diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2014-07-28 19:51:54.000000000 +0000
@@ -23,7 +23,9 @@
private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff };
private static final byte[] FALSE_VALUE = new byte[] { 0 };
- private byte[] value;
+ // BEGIN android-changed
+ final private byte[] value;
+ // END android-changed
public static final ASN1Boolean FALSE = new ASN1Boolean(false);
public static final ASN1Boolean TRUE = new ASN1Boolean(true);
@@ -79,6 +81,17 @@
return (value != 0 ? TRUE : FALSE);
}
+ // BEGIN android-added
+ /**
+ * return a ASN1Boolean from the passed in array.
+ */
+ public static ASN1Boolean getInstance(
+ byte[] octets)
+ {
+ return (octets[0] != 0) ? TRUE : FALSE;
+ }
+
+ // END android-added
/**
* return a Boolean from a tagged object.
*
@@ -105,7 +118,9 @@
}
}
- ASN1Boolean(
+ // BEGIN android-changed
+ protected ASN1Boolean(
+ // END android-changed
byte[] value)
{
if (value.length != 1)
@@ -131,8 +146,10 @@
* @deprecated use getInstance(boolean) method.
* @param value true or false.
*/
- public ASN1Boolean(
+ // BEGIN android-changed
+ protected ASN1Boolean(
boolean value)
+ // END android-changed
{
this.value = (value) ? TRUE_VALUE : FALSE_VALUE;
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 2014-07-28 19:51:54.000000000 +0000
@@ -8,6 +8,12 @@
public abstract class ASN1Null
extends ASN1Primitive
{
+ // BEGIN android-added
+ /*package*/ ASN1Null()
+ {
+ }
+
+ // END android-added
/**
* Return an instance of ASN.1 NULL from the passed in object.
* <p>
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2014-07-28 19:51:54.000000000 +0000
@@ -152,7 +152,13 @@
}
}
- this.identifier = objId.toString();
+ // BEGIN android-changed
+ /*
+ * Intern the identifier so there aren't hundreds of duplicates
+ * (in practice).
+ */
+ this.identifier = objId.toString().intern();
+ // END android-changed
this.body = Arrays.clone(bytes);
}
@@ -173,7 +179,13 @@
throw new IllegalArgumentException("string " + identifier + " not an OID");
}
- this.identifier = identifier;
+ // BEGIN android-changed
+ /*
+ * Intern the identifier so there aren't hundreds of duplicates
+ * (in practice).
+ */
+ this.identifier = identifier.intern();
+ // END android-changed
}
/**
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 2013-01-31 02:26:40.000000000 +0000
@@ -15,7 +15,9 @@
/**
* @deprecated use DERNull.INSTANCE
*/
- public DERNull()
+ // BEGIN android-changed
+ protected DERNull()
+ // END android-changed
{
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 2014-07-28 19:51:54.000000000 +0000
@@ -12,7 +12,9 @@
extends ASN1Primitive
implements ASN1String
{
- private byte[] string;
+ // BEGIN android-changed
+ private final byte[] string;
+ // END android-changed
/**
* return a printable string from the passed in object.
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 2014-05-05 17:17:14.000000000 +0000
@@ -8,7 +8,9 @@
class StreamUtil
{
- private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory();
+ // BEGIN android-removed
+ // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory();
+ // END android-removed
/**
* Find out possible longest length...
@@ -48,12 +50,15 @@
}
}
- if (MAX_MEMORY > Integer.MAX_VALUE)
+ // BEGIN android-changed
+ long maxMemory = Runtime.getRuntime().maxMemory();
+ if (maxMemory > Integer.MAX_VALUE)
{
return Integer.MAX_VALUE;
}
- return (int)MAX_MEMORY;
+ return (int) maxMemory;
+ // END android-changed
}
static int calculateBodyLength(
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 2013-12-12 00:35:05.000000000 +0000
@@ -28,7 +28,9 @@
*/
public class ContentInfo
extends ASN1Object
- implements CMSObjectIdentifiers
+ // BEGIN android-removed
+ // implements CMSObjectIdentifiers
+ // END android-removed
{
private ASN1ObjectIdentifier contentType;
private ASN1Encodable content;
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-12-12 00:35:05.000000000 +0000
@@ -13,10 +13,12 @@
static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1");
/** PKCS#1: 1.2.840.113549.1.1.1 */
static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1");
- /** PKCS#1: 1.2.840.113549.1.1.2 */
- static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2");
- /** PKCS#1: 1.2.840.113549.1.1.3 */
- static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3");
+ // BEGIN android-removed
+ // /** PKCS#1: 1.2.840.113549.1.1.2 */
+ // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2");
+ // /** PKCS#1: 1.2.840.113549.1.1.3 */
+ // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3");
+ // END android-removed
/** PKCS#1: 1.2.840.113549.1.1.4 */
static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4");
/** PKCS#1: 1.2.840.113549.1.1.5 */
@@ -96,15 +98,19 @@
// md2 OBJECT IDENTIFIER ::=
// {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2}
//
- /** 1.2.840.113549.2.2 */
- static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2");
+ // BEGIN android-removed
+ // /** 1.2.840.113549.2.2 */
+ // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2");
+ // END android-removed
//
// md4 OBJECT IDENTIFIER ::=
// {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4}
//
- /** 1.2.840.113549.2.4 */
- static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4");
+ // BEGIN android-removed
+ // /** 1.2.840.113549.2.4 */
+ // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4");
+ // END android-removed
//
// md5 OBJECT IDENTIFIER ::=
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2014-07-28 19:51:54.000000000 +0000
@@ -14,7 +14,9 @@
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+// BEGIN android-changed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-changed
/**
* The AuthorityKeyIdentifier object.
@@ -106,7 +108,9 @@
public AuthorityKeyIdentifier(
SubjectPublicKeyInfo spki)
{
- Digest digest = new SHA1Digest();
+ // BEGIN android-changed
+ Digest digest = AndroidDigestFactory.getSHA1();
+ // END android-changed
byte[] resBuf = new byte[digest.getDigestSize()];
byte[] bytes = spki.getPublicKeyData().getBytes();
@@ -125,7 +129,9 @@
GeneralNames name,
BigInteger serialNumber)
{
- Digest digest = new SHA1Digest();
+ // BEGIN android-changed
+ Digest digest = AndroidDigestFactory.getSHA1();
+ // END android-changed
byte[] resBuf = new byte[digest.getDigestSize()];
byte[] bytes = spki.getPublicKeyData().getBytes();
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 2013-12-12 00:35:05.000000000 +0000
@@ -255,8 +255,10 @@
*/
public static final Hashtable SymbolLookUp = DefaultLookUp;
- private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility
- private static final Boolean FALSE = new Boolean(false);
+ // BEGIN android-changed
+ private static final Boolean TRUE = Boolean.TRUE;
+ private static final Boolean FALSE = Boolean.FALSE;
+ // END android-changed
static
{
@@ -446,7 +448,9 @@
throw new IllegalArgumentException("cannot encode value");
}
}
- added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility
+ // BEGIN android-changed
+ added.addElement(Boolean.valueOf(i != 0));
+ // END android-changed
}
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-05-25 02:14:15.000000000 +0000
@@ -78,6 +78,17 @@
}
else
{
+ // BEGIN android-added
+ // copied from a newer version of BouncyCastle
+ if (c == '#' && buf.charAt(buf.length() - 1) == '=')
+ {
+ buf.append('\\');
+ }
+ else if (c == '+' && separator != '+')
+ {
+ buf.append('\\');
+ }
+ // END android-added
buf.append(c);
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2014-07-28 19:51:54.000000000 +0000
@@ -6,7 +6,9 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.sec.SECNamedCurves;
-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
+// END android-removed
/**
* A general class that reads all X9.62 style EC curve tables.
@@ -30,10 +32,12 @@
ecP = SECNamedCurves.getByName(name);
}
- if (ecP == null)
- {
- ecP = TeleTrusTNamedCurves.getByName(name);
- }
+ // BEGIN android-removed
+ // if (ecP == null)
+ // {
+ // ecP = TeleTrusTNamedCurves.getByName(name);
+ // }
+ // END android-removed
if (ecP == null)
{
@@ -59,10 +63,12 @@
oid = SECNamedCurves.getOID(name);
}
- if (oid == null)
- {
- oid = TeleTrusTNamedCurves.getOID(name);
- }
+ // BEGIN android-removed
+ // if (oid == null)
+ // {
+ // oid = TeleTrusTNamedCurves.getOID(name);
+ // }
+ // END android-removed
if (oid == null)
{
@@ -89,10 +95,12 @@
ecP = SECNamedCurves.getByOID(oid);
}
- if (ecP == null)
- {
- ecP = TeleTrusTNamedCurves.getByOID(oid);
- }
+ // BEGIN android-removed
+ // if (ecP == null)
+ // {
+ // ecP = TeleTrusTNamedCurves.getByOID(oid);
+ // }
+ // END android-removed
// NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup
@@ -111,7 +119,9 @@
addEnumeration(v, X962NamedCurves.getNames());
addEnumeration(v, SECNamedCurves.getNames());
addEnumeration(v, NISTNamedCurves.getNames());
- addEnumeration(v, TeleTrusTNamedCurves.getNames());
+ // BEGIN android-removed
+ // addEnumeration(v, TeleTrusTNamedCurves.getNames());
+ // END android-removed
return v.elements();
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-09-26 18:06:21.000000000 +0000
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.Digest;
+
+/**
+ * Level of indirection to let us select OpenSSLDigest implementations
+ * for libcore but fallback to BouncyCastle ones on the RI.
+ */
+public final class AndroidDigestFactory {
+ private static final String OpenSSLFactoryClassName
+ = AndroidDigestFactory.class.getName() + "OpenSSL";
+ private static final String BouncyCastleFactoryClassName
+ = AndroidDigestFactory.class.getName() + "BouncyCastle";
+
+ private static final AndroidDigestFactoryInterface FACTORY;
+ static {
+ Class factoryImplementationClass;
+ try {
+ factoryImplementationClass = Class.forName(OpenSSLFactoryClassName);
+ // Double check for NativeCrypto in case we are running on RI for testing
+ Class.forName("com.android.org.conscrypt.NativeCrypto");
+ } catch (ClassNotFoundException e1) {
+ try {
+ factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName);
+ } catch (ClassNotFoundException e2) {
+ AssertionError e = new AssertionError("Failed to load "
+ + "AndroidDigestFactoryInterface "
+ + "implementation. Looked for "
+ + OpenSSLFactoryClassName + " and "
+ + BouncyCastleFactoryClassName);
+ e.initCause(e1);
+ throw e;
+ }
+ }
+ if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) {
+ throw new AssertionError(factoryImplementationClass
+ + "does not implement AndroidDigestFactoryInterface");
+ }
+ try {
+ FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance();
+ } catch (InstantiationException e) {
+ throw new AssertionError(e);
+ } catch (IllegalAccessException e) {
+ throw new AssertionError(e);
+ }
+ }
+
+ public static Digest getMD5() {
+ return FACTORY.getMD5();
+ }
+
+ public static Digest getSHA1() {
+ return FACTORY.getSHA1();
+ }
+
+ public static Digest getSHA224() {
+ return FACTORY.getSHA224();
+ }
+
+ public static Digest getSHA256() {
+ return FACTORY.getSHA256();
+ }
+
+ public static Digest getSHA384() {
+ return FACTORY.getSHA384();
+ }
+
+ public static Digest getSHA512() {
+ return FACTORY.getSHA512();
+ }
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-09-26 18:06:21.000000000 +0000
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.Digest;
+
+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface {
+ public Digest getMD5() {
+ return new MD5Digest();
+ }
+ public Digest getSHA1() {
+ return new SHA1Digest();
+ }
+ public Digest getSHA224() {
+ return new SHA224Digest();
+ }
+ public Digest getSHA256() {
+ return new SHA256Digest();
+ }
+ public Digest getSHA384() {
+ return new SHA384Digest();
+ }
+ public Digest getSHA512() {
+ return new SHA512Digest();
+ }
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-09-26 18:06:21.000000000 +0000
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.Digest;
+
+interface AndroidDigestFactoryInterface {
+ public Digest getMD5();
+ public Digest getSHA1();
+ public Digest getSHA224();
+ public Digest getSHA256();
+ public Digest getSHA384();
+ public Digest getSHA512();
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-09-26 18:06:21.000000000 +0000
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.Digest;
+
+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface {
+ public Digest getMD5() {
+ return new OpenSSLDigest.MD5();
+ }
+ public Digest getSHA1() {
+ return new OpenSSLDigest.SHA1();
+ }
+ public Digest getSHA224() {
+ return new OpenSSLDigest.SHA224();
+ }
+ public Digest getSHA256() {
+ return new OpenSSLDigest.SHA256();
+ }
+ public Digest getSHA384() {
+ return new OpenSSLDigest.SHA384();
+ }
+ public Digest getSHA512() {
+ return new OpenSSLDigest.SHA512();
+ }
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2014-02-27 18:09:19.000000000 +0000
@@ -0,0 +1,97 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.ExtendedDigest;
+import org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi;
+import java.security.DigestException;
+import java.security.MessageDigest;
+
+/**
+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This
+ * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it.
+ */
+public class OpenSSLDigest implements ExtendedDigest {
+ private final MessageDigest delegate;
+
+ private final int byteSize;
+
+ public OpenSSLDigest(String algorithm, int byteSize) {
+ try {
+ delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL");
+ this.byteSize = byteSize;
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public String getAlgorithmName() {
+ return delegate.getAlgorithm();
+ }
+
+ public int getDigestSize() {
+ return delegate.getDigestLength();
+ }
+
+ public int getByteLength() {
+ return byteSize;
+ }
+
+ public void reset() {
+ delegate.reset();
+ }
+
+ public void update(byte in) {
+ delegate.update(in);
+ }
+
+ public void update(byte[] in, int inOff, int len) {
+ delegate.update(in, inOff, len);
+ }
+
+ public int doFinal(byte[] out, int outOff) {
+ try {
+ return delegate.digest(out, outOff, out.length - outOff);
+ } catch (DigestException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public static class MD5 extends OpenSSLDigest {
+ public MD5() { super("MD5", 64); }
+ }
+
+ public static class SHA1 extends OpenSSLDigest {
+ public SHA1() { super("SHA-1", 64); }
+ }
+
+ public static class SHA224 extends OpenSSLDigest {
+ public SHA224() { super("SHA-224", 64); }
+ }
+
+ public static class SHA256 extends OpenSSLDigest {
+ public SHA256() { super("SHA-256", 64); }
+ }
+
+ public static class SHA384 extends OpenSSLDigest {
+ public SHA384() { super("SHA-384", 128); }
+ }
+
+ public static class SHA512 extends OpenSSLDigest {
+ public SHA512() { super("SHA-512", 128); }
+ }
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2014-07-28 19:51:54.000000000 +0000
@@ -10,7 +10,9 @@
import org.bouncycastle.asn1.x9.X9ECParametersHolder;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.custom.djb.Curve25519;
+// BEGIN android-removed
+// import org.bouncycastle.math.ec.custom.djb.Curve25519;
+// END android-removed
import org.bouncycastle.math.ec.custom.sec.SecP192K1Curve;
import org.bouncycastle.math.ec.custom.sec.SecP192R1Curve;
import org.bouncycastle.math.ec.custom.sec.SecP224K1Curve;
@@ -36,32 +38,34 @@
return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create();
}
- /*
- * curve25519
- */
- static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
- {
- protected X9ECParameters createParameters()
- {
- byte[] S = null;
- ECCurve curve = configureCurve(new Curve25519());
-
- /*
- * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
- * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
- *
- * The Curve25519 paper doesn't say which of the two possible y values the base
- * point has. The choice here is guided by language in the Ed25519 paper.
- *
- * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14)
- */
- ECPoint G = curve.decodePoint(Hex.decode("04"
- + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
- + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
-
- return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- }
- };
+ // BEGIN android-removed
+ // /*
+ // * curve25519
+ // */
+ // static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
+ // {
+ // protected X9ECParameters createParameters()
+ // {
+ // byte[] S = null;
+ // ECCurve curve = configureCurve(new Curve25519());
+ //
+ // /*
+ // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
+ // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
+ // *
+ // * The Curve25519 paper doesn't say which of the two possible y values the base
+ // * point has. The choice here is guided by language in the Ed25519 paper.
+ // *
+ // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14)
+ // */
+ // ECPoint G = curve.decodePoint(Hex.decode("04"
+ // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
+ // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
+ //
+ // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ // }
+ // };
+ // END android-removed
/*
* secp192k1
@@ -254,7 +258,9 @@
static
{
- defineCurve("curve25519", curve25519);
+ // BEGIN android-removed
+ // defineCurve("curve25519", curve25519);
+ // END android-removed
defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1);
defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1);
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-05-25 02:14:15.000000000 +0000
@@ -6,7 +6,9 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+// BEGIN android-changed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-changed
import org.bouncycastle.crypto.params.ParametersWithRandom;
/**
@@ -25,7 +27,9 @@
public OAEPEncoding(
AsymmetricBlockCipher cipher)
{
- this(cipher, new SHA1Digest(), null);
+ // BEGIN android-changed
+ this(cipher, AndroidDigestFactory.getSHA1(), null);
+ // END android-changed
}
public OAEPEncoding(
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-04-09 13:10:16.000000000 +0000
@@ -378,6 +378,12 @@
throw new InvalidCipherTextException("unknown block type");
}
}
+ // BEGIN android-added
+ if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey))
+ {
+ throw new InvalidCipherTextException("invalid block type " + type);
+ }
+ // END android-added
if (useStrictLength && block.length != engine.getOutputBlockSize())
{
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2014-07-28 19:51:54.000000000 +0000
@@ -6,7 +6,9 @@
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+// BEGIN android-changed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-changed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
@@ -52,7 +54,9 @@
//
// checksum digest
//
- Digest sha1 = new SHA1Digest();
+ // BEGIN android-changed
+ Digest sha1 = AndroidDigestFactory.getSHA1();
+ // END android-changed
byte[] digest = new byte[20];
/**
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 2014-07-28 19:51:54.000000000 +0000
@@ -3,11 +3,18 @@
import java.math.BigInteger;
import java.security.SecureRandom;
+// BEGIN android-added
+import java.util.logging.Logger;
+// END android-added
import org.bouncycastle.math.ec.WNafUtil;
import org.bouncycastle.util.BigIntegers;
class DHParametersHelper
{
+ // BEGIN android-added
+ private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName());
+ // END android-added
+
private static final BigInteger ONE = BigInteger.valueOf(1);
private static final BigInteger TWO = BigInteger.valueOf(2);
@@ -18,12 +25,20 @@
*/
static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random)
{
+ // BEGIN android-added
+ logger.info("Generating safe primes. This may take a long time.");
+ long start = System.currentTimeMillis();
+ int tries = 0;
+ // END android-added
BigInteger p, q;
int qLength = size - 1;
int minWeight = size >>> 2;
for (;;)
{
+ // BEGIN android-added
+ tries++;
+ // END android-added
q = new BigInteger(qLength, 2, random);
// p <- 2q + 1
@@ -52,6 +67,11 @@
break;
}
+ // BEGIN android-added
+ long end = System.currentTimeMillis();
+ long duration = end - start;
+ logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms");
+ // END android-added
return new BigInteger[] { p, q };
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2014-07-28 19:51:54.000000000 +0000
@@ -4,7 +4,9 @@
import java.security.SecureRandom;
import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+// BEGIN android-changed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-changed
import org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
import org.bouncycastle.crypto.params.DSAParameters;
import org.bouncycastle.crypto.params.DSAValidationParameters;
@@ -31,7 +33,9 @@
public DSAParametersGenerator()
{
- this(new SHA1Digest());
+ // BEGIN android-changed
+ this(AndroidDigestFactory.getSHA1());
+ // END android-changed
}
public DSAParametersGenerator(Digest digest)
@@ -122,7 +126,9 @@
int n = (L - 1) / 160;
byte[] w = new byte[L / 8];
- if (!(digest instanceof SHA1Digest))
+ // BEGIN android-changed
+ if (!(digest.getAlgorithmName().equals("SHA-1")))
+ // END android-changed
{
throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters");
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000
@@ -3,7 +3,9 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.MD5Digest;
+// BEGIN android-changed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-changed
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
@@ -17,7 +19,9 @@
public class OpenSSLPBEParametersGenerator
extends PBEParametersGenerator
{
- private Digest digest = new MD5Digest();
+ // BEGIN android-changed
+ private Digest digest = AndroidDigestFactory.getMD5();
+ // END android-changed
/**
* Construct a OpenSSL Parameters generator.
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-12-12 00:35:05.000000000 +0000
@@ -4,7 +4,9 @@
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.Mac;
import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+// BEGIN android-changed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-changed
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
@@ -28,7 +30,9 @@
*/
public PKCS5S2ParametersGenerator()
{
- this(new SHA1Digest());
+ // BEGIN android-changed
+ this(AndroidDigestFactory.getSHA1());
+ // END android-changed
}
public PKCS5S2ParametersGenerator(Digest digest)
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 2013-09-26 18:06:21.000000000 +0000
@@ -36,14 +36,18 @@
{
blockLengths = new Hashtable();
- blockLengths.put("GOST3411", Integers.valueOf(32));
-
- blockLengths.put("MD2", Integers.valueOf(16));
- blockLengths.put("MD4", Integers.valueOf(64));
+ // BEGIN android-removed
+ // blockLengths.put("GOST3411", Integers.valueOf(32));
+ //
+ // blockLengths.put("MD2", Integers.valueOf(16));
+ // blockLengths.put("MD4", Integers.valueOf(64));
+ // END android-removed
blockLengths.put("MD5", Integers.valueOf(64));
- blockLengths.put("RIPEMD128", Integers.valueOf(64));
- blockLengths.put("RIPEMD160", Integers.valueOf(64));
+ // BEGIN android-removed
+ // blockLengths.put("RIPEMD128", Integers.valueOf(64));
+ // blockLengths.put("RIPEMD160", Integers.valueOf(64));
+ // END android-removed
blockLengths.put("SHA-1", Integers.valueOf(64));
blockLengths.put("SHA-224", Integers.valueOf(64));
@@ -51,8 +55,10 @@
blockLengths.put("SHA-384", Integers.valueOf(128));
blockLengths.put("SHA-512", Integers.valueOf(128));
- blockLengths.put("Tiger", Integers.valueOf(64));
- blockLengths.put("Whirlpool", Integers.valueOf(64));
+ // BEGIN android-removed
+ // blockLengths.put("Tiger", Integers.valueOf(64));
+ // blockLengths.put("Whirlpool", Integers.valueOf(64));
+ // END android-removed
}
private static int getByteLength(
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-04-09 13:10:16.000000000 +0000
@@ -24,6 +24,11 @@
implements AEADBlockCipher
{
private static final int BLOCK_SIZE = 16;
+ // BEGIN android-added
+ // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak
+ // plaintext and authentication key
+ private static final long MAX_INPUT_SIZE = 68719476704L;
+ // END android-added
// not final due to a compiler bug
private BlockCipher cipher;
@@ -202,6 +207,14 @@
return totalData < macSize ? 0 : totalData - macSize;
}
+ // BEGIN android-added
+ /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */
+ private long getTotalInputSizeAfterNewInput(int newInputLen)
+ {
+ return totalLength + newInputLen + bufOff;
+ }
+ // END android-added
+
public int getUpdateOutputSize(int len)
{
int totalData = len + bufOff;
@@ -218,6 +231,11 @@
public void processAADByte(byte in)
{
+ // BEGIN android-added
+ if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+ }
+ // END android-added
atBlock[atBlockPos] = in;
if (++atBlockPos == BLOCK_SIZE)
{
@@ -230,6 +248,11 @@
public void processAADBytes(byte[] in, int inOff, int len)
{
+ // BEGIN android-added
+ if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+ }
+ // END android-added
for (int i = 0; i < len; ++i)
{
atBlock[atBlockPos] = in[inOff + i];
@@ -267,6 +290,11 @@
public int processByte(byte in, byte[] out, int outOff)
throws DataLengthException
{
+ // BEGIN android-added
+ if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+ }
+ // END android-added
bufBlock[bufOff] = in;
if (++bufOff == bufBlock.length)
{
@@ -279,6 +307,11 @@
public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
throws DataLengthException
{
+ // BEGIN android-added
+ if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+ }
+ // END android-added
if (in.length < (inOff + len))
{
throw new DataLengthException("Input buffer too short");
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-04-09 13:10:16.000000000 +0000
@@ -39,9 +39,11 @@
*/
static
{
- oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
- oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
- oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
+ // BEGIN android-removed
+ // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
+ // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
+ // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
+ // END android-removed
oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1);
oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224);
@@ -51,8 +53,10 @@
oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224);
oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256);
- oidMap.put("MD2", PKCSObjectIdentifiers.md2);
- oidMap.put("MD4", PKCSObjectIdentifiers.md4);
+ // BEGIN android-removed
+ // oidMap.put("MD2", PKCSObjectIdentifiers.md2);
+ // oidMap.put("MD4", PKCSObjectIdentifiers.md4);
+ // END android-removed
oidMap.put("MD5", PKCSObjectIdentifiers.md5);
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2014-07-28 19:51:54.000000000 +0000
@@ -9,7 +9,9 @@
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// END android-removed
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.DHParameter;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -31,8 +33,10 @@
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECNamedDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.params.ElGamalParameters;
+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
+// END android-removed
import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
/**
@@ -98,14 +102,16 @@
return new DHPrivateKeyParameters(derX.getValue(), dhParams);
}
- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
- {
- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
- ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
-
- return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
- params.getP(), params.getG()));
- }
+ // BEGIN android-removed
+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
+ // {
+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
+ // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
+ //
+ // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
+ // params.getP(), params.getG()));
+ // }
+ // END android-removed
else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa))
{
ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 2014-07-28 19:51:54.000000000 +0000
@@ -11,7 +11,9 @@
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// END android-removed
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.DHParameter;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -38,8 +40,10 @@
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECNamedDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.params.ElGamalParameters;
+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
+// END android-removed
import org.bouncycastle.crypto.params.RSAKeyParameters;
/**
@@ -133,14 +137,16 @@
return new DHPublicKeyParameters(derY.getValue(), dhParams);
}
- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
- {
- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
- ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
-
- return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
- params.getP(), params.getG()));
- }
+ // BEGIN android-removed
+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
+ // {
+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
+ // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
+ //
+ // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
+ // params.getP(), params.getG()));
+ // }
+ // END android-removed
else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)
|| algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1))
{
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2014-07-28 19:51:54.000000000 +0000
@@ -35,10 +35,12 @@
provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi");
- provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES");
- provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES");
- provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES");
- provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES");
+ // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES");
+ // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES");
+ // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede");
+ // END android-removed
registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi());
registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi());
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-06-01 19:10:55.000000000 +0000
@@ -27,40 +27,55 @@
provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi");
provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi");
- provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA");
+ // BEGIN android-changed
+ provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA");
+ // END android-changed
provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA");
provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA");
- provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
- provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
- provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
- provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
- provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
- provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
+ // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
+ // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
+ // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
+ // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
+ // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
+ // END android-removed
addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224);
addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256);
- addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
- addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
-
- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA");
- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA");
-
- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA");
+ // BEGIN android-removed
+ // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
+ // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
+ // END android-removed
+
+ // BEGIN android-added
+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA");
+ // END android-added
+ // BEGIN android-changed
+ provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA");
+ // END android-changed
+
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA");
+ // END android-removed
AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi();
for (int i = 0; i != DSAUtil.dsaOids.length; i++)
{
- provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA");
+ // BEGIN android-changed
+ provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA");
+ // END android-changed
registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact);
registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA");
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-04-09 13:10:16.000000000 +0000
@@ -1,8 +1,10 @@
package org.bouncycastle.jcajce.provider.asymmetric;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
@@ -22,45 +24,59 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH");
- provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
- provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV");
- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF");
- provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
+ // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV");
+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF");
+ // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
+ // END android-removed
registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC());
// TODO Should this be an alias for ECDH?
registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
- registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
-
- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC");
+ // BEGIN android-removed
+ // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+ //
+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem
+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle).
+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC");
+ // END android-removed
// TODO Should this be an alias for ECDH?
- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC");
- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
+ // BEGIN android-removed
+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem
+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle).
+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC");
+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
+ // END android-removed
provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC");
- provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
- provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
- provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
- provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
+ // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
+ // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
+ // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
+ // END android-removed
provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC");
- provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
- provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
- provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
- provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC");
- provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH");
- provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
-
- provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
- provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES");
- provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES");
- provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
- provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
- provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
- provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
- provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
- provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
+ // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
+ // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
+ // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC");
+ // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH");
+ // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
+ //
+ // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
+ // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES");
+ // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES");
+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
+ // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
+ // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
+ // END android-removed
provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA");
provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone");
@@ -72,39 +88,43 @@
provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA");
provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA");
provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA");
- provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
-
- provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
- provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
- provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224");
- provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256");
- provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384");
- provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
+ //
+ // provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
+ // provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
+ // provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224");
+ // provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256");
+ // provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384");
+ // provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512");
+ // END android-removed
addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224);
addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256);
addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384);
addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512);
- addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
-
- provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR");
- provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224");
- provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256");
- provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384");
- provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512");
-
- addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
- addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
- addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
- addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
- addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
-
- addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
- addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224);
- addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256);
- addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
- addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
- addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
+ // BEGIN android-removed
+ // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
+ //
+ // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR");
+ // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224");
+ // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256");
+ // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384");
+ // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512");
+ //
+ // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
+ // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
+ // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
+ // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
+ // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
+ //
+ // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
+ // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224);
+ // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256);
+ // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
+ // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
+ // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
+ // END android-removed
}
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-04-09 13:10:16.000000000 +0000
@@ -3,7 +3,9 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
@@ -24,41 +26,49 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP");
- provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS");
-
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
-
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS");
-
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
+ // BEGIN android-removed
+ // provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS");
+ //
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
+ //
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS");
+ //
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
+ // END android-removed
provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding");
- provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding");
- provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
- provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
- provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
- provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly");
- provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly");
- provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
- provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
+ // BEGIN android-changed
+ provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA");
+ // END android-changed
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
+ // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
+ // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
+ // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly");
+ // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly");
+ // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
+ // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA");
provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA");
- provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
- provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
- provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
+ // END android-removed
provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi");
provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi");
@@ -68,79 +78,89 @@
registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact);
registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact);
registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact);
- registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
-
- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
- registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA");
- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP");
- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS");
-
-
- provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA");
- provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
- provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
-
- provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA");
- provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA");
- provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA");
- provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA");
- provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA");
- provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA");
- provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA");
- provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA");
-
- provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA");
- provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS");
-
- provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA");
- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA");
- provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS");
- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS");
- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS");
- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS");
- provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS");
-
-
- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS");
- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS");
- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS");
- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS");
-
- if (provider.hasAlgorithm("MessageDigest", "MD2"))
- {
- addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption);
- }
-
- if (provider.hasAlgorithm("MessageDigest", "MD4"))
- {
- addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
- }
+ // BEGIN android-removed
+ // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
+ //
+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
+ // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA");
+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP");
+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS");
+ //
+ //
+ // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA");
+ // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
+ // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
+ //
+ // provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA");
+ // provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA");
+ // provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA");
+ // provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA");
+ // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA");
+ // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA");
+ // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA");
+ // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA");
+ //
+ // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA");
+ // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS");
+ //
+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA");
+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA");
+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS");
+ //
+ //
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS");
+ //
+ // if (provider.hasAlgorithm("MessageDigest", "MD2"))
+ // {
+ // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption);
+ // }
+ //
+ // if (provider.hasAlgorithm("MessageDigest", "MD4"))
+ // {
+ // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
+ // }
+ // END android-removed
if (provider.hasAlgorithm("MessageDigest", "MD5"))
{
addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption);
- provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
- provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2");
+ // END android-removed
+ // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
+ // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2");
+ // END android-removed
}
if (provider.hasAlgorithm("MessageDigest", "SHA1"))
{
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
- provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA");
- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS");
- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
+ // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS");
+ // END android-removed
addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption);
- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2");
- provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2");
+ // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31");
- provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
+ // END android-removed
}
addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption);
@@ -148,52 +168,54 @@
addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption);
addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption);
- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31");
- provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption");
- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31");
- provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption");
- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31");
- provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption");
- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31");
- provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption");
-
- if (provider.hasAlgorithm("MessageDigest", "RIPEMD128"))
- {
- addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
- addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null);
- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
- provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
- }
-
- if (provider.hasAlgorithm("MessageDigest", "RIPEMD160"))
- {
- addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
- addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null);
- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2");
- provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption");
- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
- provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
- }
-
- if (provider.hasAlgorithm("MessageDigest", "RIPEMD256"))
- {
- addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null);
- }
-
- if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL"))
- {
- provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
- provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
- }
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption");
+ //
+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128"))
+ // {
+ // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+ // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null);
+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
+ // }
+ //
+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160"))
+ // {
+ // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+ // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null);
+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2");
+ // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption");
+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
+ // }
+ //
+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256"))
+ // {
+ // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null);
+ // }
+ //
+ // if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL"))
+ // {
+ // provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
+ // provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
+ // }
+ // END android-removed
}
private void addDigestSignature(
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-09-17 23:04:47.000000000 +0000
@@ -18,8 +18,10 @@
public void configure(ConfigurableProvider provider)
{
- provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
- provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
+ // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
+ // END android-removed
//
// certificate factories.
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-12-12 00:35:05.000000000 +0000
@@ -23,13 +23,20 @@
import org.bouncycastle.crypto.DSA;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
+// BEGIN android-added
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-added
+// BEGIN android-removed
+// import org.bouncycastle.crypto.digests.SHA1Digest;
+// import org.bouncycastle.crypto.digests.SHA224Digest;
+// import org.bouncycastle.crypto.digests.SHA256Digest;
+// import org.bouncycastle.crypto.digests.SHA384Digest;
+// import org.bouncycastle.crypto.digests.SHA512Digest;
+// END android-removed
import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// END android-removed
public class DSASigner
extends SignatureSpi
@@ -217,90 +224,102 @@
{
public stdDSA()
{
- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner());
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
+ // END android-changed
}
}
- static public class detDSA
- extends DSASigner
- {
- public detDSA()
- {
- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest())));
- }
- }
+ // BEGIN android-removed
+ // static public class detDSA
+ // extends DSASigner
+ // {
+ // public detDSA()
+ // {
+ // super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest())));
+ // }
+ // }
+ // END android-removed
static public class dsa224
extends DSASigner
{
public dsa224()
{
- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner());
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
+ // END android-changed
}
}
- static public class detDSA224
- extends DSASigner
- {
- public detDSA224()
- {
- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest())));
- }
- }
+ // BEGIN android-removed
+ // static public class detDSA224
+ // extends DSASigner
+ // {
+ // public detDSA224()
+ // {
+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest())));
+ // }
+ // }
+ // END android-removed
static public class dsa256
extends DSASigner
{
public dsa256()
{
- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner());
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
+ // END android-changed
}
}
- static public class detDSA256
- extends DSASigner
- {
- public detDSA256()
- {
- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest())));
- }
- }
-
- static public class dsa384
- extends DSASigner
- {
- public dsa384()
- {
- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner());
- }
- }
-
- static public class detDSA384
- extends DSASigner
- {
- public detDSA384()
- {
- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest())));
- }
- }
-
- static public class dsa512
- extends DSASigner
- {
- public dsa512()
- {
- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner());
- }
- }
-
- static public class detDSA512
- extends DSASigner
- {
- public detDSA512()
- {
- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest())));
- }
- }
+ // BEGIN android-removed
+ // static public class detDSA256
+ // extends DSASigner
+ // {
+ // public detDSA256()
+ // {
+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest())));
+ // }
+ // }
+ //
+ // static public class dsa384
+ // extends DSASigner
+ // {
+ // public dsa384()
+ // {
+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner());
+ // }
+ // }
+ //
+ // static public class detDSA384
+ // extends DSASigner
+ // {
+ // public detDSA384()
+ // {
+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest())));
+ // }
+ // }
+ //
+ // static public class dsa512
+ // extends DSASigner
+ // {
+ // public dsa512()
+ // {
+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner());
+ // }
+ // }
+ //
+ // static public class detDSA512
+ // extends DSASigner
+ // {
+ // public detDSA512()
+ // {
+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest())));
+ // }
+ // }
+ // END android-removed
static public class noneDSA
extends DSASigner
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-06-01 19:10:55.000000000 +0000
@@ -23,6 +23,9 @@
public static final ASN1ObjectIdentifier[] dsaOids =
{
X9ObjectIdentifiers.id_dsa,
+ // BEGIN android-added
+ X9ObjectIdentifiers.id_dsa_with_sha1,
+ // END android-added
OIWObjectIdentifiers.dsaWithSHA1
};
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2014-07-28 19:51:54.000000000 +0000
@@ -24,22 +24,28 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.DerivationFunction;
import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
-import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
+// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator;
+// END android-removed
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.params.DESParameters;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.MQVPrivateParameters;
-import org.bouncycastle.crypto.params.MQVPublicParameters;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.params.MQVPrivateParameters;
+// import org.bouncycastle.crypto.params.MQVPublicParameters;
+// END android-removed
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jce.interfaces.ECPrivateKey;
import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.interfaces.MQVPrivateKey;
-import org.bouncycastle.jce.interfaces.MQVPublicKey;
+// BEGIN android-removed
+// import org.bouncycastle.jce.interfaces.MQVPrivateKey;
+// import org.bouncycastle.jce.interfaces.MQVPublicKey;
+// END android-removed
import org.bouncycastle.util.Integers;
import org.bouncycastle.util.Strings;
@@ -89,7 +95,9 @@
private BigInteger result;
private ECDomainParameters parameters;
private BasicAgreement agreement;
- private DerivationFunction kdf;
+ // BEGIN android-removed
+ // private DerivationFunction kdf;
+ // END android-removed
private byte[] bigIntToBytes(
BigInteger r)
@@ -104,7 +112,9 @@
{
this.kaAlgorithm = kaAlgorithm;
this.agreement = agreement;
- this.kdf = kdf;
+ // BEGIN android-removed
+ // this.kdf = kdf;
+ // END android-removed
}
protected Key engineDoPhase(
@@ -123,25 +133,27 @@
}
CipherParameters pubKey;
- if (agreement instanceof ECMQVBasicAgreement)
- {
- if (!(key instanceof MQVPublicKey))
- {
- throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
- + getSimpleName(MQVPublicKey.class) + " for doPhase");
- }
-
- MQVPublicKey mqvPubKey = (MQVPublicKey)key;
- ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
- ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey());
- ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
- ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
-
- pubKey = new MQVPublicParameters(staticKey, ephemKey);
-
- // TODO Validate that all the keys are using the same parameters?
- }
- else
+ // BEGIN android-removed
+ // if (agreement instanceof ECMQVBasicAgreement)
+ // {
+ // if (!(key instanceof MQVPublicKey))
+ // {
+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
+ // + getSimpleName(MQVPublicKey.class) + " for doPhase");
+ // }
+ //
+ // MQVPublicKey mqvPubKey = (MQVPublicKey)key;
+ // ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey());
+ // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
+ //
+ // pubKey = new MQVPublicParameters(staticKey, ephemKey);
+ //
+ // // TODO Validate that all the keys are using the same parameters?
+ // }
+ // else
+ // END android-removed
{
if (!(key instanceof PublicKey))
{
@@ -162,11 +174,13 @@
protected byte[] engineGenerateSecret()
throws IllegalStateException
{
- if (kdf != null)
- {
- throw new UnsupportedOperationException(
- "KDF can only be used when algorithm is known");
- }
+ // BEGIN android-removed
+ // if (kdf != null)
+ // {
+ // throw new UnsupportedOperationException(
+ // "KDF can only be used when algorithm is known");
+ // }
+ // END android-removed
return bigIntToBytes(result);
}
@@ -201,23 +215,25 @@
oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId();
}
- if (kdf != null)
- {
- if (!algorithms.containsKey(oidAlgorithm))
- {
- throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm);
- }
-
- int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue();
-
- DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret);
-
- byte[] keyBytes = new byte[keySize / 8];
- kdf.init(params);
- kdf.generateBytes(keyBytes, 0, keyBytes.length);
- secret = keyBytes;
- }
- else
+ // BEGIN android-removed
+ // if (kdf != null)
+ // {
+ // if (!algorithms.containsKey(oidAlgorithm))
+ // {
+ // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm);
+ // }
+ //
+ // int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue();
+ //
+ // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret);
+ //
+ // byte[] keyBytes = new byte[keySize / 8];
+ // kdf.init(params);
+ // kdf.generateBytes(keyBytes, 0, keyBytes.length);
+ // secret = keyBytes;
+ // }
+ // else
+ // END android-removed
{
if (algorithms.containsKey(oidAlgorithm))
{
@@ -264,35 +280,37 @@
private void initFromKey(Key key)
throws InvalidKeyException
{
- if (agreement instanceof ECMQVBasicAgreement)
- {
- if (!(key instanceof MQVPrivateKey))
- {
- throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
- + getSimpleName(MQVPrivateKey.class) + " for initialisation");
- }
-
- MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key;
- ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters)
- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
- ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters)
- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
-
- ECPublicKeyParameters ephemPubKey = null;
- if (mqvPrivKey.getEphemeralPublicKey() != null)
- {
- ephemPubKey = (ECPublicKeyParameters)
- ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
- }
-
- MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
- this.parameters = staticPrivKey.getParameters();
-
- // TODO Validate that all the keys are using the same parameters?
-
- agreement.init(localParams);
- }
- else
+ // BEGIN android-removed
+ // if (agreement instanceof ECMQVBasicAgreement)
+ // {
+ // if (!(key instanceof MQVPrivateKey))
+ // {
+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
+ // + getSimpleName(MQVPrivateKey.class) + " for initialisation");
+ // }
+ //
+ // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key;
+ // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters)
+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
+ // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters)
+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
+ //
+ // ECPublicKeyParameters ephemPubKey = null;
+ // if (mqvPrivKey.getEphemeralPublicKey() != null)
+ // {
+ // ephemPubKey = (ECPublicKeyParameters)
+ // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
+ // }
+ //
+ // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
+ // this.parameters = staticPrivKey.getParameters();
+ //
+ // // TODO Validate that all the keys are using the same parameters?
+ //
+ // agreement.init(localParams);
+ // }
+ // else
+ // END android-removed
{
if (!(key instanceof PrivateKey))
{
@@ -323,39 +341,41 @@
}
}
- public static class DHC
- extends KeyAgreementSpi
- {
- public DHC()
- {
- super("ECDHC", new ECDHCBasicAgreement(), null);
- }
- }
-
- public static class MQV
- extends KeyAgreementSpi
- {
- public MQV()
- {
- super("ECMQV", new ECMQVBasicAgreement(), null);
- }
- }
-
- public static class DHwithSHA1KDF
- extends KeyAgreementSpi
- {
- public DHwithSHA1KDF()
- {
- super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
- }
- }
-
- public static class MQVwithSHA1KDF
- extends KeyAgreementSpi
- {
- public MQVwithSHA1KDF()
- {
- super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
- }
- }
+ // BEGIN android-removed
+ // public static class DHC
+ // extends KeyAgreementSpi
+ // {
+ // public DHC()
+ // {
+ // super("ECDHC", new ECDHCBasicAgreement(), null);
+ // }
+ // }
+ //
+ // public static class MQV
+ // extends KeyAgreementSpi
+ // {
+ // public MQV()
+ // {
+ // super("ECMQV", new ECMQVBasicAgreement(), null);
+ // }
+ // }
+ //
+ // public static class DHwithSHA1KDF
+ // extends KeyAgreementSpi
+ // {
+ // public DHwithSHA1KDF()
+ // {
+ // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
+ // }
+ // }
+ //
+ // public static class MQVwithSHA1KDF
+ // extends KeyAgreementSpi
+ // {
+ // public MQVwithSHA1KDF()
+ // {
+ // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
+ // }
+ // }
+ // END android-removed
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-05-25 02:14:15.000000000 +0000
@@ -201,14 +201,16 @@
}
}
- public static class ECGOST3410
- extends KeyFactorySpi
- {
- public ECGOST3410()
- {
- super("ECGOST3410", BouncyCastleProvider.CONFIGURATION);
- }
- }
+ // BEGIN android-removed
+ // public static class ECGOST3410
+ // extends KeyFactorySpi
+ // {
+ // public ECGOST3410()
+ // {
+ // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION);
+ // }
+ // }
+ // END android-removed
public static class ECDH
extends KeyFactorySpi
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-05-12 17:22:22.000000000 +0000
@@ -42,7 +42,9 @@
ECKeyGenerationParameters param;
ECKeyPairGenerator engine = new ECKeyPairGenerator();
Object ecParams = null;
- int strength = 239;
+ // BEGIN android-changed
+ int strength = 256;
+ // BEGIN android-changed
int certainty = 50;
SecureRandom random = new SecureRandom();
boolean initialised = false;
@@ -84,7 +86,13 @@
SecureRandom random)
{
this.strength = strength;
+ // BEGIN android-added
+ if (random != null) {
+ // END android-added
this.random = random;
+ // BEGIN android-added
+ }
+ // END android-added
ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength));
if (ecParams == null)
@@ -107,6 +115,11 @@
SecureRandom random)
throws InvalidAlgorithmParameterException
{
+ // BEGIN android-added
+ if (random == null) {
+ random = this.random;
+ }
+ // END android-added
if (params == null)
{
ECParameterSpec implicitCA = configuration.getEcImplicitlyCa();
@@ -267,4 +280,4 @@
super("ECMQV", BouncyCastleProvider.CONFIGURATION);
}
}
-}
\ No newline at end of file
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2014-07-28 19:51:54.000000000 +0000
@@ -16,16 +16,23 @@
import org.bouncycastle.crypto.DSA;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
+// BEGIN android-added
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-added
+// BEGIN android-removed
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.digests.SHA1Digest;
+// import org.bouncycastle.crypto.digests.SHA224Digest;
+// import org.bouncycastle.crypto.digests.SHA256Digest;
+// import org.bouncycastle.crypto.digests.SHA384Digest;
+// import org.bouncycastle.crypto.digests.SHA512Digest;
+// END android-removed
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.crypto.signers.ECNRSigner;
-import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.signers.ECNRSigner;
+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// END android-removed
import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
@@ -70,18 +77,22 @@
{
public ecDSA()
{
- super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder());
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder());
+ // END android-changed
}
}
- static public class ecDetDSA
- extends SignatureSpi
- {
- public ecDetDSA()
- {
- super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder());
- }
- }
+ // BEGIN android-removed
+ // static public class ecDetDSA
+ // extends SignatureSpi
+ // {
+ // public ecDetDSA()
+ // {
+ // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder());
+ // }
+ // }
+ // END android-removed
static public class ecDSAnone
extends SignatureSpi
@@ -97,180 +108,196 @@
{
public ecDSA224()
{
- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder());
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder());
+ // END android-changed
}
}
- static public class ecDetDSA224
- extends SignatureSpi
- {
- public ecDetDSA224()
- {
- super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder());
- }
- }
+ // BEGIN android-removed
+ // static public class ecDetDSA224
+ // extends SignatureSpi
+ // {
+ // public ecDetDSA224()
+ // {
+ // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder());
+ // }
+ // }
+ // END android-removed
static public class ecDSA256
extends SignatureSpi
{
public ecDSA256()
{
- super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder());
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder());
+ // END android-changed
}
}
- static public class ecDetDSA256
- extends SignatureSpi
- {
- public ecDetDSA256()
- {
- super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder());
- }
- }
+ // BEGIN android-removed
+ // static public class ecDetDSA256
+ // extends SignatureSpi
+ // {
+ // public ecDetDSA256()
+ // {
+ // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder());
+ // }
+ // }
+ // END android-removed
static public class ecDSA384
extends SignatureSpi
{
public ecDSA384()
{
- super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder());
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder());
+ // END android-changed
}
}
- static public class ecDetDSA384
- extends SignatureSpi
- {
- public ecDetDSA384()
- {
- super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder());
- }
- }
+ // BEGIN android-removed
+ // static public class ecDetDSA384
+ // extends SignatureSpi
+ // {
+ // public ecDetDSA384()
+ // {
+ // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder());
+ // }
+ // }
+ // END android-removed
static public class ecDSA512
extends SignatureSpi
{
public ecDSA512()
{
- super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder());
- }
- }
-
- static public class ecDetDSA512
- extends SignatureSpi
- {
- public ecDetDSA512()
- {
- super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder());
- }
- }
-
- static public class ecDSARipeMD160
- extends SignatureSpi
- {
- public ecDSARipeMD160()
- {
- super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder());
- }
- }
-
- static public class ecNR
- extends SignatureSpi
- {
- public ecNR()
- {
- super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder());
- }
- }
-
- static public class ecNR224
- extends SignatureSpi
- {
- public ecNR224()
- {
- super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder());
- }
- }
-
- static public class ecNR256
- extends SignatureSpi
- {
- public ecNR256()
- {
- super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder());
- }
- }
-
- static public class ecNR384
- extends SignatureSpi
- {
- public ecNR384()
- {
- super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder());
- }
- }
-
- static public class ecNR512
- extends SignatureSpi
- {
- public ecNR512()
- {
- super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder());
- }
- }
-
- static public class ecCVCDSA
- extends SignatureSpi
- {
- public ecCVCDSA()
- {
- super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder());
- }
- }
-
- static public class ecCVCDSA224
- extends SignatureSpi
- {
- public ecCVCDSA224()
- {
- super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder());
- }
- }
-
- static public class ecCVCDSA256
- extends SignatureSpi
- {
- public ecCVCDSA256()
- {
- super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder());
- }
- }
-
- static public class ecCVCDSA384
- extends SignatureSpi
- {
- public ecCVCDSA384()
- {
- super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder());
- }
- }
-
- static public class ecCVCDSA512
- extends SignatureSpi
- {
- public ecCVCDSA512()
- {
- super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder());
- }
- }
-
- static public class ecPlainDSARP160
- extends SignatureSpi
- {
- public ecPlainDSARP160()
- {
- super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder());
- }
- }
+ // BEGIN android-changed
+ super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder());
+ // END android-changed
+ }
+ }
+
+ // BEGIN android-removed
+ // static public class ecDetDSA512
+ // extends SignatureSpi
+ // {
+ // public ecDetDSA512()
+ // {
+ // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecDSARipeMD160
+ // extends SignatureSpi
+ // {
+ // public ecDSARipeMD160()
+ // {
+ // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecNR
+ // extends SignatureSpi
+ // {
+ // public ecNR()
+ // {
+ // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecNR224
+ // extends SignatureSpi
+ // {
+ // public ecNR224()
+ // {
+ // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecNR256
+ // extends SignatureSpi
+ // {
+ // public ecNR256()
+ // {
+ // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecNR384
+ // extends SignatureSpi
+ // {
+ // public ecNR384()
+ // {
+ // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecNR512
+ // extends SignatureSpi
+ // {
+ // public ecNR512()
+ // {
+ // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecCVCDSA
+ // extends SignatureSpi
+ // {
+ // public ecCVCDSA()
+ // {
+ // super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecCVCDSA224
+ // extends SignatureSpi
+ // {
+ // public ecCVCDSA224()
+ // {
+ // super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecCVCDSA256
+ // extends SignatureSpi
+ // {
+ // public ecCVCDSA256()
+ // {
+ // super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecCVCDSA384
+ // extends SignatureSpi
+ // {
+ // public ecCVCDSA384()
+ // {
+ // super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecCVCDSA512
+ // extends SignatureSpi
+ // {
+ // public ecCVCDSA512()
+ // {
+ // super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder());
+ // }
+ // }
+ //
+ // static public class ecPlainDSARP160
+ // extends SignatureSpi
+ // {
+ // public ecPlainDSARP160()
+ // {
+ // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder());
+ // }
+ // }
+ // END android-removed
private static class StdDSAEncoder
implements DSAEncoder
@@ -302,66 +329,68 @@
}
}
- private static class PlainDSAEncoder
- implements DSAEncoder
- {
- public byte[] encode(
- BigInteger r,
- BigInteger s)
- throws IOException
- {
- byte[] first = makeUnsigned(r);
- byte[] second = makeUnsigned(s);
- byte[] res;
-
- if (first.length > second.length)
- {
- res = new byte[first.length * 2];
- }
- else
- {
- res = new byte[second.length * 2];
- }
-
- System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length);
- System.arraycopy(second, 0, res, res.length - second.length, second.length);
-
- return res;
- }
-
-
- private byte[] makeUnsigned(BigInteger val)
- {
- byte[] res = val.toByteArray();
-
- if (res[0] == 0)
- {
- byte[] tmp = new byte[res.length - 1];
-
- System.arraycopy(res, 1, tmp, 0, tmp.length);
-
- return tmp;
- }
-
- return res;
- }
-
- public BigInteger[] decode(
- byte[] encoding)
- throws IOException
- {
- BigInteger[] sig = new BigInteger[2];
-
- byte[] first = new byte[encoding.length / 2];
- byte[] second = new byte[encoding.length / 2];
-
- System.arraycopy(encoding, 0, first, 0, first.length);
- System.arraycopy(encoding, first.length, second, 0, second.length);
-
- sig[0] = new BigInteger(1, first);
- sig[1] = new BigInteger(1, second);
-
- return sig;
- }
- }
-}
\ No newline at end of file
+ // BEGIN android-removed
+ // private static class PlainDSAEncoder
+ // implements DSAEncoder
+ // {
+ // public byte[] encode(
+ // BigInteger r,
+ // BigInteger s)
+ // throws IOException
+ // {
+ // byte[] first = makeUnsigned(r);
+ // byte[] second = makeUnsigned(s);
+ // byte[] res;
+ //
+ // if (first.length > second.length)
+ // {
+ // res = new byte[first.length * 2];
+ // }
+ // else
+ // {
+ // res = new byte[second.length * 2];
+ // }
+ //
+ // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length);
+ // System.arraycopy(second, 0, res, res.length - second.length, second.length);
+ //
+ // return res;
+ // }
+ //
+ //
+ // private byte[] makeUnsigned(BigInteger val)
+ // {
+ // byte[] res = val.toByteArray();
+ //
+ // if (res[0] == 0)
+ // {
+ // byte[] tmp = new byte[res.length - 1];
+ //
+ // System.arraycopy(res, 1, tmp, 0, tmp.length);
+ //
+ // return tmp;
+ // }
+ //
+ // return res;
+ // }
+ //
+ // public BigInteger[] decode(
+ // byte[] encoding)
+ // throws IOException
+ // {
+ // BigInteger[] sig = new BigInteger[2];
+ //
+ // byte[] first = new byte[encoding.length / 2];
+ // byte[] second = new byte[encoding.length / 2];
+ //
+ // System.arraycopy(encoding, 0, first, 0, first.length);
+ // System.arraycopy(encoding, first.length, second, 0, second.length);
+ //
+ // sig[0] = new BigInteger(1, first);
+ // sig[1] = new BigInteger(1, second);
+ //
+ // return sig;
+ // }
+ // }
+ // END android-removed
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-04-09 13:10:16.000000000 +0000
@@ -26,7 +26,9 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
+// END android-removed
import org.bouncycastle.crypto.encodings.OAEPEncoding;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSABlindedEngine;
@@ -201,10 +203,12 @@
{
cipher = new PKCS1Encoding(new RSABlindedEngine());
}
- else if (pad.equals("ISO9796-1PADDING"))
- {
- cipher = new ISO9796d1Encoding(new RSABlindedEngine());
- }
+ // BEGIN android-removed
+ // else if (pad.equals("ISO9796-1PADDING"))
+ // {
+ // cipher = new ISO9796d1Encoding(new RSABlindedEngine());
+ // }
+ // END android-removed
else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING"))
{
initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT));
@@ -543,48 +547,50 @@
}
}
- static public class PKCS1v1_5Padding
- extends CipherSpi
- {
- public PKCS1v1_5Padding()
- {
- super(new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
-
- static public class PKCS1v1_5Padding_PrivateOnly
- extends CipherSpi
- {
- public PKCS1v1_5Padding_PrivateOnly()
- {
- super(false, true, new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
-
- static public class PKCS1v1_5Padding_PublicOnly
- extends CipherSpi
- {
- public PKCS1v1_5Padding_PublicOnly()
- {
- super(true, false, new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
-
- static public class OAEPPadding
- extends CipherSpi
- {
- public OAEPPadding()
- {
- super(OAEPParameterSpec.DEFAULT);
- }
- }
-
- static public class ISO9796d1Padding
- extends CipherSpi
- {
- public ISO9796d1Padding()
- {
- super(new ISO9796d1Encoding(new RSABlindedEngine()));
- }
- }
+ // BEGIN android-removed
+ // static public class PKCS1v1_5Padding
+ // extends CipherSpi
+ // {
+ // public PKCS1v1_5Padding()
+ // {
+ // super(new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ //
+ // static public class PKCS1v1_5Padding_PrivateOnly
+ // extends CipherSpi
+ // {
+ // public PKCS1v1_5Padding_PrivateOnly()
+ // {
+ // super(false, true, new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ //
+ // static public class PKCS1v1_5Padding_PublicOnly
+ // extends CipherSpi
+ // {
+ // public PKCS1v1_5Padding_PublicOnly()
+ // {
+ // super(true, false, new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ //
+ // static public class OAEPPadding
+ // extends CipherSpi
+ // {
+ // public OAEPPadding()
+ // {
+ // super(OAEPParameterSpec.DEFAULT);
+ // }
+ // }
+ //
+ // static public class ISO9796d1Padding
+ // extends CipherSpi
+ // {
+ // public ISO9796d1Padding()
+ // {
+ // super(new ISO9796d1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ // END android-removed
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-04-09 13:10:16.000000000 +0000
@@ -17,24 +17,31 @@
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.crypto.AsymmetricBlockCipher;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD2Digest;
-import org.bouncycastle.crypto.digests.MD4Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.digests.MD2Digest;
+// import org.bouncycastle.crypto.digests.MD4Digest;
+// import org.bouncycastle.crypto.digests.MD5Digest;
+// import org.bouncycastle.crypto.digests.NullDigest;
+// import org.bouncycastle.crypto.digests.RIPEMD128Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD256Digest;
+// import org.bouncycastle.crypto.digests.SHA1Digest;
+// import org.bouncycastle.crypto.digests.SHA224Digest;
+// import org.bouncycastle.crypto.digests.SHA256Digest;
+// import org.bouncycastle.crypto.digests.SHA384Digest;
+// import org.bouncycastle.crypto.digests.SHA512Digest;
+// END android-removed
+// BEGIN android-added
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-added
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSABlindedEngine;
import org.bouncycastle.util.Arrays;
@@ -254,7 +261,9 @@
{
public SHA1()
{
- super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // BEGIN android-changed
+ super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
+ // END android-changed
}
}
@@ -263,7 +272,9 @@
{
public SHA224()
{
- super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // BEGIN android-changed
+ super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
+ // END android-changed
}
}
@@ -272,7 +283,9 @@
{
public SHA256()
{
- super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // BEGIN android-changed
+ super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
+ // END android-changed
}
}
@@ -281,7 +294,9 @@
{
public SHA384()
{
- super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // BEGIN android-changed
+ super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
+ // END android-changed
}
}
@@ -290,70 +305,78 @@
{
public SHA512()
{
- super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // BEGIN android-changed
+ super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
+ // END android-changed
}
}
- static public class MD2
- extends DigestSignatureSpi
- {
- public MD2()
- {
- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
-
- static public class MD4
- extends DigestSignatureSpi
- {
- public MD4()
- {
- super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
+ // BEGIN android-removed
+ // static public class MD2
+ // extends DigestSignatureSpi
+ // {
+ // public MD2()
+ // {
+ // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ //
+ // static public class MD4
+ // extends DigestSignatureSpi
+ // {
+ // public MD4()
+ // {
+ // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ // END android-removed
static public class MD5
extends DigestSignatureSpi
{
public MD5()
{
- super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
-
- static public class RIPEMD160
- extends DigestSignatureSpi
- {
- public RIPEMD160()
- {
- super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // BEGIN android-changed
+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine()));
+ // END android-changed
}
}
- static public class RIPEMD128
- extends DigestSignatureSpi
- {
- public RIPEMD128()
- {
- super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
-
- static public class RIPEMD256
- extends DigestSignatureSpi
- {
- public RIPEMD256()
- {
- super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
-
- static public class noneRSA
- extends DigestSignatureSpi
- {
- public noneRSA()
- {
- super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
- }
- }
+ // BEGIN android-removed
+ // static public class RIPEMD160
+ // extends DigestSignatureSpi
+ // {
+ // public RIPEMD160()
+ // {
+ // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ //
+ // static public class RIPEMD128
+ // extends DigestSignatureSpi
+ // {
+ // public RIPEMD128()
+ // {
+ // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ //
+ // static public class RIPEMD256
+ // extends DigestSignatureSpi
+ // {
+ // public RIPEMD256()
+ // {
+ // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ //
+ // static public class noneRSA
+ // extends DigestSignatureSpi
+ // {
+ // public noneRSA()
+ // {
+ // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
+ // }
+ // }
+ // END android-removed
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-04-09 13:10:16.000000000 +0000
@@ -18,8 +18,10 @@
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// BEGIN android-removed
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+// END android-removed
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
@@ -39,8 +41,10 @@
{
IvParameterSpec.class,
PBEParameterSpec.class,
- RC2ParameterSpec.class,
- RC5ParameterSpec.class
+ // BEGIN android-removed
+ // RC2ParameterSpec.class,
+ // RC5ParameterSpec.class
+ // END android-removed
};
private final JcaJceHelper helper = new BCJcaJceHelper();
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-04-09 13:10:16.000000000 +0000
@@ -6,11 +6,15 @@
import java.security.PublicKey;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// END android-removed
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.sec.SECNamedCurves;
-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
+// END android-removed
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962NamedCurves;
import org.bouncycastle.asn1.x9.X962Parameters;
@@ -247,14 +251,16 @@
{
oid = NISTNamedCurves.getOID(name);
}
- if (oid == null)
- {
- oid = TeleTrusTNamedCurves.getOID(name);
- }
- if (oid == null)
- {
- oid = ECGOST3410NamedCurves.getOID(name);
- }
+ // BEGIN android-removed
+ // if (oid == null)
+ // {
+ // oid = TeleTrusTNamedCurves.getOID(name);
+ // }
+ // if (oid == null)
+ // {
+ // oid = ECGOST3410NamedCurves.getOID(name);
+ // }
+ // END android-removed
}
return oid;
@@ -276,10 +282,12 @@
{
params = NISTNamedCurves.getByOID(oid);
}
- if (params == null)
- {
- params = TeleTrusTNamedCurves.getByOID(oid);
- }
+ // BEGIN android-removed
+ // if (params == null)
+ // {
+ // params = TeleTrusTNamedCurves.getByOID(oid);
+ // }
+ // END android-removed
}
return params;
@@ -297,14 +305,16 @@
{
name = NISTNamedCurves.getName(oid);
}
- if (name == null)
- {
- name = TeleTrusTNamedCurves.getName(oid);
- }
- if (name == null)
- {
- name = ECGOST3410NamedCurves.getName(oid);
- }
+ // BEGIN android-removed
+ // if (name == null)
+ // {
+ // name = TeleTrusTNamedCurves.getName(oid);
+ // }
+ // if (name == null)
+ // {
+ // name = ECGOST3410NamedCurves.getName(oid);
+ // }
+ // END android-removed
}
return name;
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-04-09 13:10:16.000000000 +0000
@@ -37,7 +37,9 @@
import org.bouncycastle.jcajce.util.BCJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemWriter;
+// BEGIN android-removed
+// import org.bouncycastle.util.io.pem.PemWriter;
+// END android-removed
/**
* CertPath implementation for X.509 certificates.
@@ -54,7 +56,9 @@
{
List encodings = new ArrayList();
encodings.add("PkiPath");
- encodings.add("PEM");
+ // BEGIN android-removed
+ // encodings.add("PEM");
+ // END android-removed
encodings.add("PKCS7");
certPathEncodings = Collections.unmodifiableList(encodings);
}
@@ -301,27 +305,29 @@
return toDEREncoded(new ContentInfo(
PKCSObjectIdentifiers.signedData, sd));
}
- else if (encoding.equalsIgnoreCase("PEM"))
- {
- ByteArrayOutputStream bOut = new ByteArrayOutputStream();
- PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
-
- try
- {
- for (int i = 0; i != certificates.size(); i++)
- {
- pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
- }
-
- pWrt.close();
- }
- catch (Exception e)
- {
- throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
- }
-
- return bOut.toByteArray();
- }
+ // BEGIN android-removed
+ // else if (encoding.equalsIgnoreCase("PEM"))
+ // {
+ // ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+ // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
+ //
+ // try
+ // {
+ // for (int i = 0; i != certificates.size(); i++)
+ // {
+ // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
+ // }
+ //
+ // pWrt.close();
+ // }
+ // catch (Exception e)
+ // {
+ // throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
+ // }
+ //
+ // return bOut.toByteArray();
+ // }
+ // END android-removed
else
{
throw new CertificateEncodingException("unsupported encoding: " + encoding);
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-04-09 13:10:16.000000000 +0000
@@ -55,6 +55,9 @@
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.KeyUsage;
+// BEGIN android-added
+import org.bouncycastle.asn1.x509.X509Name;
+// END android-added
import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
@@ -534,12 +537,20 @@
}
}
+ // BEGIN android-changed
+ private byte[] encoded;
+ // END android-changed
public byte[] getEncoded()
throws CertificateEncodingException
{
try
{
- return c.getEncoded(ASN1Encoding.DER);
+ // BEGIN android-changed
+ if (encoded == null) {
+ encoded = c.getEncoded(ASN1Encoding.DER);
+ }
+ return encoded;
+ // END android-changed
}
catch (IOException e)
{
@@ -839,7 +850,9 @@
list.add(genName.getEncoded());
break;
case GeneralName.directoryName:
- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
+ // BEGIN android-changed
+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
+ // END android-changed
break;
case GeneralName.dNSName:
case GeneralName.rfc822Name:
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-04-09 13:10:16.000000000 +0000
@@ -16,12 +16,16 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -143,22 +147,24 @@
{
return "SHA512";
}
- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
- {
- return "RIPEMD128";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
- {
- return "RIPEMD160";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
- {
- return "RIPEMD256";
- }
- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
- {
- return "GOST3411";
- }
+ // BEGIN android-removed
+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+ // {
+ // return "RIPEMD128";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+ // {
+ // return "RIPEMD160";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+ // {
+ // return "RIPEMD256";
+ // }
+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+ // {
+ // return "GOST3411";
+ // }
+ // END android-removed
else
{
return digestAlgOID.getId();
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 2013-05-25 02:14:15.000000000 +0000
@@ -45,17 +45,19 @@
}
}
- /**
- * PBEWithHmacSHA
- */
- public static class PBEWithMacKeyFactory
- extends PBESecretKeyFactory
- {
- public PBEWithMacKeyFactory()
- {
- super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
- }
- }
+ // BEGIN android-removed
+ // /**
+ // * PBEWithHmacSHA
+ // */
+ // public static class PBEWithMacKeyFactory
+ // extends PBESecretKeyFactory
+ // {
+ // public PBEWithMacKeyFactory()
+ // {
+ // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
+ // }
+ // }
+ // END android-removed
/**
* HMACSHA256
@@ -84,9 +86,11 @@
provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256");
provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
+ // BEGIN android-removed
+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
+ // END android-removed
addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256);
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 2013-05-25 02:14:15.000000000 +0000
@@ -5,7 +5,9 @@
import org.bouncycastle.crypto.CipherKeyGenerator;
import org.bouncycastle.crypto.digests.SHA384Digest;
import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.macs.OldHMac;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.macs.OldHMac;
+// END android-removed
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -57,14 +59,16 @@
}
}
- public static class OldSHA384
- extends BaseMac
- {
- public OldSHA384()
- {
- super(new OldHMac(new SHA384Digest()));
- }
- }
+ // BEGIN android-removed
+ // public static class OldSHA384
+ // extends BaseMac
+ // {
+ // public OldSHA384()
+ // {
+ // super(new OldHMac(new SHA384Digest()));
+ // }
+ // }
+ // END android-removed
public static class Mappings
extends DigestAlgorithmProvider
@@ -80,7 +84,9 @@
provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest");
provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384");
provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384");
- provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
+ // END android-removed
addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384);
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 2013-05-25 02:14:15.000000000 +0000
@@ -4,9 +4,13 @@
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.CipherKeyGenerator;
import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.digests.SHA512tDigest;
+// END android-removed
import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.macs.OldHMac;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.macs.OldHMac;
+// END android-removed
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -37,42 +41,44 @@
}
}
- static public class DigestT
- extends BCMessageDigest
- implements Cloneable
- {
- public DigestT(int bitLength)
- {
- super(new SHA512tDigest(bitLength));
- }
-
- public Object clone()
- throws CloneNotSupportedException
- {
- DigestT d = (DigestT)super.clone();
- d.digest = new SHA512tDigest((SHA512tDigest)digest);
-
- return d;
- }
- }
-
- static public class DigestT224
- extends DigestT
- {
- public DigestT224()
- {
- super(224);
- }
- }
-
- static public class DigestT256
- extends DigestT
- {
- public DigestT256()
- {
- super(256);
- }
- }
+ // BEGIN android-removed
+ // static public class DigestT
+ // extends BCMessageDigest
+ // implements Cloneable
+ // {
+ // public DigestT(int bitLength)
+ // {
+ // super(new SHA512tDigest(bitLength));
+ // }
+ //
+ // public Object clone()
+ // throws CloneNotSupportedException
+ // {
+ // DigestT d = (DigestT)super.clone();
+ // d.digest = new SHA512tDigest((SHA512tDigest)digest);
+ //
+ // return d;
+ // }
+ // }
+ //
+ // static public class DigestT224
+ // extends DigestT
+ // {
+ // public DigestT224()
+ // {
+ // super(224);
+ // }
+ // }
+ //
+ // static public class DigestT256
+ // extends DigestT
+ // {
+ // public DigestT256()
+ // {
+ // super(256);
+ // }
+ // }
+ // END android-removed
public static class HashMac
extends BaseMac
@@ -83,35 +89,37 @@
}
}
- public static class HashMacT224
- extends BaseMac
- {
- public HashMacT224()
- {
- super(new HMac(new SHA512tDigest(224)));
- }
- }
-
- public static class HashMacT256
- extends BaseMac
- {
- public HashMacT256()
- {
- super(new HMac(new SHA512tDigest(256)));
- }
- }
-
- /**
- * SHA-512 HMac
- */
- public static class OldSHA512
- extends BaseMac
- {
- public OldSHA512()
- {
- super(new OldHMac(new SHA512Digest()));
- }
- }
+ // BEGIN android-removed
+ // public static class HashMacT224
+ // extends BaseMac
+ // {
+ // public HashMacT224()
+ // {
+ // super(new HMac(new SHA512tDigest(224)));
+ // }
+ // }
+ //
+ // public static class HashMacT256
+ // extends BaseMac
+ // {
+ // public HashMacT256()
+ // {
+ // super(new HMac(new SHA512tDigest(256)));
+ // }
+ // }
+ //
+ // /**
+ // * SHA-512 HMac
+ // */
+ // public static class OldSHA512
+ // extends BaseMac
+ // {
+ // public OldSHA512()
+ // {
+ // super(new OldHMac(new SHA512Digest()));
+ // }
+ // }
+ // END android-removed
/**
* HMACSHA512
@@ -125,23 +133,25 @@
}
}
- public static class KeyGeneratorT224
- extends BaseKeyGenerator
- {
- public KeyGeneratorT224()
- {
- super("HMACSHA512/224", 224, new CipherKeyGenerator());
- }
- }
-
- public static class KeyGeneratorT256
- extends BaseKeyGenerator
- {
- public KeyGeneratorT256()
- {
- super("HMACSHA512/256", 256, new CipherKeyGenerator());
- }
- }
+ // BEGIN android-removed
+ // public static class KeyGeneratorT224
+ // extends BaseKeyGenerator
+ // {
+ // public KeyGeneratorT224()
+ // {
+ // super("HMACSHA512/224", 224, new CipherKeyGenerator());
+ // }
+ // }
+ //
+ // public static class KeyGeneratorT256
+ // extends BaseKeyGenerator
+ // {
+ // public KeyGeneratorT256()
+ // {
+ // super("HMACSHA512/256", 256, new CipherKeyGenerator());
+ // }
+ // }
+ // END android-removed
public static class Mappings
extends DigestAlgorithmProvider
@@ -158,21 +168,25 @@
provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");
- provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
-
- provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
-
- provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
+ // BEGIN android-removed
+ // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
+ //
+ // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
+ //
+ // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
+ // END android-removed
addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);
- addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224");
- addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256");
+ // BEGIN android-removed
+ // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224");
+ // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256");
+ // END android-removed
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 2013-05-25 02:14:15.000000000 +0000
@@ -17,7 +17,9 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std");
- provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
+ // END android-removed
provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore");
provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle");
provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle");
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2013-05-25 02:14:15.000000000 +0000
@@ -17,14 +17,16 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
- provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
- provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
-
- provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
- provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES");
-
- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+ // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
+ //
+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES");
+ //
+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
+ // END android-removed
}
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-04-09 13:10:16.000000000 +0000
@@ -62,8 +62,10 @@
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
+// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
@@ -89,7 +91,9 @@
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.jcajce.PKCS12StoreParameter;
import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
+// BEGIN android-removed
+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
+// END android-removed
import org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
import org.bouncycastle.jcajce.util.BCJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
@@ -753,13 +757,15 @@
{
cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
}
- else
- {
- // TODO: at the moment it's just GOST, but...
- GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
-
- cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
- }
+ // BEGIN android-removed
+ // else
+ // {
+ // // TODO: at the moment it's just GOST, but...
+ // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
+ //
+ // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
+ // }
+ // END android-removed
return cipher;
}
@@ -1680,33 +1686,34 @@
super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
}
}
-
- public static class BCPKCS12KeyStore3DES
- extends PKCS12KeyStoreSpi
- {
- public BCPKCS12KeyStore3DES()
- {
- super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
- }
- }
-
- public static class DefPKCS12KeyStore
- extends PKCS12KeyStoreSpi
- {
- public DefPKCS12KeyStore()
- {
- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
- }
- }
-
- public static class DefPKCS12KeyStore3DES
- extends PKCS12KeyStoreSpi
- {
- public DefPKCS12KeyStore3DES()
- {
- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
- }
- }
+ // BEGIN android-removed
+ // public static class BCPKCS12KeyStore3DES
+ // extends PKCS12KeyStoreSpi
+ // {
+ // public BCPKCS12KeyStore3DES()
+ // {
+ // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
+ // }
+ // }
+ //
+ // public static class DefPKCS12KeyStore
+ // extends PKCS12KeyStoreSpi
+ // {
+ // public DefPKCS12KeyStore()
+ // {
+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
+ // }
+ // }
+ //
+ // public static class DefPKCS12KeyStore3DES
+ // extends PKCS12KeyStoreSpi
+ // {
+ // public DefPKCS12KeyStore3DES()
+ // {
+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
+ // }
+ // }
+ // END android-removed
private static class IgnoresCaseHashtable
{
@@ -1779,7 +1786,9 @@
keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));
- keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
+ // BEGIN android-removed
+ // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
+ // END android-removed
KEY_SIZES = Collections.unmodifiableMap(keySizes);
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-07-22 00:42:46.000000000 +0000
@@ -3,16 +3,28 @@
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
+// BEGIN android-added
+import java.security.NoSuchAlgorithmException;
+// END android-added
+// BEGIN android-removed
+// import java.security.AlgorithmParameters;
+// import java.security.InvalidAlgorithmParameterException;
+// END android-removed
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
-import javax.crypto.spec.IvParameterSpec;
-
+// BEGIN android-removed
+// import javax.crypto.spec.IvParameterSpec;
+// END android-removed
+
+// BEGIN android-added
+import javax.crypto.NoSuchPaddingException;
+// END android-added
import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.cms.CCMParameters;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cms.CCMParameters;
+// END android-removed
import org.bouncycastle.asn1.cms.GCMParameters;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.crypto.BlockCipher;
@@ -20,22 +32,30 @@
import org.bouncycastle.crypto.CipherKeyGenerator;
import org.bouncycastle.crypto.engines.AESFastEngine;
import org.bouncycastle.crypto.engines.AESWrapEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.GMac;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
+// import org.bouncycastle.crypto.macs.CMac;
+// import org.bouncycastle.crypto.macs.GMac;
+// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CCMBlockCipher;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.modes.CCMBlockCipher;
+// END android-removed
import org.bouncycastle.crypto.modes.CFBBlockCipher;
import org.bouncycastle.crypto.modes.GCMBlockCipher;
import org.bouncycastle.crypto.modes.OFBBlockCipher;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// BEGIN android-removed
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// BEGIN android-removed
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
@@ -98,53 +118,64 @@
public GCM()
{
super(new GCMBlockCipher(new AESFastEngine()));
+ // BEGIN android-added
+ try {
+ engineSetMode("GCM");
+ engineSetPadding("NoPadding");
+ } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
+ // this should not be possible
+ throw new RuntimeException("Could not set mode or padding for GCM mode", e);
+ }
+ // END android-added
}
}
- static public class CCM
- extends BaseBlockCipher
- {
- public CCM()
- {
- super(new CCMBlockCipher(new AESFastEngine()));
- }
- }
-
- public static class AESCMAC
- extends BaseMac
- {
- public AESCMAC()
- {
- super(new CMac(new AESFastEngine()));
- }
- }
-
- public static class AESGMAC
- extends BaseMac
- {
- public AESGMAC()
- {
- super(new GMac(new GCMBlockCipher(new AESFastEngine())));
- }
- }
-
- public static class Poly1305
- extends BaseMac
- {
- public Poly1305()
- {
- super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine()));
- }
- }
-
- public static class Poly1305KeyGen
- extends BaseKeyGenerator
- {
- public Poly1305KeyGen()
- {
- super("Poly1305-AES", 256, new Poly1305KeyGenerator());
- }
- }
+ // BEGIN android-removed
+ // static public class CCM
+ // extends BaseBlockCipher
+ // {
+ // public CCM()
+ // {
+ // super(new CCMBlockCipher(new AESFastEngine()));
+ // }
+ // }
+ //
+ // public static class AESCMAC
+ // extends BaseMac
+ // {
+ // public AESCMAC()
+ // {
+ // super(new CMac(new AESFastEngine()));
+ // }
+ // }
+ //
+ // public static class AESGMAC
+ // extends BaseMac
+ // {
+ // public AESGMAC()
+ // {
+ // super(new GMac(new GCMBlockCipher(new AESFastEngine())));
+ // }
+ // }
+ //
+ // public static class Poly1305
+ // extends BaseMac
+ // {
+ // public Poly1305()
+ // {
+ // super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine()));
+ // }
+ // }
+ //
+ // public static class Poly1305KeyGen
+ // extends BaseKeyGenerator
+ // {
+ // public Poly1305KeyGen()
+ // {
+ // super("Poly1305-AES", 256, new Poly1305KeyGenerator());
+ // }
+ // }
+ // END android-removed
static public class Wrap
extends BaseWrapCipher
@@ -155,23 +186,25 @@
}
}
- public static class RFC3211Wrap
- extends BaseWrapCipher
- {
- public RFC3211Wrap()
- {
- super(new RFC3211WrapEngine(new AESFastEngine()), 16);
- }
- }
-
- public static class RFC5649Wrap
- extends BaseWrapCipher
- {
- public RFC5649Wrap()
- {
- super(new RFC5649WrapEngine(new AESFastEngine()));
- }
- }
+ // BEGIN android-removed
+ // public static class RFC3211Wrap
+ // extends BaseWrapCipher
+ // {
+ // public RFC3211Wrap()
+ // {
+ // super(new RFC3211WrapEngine(new AESFastEngine()), 16);
+ // }
+ // }
+ //
+ // public static class RFC5649Wrap
+ // extends BaseWrapCipher
+ // {
+ // public RFC5649Wrap()
+ // {
+ // super(new RFC5649WrapEngine(new AESFastEngine()));
+ // }
+ // }
+ // END android-removed
/**
* PBEWithAES-CBC
@@ -190,7 +223,9 @@
{
public KeyGen()
{
- this(192);
+ // BEGIN android-changed
+ this(128);
+ // END android-changed
}
public KeyGen(int keySize)
@@ -199,32 +234,34 @@
}
}
- public static class KeyGen128
- extends KeyGen
- {
- public KeyGen128()
- {
- super(128);
- }
- }
-
- public static class KeyGen192
- extends KeyGen
- {
- public KeyGen192()
- {
- super(192);
- }
- }
-
- public static class KeyGen256
- extends KeyGen
- {
- public KeyGen256()
- {
- super(256);
- }
- }
+ // BEGIN android-removed
+ // public static class KeyGen128
+ // extends KeyGen
+ // {
+ // public KeyGen128()
+ // {
+ // super(128);
+ // }
+ // }
+ //
+ // public static class KeyGen192
+ // extends KeyGen
+ // {
+ // public KeyGen192()
+ // {
+ // super(192);
+ // }
+ // }
+ //
+ // public static class KeyGen256
+ // extends KeyGen
+ // {
+ // public KeyGen256()
+ // {
+ // super(256);
+ // }
+ // }
+ // END android-removed
/**
* PBEWithSHA1And128BitAES-BC
@@ -334,119 +371,121 @@
}
}
- public static class AlgParamGen
- extends BaseAlgorithmParameterGenerator
- {
- protected void engineInit(
- AlgorithmParameterSpec genParamSpec,
- SecureRandom random)
- throws InvalidAlgorithmParameterException
- {
- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
- }
-
- protected AlgorithmParameters engineGenerateParameters()
- {
- byte[] iv = new byte[16];
-
- if (random == null)
- {
- random = new SecureRandom();
- }
-
- random.nextBytes(iv);
-
- AlgorithmParameters params;
-
- try
- {
- params = createParametersInstance("AES");
- params.init(new IvParameterSpec(iv));
- }
- catch (Exception e)
- {
- throw new RuntimeException(e.getMessage());
- }
-
- return params;
- }
- }
-
- public static class AlgParamGenCCM
- extends BaseAlgorithmParameterGenerator
- {
- protected void engineInit(
- AlgorithmParameterSpec genParamSpec,
- SecureRandom random)
- throws InvalidAlgorithmParameterException
- {
- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
- }
-
- protected AlgorithmParameters engineGenerateParameters()
- {
- byte[] iv = new byte[12];
-
- if (random == null)
- {
- random = new SecureRandom();
- }
-
- random.nextBytes(iv);
-
- AlgorithmParameters params;
-
- try
- {
- params = createParametersInstance("CCM");
- params.init(new CCMParameters(iv, 12).getEncoded());
- }
- catch (Exception e)
- {
- throw new RuntimeException(e.getMessage());
- }
-
- return params;
- }
- }
-
- public static class AlgParamGenGCM
- extends BaseAlgorithmParameterGenerator
- {
- protected void engineInit(
- AlgorithmParameterSpec genParamSpec,
- SecureRandom random)
- throws InvalidAlgorithmParameterException
- {
- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
- }
-
- protected AlgorithmParameters engineGenerateParameters()
- {
- byte[] nonce = new byte[12];
-
- if (random == null)
- {
- random = new SecureRandom();
- }
-
- random.nextBytes(nonce);
-
- AlgorithmParameters params;
-
- try
- {
- params = createParametersInstance("GCM");
- params.init(new GCMParameters(nonce, 12).getEncoded());
- }
- catch (Exception e)
- {
- throw new RuntimeException(e.getMessage());
- }
-
- return params;
- }
- }
+ // BEGIN android-removed
+ // public static class AlgParamGen
+ // extends BaseAlgorithmParameterGenerator
+ // {
+ // protected void engineInit(
+ // AlgorithmParameterSpec genParamSpec,
+ // SecureRandom random)
+ // throws InvalidAlgorithmParameterException
+ // {
+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+ // }
+ //
+ // protected AlgorithmParameters engineGenerateParameters()
+ // {
+ // byte[] iv = new byte[16];
+ //
+ // if (random == null)
+ // {
+ // random = new SecureRandom();
+ // }
+ //
+ // random.nextBytes(iv);
+ //
+ // AlgorithmParameters params;
+ //
+ // try
+ // {
+ // params = createParametersInstance("AES");
+ // params.init(new IvParameterSpec(iv));
+ // }
+ // catch (Exception e)
+ // {
+ // throw new RuntimeException(e.getMessage());
+ // }
+ //
+ // return params;
+ // }
+ // }
+ //
+ // public static class AlgParamGenCCM
+ // extends BaseAlgorithmParameterGenerator
+ // {
+ // protected void engineInit(
+ // AlgorithmParameterSpec genParamSpec,
+ // SecureRandom random)
+ // throws InvalidAlgorithmParameterException
+ // {
+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+ // }
+ //
+ // protected AlgorithmParameters engineGenerateParameters()
+ // {
+ // byte[] iv = new byte[12];
+ //
+ // if (random == null)
+ // {
+ // random = new SecureRandom();
+ // }
+ //
+ // random.nextBytes(iv);
+ //
+ // AlgorithmParameters params;
+ //
+ // try
+ // {
+ // params = createParametersInstance("CCM");
+ // params.init(new CCMParameters(iv, 12).getEncoded());
+ // }
+ // catch (Exception e)
+ // {
+ // throw new RuntimeException(e.getMessage());
+ // }
+ //
+ // return params;
+ // }
+ // }
+ //
+ // public static class AlgParamGenGCM
+ // extends BaseAlgorithmParameterGenerator
+ // {
+ // protected void engineInit(
+ // AlgorithmParameterSpec genParamSpec,
+ // SecureRandom random)
+ // throws InvalidAlgorithmParameterException
+ // {
+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+ // }
+ //
+ // protected AlgorithmParameters engineGenerateParameters()
+ // {
+ // byte[] nonce = new byte[12];
+ //
+ // if (random == null)
+ // {
+ // random = new SecureRandom();
+ // }
+ //
+ // random.nextBytes(nonce);
+ //
+ // AlgorithmParameters params;
+ //
+ // try
+ // {
+ // params = createParametersInstance("GCM");
+ // params.init(new GCMParameters(nonce, 12).getEncoded());
+ // }
+ // catch (Exception e)
+ // {
+ // throw new RuntimeException(e.getMessage());
+ // }
+ //
+ // return params;
+ // }
+ // }
+ // END android-removed
public static class AlgParams
extends IvAlgorithmParameters
@@ -545,80 +584,82 @@
}
}
- public static class AlgParamsCCM
- extends BaseAlgorithmParameters
- {
- private CCMParameters ccmParams;
-
- protected void engineInit(AlgorithmParameterSpec paramSpec)
- throws InvalidParameterSpecException
- {
- throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation.");
- }
-
- protected void engineInit(byte[] params)
- throws IOException
- {
- ccmParams = CCMParameters.getInstance(params);
- }
-
- protected void engineInit(byte[] params, String format)
- throws IOException
- {
- if (!isASN1FormatString(format))
- {
- throw new IOException("unknown format specified");
- }
-
- ccmParams = CCMParameters.getInstance(params);
- }
-
- protected byte[] engineGetEncoded()
- throws IOException
- {
- return ccmParams.getEncoded();
- }
-
- protected byte[] engineGetEncoded(String format)
- throws IOException
- {
- if (!isASN1FormatString(format))
- {
- throw new IOException("unknown format specified");
- }
-
- return ccmParams.getEncoded();
- }
-
- protected String engineToString()
- {
- return "CCM";
- }
-
- protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
- throws InvalidParameterSpecException
- {
- if (gcmSpecClass != null)
- {
- try
- {
- Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class });
-
- return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() });
- }
- catch (NoSuchMethodException e)
- {
- throw new InvalidParameterSpecException("no constructor found!"); // should never happen
- }
- catch (Exception e)
- {
- throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen
- }
- }
-
- throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName());
- }
- }
+ // BEGIN android-removed
+ // public static class AlgParamsCCM
+ // extends BaseAlgorithmParameters
+ // {
+ // private CCMParameters ccmParams;
+ //
+ // protected void engineInit(AlgorithmParameterSpec paramSpec)
+ // throws InvalidParameterSpecException
+ // {
+ // throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation.");
+ // }
+ //
+ // protected void engineInit(byte[] params)
+ // throws IOException
+ // {
+ // ccmParams = CCMParameters.getInstance(params);
+ // }
+ //
+ // protected void engineInit(byte[] params, String format)
+ // throws IOException
+ // {
+ // if (!isASN1FormatString(format))
+ // {
+ // throw new IOException("unknown format specified");
+ // }
+ //
+ // ccmParams = CCMParameters.getInstance(params);
+ // }
+ //
+ // protected byte[] engineGetEncoded()
+ // throws IOException
+ // {
+ // return ccmParams.getEncoded();
+ // }
+ //
+ // protected byte[] engineGetEncoded(String format)
+ // throws IOException
+ // {
+ // if (!isASN1FormatString(format))
+ // {
+ // throw new IOException("unknown format specified");
+ // }
+ //
+ // return ccmParams.getEncoded();
+ // }
+ //
+ // protected String engineToString()
+ // {
+ // return "CCM";
+ // }
+ //
+ // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
+ // throws InvalidParameterSpecException
+ // {
+ // if (gcmSpecClass != null)
+ // {
+ // try
+ // {
+ // Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class });
+ //
+ // return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() });
+ // }
+ // catch (NoSuchMethodException e)
+ // {
+ // throw new InvalidParameterSpecException("no constructor found!"); // should never happen
+ // }
+ // catch (Exception e)
+ // {
+ // throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen
+ // }
+ // }
+ //
+ // throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName());
+ // }
+ // }
+ // END android-removed
public static class Mappings
extends SymmetricAlgorithmProvider
@@ -652,92 +693,101 @@
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
-
- provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
-
- provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
+ // BEGIN android-removed
+ // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+ //
+ // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
+ // END android-removed
provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB");
provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES");
provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES");
provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
+ // END android-removed
provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap");
provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP");
provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP");
provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP");
- provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
- provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
-
- provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
-
- provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
-
- provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
-
- provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
+ // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
+ //
+ // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+ //
+ // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM");
+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+ //
+ // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
+ // END android-removed
+
+ // BEGIN android-changed
+ provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM");
+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING");
+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING");
+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING");
+ // END android-changed
provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen");
- provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256");
- provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192");
- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256");
-
- provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256");
+ // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192");
+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256");
+ //
+ // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC");
provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC");
@@ -816,8 +866,10 @@
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE");
- addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
- addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+ // BEGIN android-removed
+ // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
+ // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+ // END android-removed
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-05-25 02:14:15.000000000 +0000
@@ -29,7 +29,9 @@
{
public KeyGen()
{
- super("RC4", 128, new CipherKeyGenerator());
+ // BEGIN android-changed
+ super("ARC4", 128, new CipherKeyGenerator());
+ // END android-changed
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-09-17 23:04:47.000000000 +0000
@@ -64,7 +64,9 @@
{
provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB");
- provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC");
+ // END android-removed
provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen");
provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH");
provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams");
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-04-09 13:10:16.000000000 +0000
@@ -19,12 +19,16 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// END android-removed
import org.bouncycastle.crypto.generators.DESKeyGenerator;
import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CMac;
+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
+// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
import org.bouncycastle.crypto.params.DESParameters;
@@ -65,17 +69,19 @@
}
}
- /**
- * DES CFB8
- */
- public static class DESCFB8
- extends BaseMac
- {
- public DESCFB8()
- {
- super(new CFBBlockCipherMac(new DESEngine()));
- }
- }
+ // BEGIN android-removed
+ // /**
+ // * DES CFB8
+ // */
+ // public static class DESCFB8
+ // extends BaseMac
+ // {
+ // public DESCFB8()
+ // {
+ // super(new CFBBlockCipherMac(new DESEngine()));
+ // }
+ // }
+ // END android-removed
/**
* DES64
@@ -110,47 +116,49 @@
}
}
- static public class CMAC
- extends BaseMac
- {
- public CMAC()
- {
- super(new CMac(new DESEngine()));
- }
- }
-
- /**
- * DES9797Alg3with7816-4Padding
- */
- public static class DES9797Alg3with7816d4
- extends BaseMac
- {
- public DES9797Alg3with7816d4()
- {
- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
- }
- }
-
- /**
- * DES9797Alg3
- */
- public static class DES9797Alg3
- extends BaseMac
- {
- public DES9797Alg3()
- {
- super(new ISO9797Alg3Mac(new DESEngine()));
- }
- }
-
- public static class RFC3211
- extends BaseWrapCipher
- {
- public RFC3211()
- {
- super(new RFC3211WrapEngine(new DESEngine()), 8);
- }
- }
+ // BEGIN android-removed
+ // static public class CMAC
+ // extends BaseMac
+ // {
+ // public CMAC()
+ // {
+ // super(new CMac(new DESEngine()));
+ // }
+ // }
+ //
+ // /**
+ // * DES9797Alg3with7816-4Padding
+ // */
+ // public static class DES9797Alg3with7816d4
+ // extends BaseMac
+ // {
+ // public DES9797Alg3with7816d4()
+ // {
+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
+ // }
+ // }
+ //
+ // /**
+ // * DES9797Alg3
+ // */
+ // public static class DES9797Alg3
+ // extends BaseMac
+ // {
+ // public DES9797Alg3()
+ // {
+ // super(new ISO9797Alg3Mac(new DESEngine()));
+ // }
+ // }
+ //
+ // public static class RFC3211
+ // extends BaseWrapCipher
+ // {
+ // public RFC3211()
+ // {
+ // super(new RFC3211WrapEngine(new DESEngine()), 8);
+ // }
+ // }
+ // END android-removed
public static class AlgParamGen
extends BaseAlgorithmParameterGenerator
@@ -350,17 +358,19 @@
}
}
- /**
- * PBEWithMD2AndDES
- */
- static public class PBEWithMD2KeyFactory
- extends DESPBEKeyFactory
- {
- public PBEWithMD2KeyFactory()
- {
- super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
- }
- }
+ // BEGIN android-removed
+ // /**
+ // * PBEWithMD2AndDES
+ // */
+ // static public class PBEWithMD2KeyFactory
+ // extends DESPBEKeyFactory
+ // {
+ // public PBEWithMD2KeyFactory()
+ // {
+ // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
+ // }
+ // }
+ // END android-removed
/**
* PBEWithMD5AndDES
@@ -386,17 +396,19 @@
}
}
- /**
- * PBEWithMD2AndDES
- */
- static public class PBEWithMD2
- extends BaseBlockCipher
- {
- public PBEWithMD2()
- {
- super(new CBCBlockCipher(new DESEngine()));
- }
- }
+ // BEGIN android-removed
+ // /**
+ // * PBEWithMD2AndDES
+ // */
+ // static public class PBEWithMD2
+ // extends BaseBlockCipher
+ // {
+ // public PBEWithMD2()
+ // {
+ // super(new CBCBlockCipher(new DESEngine()));
+ // }
+ // }
+ // END android-removed
/**
* PBEWithMD5AndDES
@@ -436,61 +448,75 @@
{
provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB");
- provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
-
- addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
-
- provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
+ //
+ // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
+ //
+ // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
+ // END android-removed
provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator");
provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory");
- provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
- provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
- provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
-
- provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8");
- provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8");
-
- provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64");
- provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64");
-
- provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4");
- provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
-
- provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3");
- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797");
-
- provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3");
- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
- provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
+ // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
+ // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
+ //
+ // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8");
+ // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8");
+ //
+ // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64");
+ // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64");
+ //
+ // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4");
+ // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+ //
+ // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797");
+ //
+ // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3");
+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
+ // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
+ // END android-removed
provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES");
- provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
-
- provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
+ // BEGIN android-removed
+ // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
+ //
+ // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
+ // END android-removed
provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5");
provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1");
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
+ // BEGIN android-removed
+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
+ // END android-removed
provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-04-09 13:10:16.000000000 +0000
@@ -1,30 +1,42 @@
package org.bouncycastle.jcajce.provider.symmetric;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
+// BEGIN android-removed
+// import java.security.AlgorithmParameters;
+// import java.security.InvalidAlgorithmParameterException;
+// END android-removed
import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
+// BEGIN android-removed
+// import java.security.spec.AlgorithmParameterSpec;
+// END android-removed
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import javax.crypto.SecretKey;
import javax.crypto.spec.DESedeKeySpec;
-import javax.crypto.spec.IvParameterSpec;
+// BEGIN android-removed
+// import javax.crypto.spec.IvParameterSpec;
+// END android-removed
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.engines.DESedeEngine;
import org.bouncycastle.crypto.engines.DESedeWrapEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// END android-removed
import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.crypto.macs.CMac;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CMac;
+// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// BEGIN android-removed
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -56,17 +68,19 @@
}
}
- /**
- * DESede CFB8
- */
- public static class DESedeCFB8
- extends BaseMac
- {
- public DESedeCFB8()
- {
- super(new CFBBlockCipherMac(new DESedeEngine()));
- }
- }
+ // BEGIN android-removed
+ // /**
+ // * DESede CFB8
+ // */
+ // public static class DESedeCFB8
+ // extends BaseMac
+ // {
+ // public DESedeCFB8()
+ // {
+ // super(new CFBBlockCipherMac(new DESedeEngine()));
+ // }
+ // }
+ // END android-removed
/**
* DESede64
@@ -101,15 +115,17 @@
}
}
- static public class CMAC
- extends BaseMac
- {
- public CMAC()
- {
- super(new CMac(new DESedeEngine()));
- }
- }
-
+ // BEGIN android-removed
+ // static public class CMAC
+ // extends BaseMac
+ // {
+ // public CMAC()
+ // {
+ // super(new CMac(new DESedeEngine()));
+ // }
+ // }
+ // END android-removed
+
public static class Wrap
extends BaseWrapCipher
{
@@ -118,15 +134,17 @@
super(new DESedeWrapEngine());
}
}
-
- public static class RFC3211
- extends BaseWrapCipher
- {
- public RFC3211()
- {
- super(new RFC3211WrapEngine(new DESedeEngine()), 8);
- }
- }
+
+ // BEGIN android-removed
+ // public static class RFC3211
+ // extends BaseWrapCipher
+ // {
+ // public RFC3211()
+ // {
+ // super(new RFC3211WrapEngine(new DESedeEngine()), 8);
+ // }
+ // }
+ // END android-removed
/**
* DESede - the default for this is to generate a key in
@@ -240,43 +258,45 @@
}
}
- public static class AlgParamGen
- extends BaseAlgorithmParameterGenerator
- {
- protected void engineInit(
- AlgorithmParameterSpec genParamSpec,
- SecureRandom random)
- throws InvalidAlgorithmParameterException
- {
- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
- }
-
- protected AlgorithmParameters engineGenerateParameters()
- {
- byte[] iv = new byte[8];
-
- if (random == null)
- {
- random = new SecureRandom();
- }
-
- random.nextBytes(iv);
-
- AlgorithmParameters params;
-
- try
- {
- params = createParametersInstance("DES");
- params.init(new IvParameterSpec(iv));
- }
- catch (Exception e)
- {
- throw new RuntimeException(e.getMessage());
- }
-
- return params;
- }
- }
+ // BEGIN android-removed
+ // public static class AlgParamGen
+ // extends BaseAlgorithmParameterGenerator
+ // {
+ // protected void engineInit(
+ // AlgorithmParameterSpec genParamSpec,
+ // SecureRandom random)
+ // throws InvalidAlgorithmParameterException
+ // {
+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
+ // }
+
+ // protected AlgorithmParameters engineGenerateParameters()
+ // {
+ // byte[] iv = new byte[8];
+
+ // if (random == null)
+ // {
+ // random = new SecureRandom();
+ // }
+
+ // random.nextBytes(iv);
+
+ // AlgorithmParameters params;
+
+ // try
+ // {
+ // params = createParametersInstance("DES");
+ // params.init(new IvParameterSpec(iv));
+ // }
+ // catch (Exception e)
+ // {
+ // throw new RuntimeException(e.getMessage());
+ // }
+
+ // return params;
+ // }
+ // }
+ // END android-removed
static public class KeyFactory
extends BaseSecretKeyFactory
@@ -360,25 +380,37 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB");
- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
+ // END android-removed
provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap");
- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap");
- provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
+ // BEGIN android-changed
+ provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP");
+ // END android-changed
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE");
provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP");
provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE");
if (provider.hasAlgorithm("MessageDigest", "SHA-1"))
{
provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key");
- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
- provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
+ // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
+ // END android-removed
provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key");
- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
@@ -387,31 +419,37 @@
}
provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator");
- provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
- provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
+ // BEGIN android-removed
+ // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
+ // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
+ // END android-removed
provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory");
- provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
- provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC");
- provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC");
-
- provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8");
- provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8");
-
- provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64");
- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64");
-
- provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4");
- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
+ // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC");
+ //
+ // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8");
+ //
+ // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64");
+ //
+ // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+ // END android-removed
provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
- provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
+ // BEGIN android-removed
+ // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen");
+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
+ // END android-removed
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory");
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-04-09 13:10:16.000000000 +0000
@@ -12,20 +12,28 @@
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.crypto.CipherKeyGenerator;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
+// import org.bouncycastle.crypto.CipherKeyGenerator;
+// END android-removed
import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.engines.RC2WrapEngine;
-import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.engines.RC2WrapEngine;
+// import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+// BEGIN android-removed
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
+// BEGIN android-removed
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
+// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
import org.bouncycastle.util.Arrays;
@@ -36,59 +44,61 @@
{
}
- /**
- * RC2
- */
- static public class ECB
- extends BaseBlockCipher
- {
- public ECB()
- {
- super(new RC2Engine());
- }
- }
-
- /**
- * RC2CBC
- */
- static public class CBC
- extends BaseBlockCipher
- {
- public CBC()
- {
- super(new CBCBlockCipher(new RC2Engine()), 64);
- }
- }
-
- public static class Wrap
- extends BaseWrapCipher
- {
- public Wrap()
- {
- super(new RC2WrapEngine());
- }
- }
-
- /**
- * RC2
- */
- public static class CBCMAC
- extends BaseMac
- {
- public CBCMAC()
- {
- super(new CBCBlockCipherMac(new RC2Engine()));
- }
- }
-
- public static class CFB8MAC
- extends BaseMac
- {
- public CFB8MAC()
- {
- super(new CFBBlockCipherMac(new RC2Engine()));
- }
- }
+ // BEGIN android-removed
+ // /**
+ // * RC2
+ // */
+ // static public class ECB
+ // extends BaseBlockCipher
+ // {
+ // public ECB()
+ // {
+ // super(new RC2Engine());
+ // }
+ // }
+ //
+ // /**
+ // * RC2CBC
+ // */
+ // static public class CBC
+ // extends BaseBlockCipher
+ // {
+ // public CBC()
+ // {
+ // super(new CBCBlockCipher(new RC2Engine()), 64);
+ // }
+ // }
+ //
+ // public static class Wrap
+ // extends BaseWrapCipher
+ // {
+ // public Wrap()
+ // {
+ // super(new RC2WrapEngine());
+ // }
+ // }
+ //
+ // /**
+ // * RC2
+ // */
+ // public static class CBCMAC
+ // extends BaseMac
+ // {
+ // public CBCMAC()
+ // {
+ // super(new CBCBlockCipherMac(new RC2Engine()));
+ // }
+ // }
+ //
+ // public static class CFB8MAC
+ // extends BaseMac
+ // {
+ // public CFB8MAC()
+ // {
+ // super(new CFBBlockCipherMac(new RC2Engine()));
+ // }
+ // }
+ // END android-removed
/**
* PBEWithSHA1AndRC2
@@ -174,17 +184,19 @@
}
}
- /**
- * PBEWithMD2AndRC2
- */
- static public class PBEWithMD2KeyFactory
- extends PBESecretKeyFactory
- {
- public PBEWithMD2KeyFactory()
- {
- super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
- }
- }
+ // BEGIN android-removed
+ // /**
+ // * PBEWithMD2AndRC2
+ // */
+ // static public class PBEWithMD2KeyFactory
+ // extends PBESecretKeyFactory
+ // {
+ // public PBEWithMD2KeyFactory()
+ // {
+ // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
+ // }
+ // }
+ // END android-removed
/**
* PBEWithMD5AndRC2
@@ -198,247 +210,249 @@
}
}
- public static class AlgParamGen
- extends BaseAlgorithmParameterGenerator
- {
- RC2ParameterSpec spec = null;
-
- protected void engineInit(
- AlgorithmParameterSpec genParamSpec,
- SecureRandom random)
- throws InvalidAlgorithmParameterException
- {
- if (genParamSpec instanceof RC2ParameterSpec)
- {
- spec = (RC2ParameterSpec)genParamSpec;
- return;
- }
-
- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation.");
- }
-
- protected AlgorithmParameters engineGenerateParameters()
- {
- AlgorithmParameters params;
-
- if (spec == null)
- {
- byte[] iv = new byte[8];
-
- if (random == null)
- {
- random = new SecureRandom();
- }
-
- random.nextBytes(iv);
-
- try
- {
- params = createParametersInstance("RC2");
- params.init(new IvParameterSpec(iv));
- }
- catch (Exception e)
- {
- throw new RuntimeException(e.getMessage());
- }
- }
- else
- {
- try
- {
- params = createParametersInstance("RC2");
- params.init(spec);
- }
- catch (Exception e)
- {
- throw new RuntimeException(e.getMessage());
- }
- }
-
- return params;
- }
- }
-
- public static class KeyGenerator
- extends BaseKeyGenerator
- {
- public KeyGenerator()
- {
- super("RC2", 128, new CipherKeyGenerator());
- }
- }
-
- public static class AlgParams
- extends BaseAlgorithmParameters
- {
- private static final short[] table = {
- 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
- 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
- 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
- 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
- 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
- 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
- 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
- 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
- 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
- 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
- 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
- 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
- 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
- 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
- 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
- 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
- };
-
- private static final short[] ekb = {
- 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
- 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
- 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
- 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
- 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
- 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
- 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
- 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
- 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
- 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
- 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
- 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
- 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
- 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
- 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
- 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
- };
-
- private byte[] iv;
- private int parameterVersion = 58;
-
- protected byte[] engineGetEncoded()
- {
- return Arrays.clone(iv);
- }
-
- protected byte[] engineGetEncoded(
- String format)
- throws IOException
- {
- if (this.isASN1FormatString(format))
- {
- if (parameterVersion == -1)
- {
- return new RC2CBCParameter(engineGetEncoded()).getEncoded();
- }
- else
- {
- return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded();
- }
- }
-
- if (format.equals("RAW"))
- {
- return engineGetEncoded();
- }
-
- return null;
- }
-
- protected AlgorithmParameterSpec localEngineGetParameterSpec(
- Class paramSpec)
- throws InvalidParameterSpecException
- {
- if (paramSpec == RC2ParameterSpec.class)
- {
- if (parameterVersion != -1)
- {
- if (parameterVersion < 256)
- {
- return new RC2ParameterSpec(ekb[parameterVersion], iv);
- }
- else
- {
- return new RC2ParameterSpec(parameterVersion, iv);
- }
- }
- }
-
- if (paramSpec == IvParameterSpec.class)
- {
- return new IvParameterSpec(iv);
- }
-
- throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object.");
- }
-
- protected void engineInit(
- AlgorithmParameterSpec paramSpec)
- throws InvalidParameterSpecException
- {
- if (paramSpec instanceof IvParameterSpec)
- {
- this.iv = ((IvParameterSpec)paramSpec).getIV();
- }
- else if (paramSpec instanceof RC2ParameterSpec)
- {
- int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
- if (effKeyBits != -1)
- {
- if (effKeyBits < 256)
- {
- parameterVersion = table[effKeyBits];
- }
- else
- {
- parameterVersion = effKeyBits;
- }
- }
-
- this.iv = ((RC2ParameterSpec)paramSpec).getIV();
- }
- else
- {
- throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object");
- }
- }
-
- protected void engineInit(
- byte[] params)
- throws IOException
- {
- this.iv = Arrays.clone(params);
- }
-
- protected void engineInit(
- byte[] params,
- String format)
- throws IOException
- {
- if (this.isASN1FormatString(format))
- {
- RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params));
-
- if (p.getRC2ParameterVersion() != null)
- {
- parameterVersion = p.getRC2ParameterVersion().intValue();
- }
-
- iv = p.getIV();
-
- return;
- }
-
- if (format.equals("RAW"))
- {
- engineInit(params);
- return;
- }
-
- throw new IOException("Unknown parameters format in IV parameters object");
- }
-
- protected String engineToString()
- {
- return "RC2 Parameters";
- }
- }
+ // BEGIN android-removed
+ // public static class AlgParamGen
+ // extends BaseAlgorithmParameterGenerator
+ // {
+ // RC2ParameterSpec spec = null;
+ //
+ // protected void engineInit(
+ // AlgorithmParameterSpec genParamSpec,
+ // SecureRandom random)
+ // throws InvalidAlgorithmParameterException
+ // {
+ // if (genParamSpec instanceof RC2ParameterSpec)
+ // {
+ // spec = (RC2ParameterSpec)genParamSpec;
+ // return;
+ // }
+ //
+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation.");
+ // }
+ //
+ // protected AlgorithmParameters engineGenerateParameters()
+ // {
+ // AlgorithmParameters params;
+ //
+ // if (spec == null)
+ // {
+ // byte[] iv = new byte[8];
+ //
+ // if (random == null)
+ // {
+ // random = new SecureRandom();
+ // }
+ //
+ // random.nextBytes(iv);
+ //
+ // try
+ // {
+ // params = createParametersInstance("RC2");
+ // params.init(new IvParameterSpec(iv));
+ // }
+ // catch (Exception e)
+ // {
+ // throw new RuntimeException(e.getMessage());
+ // }
+ // }
+ // else
+ // {
+ // try
+ // {
+ // params = createParametersInstance("RC2");
+ // params.init(spec);
+ // }
+ // catch (Exception e)
+ // {
+ // throw new RuntimeException(e.getMessage());
+ // }
+ // }
+ //
+ // return params;
+ // }
+ // }
+ //
+ // public static class KeyGenerator
+ // extends BaseKeyGenerator
+ // {
+ // public KeyGenerator()
+ // {
+ // super("RC2", 128, new CipherKeyGenerator());
+ // }
+ // }
+ //
+ // public static class AlgParams
+ // extends BaseAlgorithmParameters
+ // {
+ // private static final short[] table = {
+ // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
+ // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
+ // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
+ // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
+ // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
+ // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
+ // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
+ // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
+ // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
+ // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
+ // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
+ // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
+ // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
+ // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
+ // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
+ // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
+ // };
+ //
+ // private static final short[] ekb = {
+ // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
+ // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
+ // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
+ // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
+ // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
+ // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
+ // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
+ // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
+ // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
+ // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
+ // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
+ // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
+ // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
+ // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
+ // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
+ // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
+ // };
+ //
+ // private byte[] iv;
+ // private int parameterVersion = 58;
+ //
+ // protected byte[] engineGetEncoded()
+ // {
+ // return Arrays.clone(iv);
+ // }
+ //
+ // protected byte[] engineGetEncoded(
+ // String format)
+ // throws IOException
+ // {
+ // if (this.isASN1FormatString(format))
+ // {
+ // if (parameterVersion == -1)
+ // {
+ // return new RC2CBCParameter(engineGetEncoded()).getEncoded();
+ // }
+ // else
+ // {
+ // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded();
+ // }
+ // }
+ //
+ // if (format.equals("RAW"))
+ // {
+ // return engineGetEncoded();
+ // }
+ //
+ // return null;
+ // }
+ //
+ // protected AlgorithmParameterSpec localEngineGetParameterSpec(
+ // Class paramSpec)
+ // throws InvalidParameterSpecException
+ // {
+ // if (paramSpec == RC2ParameterSpec.class)
+ // {
+ // if (parameterVersion != -1)
+ // {
+ // if (parameterVersion < 256)
+ // {
+ // return new RC2ParameterSpec(ekb[parameterVersion], iv);
+ // }
+ // else
+ // {
+ // return new RC2ParameterSpec(parameterVersion, iv);
+ // }
+ // }
+ // }
+ //
+ // if (paramSpec == IvParameterSpec.class)
+ // {
+ // return new IvParameterSpec(iv);
+ // }
+ //
+ // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object.");
+ // }
+ //
+ // protected void engineInit(
+ // AlgorithmParameterSpec paramSpec)
+ // throws InvalidParameterSpecException
+ // {
+ // if (paramSpec instanceof IvParameterSpec)
+ // {
+ // this.iv = ((IvParameterSpec)paramSpec).getIV();
+ // }
+ // else if (paramSpec instanceof RC2ParameterSpec)
+ // {
+ // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
+ // if (effKeyBits != -1)
+ // {
+ // if (effKeyBits < 256)
+ // {
+ // parameterVersion = table[effKeyBits];
+ // }
+ // else
+ // {
+ // parameterVersion = effKeyBits;
+ // }
+ // }
+ //
+ // this.iv = ((RC2ParameterSpec)paramSpec).getIV();
+ // }
+ // else
+ // {
+ // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object");
+ // }
+ // }
+ //
+ // protected void engineInit(
+ // byte[] params)
+ // throws IOException
+ // {
+ // this.iv = Arrays.clone(params);
+ // }
+ //
+ // protected void engineInit(
+ // byte[] params,
+ // String format)
+ // throws IOException
+ // {
+ // if (this.isASN1FormatString(format))
+ // {
+ // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params));
+ //
+ // if (p.getRC2ParameterVersion() != null)
+ // {
+ // parameterVersion = p.getRC2ParameterVersion().intValue();
+ // }
+ //
+ // iv = p.getIV();
+ //
+ // return;
+ // }
+ //
+ // if (format.equals("RAW"))
+ // {
+ // engineInit(params);
+ // return;
+ // }
+ //
+ // throw new IOException("Unknown parameters format in IV parameters object");
+ // }
+ //
+ // protected String engineToString()
+ // {
+ // return "RC2 Parameters";
+ // }
+ // }
+ // END android-removed
public static class Mappings
extends AlgorithmProvider
@@ -452,32 +466,36 @@
public void configure(ConfigurableProvider provider)
{
- provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
- provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
-
- provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator");
- provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator");
-
- provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams");
- provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams");
-
- provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB");
- provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap");
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP");
- provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC");
-
- provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC");
- provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC");
- provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC");
- provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
-
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
+ // BEGIN android-removed
+ // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
+ // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
+ //
+ // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator");
+ // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator");
+ //
+ // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams");
+ // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams");
+ //
+ // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB");
+ // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap");
+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP");
+ // provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC");
+ //
+ // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC");
+ // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC");
+ // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC");
+ // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
+ //
+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
@@ -485,14 +503,18 @@
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
+ // BEGIN android-removed
+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
+ // END android-removed
provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory");
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2013-12-12 00:35:05.000000000 +0000
@@ -6,29 +6,31 @@
abstract class SymmetricAlgorithmProvider
extends AlgorithmProvider
{
- protected void addGMacAlgorithm(
- ConfigurableProvider provider,
- String algorithm,
- String algorithmClassName,
- String keyGeneratorClassName)
- {
- provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName);
- provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC");
-
- provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName);
- provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC");
- }
-
- protected void addPoly1305Algorithm(ConfigurableProvider provider,
- String algorithm,
- String algorithmClassName,
- String keyGeneratorClassName)
- {
- provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName);
- provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm);
-
- provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
- provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
- }
+ // BEGIN android-removed
+ // protected void addGMacAlgorithm(
+ // ConfigurableProvider provider,
+ // String algorithm,
+ // String algorithmClassName,
+ // String keyGeneratorClassName)
+ // {
+ // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName);
+ // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC");
+ //
+ // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName);
+ // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC");
+ // }
+ //
+ // protected void addPoly1305Algorithm(ConfigurableProvider provider,
+ // String algorithm,
+ // String algorithmClassName,
+ // String keyGeneratorClassName)
+ // {
+ // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName);
+ // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm);
+ //
+ // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
+ // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
+ // }
+ // END android-removed
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2013-12-12 00:35:05.000000000 +0000
@@ -1,18 +1,26 @@
package org.bouncycastle.jcajce.provider.symmetric;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.BlockCipher;
+// import org.bouncycastle.crypto.CipherKeyGenerator;
+// END android-removed
import org.bouncycastle.crypto.engines.TwofishEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
+// import org.bouncycastle.crypto.macs.GMac;
+// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.modes.GCMBlockCipher;
+// END android-removed
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
+// BEGIN android-removed
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
+// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
+// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
public final class Twofish
@@ -21,56 +29,58 @@
{
}
- public static class ECB
- extends BaseBlockCipher
- {
- public ECB()
- {
- super(new BlockCipherProvider()
- {
- public BlockCipher get()
- {
- return new TwofishEngine();
- }
- });
- }
- }
-
- public static class KeyGen
- extends BaseKeyGenerator
- {
- public KeyGen()
- {
- super("Twofish", 256, new CipherKeyGenerator());
- }
- }
-
- public static class GMAC
- extends BaseMac
- {
- public GMAC()
- {
- super(new GMac(new GCMBlockCipher(new TwofishEngine())));
- }
- }
-
- public static class Poly1305
- extends BaseMac
- {
- public Poly1305()
- {
- super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine()));
- }
- }
-
- public static class Poly1305KeyGen
- extends BaseKeyGenerator
- {
- public Poly1305KeyGen()
- {
- super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
- }
- }
+ // BEGIN android-removed
+ // public static class ECB
+ // extends BaseBlockCipher
+ // {
+ // public ECB()
+ // {
+ // super(new BlockCipherProvider()
+ // {
+ // public BlockCipher get()
+ // {
+ // return new TwofishEngine();
+ // }
+ // });
+ // }
+ // }
+ //
+ // public static class KeyGen
+ // extends BaseKeyGenerator
+ // {
+ // public KeyGen()
+ // {
+ // super("Twofish", 256, new CipherKeyGenerator());
+ // }
+ // }
+ //
+ // public static class GMAC
+ // extends BaseMac
+ // {
+ // public GMAC()
+ // {
+ // super(new GMac(new GCMBlockCipher(new TwofishEngine())));
+ // }
+ // }
+ //
+ // public static class Poly1305
+ // extends BaseMac
+ // {
+ // public Poly1305()
+ // {
+ // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine()));
+ // }
+ // }
+ //
+ // public static class Poly1305KeyGen
+ // extends BaseKeyGenerator
+ // {
+ // public Poly1305KeyGen()
+ // {
+ // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
+ // }
+ // }
+ // END android-removed
/**
* PBEWithSHAAndTwofish-CBC
@@ -96,14 +106,16 @@
}
}
- public static class AlgParams
- extends IvAlgorithmParameters
- {
- protected String engineToString()
- {
- return "Twofish IV";
- }
- }
+ // BEGIN android-removed
+ // public static class AlgParams
+ // extends IvAlgorithmParameters
+ // {
+ // protected String engineToString()
+ // {
+ // return "Twofish IV";
+ // }
+ // }
+ // END android-removed
public static class Mappings
extends SymmetricAlgorithmProvider
@@ -116,17 +128,21 @@
public void configure(ConfigurableProvider provider)
{
- provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
- provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
- provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
+ // BEGIN android-removed
+ // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
+ // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
+ // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
+ // END android-removed
provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE");
provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory");
- addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
- addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+ // BEGIN android-removed
+ // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
+ // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+ // END android-removed
}
}
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-04-09 13:10:16.000000000 +0000
@@ -20,8 +20,10 @@
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// BEGIN android-removed
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+// END android-removed
import org.bouncycastle.asn1.cms.GCMParameters;
import org.bouncycastle.crypto.BlockCipher;
@@ -35,14 +37,20 @@
import org.bouncycastle.crypto.modes.CCMBlockCipher;
import org.bouncycastle.crypto.modes.CFBBlockCipher;
import org.bouncycastle.crypto.modes.CTSBlockCipher;
-import org.bouncycastle.crypto.modes.EAXBlockCipher;
-import org.bouncycastle.crypto.modes.GCFBBlockCipher;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.modes.EAXBlockCipher;
+// import org.bouncycastle.crypto.modes.GCFBBlockCipher;
+// END android-removed
import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.modes.GOFBBlockCipher;
-import org.bouncycastle.crypto.modes.OCBBlockCipher;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.modes.GOFBBlockCipher;
+// import org.bouncycastle.crypto.modes.OCBBlockCipher;
+// END android-removed
import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
+// END android-removed
import org.bouncycastle.crypto.modes.SICBlockCipher;
import org.bouncycastle.crypto.paddings.BlockCipherPadding;
import org.bouncycastle.crypto.paddings.ISO10126d2Padding;
@@ -55,11 +63,15 @@
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.params.ParametersWithSBox;
+// END android-removed
import org.bouncycastle.crypto.params.RC2Parameters;
-import org.bouncycastle.crypto.params.RC5Parameters;
-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.params.RC5Parameters;
+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
+// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
+// END android-removed
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Strings;
@@ -74,11 +86,15 @@
//
private Class[] availableSpecs =
{
- RC2ParameterSpec.class,
- RC5ParameterSpec.class,
+ // BEGIN android-removed
+ // RC2ParameterSpec.class,
+ // RC5ParameterSpec.class,
+ // END android-removed
IvParameterSpec.class,
PBEParameterSpec.class,
- GOST28147ParameterSpec.class,
+ // BEGIN android-removed
+ // GOST28147ParameterSpec.class,
+ // END android-removed
gcmSpecClass
};
@@ -284,48 +300,52 @@
new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
}
}
- else if (modeName.startsWith("PGP"))
- {
- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
-
- ivLength = baseEngine.getBlockSize();
- cipher = new BufferedGenericBlockCipher(
- new PGPCFBBlockCipher(baseEngine, inlineIV));
- }
- else if (modeName.equalsIgnoreCase("OpenPGPCFB"))
- {
- ivLength = 0;
- cipher = new BufferedGenericBlockCipher(
- new OpenPGPCFBBlockCipher(baseEngine));
- }
- else if (modeName.startsWith("SIC"))
- {
- ivLength = baseEngine.getBlockSize();
- if (ivLength < 16)
- {
- throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
- }
- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
- new SICBlockCipher(baseEngine)));
- }
+ // BEGIN android-removed
+ // else if (modeName.startsWith("PGP"))
+ // {
+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
+ //
+ // ivLength = baseEngine.getBlockSize();
+ // cipher = new BufferedGenericBlockCipher(
+ // new PGPCFBBlockCipher(baseEngine, inlineIV));
+ // }
+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB"))
+ // {
+ // ivLength = 0;
+ // cipher = new BufferedGenericBlockCipher(
+ // new OpenPGPCFBBlockCipher(baseEngine));
+ // }
+ // else if (modeName.startsWith("SIC"))
+ // {
+ // ivLength = baseEngine.getBlockSize();
+ // if (ivLength < 16)
+ // {
+ // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
+ // }
+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+ // new SICBlockCipher(baseEngine)));
+ // }
+ // END android-removed
else if (modeName.startsWith("CTR"))
{
ivLength = baseEngine.getBlockSize();
cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
new SICBlockCipher(baseEngine)));
}
- else if (modeName.startsWith("GOFB"))
- {
- ivLength = baseEngine.getBlockSize();
- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
- new GOFBBlockCipher(baseEngine)));
- }
- else if (modeName.startsWith("GCFB"))
- {
- ivLength = baseEngine.getBlockSize();
- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
- new GCFBBlockCipher(baseEngine)));
- }
+ // BEGIN android-removed
+ // else if (modeName.startsWith("GOFB"))
+ // {
+ // ivLength = baseEngine.getBlockSize();
+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+ // new GOFBBlockCipher(baseEngine)));
+ // }
+ // else if (modeName.startsWith("GCFB"))
+ // {
+ // ivLength = baseEngine.getBlockSize();
+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+ // new GCFBBlockCipher(baseEngine)));
+ // }
+ // END android-removed
else if (modeName.startsWith("CTS"))
{
ivLength = baseEngine.getBlockSize();
@@ -336,26 +356,28 @@
ivLength = 13; // CCM nonce 7..13 bytes
cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
}
- else if (modeName.startsWith("OCB"))
- {
- if (engineProvider != null)
- {
- /*
- * RFC 7253 4.2. Nonce is a string of no more than 120 bits
- */
- ivLength = 15;
- cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
- }
- else
- {
- throw new NoSuchAlgorithmException("can't support mode " + mode);
- }
- }
- else if (modeName.startsWith("EAX"))
- {
- ivLength = baseEngine.getBlockSize();
- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
- }
+ // BEGIN android-removed
+ // else if (modeName.startsWith("OCB"))
+ // {
+ // if (engineProvider != null)
+ // {
+ // /*
+ // * RFC 7253 4.2. Nonce is a string of no more than 120 bits
+ // */
+ // ivLength = 15;
+ // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
+ // }
+ // else
+ // {
+ // throw new NoSuchAlgorithmException("can't support mode " + mode);
+ // }
+ // }
+ // else if (modeName.startsWith("EAX"))
+ // {
+ // ivLength = baseEngine.getBlockSize();
+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
+ // }
+ // END android-removed
else if (modeName.startsWith("GCM"))
{
ivLength = baseEngine.getBlockSize();
@@ -478,18 +500,20 @@
param = new ParametersWithIV(param, iv.getIV());
}
- else if (params instanceof GOST28147ParameterSpec)
- {
- // need to pick up IV and SBox.
- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
-
- param = new ParametersWithSBox(param, gost28147Param.getSbox());
-
- if (gost28147Param.getIV() != null && ivLength != 0)
- {
- param = new ParametersWithIV(param, gost28147Param.getIV());
- }
- }
+ // BEGIN android-removed
+ // else if (params instanceof GOST28147ParameterSpec)
+ // {
+ // // need to pick up IV and SBox.
+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
+ //
+ // param = new ParametersWithSBox(param, gost28147Param.getSbox());
+ //
+ // if (gost28147Param.getIV() != null && ivLength != 0)
+ // {
+ // param = new ParametersWithIV(param, gost28147Param.getIV());
+ // }
+ // }
+ // END android-removed
}
else if (params instanceof PBEParameterSpec)
{
@@ -521,12 +545,14 @@
throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long.");
}
- if (key instanceof RepeatedSecretKeySpec)
- {
- param = new ParametersWithIV(null, p.getIV());
- ivParam = (ParametersWithIV)param;
- }
- else
+ // BEGIN android-removed
+ // if (key instanceof RepeatedSecretKeySpec)
+ // {
+ // param = new ParametersWithIV(null, p.getIV());
+ // ivParam = (ParametersWithIV)param;
+ // }
+ // else
+ // END android-removed
{
param = new ParametersWithIV(new KeyParameter(key.getEncoded()), p.getIV());
ivParam = (ParametersWithIV)param;
@@ -542,63 +568,65 @@
param = new KeyParameter(key.getEncoded());
}
}
- else if (params instanceof GOST28147ParameterSpec)
- {
- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
-
- param = new ParametersWithSBox(
- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox());
-
- if (gost28147Param.getIV() != null && ivLength != 0)
- {
- param = new ParametersWithIV(param, gost28147Param.getIV());
- ivParam = (ParametersWithIV)param;
- }
- }
- else if (params instanceof RC2ParameterSpec)
- {
- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params;
-
- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
-
- if (rc2Param.getIV() != null && ivLength != 0)
- {
- param = new ParametersWithIV(param, rc2Param.getIV());
- ivParam = (ParametersWithIV)param;
- }
- }
- else if (params instanceof RC5ParameterSpec)
- {
- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params;
-
- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
- if (baseEngine.getAlgorithmName().startsWith("RC5"))
- {
- if (baseEngine.getAlgorithmName().equals("RC5-32"))
- {
- if (rc5Param.getWordSize() != 32)
- {
- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
- }
- }
- else if (baseEngine.getAlgorithmName().equals("RC5-64"))
- {
- if (rc5Param.getWordSize() != 64)
- {
- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
- }
- }
- }
- else
- {
- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
- }
- if ((rc5Param.getIV() != null) && (ivLength != 0))
- {
- param = new ParametersWithIV(param, rc5Param.getIV());
- ivParam = (ParametersWithIV)param;
- }
- }
+ // BEGIN android-removed
+ // else if (params instanceof GOST28147ParameterSpec)
+ // {
+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
+ //
+ // param = new ParametersWithSBox(
+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox());
+ //
+ // if (gost28147Param.getIV() != null && ivLength != 0)
+ // {
+ // param = new ParametersWithIV(param, gost28147Param.getIV());
+ // ivParam = (ParametersWithIV)param;
+ // }
+ // }
+ // else if (params instanceof RC2ParameterSpec)
+ // {
+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params;
+ //
+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
+ //
+ // if (rc2Param.getIV() != null && ivLength != 0)
+ // {
+ // param = new ParametersWithIV(param, rc2Param.getIV());
+ // ivParam = (ParametersWithIV)param;
+ // }
+ // }
+ // else if (params instanceof RC5ParameterSpec)
+ // {
+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params;
+ //
+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
+ // if (baseEngine.getAlgorithmName().startsWith("RC5"))
+ // {
+ // if (baseEngine.getAlgorithmName().equals("RC5-32"))
+ // {
+ // if (rc5Param.getWordSize() != 32)
+ // {
+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
+ // }
+ // }
+ // else if (baseEngine.getAlgorithmName().equals("RC5-64"))
+ // {
+ // if (rc5Param.getWordSize() != 64)
+ // {
+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
+ // }
+ // }
+ // }
+ // else
+ // {
+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
+ // }
+ // if ((rc5Param.getIV() != null) && (ivLength != 0))
+ // {
+ // param = new ParametersWithIV(param, rc5Param.getIV());
+ // ivParam = (ParametersWithIV)param;
+ // }
+ // }
+ // END android-removed
else if (gcmSpecClass != null && gcmSpecClass.isInstance(params))
{
if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher))
@@ -611,11 +639,13 @@
Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]);
Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]);
- if (key instanceof RepeatedSecretKeySpec)
- {
- param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
- }
- else
+ // BEGIN android-removed
+ // if (key instanceof RepeatedSecretKeySpec)
+ // {
+ // param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
+ // }
+ // else
+ // END android-removed
{
param = aeadParams = new AEADParameters(new KeyParameter(key.getEncoded()), ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
}
@@ -867,7 +897,9 @@
private boolean isAEADModeName(
String modeName)
{
- return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName);
+ // BEGIN android-changed
+ return "CCM".equals(modeName) || "GCM".equals(modeName);
+ // END android-changed
}
/*
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-12-12 00:35:05.000000000 +0000
@@ -16,8 +16,10 @@
import org.bouncycastle.crypto.Mac;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.SkeinParameters;
-import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.params.SkeinParameters;
+// import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
+// END android-removed
public class BaseMac
extends MacSpi implements PBE
@@ -79,10 +81,12 @@
{
param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV());
}
- else if (params instanceof SkeinParameterSpec)
- {
- param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build();
- }
+ // BEGIN android-removed
+ // else if (params instanceof SkeinParameterSpec)
+ // {
+ // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build();
+ // }
+ // END android-removed
else if (params == null)
{
param = new KeyParameter(key.getEncoded());
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-04-09 13:10:16.000000000 +0000
@@ -15,8 +15,10 @@
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// BEGIN android-removed
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+// END android-removed
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.DataLengthException;
@@ -34,8 +36,10 @@
//
private Class[] availableSpecs =
{
- RC2ParameterSpec.class,
- RC5ParameterSpec.class,
+ // BEGIN android-removed
+ // RC2ParameterSpec.class,
+ // RC5ParameterSpec.class,
+ // END android-removed
IvParameterSpec.class,
PBEParameterSpec.class
};
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-04-09 13:10:16.000000000 +0000
@@ -24,8 +24,10 @@
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// BEGIN android-removed
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+// END android-removed
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
@@ -50,8 +52,10 @@
{
IvParameterSpec.class,
PBEParameterSpec.class,
- RC2ParameterSpec.class,
- RC5ParameterSpec.class
+ // BEGIN android-removed
+ // RC2ParameterSpec.class,
+ // RC5ParameterSpec.class
+ // END android-removed
};
protected int pbeType = PKCS12;
@@ -276,6 +280,8 @@
return null;
}
+ // BEGIN android-changed
+ // added ShortBufferException to throws statement
protected int engineDoFinal(
byte[] input,
int inputOffset,
@@ -286,6 +292,7 @@
{
return 0;
}
+ // END android-changed
protected byte[] engineWrap(
Key key)
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-12-12 00:35:05.000000000 +0000
@@ -7,13 +7,18 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.digests.MD2Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.TigerDigest;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.digests.GOST3411Digest;
+// import org.bouncycastle.crypto.digests.MD2Digest;
+// import org.bouncycastle.crypto.digests.MD5Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.digests.SHA1Digest;
+// import org.bouncycastle.crypto.digests.SHA256Digest;
+// import org.bouncycastle.crypto.digests.TigerDigest;
+// END android-removed
+// BEGIN android-added
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-added
import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
@@ -29,11 +34,15 @@
//
static final int MD5 = 0;
static final int SHA1 = 1;
- static final int RIPEMD160 = 2;
- static final int TIGER = 3;
+ // BEGIN android-removed
+ // static final int RIPEMD160 = 2;
+ // static final int TIGER = 3;
+ // END android-removed
static final int SHA256 = 4;
- static final int MD2 = 5;
- static final int GOST3411 = 6;
+ // BEGIN android-removed
+ // static final int MD2 = 5;
+ // static final int GOST3411 = 6;
+ // END android-removed
static final int PKCS5S1 = 0;
static final int PKCS5S2 = 1;
@@ -57,14 +66,20 @@
{
switch (hash)
{
- case MD2:
- generator = new PKCS5S1ParametersGenerator(new MD2Digest());
- break;
+ // BEGIN android-removed
+ // case MD2:
+ // generator = new PKCS5S1ParametersGenerator(new MD2Digest());
+ // break;
+ // END android-removed
case MD5:
- generator = new PKCS5S1ParametersGenerator(new MD5Digest());
+ // BEGIN android-changed
+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5());
+ // END android-changed
break;
case SHA1:
- generator = new PKCS5S1ParametersGenerator(new SHA1Digest());
+ // BEGIN android-changed
+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1());
+ // END android-changed
break;
default:
throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1.");
@@ -74,27 +89,39 @@
{
switch (hash)
{
- case MD2:
- generator = new PKCS5S2ParametersGenerator(new MD2Digest());
- break;
+ // BEGIN android-removed
+ // case MD2:
+ // generator = new PKCS5S2ParametersGenerator(new MD2Digest());
+ // break;
+ // END android-removed
case MD5:
- generator = new PKCS5S2ParametersGenerator(new MD5Digest());
+ // BEGIN android-changed
+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5());
+ // END android-changed
break;
case SHA1:
- generator = new PKCS5S2ParametersGenerator(new SHA1Digest());
- break;
- case RIPEMD160:
- generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
- break;
- case TIGER:
- generator = new PKCS5S2ParametersGenerator(new TigerDigest());
- break;
+ // BEGIN android-changed
+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1());
+ // END android-changed
+ break;
+ // BEGIN android-removed
+ // case RIPEMD160:
+ // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
+ // break;
+ // case TIGER:
+ // generator = new PKCS5S2ParametersGenerator(new TigerDigest());
+ // break;
+ // END android-removed
case SHA256:
- generator = new PKCS5S2ParametersGenerator(new SHA256Digest());
- break;
- case GOST3411:
- generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
- break;
+ // BEGIN android-changed
+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256());
+ // END android-changed
+ break;
+ // BEGIN android-removed
+ // case GOST3411:
+ // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
+ // break;
+ // END android-removed
default:
throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption.");
}
@@ -103,27 +130,39 @@
{
switch (hash)
{
- case MD2:
- generator = new PKCS12ParametersGenerator(new MD2Digest());
- break;
+ // BEGIN android-removed
+ // case MD2:
+ // generator = new PKCS12ParametersGenerator(new MD2Digest());
+ // break;
+ // END android-removed
case MD5:
- generator = new PKCS12ParametersGenerator(new MD5Digest());
+ // BEGIN android-changed
+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5());
+ // END android-changed
break;
case SHA1:
- generator = new PKCS12ParametersGenerator(new SHA1Digest());
- break;
- case RIPEMD160:
- generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
- break;
- case TIGER:
- generator = new PKCS12ParametersGenerator(new TigerDigest());
- break;
+ // BEGIN android-changed
+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1());
+ // END android-changed
+ break;
+ // BEGIN android-removed
+ // case RIPEMD160:
+ // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
+ // break;
+ // case TIGER:
+ // generator = new PKCS12ParametersGenerator(new TigerDigest());
+ // break;
+ // END android-removed
case SHA256:
- generator = new PKCS12ParametersGenerator(new SHA256Digest());
- break;
- case GOST3411:
- generator = new PKCS12ParametersGenerator(new GOST3411Digest());
- break;
+ // BEGIN android-changed
+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256());
+ // END android-changed
+ break;
+ // BEGIN android-removed
+ // case GOST3411:
+ // generator = new PKCS12ParametersGenerator(new GOST3411Digest());
+ // break;
+ // END android-removed
default:
throw new IllegalStateException("unknown digest scheme for PBE encryption.");
}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-09-26 18:06:21.000000000 +0000
@@ -10,12 +10,17 @@
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
+// BEGIN android-removed
+// import org.bouncycastle.crypto.digests.MD5Digest;
+// import org.bouncycastle.crypto.digests.SHA1Digest;
+// import org.bouncycastle.crypto.digests.SHA224Digest;
+// import org.bouncycastle.crypto.digests.SHA256Digest;
+// import org.bouncycastle.crypto.digests.SHA384Digest;
+// import org.bouncycastle.crypto.digests.SHA512Digest;
+// END android-removed
+// BEGIN android-added
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END android-added
import org.bouncycastle.util.Strings;
public class DigestFactory
@@ -85,27 +90,39 @@
if (sha1.contains(digestName))
{
- return new SHA1Digest();
+ // BEGIN android-changed
+ return AndroidDigestFactory.getSHA1();
+ // END android-changed
}
if (md5.contains(digestName))
{
- return new MD5Digest();
+ // BEGIN android-changed
+ return AndroidDigestFactory.getMD5();
+ // END android-changed
}
if (sha224.contains(digestName))
{
- return new SHA224Digest();
+ // BEGIN android-changed
+ return AndroidDigestFactory.getSHA224();
+ // END android-changed
}
if (sha256.contains(digestName))
{
- return new SHA256Digest();
+ // BEGIN android-changed
+ return AndroidDigestFactory.getSHA256();
+ // END android-changed
}
if (sha384.contains(digestName))
{
- return new SHA384Digest();
+ // BEGIN android-changed
+ return AndroidDigestFactory.getSHA384();
+ // END android-changed
}
if (sha512.contains(digestName))
{
- return new SHA512Digest();
+ // BEGIN android-changed
+ return AndroidDigestFactory.getSHA512();
+ // END android-changed
}
return null;
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 2014-07-28 19:51:54.000000000 +0000
@@ -6,11 +6,15 @@
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END android-removed
/**
* General JCA/JCE utility methods.
@@ -100,22 +104,24 @@
{
return "SHA512";
}
- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
- {
- return "RIPEMD128";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
- {
- return "RIPEMD160";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
- {
- return "RIPEMD256";
- }
- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
- {
- return "GOST3411";
- }
+ // BEGIN android-removed
+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+ // {
+ // return "RIPEMD128";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+ // {
+ // return "RIPEMD160";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+ // {
+ // return "RIPEMD256";
+ // }
+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+ // {
+ // return "GOST3411";
+ // }
+ // END android-removed
else
{
return digestAlgOID.getId();
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 2014-07-28 19:51:54.000000000 +0000
@@ -30,14 +30,18 @@
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.CertificationRequest;
import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Name;
@@ -81,8 +85,11 @@
static
{
- algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
- algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+ // BEGIN android-removed
+ // Dropping MD2
+ // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+ // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+ // END android-removed
algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
@@ -102,12 +109,14 @@
algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ // BEGIN android-removed
+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ // END android-removed
algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
@@ -120,11 +129,13 @@
algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // BEGIN android-removed
+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // END android-removed
//
// reverse mappings
@@ -134,11 +145,15 @@
oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
+ // BEGIN android-removed
+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
+ // END android-removed
oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
- oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+ // BEGIN android-removed
+ // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+ // END android-removed
oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
@@ -172,8 +187,10 @@
//
// RFC 4491
//
- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // BEGIN android-removed
+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // END android-removed
//
// explicit params
//
@@ -616,22 +633,24 @@
{
return "SHA512";
}
- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
- {
- return "RIPEMD128";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
- {
- return "RIPEMD160";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
- {
- return "RIPEMD256";
- }
- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
- {
- return "GOST3411";
- }
+ // BEGIN android-removed
+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+ // {
+ // return "RIPEMD128";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+ // {
+ // return "RIPEMD160";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+ // {
+ // return "RIPEMD256";
+ // }
+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+ // {
+ // return "GOST3411";
+ // }
+ // END android-removed
else
{
return digestAlgOID.getId();
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-04-09 13:10:16.000000000 +0000
@@ -64,15 +64,22 @@
private static final String[] SYMMETRIC_MACS =
{
- "SipHash"
+ // BEGIN android-removed
+ // "SipHash"
+ // END android-removed
};
private static final String[] SYMMETRIC_CIPHERS =
{
- "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
- "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
- "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish",
- "VMPC", "VMPCKSA3", "XTEA", "XSalsa20"
+ // BEGIN android-removed
+ // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
+ // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
+ // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish",
+ // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20"
+ // END android-removed
+ // BEGIN android-added
+ "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish",
+ // END android-added
};
/*
@@ -84,12 +91,22 @@
// later ones configure it.
private static final String[] ASYMMETRIC_GENERIC =
{
- "X509", "IES"
+ // BEGIN android-removed
+ // "X509", "IES"
+ // END android-removed
+ // BEGIN android-added
+ "X509"
+ // END android-added
};
private static final String[] ASYMMETRIC_CIPHERS =
{
- "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145"
+ // BEGIN android-removed
+ // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145"
+ // END android-removed
+ // BEGIN android-added
+ "DSA", "DH", "EC", "RSA",
+ // END android-added
};
/*
@@ -98,7 +115,12 @@
private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest.";
private static final String[] DIGESTS =
{
- "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool"
+ // BEGIN android-removed
+ // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool"
+ // END android-removed
+ // BEGIN android-added
+ "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512",
+ // END android-added
};
/*
@@ -145,48 +167,52 @@
loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES);
- //
- // X509Store
- //
- put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection");
- put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection");
- put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection");
- put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection");
-
- put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts");
- put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs");
- put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts");
- put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs");
-
- //
- // X509StreamParser
- //
- put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser");
- put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser");
- put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser");
- put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser");
-
- //
- // cipher engines
- //
- put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
-
- put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
-
-
- put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
-
- // Certification Path API
- put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi");
- put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
- put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
- put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
+ // BEGIN android-removed
+ // //
+ // // X509Store
+ // //
+ // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection");
+ // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection");
+ // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection");
+ // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection");
+ //
+ // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts");
+ // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs");
+ // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts");
+ // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs");
+ //
+ // //
+ // // X509StreamParser
+ // //
+ // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser");
+ // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser");
+ // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser");
+ // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser");
+ //
+ // //
+ // // cipher engines
+ // //
+ // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
+ //
+ // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
+ //
+ //
+ // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
+ //
+ // // Certification Path API
+ // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi");
+ // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
+ // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
+ // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
+ // END android-removed
put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi");
- put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
- put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
- put("Alg.Alias.CertStore.X509LDAP", "LDAP");
+ // BEGIN android-removed
+ // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
+ // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
+ // put("Alg.Alias.CertStore.X509LDAP", "LDAP");
+ // END android-removed
}
private void loadAlgorithms(String packageName, String[] names)
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 2015-06-10 22:51:41.000000000 +0000
@@ -0,0 +1,233 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.jce.provider;
+
+import java.io.Closeable;
+import java.io.ByteArrayOutputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.RandomAccessFile;
+import java.math.BigInteger;
+import java.security.PublicKey;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import org.bouncycastle.crypto.Digest;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import org.bouncycastle.util.encoders.Hex;
+
+public class CertBlacklist {
+ private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName());
+
+ // public for testing
+ public final Set<BigInteger> serialBlacklist;
+ public final Set<byte[]> pubkeyBlacklist;
+
+ public CertBlacklist() {
+ String androidData = System.getenv("ANDROID_DATA");
+ String blacklistRoot = androidData + "/misc/keychain/";
+ String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt";
+ String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt";
+
+ pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath);
+ serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath);
+ }
+
+ /** Test only interface, not for public use */
+ public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) {
+ pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath);
+ serialBlacklist = readSerialBlackList(serialBlacklistPath);
+ }
+
+ private static boolean isHex(String value) {
+ try {
+ new BigInteger(value, 16);
+ return true;
+ } catch (NumberFormatException e) {
+ logger.log(Level.WARNING, "Could not parse hex value " + value, e);
+ return false;
+ }
+ }
+
+ private static boolean isPubkeyHash(String value) {
+ if (value.length() != 40) {
+ logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length());
+ return false;
+ }
+ return isHex(value);
+ }
+
+ private static String readBlacklist(String path) {
+ try {
+ return readFileAsString(path);
+ } catch (FileNotFoundException ignored) {
+ } catch (IOException e) {
+ logger.log(Level.WARNING, "Could not read blacklist", e);
+ }
+ return "";
+ }
+
+ // From IoUtils.readFileAsString
+ private static String readFileAsString(String path) throws IOException {
+ return readFileAsBytes(path).toString("UTF-8");
+ }
+
+ // Based on IoUtils.readFileAsBytes
+ private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException {
+ RandomAccessFile f = null;
+ try {
+ f = new RandomAccessFile(path, "r");
+ ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length());
+ byte[] buffer = new byte[8192];
+ while (true) {
+ int byteCount = f.read(buffer);
+ if (byteCount == -1) {
+ return bytes;
+ }
+ bytes.write(buffer, 0, byteCount);
+ }
+ } finally {
+ closeQuietly(f);
+ }
+ }
+
+ // Base on IoUtils.closeQuietly
+ private static void closeQuietly(Closeable closeable) {
+ if (closeable != null) {
+ try {
+ closeable.close();
+ } catch (RuntimeException rethrown) {
+ throw rethrown;
+ } catch (Exception ignored) {
+ }
+ }
+ }
+
+ private static final Set<BigInteger> readSerialBlackList(String path) {
+
+ /* Start out with a base set of known bad values.
+ *
+ * WARNING: Do not add short serials to this list!
+ *
+ * Since this currently doesn't compare the serial + issuer, you
+ * should only add serials that have enough entropy here. Short
+ * serials may inadvertently match a certificate that was issued
+ * not in compliance with the Baseline Requirements.
+ */
+ Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList(
+ // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup
+ // Not a real certificate. For testing only.
+ new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16),
+ new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16),
+ new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16),
+ new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16),
+ new BigInteger("9239d5348f40d1695a745470e1f23f43", 16),
+ new BigInteger("e9028b9578e415dc1a710a2b88154447", 16),
+ new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16),
+ new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16),
+ new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16),
+ new BigInteger("3e75ced46b693021218830ae86a82a71", 16)
+ ));
+
+ // attempt to augment it with values taken from gservices
+ String serialBlacklist = readBlacklist(path);
+ if (!serialBlacklist.equals("")) {
+ for(String value : serialBlacklist.split(",")) {
+ try {
+ bl.add(new BigInteger(value, 16));
+ } catch (NumberFormatException e) {
+ logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e);
+ }
+ }
+ }
+
+ // whether that succeeds or fails, send it on its merry way
+ return Collections.unmodifiableSet(bl);
+ }
+
+ private static final Set<byte[]> readPublicKeyBlackList(String path) {
+
+ // start out with a base set of known bad values
+ Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList(
+ // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750
+ // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl
+ "410f36363258f30b347d12ce4863e433437806a8".getBytes(),
+ // Subject: CN=DigiNotar Cyber CA
+ // Issuer: CN=GTE CyberTrust Global Root
+ "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(),
+ // Subject: CN=DigiNotar Services 1024 CA
+ // Issuer: CN=Entrust.net
+ "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(),
+ // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
+ // Issuer: CN=Staat der Nederlanden Organisatie CA - G2
+ "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(),
+ // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
+ // Issuer: CN=Staat der Nederlanden Overheid CA
+ "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(),
+ // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479
+ // Subject: O=Digicert Sdn. Bhd.
+ // Issuer: CN=GTE CyberTrust Global Root
+ "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(),
+ // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org
+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
+ "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(),
+ // Subject: CN=*.EGO.GOV.TR 93
+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
+ "783333c9687df63377efceddd82efa9101913e8e".getBytes(),
+ // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL
+ // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification
+ "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes()
+ ));
+
+ // attempt to augment it with values taken from gservices
+ String pubkeyBlacklist = readBlacklist(path);
+ if (!pubkeyBlacklist.equals("")) {
+ for (String value : pubkeyBlacklist.split(",")) {
+ value = value.trim();
+ if (isPubkeyHash(value)) {
+ bl.add(value.getBytes());
+ } else {
+ logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value);
+ }
+ }
+ }
+
+ return bl;
+ }
+
+ public boolean isPublicKeyBlackListed(PublicKey publicKey) {
+ byte[] encoded = publicKey.getEncoded();
+ Digest digest = AndroidDigestFactory.getSHA1();
+ digest.update(encoded, 0, encoded.length);
+ byte[] out = new byte[digest.getDigestSize()];
+ digest.doFinal(out, 0);
+ for (byte[] blacklisted : pubkeyBlacklist) {
+ if (Arrays.equals(blacklisted, Hex.encode(out))) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public boolean isSerialNumberBlackListed(BigInteger serial) {
+ return serialBlacklist.contains(serial);
+ }
+
+}
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-04-09 13:10:16.000000000 +0000
@@ -35,6 +35,7 @@
import java.util.List;
import java.util.Map;
import java.util.Set;
+import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Enumerated;
@@ -73,7 +74,9 @@
import org.bouncycastle.util.Store;
import org.bouncycastle.util.StoreException;
import org.bouncycastle.x509.X509AttributeCertificate;
-import org.bouncycastle.x509.extension.X509ExtensionUtil;
+// BEGIN android-removed
+// import org.bouncycastle.x509.extension.X509ExtensionUtil;
+// END android-removed
class CertPathValidatorUtilities
{
@@ -653,20 +656,22 @@
{
Object obj = iter.next();
- if (obj instanceof Store)
- {
- Store certStore = (Store)obj;
- try
- {
- certs.addAll(certStore.getMatches(certSelect));
- }
- catch (StoreException e)
- {
- throw new AnnotatedException(
- "Problem while picking certificates from X.509 store.", e);
- }
- }
- else
+ // BEGIN android-removed
+ // if (obj instanceof X509Store)
+ // {
+ // X509Store certStore = (X509Store)obj;
+ // try
+ // {
+ // certs.addAll(certStore.getMatches(certSelect));
+ // }
+ // catch (StoreException e)
+ // {
+ // throw new AnnotatedException(
+ // "Problem while picking certificates from X.509 store.", e);
+ // }
+ // }
+ // else
+ // END android-removed
{
CertStore certStore = (CertStore)obj;
@@ -715,7 +720,14 @@
for (int j = 0; j < genNames.length; j++)
{
- PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]);
+ // BEGIN android-removed
+ // PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]);
+ // END android-removed
+ // BEGIN android-added
+ // Seems like a bug, unless there should be a guarantee that j < i,
+ // However, it's breaking the tests.
+ PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]);
+ // END android-added
if (store != null)
{
stores.add(store);
@@ -888,8 +900,20 @@
{
return;
}
-
- X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
+ // BEGIN android-removed
+ // X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
+ // END android-removed
+ // BEGIN android-added
+ // The original code throws null pointer exception for OpenSSLX509CRL,
+ // which uses the implementation for getCertificateIssuer() in X509CRL, method
+ // whose reference implementation has the following JavaDoc: "If the certificate
+ // issuer is also the CRL issuer, this method returns null."
+ X500Name certIssuer = null;
+ X500Principal certificateIssuerPrincipal = crl_entry.getCertificateIssuer();
+ if (certificateIssuerPrincipal != null) {
+ certIssuer = X500Name.getInstance(certificateIssuerPrincipal.getEncoded());
+ }
+ // END android-added
if (certIssuer == null)
{
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2014-07-28 19:51:54.000000000 +0000
@@ -19,8 +19,10 @@
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// END android-removed
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.sec.ECPrivateKeyStructure;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
@@ -202,21 +204,23 @@
ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
- if (ecP == null) // GOST Curve
- {
- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
-
- ecSpec = new ECNamedCurveSpec(
- ECGOST3410NamedCurves.getName(oid),
- ellipticCurve,
- new ECPoint(
- gParam.getG().getAffineXCoord().toBigInteger(),
- gParam.getG().getAffineYCoord().toBigInteger()),
- gParam.getN(),
- gParam.getH());
- }
- else
+ // BEGIN android-removed
+ // if (ecP == null) // GOST Curve
+ // {
+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
+ //
+ // ecSpec = new ECNamedCurveSpec(
+ // ECGOST3410NamedCurves.getName(oid),
+ // ellipticCurve,
+ // new ECPoint(
+ // gParam.getG().getAffineXCoord().toBigInteger(),
+ // gParam.getG().getAffineYCoord().toBigInteger()),
+ // gParam.getN(),
+ // gParam.getH());
+ // }
+ // else
+ // END android-removed
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
@@ -330,11 +334,13 @@
try
{
- if (algorithm.equals("ECGOST3410"))
- {
- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
- }
- else
+ // BEGIN android-removed
+ // if (algorithm.equals("ECGOST3410"))
+ // {
+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
+ // }
+ // else
+ // END android-removed
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 2014-07-28 19:51:54.000000000 +0000
@@ -18,9 +18,11 @@
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
@@ -33,9 +35,13 @@
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
+// BEGIN android-removed
+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
+// END android-removed
import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
+// BEGIN android-removed
+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
+// END android-removed
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.math.ec.custom.sec.SecP256K1Point;
@@ -48,7 +54,9 @@
private org.bouncycastle.math.ec.ECPoint q;
private ECParameterSpec ecSpec;
private boolean withCompression;
- private GOST3410PublicKeyAlgParameters gostParams;
+ // BEGIN android-removed
+ // private GOST3410PublicKeyAlgParameters gostParams;
+ // END android-removed
public JCEECPublicKey(
String algorithm,
@@ -58,7 +66,9 @@
this.q = key.q;
this.ecSpec = key.ecSpec;
this.withCompression = key.withCompression;
- this.gostParams = key.gostParams;
+ // BEGIN android-removed
+ // this.gostParams = key.gostParams;
+ // END android-removed
}
public JCEECPublicKey(
@@ -181,54 +191,55 @@
private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
{
- if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001))
- {
- DERBitString bits = info.getPublicKeyData();
- ASN1OctetString key;
- this.algorithm = "ECGOST3410";
-
- try
- {
- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
- }
- catch (IOException ex)
- {
- throw new IllegalArgumentException("error recovering public key");
- }
-
- byte[] keyEnc = key.getOctets();
- byte[] x = new byte[32];
- byte[] y = new byte[32];
-
- for (int i = 0; i != x.length; i++)
- {
- x[i] = keyEnc[32 - 1 - i];
- }
-
- for (int i = 0; i != y.length; i++)
- {
- y[i] = keyEnc[64 - 1 - i];
- }
-
- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
-
- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
-
- ECCurve curve = spec.getCurve();
- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
-
- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
-
- ecSpec = new ECNamedCurveSpec(
- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
- ellipticCurve,
- new ECPoint(
- spec.getG().getAffineXCoord().toBigInteger(),
- spec.getG().getAffineYCoord().toBigInteger()),
- spec.getN(), spec.getH());
-
- }
- else
+ // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001))
+ // {
+ // DERBitString bits = info.getPublicKeyData();
+ // ASN1OctetString key;
+ // this.algorithm = "ECGOST3410";
+ //
+ // try
+ // {
+ // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
+ // }
+ // catch (IOException ex)
+ // {
+ // throw new IllegalArgumentException("error recovering public key");
+ // }
+ //
+ // byte[] keyEnc = key.getOctets();
+ // byte[] x = new byte[32];
+ // byte[] y = new byte[32];
+ //
+ // for (int i = 0; i != x.length; i++)
+ // {
+ // x[i] = keyEnc[32 - 1 - i];
+ // }
+ //
+ // for (int i = 0; i != y.length; i++)
+ // {
+ // y[i] = keyEnc[64 - 1 - i];
+ // }
+ //
+ // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
+ //
+ // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
+ //
+ // ECCurve curve = spec.getCurve();
+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
+ //
+ // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
+ //
+ // ecSpec = new ECNamedCurveSpec(
+ // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
+ // ellipticCurve,
+ // new ECPoint(
+ // spec.getG().getAffineXCoord().toBigInteger(),
+ // spec.getG().getAffineYCoord().toBigInteger()),
+ // spec.getN(), spec.getH());
+ //
+ // }
+ // else
+ // END android-removed
{
X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters());
ECCurve curve;
@@ -317,52 +328,54 @@
ASN1Encodable params;
SubjectPublicKeyInfo info;
- if (algorithm.equals("ECGOST3410"))
- {
- if (gostParams != null)
- {
- params = gostParams;
- }
- else
- {
- if (ecSpec instanceof ECNamedCurveSpec)
- {
- params = new GOST3410PublicKeyAlgParameters(
- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
- }
- else
- { // strictly speaking this may not be applicable...
- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
- X9ECParameters ecP = new X9ECParameters(
- curve,
- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
- ecSpec.getOrder(),
- BigInteger.valueOf(ecSpec.getCofactor()),
- ecSpec.getCurve().getSeed());
-
- params = new X962Parameters(ecP);
- }
- }
-
- BigInteger bX = this.q.getAffineXCoord().toBigInteger();
- BigInteger bY = this.q.getAffineYCoord().toBigInteger();
- byte[] encKey = new byte[64];
-
- extractBytes(encKey, 0, bX);
- extractBytes(encKey, 32, bY);
-
- try
- {
- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
- }
- catch (IOException e)
- {
- return null;
- }
- }
- else
+ // BEGIN android-removed
+ // if (algorithm.equals("ECGOST3410"))
+ // {
+ // if (gostParams != null)
+ // {
+ // params = gostParams;
+ // }
+ // else
+ // {
+ // if (ecSpec instanceof ECNamedCurveSpec)
+ // {
+ // params = new GOST3410PublicKeyAlgParameters(
+ // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
+ // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
+ // }
+ // else
+ // { // strictly speaking this may not be applicable...
+ // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
+ //
+ // X9ECParameters ecP = new X9ECParameters(
+ // curve,
+ // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
+ // ecSpec.getOrder(),
+ // BigInteger.valueOf(ecSpec.getCofactor()),
+ // ecSpec.getCurve().getSeed());
+ //
+ // params = new X962Parameters(ecP);
+ // }
+ // }
+ //
+ // BigInteger bX = this.q.getAffineXCoord().toBigInteger();
+ // BigInteger bY = this.q.getAffineYCoord().toBigInteger();
+ // byte[] encKey = new byte[64];
+ //
+ // extractBytes(encKey, 0, bX);
+ // extractBytes(encKey, 32, bY);
+ //
+ // try
+ // {
+ // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
+ // }
+ // catch (IOException e)
+ // {
+ // return null;
+ // }
+ // }
+ // else
+ // END android-removed
{
if (ecSpec instanceof ECNamedCurveSpec)
{
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-04-09 13:10:16.000000000 +0000
@@ -88,22 +88,24 @@
{
Object obj = iter.next();
- if (obj instanceof Store)
- {
- Store store = (Store)obj;
+ // BEGIN android-removed
+ // if (obj instanceof Store)
+ // {
+ // Store store = (Store)obj;
- try
- {
- crls.addAll(store.getMatches(crlSelect));
- foundValidStore = true;
- }
- catch (StoreException e)
- {
- lastException = new AnnotatedException(
- "Exception searching in X.509 CRL store.", e);
- }
- }
- else
+ // try
+ // {
+ // crls.addAll(store.getMatches(crlSelect));
+ // foundValidStore = true;
+ // }
+ // catch (StoreException e)
+ // {
+ // lastException = new AnnotatedException(
+ // "Exception searching in X.509 CRL store.", e);
+ // }
+ // }
+ // else
+ // END android-removed
{
CertStore store = (CertStore)obj;
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-04-24 13:59:41.000000000 +0000
@@ -1,5 +1,8 @@
package org.bouncycastle.jce.provider;
+// BEGIN android-added
+import java.math.BigInteger;
+// END android-added
import java.security.InvalidAlgorithmParameterException;
import java.security.PublicKey;
import java.security.cert.CertPath;
@@ -41,6 +44,11 @@
public PKIXCertPathValidatorSpi()
{
}
+ // BEGIN android-added
+ private static class NoPreloadHolder {
+ private final static CertBlacklist blacklist = new CertBlacklist();
+ }
+ // END android-added
public CertPathValidatorResult engineValidate(
CertPath certPath,
@@ -73,10 +81,18 @@
{
paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters();
}
- else
+ // BEGIN android-changed
+ // else
+ else if (params instanceof PKIXExtendedParameters)
+ // END android-changed
{
paramsPKIX = (PKIXExtendedParameters)params;
}
+ // BEGIN android-added
+ else {
+ throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters");
+ }
+ // END android-added
if (paramsPKIX.getTrustAnchors() == null)
{
@@ -98,6 +114,22 @@
{
throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0);
}
+ // BEGIN android-added
+ {
+ X509Certificate cert = (X509Certificate) certs.get(0);
+
+ if (cert != null) {
+ BigInteger serial = cert.getSerialNumber();
+ if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) {
+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
+ String message = "Certificate revocation of serial 0x" + serial.toString(16);
+ System.out.println(message);
+ AnnotatedException e = new AnnotatedException(message);
+ throw new CertPathValidatorException(e.getMessage(), e, certPath, 0);
+ }
+ }
+ }
+ // END android-added
//
// (b)
@@ -277,6 +309,15 @@
for (index = certs.size() - 1; index >= 0; index--)
{
+ // BEGIN android-added
+ if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) {
+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
+ String message = "Certificate revocation of public key " + workingPublicKey;
+ System.out.println(message);
+ AnnotatedException e = new AnnotatedException(message);
+ throw new CertPathValidatorException(e.getMessage(), e, certPath, index);
+ }
+ // END android-added
// try
// {
//
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-31 02:26:40.000000000 +0000
@@ -57,6 +57,9 @@
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.KeyUsage;
+// BEGIN android-added
+import org.bouncycastle.asn1.x509.X509Name;
+// END android-added
import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
@@ -562,12 +565,20 @@
}
}
+ // BEGIN android-changed
+ private byte[] encoded;
+ // END android-changed
public byte[] getEncoded()
throws CertificateEncodingException
{
try
{
- return c.getEncoded(ASN1Encoding.DER);
+ // BEGIN android-changed
+ if (encoded == null) {
+ encoded = c.getEncoded(ASN1Encoding.DER);
+ }
+ return encoded;
+ // END android-changed
}
catch (IOException e)
{
@@ -858,7 +869,9 @@
list.add(genName.getEncoded());
break;
case GeneralName.directoryName:
- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
+ // BEGIN android-changed
+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
+ // END android-changed
break;
case GeneralName.dNSName:
case GeneralName.rfc822Name:
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 2014-07-28 19:51:54.000000000 +0000
@@ -14,7 +14,9 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -66,12 +68,14 @@
if (params != null && !derNull.equals(params))
{
- if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
- {
- RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
-
- return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
- }
+ // BEGIN android-removed
+ // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
+ // {
+ // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
+ //
+ // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
+ // }
+ // END android-removed
if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2))
{
ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params);
@@ -114,22 +118,24 @@
{
return "SHA512";
}
- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
- {
- return "RIPEMD128";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
- {
- return "RIPEMD160";
- }
- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
- {
- return "RIPEMD256";
- }
- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
- {
- return "GOST3411";
- }
+ // BEGIN android-removed
+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+ // {
+ // return "RIPEMD128";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+ // {
+ // return "RIPEMD160";
+ // }
+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+ // {
+ // return "RIPEMD256";
+ // }
+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+ // {
+ // return "GOST3411";
+ // }
+ // END android-removed
else
{
return digestAlgOID.getId();
diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java
--- bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java 2015-03-01 12:03:02.000000000 +0000
+++ bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 2014-07-28 19:51:54.000000000 +0000
@@ -25,12 +25,16 @@
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN android-removed
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.jce.X509Principal;
@@ -44,8 +48,10 @@
static
{
- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
+ // BEGIN android-removed
+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
+ // END android-removed
algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
@@ -63,12 +69,14 @@
algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ // BEGIN android-removed
+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ // END android-removed
algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
@@ -81,11 +89,13 @@
algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // BEGIN android-removed
+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // END android-removed
//
// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
@@ -105,8 +115,10 @@
//
// RFC 4491
//
- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // BEGIN android-removed
+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ // END android-removed
//
// explicit params