--- old/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Thu May 21 16:13:02 2015 +++ new/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Thu May 21 16:13:01 2015 @@ -1058,6 +1058,39 @@ } /** + * Determines if the keystore {@code Entry} for the specified + * {@code alias} is an instance or subclass of the specified + * {@code entryClass}. + * + * @param alias the alias name + * @param entryClass the entry class + * + * @return true if the keystore {@code Entry} for the specified + * {@code alias} is an instance or subclass of the + * specified {@code entryClass}, false otherwise + * + * @since 1.5 + */ + @Override + public boolean + engineEntryInstanceOf(String alias, + Class entryClass) + { + if (entryClass == KeyStore.TrustedCertificateEntry.class) { + return engineIsCertificateEntry(alias); + } + + Entry entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); + if (entryClass == KeyStore.PrivateKeyEntry.class) { + return (entry != null && entry instanceof PrivateKeyEntry); + } + if (entryClass == KeyStore.SecretKeyEntry.class) { + return (entry != null && entry instanceof SecretKeyEntry); + } + return false; + } + + /** * Returns the (alias) name of the first keystore entry whose certificate * matches the given certificate. * @@ -1089,7 +1122,7 @@ } else { continue; } - if (certElem.equals(cert)) { + if (certElem != null && certElem.equals(cert)) { return alias; } } @@ -1932,7 +1965,12 @@ safeContentsData = safeContents.getData(); } else if (contentType.equals((Object)ContentInfo.ENCRYPTED_DATA_OID)) { if (password == null) { - continue; + + if (debug != null) { + debug.println("Warning: skipping PKCS#7 encryptedData" + + " content-type - no password was supplied"); + } + continue; } if (debug != null) { @@ -1974,8 +2012,9 @@ password = new char[1]; continue; } - throw new IOException( - "failed to decrypt safe contents entry: " + e, e); + throw new IOException("keystore password was incorrect", + new UnrecoverableKeyException( + "failed to decrypt safe contents entry: " + e)); } } } else {