From 2018415d85d7255005a03dca924e8cafa8cfc108 Mon Sep 17 00:00:00 2001
From: David Hook <dgh@cryptoworkshop.com>
Date: Tue, 24 Dec 2024 15:48:52 +1100
Subject: [PATCH] prevented addition of two id-oracle-pkcs12-trusted-key-usage
 attributes in PKCS12 files. Fix for github #1945

---
 .../jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java   | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/prov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/prov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index 57d13173f9..c74bc8d1fd 100644
--- a/prov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/prov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -1943,6 +1943,11 @@ private SafeBag createSafeBag(String certId, Certificate cert, boolean overwrite
                     continue;
                 }
 
+                if (oid.equals(MiscObjectIdentifiers.id_oracle_pkcs12_trusted_key_usage))
+                {
+                    continue;
+                }
+                
                 ASN1EncodableVector fSeq = new ASN1EncodableVector();
 
                 fSeq.add(oid);