added UnrecoverableKeyException cause for "wrong password" on PKCS12 KeyStore - relates to github #2082

Author: dghgit

prov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java

@@ -123,6 +123,7 @@
 import org.bouncycastle.jce.provider.JDKPKCS12StoreParameter;
 import org.bouncycastle.util.Arrays;
 import org.bouncycastle.util.BigIntegers;
+import org.bouncycastle.util.Exceptions;
 import org.bouncycastle.util.Integers;
 import org.bouncycastle.util.Properties;
 import org.bouncycastle.util.Strings;
@@ -945,15 +946,16 @@ public void engineLoad(
                 {
                     if (password.length > 0)
                     {
-                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
+                        throw Exceptions.ioException("PKCS12 key store mac invalid - wrong password or corrupted file",
+                            new UnrecoverableKeyException("PKCS12 key store mac invalid"));
                     }
 
                     // Try with incorrect zero length password
                     res = calculatePbeMac(macAlgorithm.getAlgorithm(), salt, itCount, password, true, data);
 
                     if (!Arrays.constantTimeAreEqual(res, dig))
                     {
-                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
+                        throw Exceptions.ioException("PKCS12 key store mac invalid - wrong password or corrupted file", new UnrecoverableKeyException("PKCS12 key store mac invalid"));
                     }
 
                     wrongPKCS12Zero = true;

prov/src/test/java/org/bouncycastle/jce/provider/test/PKCS12StoreTest.java

@@ -13,6 +13,7 @@
 import java.security.PublicKey;
 import java.security.Security;
 import java.security.Signature;
+import java.security.UnrecoverableKeyException;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPrivateKey;
@@ -2361,6 +2362,26 @@ private void testNoExtraLocalKeyID(byte[] store1data)
         }
     }
 
+    public void testPKCS12StoreWrongPassword()
+        throws Exception
+    {
+        KeyStore store = KeyStore.getInstance("PKCS12", BC);
+        ByteArrayInputStream stream = new ByteArrayInputStream(pkcs12);
+
+        try
+        {
+            store.load(stream, "Goodbye World!".toCharArray());
+            fail("no exception");
+        }
+        catch (IOException e)
+        {               e.printStackTrace();
+            if (!(e.getCause() instanceof UnrecoverableKeyException))
+            {
+                fail("no exception cause found for wrong password");
+            }
+        }
+    }
+
     private void testChainCycle()
         throws Exception
     {
@@ -2551,7 +2572,7 @@ private void testPBMac1PBKdf2()
             }
             catch (IOException e)
             {
-                isTrue(e.getMessage().contains("PKCS12 key store mac invalid - wrong password or corrupted file."));
+                isTrue(e.getMessage().contains("PKCS12 key store mac invalid - wrong password or corrupted file"));
             }
         }
         // invalid test vector that throws exception
@@ -2764,6 +2785,7 @@ public void performTest()
         testRawKeyBagStore();
         testAES256_AES128();
         testAES256GCM_AES128_GCM();
+       // testPKCS12StoreWrongPassword();
 
         // converter tests