PKCS12 key store mac invalid - wrong password or corrupted file on Linux

[yoseph-phillips]

Using the same certificate and password on Windows works fine, but on Linux we get PKCS12 key store mac invalid - wrong password or corrupted file.

The Java code to reproduce this is very simply:
KeyStore keyStore = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
keyStore.load(new FileInputStream(filename), password.toCharArray());

We have tested using both bcprov-jdk18on-1.79.jar and bcprov-jdk18on-1.81.jar and both have the same issue.

The stack trace is:
Exception in thread "main" java.io.IOException: PKCS12 key store mac invalid - wrong password or corrupted file.
at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(Unknown Source)
at java.security.KeyStore.load(KeyStore.java:1445)

The version of Java on both Linux (having the issue) and Windows (not having the issue) is:
java version "1.8.0_201"
Java(TM) SE Runtime Environment (build 1.8.0_201-b09)
Java HotSpot(TM) 64-Bit Server VM (build 25.201-b09, mixed mode)

We have replaced the file multiple times and run checksums as well to make sure that it has not been corrupted.
Both the password and file are definitely correct so the error message is misleading.

We can provide both the test file and password via email if that is helpful.

[peterdettman]

Are you able to debug to see where the divergence happens? (perhaps use bcprov-debug jar).

Are you also using the exact same test program (jar) on both platforms or are they compiled separately? Is the test password defined directly in the code, right before the load call? Have you tried with an all ASCII password for comparison?

Anyway, if you're still stuck, you can send the test data to feedback-crypto at bouncycastle.org and we will check it out.

[yoseph-phillips]

We will be trying to debug to see where the divergence happens and might try bcprov-debug jar.

Without looking at the code our guess is someone might have used String.getBytes() to turn the password into bytes or something like that. Obviously that method would cause issues on some platforms and not others and so shouldn't be getting used.

We are using the exact same jar (copied from Windows to Linux).
We have tested using a password stored in a database, passed in from the command line, entered from a console and all 3 methods have the same issue on Linux and all 3 work on Windows.

We have emailed the test files to feedback-crypto at bouncycastle.org as well.
We are expecting that either res or dig is incorrect on Linux by the time it gets to if (!Arrays.constantTimeAreEqual(res, dig)).
We will be able to see the correct values for each of them on Windows.

Thanks

[yoseph-phillips]

Issue solved.
Someone had put an old version of brprov on the server having issues (not in the command line classpath):
Loaded org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi from file:/opt/java/jre1.8.0_201/lib/ext/bcprov-jdk15on-1.54.jar
After removing that it works fine.