignore exception
		}
}


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce