2135                                             .toString());
2136                                 }
2137                                 break mainloop;
2138                             }
2139                         }
2140                     }
2141                     chain.add(cert);
2142                     X500Principal issuerDN = cert.getIssuerX500Principal();
2143                     if (issuerDN.equals(cert.getSubjectX500Principal())) {
2144                         break;
2145                     }
2146                     cert = certsMap.get(issuerDN);
2147                 }
2148                 /* Update existing KeyEntry in entries table */
2149                 if (chain.size() > 0)
2150                     entry.chain = chain.toArray(new Certificate[chain.size()]);
2151             }
2152         }
2153 
2154         if (debug != null) {
2155             if (privateKeyCount > 0) {
2156                 debug.println("Loaded " + privateKeyCount +
2157                     " protected private key(s)");
2158             }
2159             if (secretKeyCount > 0) {
2160                 debug.println("Loaded " + secretKeyCount +
2161                     " protected secret key(s)");
2162             }
2163             if (certificateCount > 0) {
2164                 debug.println("Loaded " + certificateCount +
2165                     " certificate(s)");
2166             }
2167         }
2168 
2169         certEntries.clear();
2170         certsMap.clear();
2171         keyList.clear();
2172     }
2173 
2174     /**
2175      * Locates a matched CertEntry from certEntries, and returns its cert.
2176      * @param entry the KeyEntry to match
2177      * @return a certificate, null if not found
2178      */
2179     private X509Certificate findMatchedCertificate(PrivateKeyEntry entry) {
2180         CertEntry keyIdMatch = null;
2181         CertEntry aliasMatch = null;
2182         for (CertEntry ce: certEntries) {
2183             if (Arrays.equals(entry.keyId, ce.keyId)) {
2184                 keyIdMatch = ce;
2185                 if (entry.alias.equalsIgnoreCase(ce.alias)) {
2186                     // Full match!

2135                                             .toString());
2136                                 }
2137                                 break mainloop;
2138                             }
2139                         }
2140                     }
2141                     chain.add(cert);
2142                     X500Principal issuerDN = cert.getIssuerX500Principal();
2143                     if (issuerDN.equals(cert.getSubjectX500Principal())) {
2144                         break;
2145                     }
2146                     cert = certsMap.get(issuerDN);
2147                 }
2148                 /* Update existing KeyEntry in entries table */
2149                 if (chain.size() > 0)
2150                     entry.chain = chain.toArray(new Certificate[chain.size()]);
2151             }
2152         }
2153 
2154         if (debug != null) {
2155             debug.println("PKCS12KeyStore load: private key count: " +
2156                     privateKeyCount + ". secret key count: " + secretKeyCount +
2157                     ". certificate count: " + certificateCount);









2158         }
2159 
2160         certEntries.clear();
2161         certsMap.clear();
2162         keyList.clear();
2163     }
2164 
2165     /**
2166      * Locates a matched CertEntry from certEntries, and returns its cert.
2167      * @param entry the KeyEntry to match
2168      * @return a certificate, null if not found
2169      */
2170     private X509Certificate findMatchedCertificate(PrivateKeyEntry entry) {
2171         CertEntry keyIdMatch = null;
2172         CertEntry aliasMatch = null;
2173         for (CertEntry ce: certEntries) {
2174             if (Arrays.equals(entry.keyId, ce.keyId)) {
2175                 keyIdMatch = ce;
2176                 if (entry.alias.equalsIgnoreCase(ce.alias)) {
2177                     // Full match!