1diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-147/org/bouncycastle/asn1/ASN1Null.java 2--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/ASN1Null.java 2012-03-22 15:11:48.000000000 +0000 3+++ bcprov-jdk15on-147/org/bouncycastle/asn1/ASN1Null.java 2013-01-23 01:01:51.774746500 +0000 4@@ -8,9 +8,11 @@ 5 public abstract class ASN1Null 6 extends ASN1Primitive 7 { 8- public ASN1Null() 9+ // BEGIN android-changed 10+ /*package*/ ASN1Null() 11 { 12 } 13+ // END android-changed 14 15 public static ASN1Null getInstance(Object o) 16 { 17diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERBoolean.java bcprov-jdk15on-147/org/bouncycastle/asn1/DERBoolean.java 18--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERBoolean.java 2012-03-22 15:11:48.000000000 +0000 19+++ bcprov-jdk15on-147/org/bouncycastle/asn1/DERBoolean.java 2013-01-23 01:01:51.764746324 +0000 20@@ -10,7 +10,9 @@ 21 private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; 22 private static final byte[] FALSE_VALUE = new byte[] { 0 }; 23 24- private byte[] value; 25+ // BEGIN android-changed 26+ final private byte[] value; 27+ // END android-changed 28 29 public static final ASN1Boolean FALSE = new ASN1Boolean(false); 30 public static final ASN1Boolean TRUE = new ASN1Boolean(true); 31@@ -46,6 +48,17 @@ 32 return (value ? TRUE : FALSE); 33 } 34 35+ // BEGIN android-added 36+ /** 37+ * return a DERBoolean from the passed in array. 38+ */ 39+ public static DERBoolean getInstance( 40+ byte[] octets) 41+ { 42+ return (octets[0] != 0) ? TRUE : FALSE; 43+ } 44+ 45+ // END android-added 46 /** 47 * return a Boolean from a tagged object. 48 * 49@@ -71,7 +84,9 @@ 50 } 51 } 52 53- DERBoolean( 54+ // BEGIN android-changed 55+ protected DERBoolean( 56+ // END android-changed 57 byte[] value) 58 { 59 if (value.length != 1) 60@@ -93,8 +108,10 @@ 61 } 62 } 63 64- public DERBoolean( 65+ // BEGIN android-changed 66+ protected DERBoolean( 67 boolean value) 68+ // END android-changed 69 { 70 this.value = (value) ? TRUE_VALUE : FALSE_VALUE; 71 } 72diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-147/org/bouncycastle/asn1/DERNull.java 73--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERNull.java 2012-03-22 15:11:48.000000000 +0000 74+++ bcprov-jdk15on-147/org/bouncycastle/asn1/DERNull.java 2013-01-23 01:01:51.774746500 +0000 75@@ -12,7 +12,9 @@ 76 77 private static final byte[] zeroBytes = new byte[0]; 78 79- public DERNull() 80+ // BEGIN android-changed 81+ protected DERNull() 82+ // END android-changed 83 { 84 } 85 86diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERObjectIdentifier.java bcprov-jdk15on-147/org/bouncycastle/asn1/DERObjectIdentifier.java 87--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERObjectIdentifier.java 2012-03-22 15:11:48.000000000 +0000 88+++ bcprov-jdk15on-147/org/bouncycastle/asn1/DERObjectIdentifier.java 2013-01-23 01:01:51.784746676 +0000 89@@ -117,7 +117,13 @@ 90 } 91 } 92 93- this.identifier = objId.toString(); 94+ // BEGIN android-changed 95+ /* 96+ * Intern the identifier so there aren't hundreds of duplicates 97+ * (in practice). 98+ */ 99+ this.identifier = objId.toString().intern(); 100+ // END android-changed 101 } 102 103 public DERObjectIdentifier( 104@@ -128,7 +134,13 @@ 105 throw new IllegalArgumentException("string " + identifier + " not an OID"); 106 } 107 108- this.identifier = identifier; 109+ // BEGIN android-changed 110+ /* 111+ * Intern the identifier so there aren't hundreds of duplicates 112+ * (in practice). 113+ */ 114+ this.identifier = identifier.intern(); 115+ // END android-changed 116 } 117 118 public String getId() 119diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-147/org/bouncycastle/asn1/DERPrintableString.java 120--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/DERPrintableString.java 2012-03-22 15:11:48.000000000 +0000 121+++ bcprov-jdk15on-147/org/bouncycastle/asn1/DERPrintableString.java 2013-01-23 01:01:51.854747908 +0000 122@@ -12,7 +12,9 @@ 123 extends ASN1Primitive 124 implements ASN1String 125 { 126- private byte[] string; 127+ // BEGIN android-changed 128+ private final byte[] string; 129+ // END android-changed 130 131 /** 132 * return a printable string from the passed in object. 133diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-147/org/bouncycastle/asn1/cms/ContentInfo.java 134--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2012-03-22 15:11:48.000000000 +0000 135+++ bcprov-jdk15on-147/org/bouncycastle/asn1/cms/ContentInfo.java 2013-01-23 01:01:51.874748260 +0000 136@@ -12,7 +12,9 @@ 137 138 public class ContentInfo 139 extends ASN1Object 140- implements CMSObjectIdentifiers 141+ // BEGIN android-removed 142+ // implements CMSObjectIdentifiers 143+ // END android-removed 144 { 145 private ASN1ObjectIdentifier contentType; 146 private ASN1Encodable content; 147diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 148--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 2012-03-22 15:11:48.000000000 +0000 149+++ bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 2013-01-23 01:01:51.774746500 +0000 150@@ -37,10 +37,13 @@ 151 public static EncryptedPrivateKeyInfo getInstance( 152 Object obj) 153 { 154- if (obj instanceof EncryptedData) 155+ // BEGIN android-changed 156+ // fix copy and paste error in instanceof call 157+ if (obj instanceof EncryptedPrivateKeyInfo) 158 { 159 return (EncryptedPrivateKeyInfo)obj; 160 } 161+ // END android-changed 162 else if (obj != null) 163 { 164 return new EncryptedPrivateKeyInfo(ASN1Sequence.getInstance(obj)); 165diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 166--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2012-03-22 15:11:48.000000000 +0000 167+++ bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-01-23 01:01:51.774746500 +0000 168@@ -10,8 +10,10 @@ 169 // 170 static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); 171 static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); 172- static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 173- static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 174+ // BEGIN android-removed 175+ // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 176+ // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 177+ // END android-removed 178 static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); 179 static final ASN1ObjectIdentifier sha1WithRSAEncryption = pkcs_1.branch("5"); 180 static final ASN1ObjectIdentifier srsaOAEPEncryptionSET = pkcs_1.branch("6"); 181@@ -22,7 +24,9 @@ 182 static final ASN1ObjectIdentifier sha256WithRSAEncryption = pkcs_1.branch("11"); 183 static final ASN1ObjectIdentifier sha384WithRSAEncryption = pkcs_1.branch("12"); 184 static final ASN1ObjectIdentifier sha512WithRSAEncryption = pkcs_1.branch("13"); 185- static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); 186+ // BEGIN android-removed 187+ // static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); 188+ // END android-removed 189 190 // 191 // pkcs-3 OBJECT IDENTIFIER ::= { 192@@ -65,13 +69,17 @@ 193 // md2 OBJECT IDENTIFIER ::= 194 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} 195 // 196- static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 197+ // BEGIN android-removed 198+ // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 199+ // END android-removed 200 201 // 202 // md4 OBJECT IDENTIFIER ::= 203 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} 204 // 205- static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 206+ // BEGIN android-removed 207+ // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 208+ // END android-removed 209 210 // 211 // md5 OBJECT IDENTIFIER ::= 212@@ -80,7 +88,9 @@ 213 static final ASN1ObjectIdentifier md5 = digestAlgorithm.branch("5"); 214 215 static final ASN1ObjectIdentifier id_hmacWithSHA1 = digestAlgorithm.branch("7"); 216- static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); 217+ // BEGIN android-removed 218+ // static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); 219+ // END android-removed 220 static final ASN1ObjectIdentifier id_hmacWithSHA256 = digestAlgorithm.branch("9"); 221 static final ASN1ObjectIdentifier id_hmacWithSHA384 = digestAlgorithm.branch("10"); 222 static final ASN1ObjectIdentifier id_hmacWithSHA512 = digestAlgorithm.branch("11"); 223diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 224--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 2012-03-22 15:11:48.000000000 +0000 225+++ bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 2013-01-23 01:01:51.774746500 +0000 226@@ -19,7 +19,9 @@ 227 private AlgorithmIdentifier maskGenAlgorithm; 228 private AlgorithmIdentifier pSourceAlgorithm; 229 230- public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); 231+ // BEGIN android-changed 232+ public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); 233+ // END android-changed 234 public final static AlgorithmIdentifier DEFAULT_MASK_GEN_FUNCTION = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, DEFAULT_HASH_ALGORITHM); 235 public final static AlgorithmIdentifier DEFAULT_P_SOURCE_ALGORITHM = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0])); 236 237diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 238--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 2012-03-22 15:11:48.000000000 +0000 239+++ bcprov-jdk15on-147/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 2013-01-23 01:01:51.774746500 +0000 240@@ -22,7 +22,9 @@ 241 private ASN1Integer saltLength; 242 private ASN1Integer trailerField; 243 244- public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); 245+ // BEGIN android-changed 246+ public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); 247+ // END android-changed 248 public final static AlgorithmIdentifier DEFAULT_MASK_GEN_FUNCTION = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, DEFAULT_HASH_ALGORITHM); 249 public final static ASN1Integer DEFAULT_SALT_LENGTH = new ASN1Integer(20); 250 public final static ASN1Integer DEFAULT_TRAILER_FIELD = new ASN1Integer(1); 251diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/util/ASN1Dump.java bcprov-jdk15on-147/org/bouncycastle/asn1/util/ASN1Dump.java 252--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/util/ASN1Dump.java 2012-03-22 15:11:48.000000000 +0000 253+++ bcprov-jdk15on-147/org/bouncycastle/asn1/util/ASN1Dump.java 2013-01-23 01:01:51.874748260 +0000 254@@ -78,7 +78,9 @@ 255 { 256 Object o = e.nextElement(); 257 258- if (o == null || o.equals(new DERNull())) 259+ // BEGIN android-changed 260+ if (o == null || o.equals(DERNull.INSTANCE)) 261+ // END android-changed 262 { 263 buf.append(tab); 264 buf.append("NULL"); 265diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/AttCertIssuer.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/AttCertIssuer.java 266--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/AttCertIssuer.java 2012-03-22 15:11:48.000000000 +0000 267+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/AttCertIssuer.java 2013-01-23 01:01:51.784746676 +0000 268@@ -46,7 +46,7 @@ 269 ASN1TaggedObject obj, 270 boolean explicit) 271 { 272- return getInstance(obj.getObject()); // must be explictly tagged 273+ return getInstance(obj.getObject()); // must be explicitly tagged 274 } 275 276 /** 277diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 278--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2012-03-22 15:11:48.000000000 +0000 279+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2013-01-23 01:01:51.804747028 +0000 280@@ -14,7 +14,9 @@ 281 import org.bouncycastle.asn1.DERSequence; 282 import org.bouncycastle.asn1.DERTaggedObject; 283 import org.bouncycastle.crypto.Digest; 284-import org.bouncycastle.crypto.digests.SHA1Digest; 285+// BEGIN android-changed 286+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 287+// END android-changed 288 289 /** 290 * The AuthorityKeyIdentifier object. 291@@ -101,7 +103,9 @@ 292 public AuthorityKeyIdentifier( 293 SubjectPublicKeyInfo spki) 294 { 295- Digest digest = new SHA1Digest(); 296+ // BEGIN android-changed 297+ Digest digest = AndroidDigestFactory.getSHA1(); 298+ // END android-changed 299 byte[] resBuf = new byte[digest.getDigestSize()]; 300 301 byte[] bytes = spki.getPublicKeyData().getBytes(); 302@@ -119,7 +123,9 @@ 303 GeneralNames name, 304 BigInteger serialNumber) 305 { 306- Digest digest = new SHA1Digest(); 307+ // BEGIN android-changed 308+ Digest digest = AndroidDigestFactory.getSHA1(); 309+ // END android-changed 310 byte[] resBuf = new byte[digest.getDigestSize()]; 311 312 byte[] bytes = spki.getPublicKeyData().getBytes(); 313diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/BasicConstraints.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/BasicConstraints.java 314--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/BasicConstraints.java 2012-03-22 15:11:48.000000000 +0000 315+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/BasicConstraints.java 2013-01-23 01:01:51.804747028 +0000 316@@ -14,7 +14,9 @@ 317 public class BasicConstraints 318 extends ASN1Object 319 { 320- DERBoolean cA = new DERBoolean(false); 321+ // BEGIN android-changed 322+ DERBoolean cA = DERBoolean.FALSE; 323+ // END android-changed 324 ASN1Integer pathLenConstraint = null; 325 326 public static BasicConstraints getInstance( 327@@ -81,7 +83,9 @@ 328 { 329 if (cA) 330 { 331- this.cA = new DERBoolean(true); 332+ // BEGIN android-changed 333+ this.cA = DERBoolean.TRUE; 334+ // END android-changed 335 } 336 else 337 { 338@@ -98,7 +102,9 @@ 339 public BasicConstraints( 340 int pathLenConstraint) 341 { 342- this.cA = new DERBoolean(true); 343+ // BEGIN android-changed 344+ this.cA = DERBoolean.TRUE; 345+ // END android-changed 346 this.pathLenConstraint = new ASN1Integer(pathLenConstraint); 347 } 348 349diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/CRLReason.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/CRLReason.java 350--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/CRLReason.java 2012-03-22 15:11:48.000000000 +0000 351+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/CRLReason.java 2013-01-23 01:01:51.804747028 +0000 352@@ -138,7 +138,9 @@ 353 354 public static CRLReason lookup(int value) 355 { 356- Integer idx = new Integer(value); 357+ // BEGIN android-changed 358+ Integer idx = Integer.valueOf(value); 359+ // END android-changed 360 361 if (!table.containsKey(idx)) 362 { 363diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 364--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 2012-03-22 15:11:48.000000000 +0000 365+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 2013-01-23 01:01:51.804747028 +0000 366@@ -96,11 +96,15 @@ 367 } 368 if (onlyContainsUserCerts) 369 { 370- vec.add(new DERTaggedObject(false, 1, new DERBoolean(true))); 371+ // BEGIN android-changed 372+ vec.add(new DERTaggedObject(false, 1, DERBoolean.TRUE)); 373+ // END android-changed 374 } 375 if (onlyContainsCACerts) 376 { 377- vec.add(new DERTaggedObject(false, 2, new DERBoolean(true))); 378+ // BEGIN android-changed 379+ vec.add(new DERTaggedObject(false, 2, DERBoolean.TRUE)); 380+ // END android-changed 381 } 382 if (onlySomeReasons != null) 383 { 384@@ -108,11 +112,15 @@ 385 } 386 if (indirectCRL) 387 { 388- vec.add(new DERTaggedObject(false, 4, new DERBoolean(true))); 389+ // BEGIN android-changed 390+ vec.add(new DERTaggedObject(false, 4, DERBoolean.TRUE)); 391+ // END android-changed 392 } 393 if (onlyContainsAttributeCerts) 394 { 395- vec.add(new DERTaggedObject(false, 5, new DERBoolean(true))); 396+ // BEGIN android-changed 397+ vec.add(new DERTaggedObject(false, 5, DERBoolean.TRUE)); 398+ // END android-changed 399 } 400 401 seq = new DERSequence(vec); 402diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 403--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 2012-03-22 15:11:48.000000000 +0000 404+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 2013-01-23 01:01:51.804747028 +0000 405@@ -6,7 +6,9 @@ 406 import org.bouncycastle.asn1.ASN1TaggedObject; 407 import org.bouncycastle.asn1.DEROctetString; 408 import org.bouncycastle.crypto.Digest; 409-import org.bouncycastle.crypto.digests.SHA1Digest; 410+// BEGIN android-changed 411+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 412+// END android-changed 413 414 /** 415 * The SubjectKeyIdentifier object. 416@@ -119,7 +121,9 @@ 417 418 private static byte[] getDigest(SubjectPublicKeyInfo spki) 419 { 420- Digest digest = new SHA1Digest(); 421+ // BEGIN android-changed 422+ Digest digest = AndroidDigestFactory.getSHA1(); 423+ // END android-changed 424 byte[] resBuf = new byte[digest.getDigestSize()]; 425 426 byte[] bytes = spki.getPublicKeyData().getBytes(); 427diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/X509Extensions.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/X509Extensions.java 428--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/X509Extensions.java 2012-03-22 15:11:48.000000000 +0000 429+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/X509Extensions.java 2013-01-23 01:01:51.784746676 +0000 430@@ -408,7 +408,9 @@ 431 432 if (ext.isCritical()) 433 { 434- v.add(new DERBoolean(true)); 435+ // BEGIN android-changed 436+ v.add(DERBoolean.TRUE); 437+ // END android-changed 438 } 439 440 v.add(ext.getValue()); 441diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/X509Name.java 442--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/X509Name.java 2012-03-22 15:11:48.000000000 +0000 443+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/X509Name.java 2013-01-23 01:01:51.794746852 +0000 444@@ -255,8 +255,10 @@ 445 */ 446 public static final Hashtable SymbolLookUp = DefaultLookUp; 447 448- private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility 449- private static final Boolean FALSE = new Boolean(false); 450+ // BEGIN android-changed 451+ private static final Boolean TRUE = Boolean.TRUE; 452+ private static final Boolean FALSE = Boolean.FALSE; 453+ // END android-changed 454 455 static 456 { 457@@ -445,7 +447,9 @@ 458 throw new IllegalArgumentException("cannot encode value"); 459 } 460 } 461- added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility 462+ // BEGIN android-changed 463+ added.addElement(Boolean.valueOf(i != 0)); 464+ // END android-changed 465 } 466 } 467 } 468@@ -702,7 +706,9 @@ 469 470 if (index == -1) 471 { 472- throw new IllegalArgumentException("badly formated directory string"); 473+ // BEGIN android-changed 474+ throw new IllegalArgumentException("badly formatted directory string"); 475+ // END android-changed 476 } 477 478 String name = token.substring(0, index); 479diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-147/org/bouncycastle/asn1/x509/X509NameTokenizer.java 480--- bcprov-jdk15on-147.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2012-03-22 15:11:48.000000000 +0000 481+++ bcprov-jdk15on-147/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-01-23 01:01:51.784746676 +0000 482@@ -58,6 +58,17 @@ 483 } 484 else 485 { 486+ // BEGIN android-added 487+ // copied from a newer version of BouncyCastle 488+ if (c == '#' && buf.charAt(buf.length() - 1) == '=') 489+ { 490+ buf.append('\\'); 491+ } 492+ else if (c == '+' && seperator != '+') 493+ { 494+ buf.append('\\'); 495+ } 496+ // END android-added 497 buf.append(c); 498 } 499 escaped = false; 500diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/PBEParametersGenerator.java bcprov-jdk15on-147/org/bouncycastle/crypto/PBEParametersGenerator.java 501--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/PBEParametersGenerator.java 2012-03-22 15:11:48.000000000 +0000 502+++ bcprov-jdk15on-147/org/bouncycastle/crypto/PBEParametersGenerator.java 2013-01-23 01:01:51.934749316 +0000 503@@ -136,7 +136,8 @@ 504 public static byte[] PKCS12PasswordToBytes( 505 char[] password) 506 { 507- if (password.length > 0) 508+ // BEGIN android-changed 509+ if (password != null && password.length > 0) 510 { 511 // +1 for extra 2 pad bytes. 512 byte[] bytes = new byte[(password.length + 1) * 2]; 513@@ -153,5 +154,6 @@ 514 { 515 return new byte[0]; 516 } 517+ // END android-changed 518 } 519 } 520diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 521--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000 522+++ bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-01-23 01:01:51.934749316 +0000 523@@ -0,0 +1,78 @@ 524+/* 525+ * Copyright (C) 2012 The Android Open Source Project 526+ * 527+ * Licensed under the Apache License, Version 2.0 (the "License"); 528+ * you may not use this file except in compliance with the License. 529+ * You may obtain a copy of the License at 530+ * 531+ * http://www.apache.org/licenses/LICENSE-2.0 532+ * 533+ * Unless required by applicable law or agreed to in writing, software 534+ * distributed under the License is distributed on an "AS IS" BASIS, 535+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 536+ * See the License for the specific language governing permissions and 537+ * limitations under the License. 538+ */ 539+ 540+package org.bouncycastle.crypto.digests; 541+ 542+import org.bouncycastle.crypto.Digest; 543+ 544+/** 545+ * Level of indirection to let us select OpenSSLDigest implementations 546+ * for libcore but fallback to BouncyCastle ones on the RI. 547+ */ 548+public final class AndroidDigestFactory { 549+ private static final String OpenSSLFactoryClassName 550+ = AndroidDigestFactory.class.getName() + "OpenSSL"; 551+ private static final String BouncyCastleFactoryClassName 552+ = AndroidDigestFactory.class.getName() + "BouncyCastle"; 553+ 554+ private static final AndroidDigestFactoryInterface FACTORY; 555+ static { 556+ Class factoryImplementationClass; 557+ try { 558+ factoryImplementationClass = Class.forName(OpenSSLFactoryClassName); 559+ } catch (ClassNotFoundException e1) { 560+ try { 561+ factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName); 562+ } catch (ClassNotFoundException e2) { 563+ throw new AssertionError("Failed to find AndroidDigestFactoryInterface " 564+ + "implementation. Looked for " 565+ + OpenSSLFactoryClassName + " and " 566+ + BouncyCastleFactoryClassName); 567+ } 568+ } 569+ if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) { 570+ throw new AssertionError(factoryImplementationClass 571+ + "does not implement AndroidDigestFactoryInterface"); 572+ } 573+ try { 574+ FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance(); 575+ } catch (InstantiationException e) { 576+ throw new AssertionError(e); 577+ } catch (IllegalAccessException e) { 578+ throw new AssertionError(e); 579+ } 580+ } 581+ 582+ public static Digest getMD5() { 583+ return FACTORY.getMD5(); 584+ } 585+ 586+ public static Digest getSHA1() { 587+ return FACTORY.getSHA1(); 588+ } 589+ 590+ public static Digest getSHA256() { 591+ return FACTORY.getSHA256(); 592+ } 593+ 594+ public static Digest getSHA384() { 595+ return FACTORY.getSHA384(); 596+ } 597+ 598+ public static Digest getSHA512() { 599+ return FACTORY.getSHA512(); 600+ } 601+} 602diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 603--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000 604+++ bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-01-23 01:01:51.934749316 +0000 605@@ -0,0 +1,37 @@ 606+/* 607+ * Copyright (C) 2012 The Android Open Source Project 608+ * 609+ * Licensed under the Apache License, Version 2.0 (the "License"); 610+ * you may not use this file except in compliance with the License. 611+ * You may obtain a copy of the License at 612+ * 613+ * http://www.apache.org/licenses/LICENSE-2.0 614+ * 615+ * Unless required by applicable law or agreed to in writing, software 616+ * distributed under the License is distributed on an "AS IS" BASIS, 617+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 618+ * See the License for the specific language governing permissions and 619+ * limitations under the License. 620+ */ 621+ 622+package org.bouncycastle.crypto.digests; 623+ 624+import org.bouncycastle.crypto.Digest; 625+ 626+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface { 627+ public Digest getMD5() { 628+ return new MD5Digest(); 629+ } 630+ public Digest getSHA1() { 631+ return new SHA1Digest(); 632+ } 633+ public Digest getSHA256() { 634+ return new SHA256Digest(); 635+ } 636+ public Digest getSHA384() { 637+ return new SHA384Digest(); 638+ } 639+ public Digest getSHA512() { 640+ return new SHA512Digest(); 641+ } 642+} 643diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 644--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000 645+++ bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-01-23 01:01:51.934749316 +0000 646@@ -0,0 +1,27 @@ 647+/* 648+ * Copyright (C) 2012 The Android Open Source Project 649+ * 650+ * Licensed under the Apache License, Version 2.0 (the "License"); 651+ * you may not use this file except in compliance with the License. 652+ * You may obtain a copy of the License at 653+ * 654+ * http://www.apache.org/licenses/LICENSE-2.0 655+ * 656+ * Unless required by applicable law or agreed to in writing, software 657+ * distributed under the License is distributed on an "AS IS" BASIS, 658+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 659+ * See the License for the specific language governing permissions and 660+ * limitations under the License. 661+ */ 662+ 663+package org.bouncycastle.crypto.digests; 664+ 665+import org.bouncycastle.crypto.Digest; 666+ 667+interface AndroidDigestFactoryInterface { 668+ public Digest getMD5(); 669+ public Digest getSHA1(); 670+ public Digest getSHA256(); 671+ public Digest getSHA384(); 672+ public Digest getSHA512(); 673+} 674diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 675--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000 676+++ bcprov-jdk15on-147/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-01-23 01:01:51.934749316 +0000 677@@ -0,0 +1,37 @@ 678+/* 679+ * Copyright (C) 2012 The Android Open Source Project 680+ * 681+ * Licensed under the Apache License, Version 2.0 (the "License"); 682+ * you may not use this file except in compliance with the License. 683+ * You may obtain a copy of the License at 684+ * 685+ * http://www.apache.org/licenses/LICENSE-2.0 686+ * 687+ * Unless required by applicable law or agreed to in writing, software 688+ * distributed under the License is distributed on an "AS IS" BASIS, 689+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 690+ * See the License for the specific language governing permissions and 691+ * limitations under the License. 692+ */ 693+ 694+package org.bouncycastle.crypto.digests; 695+ 696+import org.bouncycastle.crypto.Digest; 697+ 698+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface { 699+ public Digest getMD5() { 700+ return new OpenSSLDigest.MD5(); 701+ } 702+ public Digest getSHA1() { 703+ return new OpenSSLDigest.SHA1(); 704+ } 705+ public Digest getSHA256() { 706+ return new OpenSSLDigest.SHA256(); 707+ } 708+ public Digest getSHA384() { 709+ return new OpenSSLDigest.SHA384(); 710+ } 711+ public Digest getSHA512() { 712+ return new OpenSSLDigest.SHA512(); 713+ } 714+} 715diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-147/org/bouncycastle/crypto/digests/OpenSSLDigest.java 716--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 717+++ bcprov-jdk15on-147/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2013-01-23 01:01:51.934749316 +0000 718@@ -0,0 +1,159 @@ 719+/* 720+ * Copyright (C) 2008 The Android Open Source Project 721+ * 722+ * Licensed under the Apache License, Version 2.0 (the "License"); 723+ * you may not use this file except in compliance with the License. 724+ * You may obtain a copy of the License at 725+ * 726+ * http://www.apache.org/licenses/LICENSE-2.0 727+ * 728+ * Unless required by applicable law or agreed to in writing, software 729+ * distributed under the License is distributed on an "AS IS" BASIS, 730+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 731+ * See the License for the specific language governing permissions and 732+ * limitations under the License. 733+ */ 734+ 735+package org.bouncycastle.crypto.digests; 736+ 737+import org.apache.harmony.xnet.provider.jsse.NativeCrypto; 738+import org.bouncycastle.crypto.ExtendedDigest; 739+ 740+/** 741+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. 742+ */ 743+public class OpenSSLDigest implements ExtendedDigest { 744+ 745+ /** 746+ * Holds the standard name of the hashing algorithm, e.g. "SHA-1"; 747+ */ 748+ private final String algorithm; 749+ 750+ /** 751+ * Holds the EVP_MD for the hashing algorithm, e.g. EVP_get_digestbyname("sha1"); 752+ */ 753+ private final int evp_md; 754+ 755+ /** 756+ * Holds the output size of the message digest. 757+ */ 758+ private final int size; 759+ 760+ /** 761+ * Holds the block size of the message digest. 762+ */ 763+ private final int blockSize; 764+ 765+ /** 766+ * Holds a pointer to the native message digest context. It is 767+ * lazily initialized to avoid having to reallocate on reset when 768+ * its unlikely to be reused. 769+ */ 770+ private int ctx; 771+ 772+ /** 773+ * Holds a dummy buffer for writing single bytes to the digest. 774+ */ 775+ private final byte[] singleByte = new byte[1]; 776+ 777+ /** 778+ * Creates a new OpenSSLMessageDigest instance for the given algorithm 779+ * name. 780+ */ 781+ private OpenSSLDigest(String algorithm, int evp_md, int size, int blockSize) { 782+ this.algorithm = algorithm; 783+ this.evp_md = evp_md; 784+ this.size = size; 785+ this.blockSize = blockSize; 786+ } 787+ 788+ public String getAlgorithmName() { 789+ return algorithm; 790+ } 791+ 792+ public int getDigestSize() { 793+ return size; 794+ } 795+ 796+ public int getByteLength() { 797+ return blockSize; 798+ } 799+ 800+ public void reset() { 801+ free(); 802+ } 803+ 804+ public void update(byte in) { 805+ singleByte[0] = in; 806+ update(singleByte, 0, 1); 807+ } 808+ 809+ public void update(byte[] in, int inOff, int len) { 810+ NativeCrypto.EVP_DigestUpdate(getCtx(), in, inOff, len); 811+ } 812+ 813+ public int doFinal(byte[] out, int outOff) { 814+ int i = NativeCrypto.EVP_DigestFinal(getCtx(), out, outOff); 815+ ctx = 0; // EVP_DigestFinal frees the context as a side effect 816+ reset(); 817+ return i; 818+ } 819+ 820+ private int getCtx() { 821+ if (ctx == 0) { 822+ ctx = NativeCrypto.EVP_DigestInit(evp_md); 823+ } 824+ return ctx; 825+ } 826+ 827+ private void free() { 828+ if (ctx != 0) { 829+ NativeCrypto.EVP_MD_CTX_destroy(ctx); 830+ ctx = 0; 831+ } 832+ } 833+ 834+ @Override 835+ protected void finalize() throws Throwable { 836+ try { 837+ free(); 838+ } finally { 839+ super.finalize(); 840+ } 841+ } 842+ 843+ public static class MD5 extends OpenSSLDigest { 844+ private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("md5"); 845+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 846+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 847+ public MD5() { super("MD5", EVP_MD, SIZE, BLOCK_SIZE); } 848+ } 849+ 850+ public static class SHA1 extends OpenSSLDigest { 851+ private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha1"); 852+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 853+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 854+ public SHA1() { super("SHA-1", EVP_MD, SIZE, BLOCK_SIZE); } 855+ } 856+ 857+ public static class SHA256 extends OpenSSLDigest { 858+ private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha256"); 859+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 860+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 861+ public SHA256() { super("SHA-256", EVP_MD, SIZE, BLOCK_SIZE); } 862+ } 863+ 864+ public static class SHA384 extends OpenSSLDigest { 865+ private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha384"); 866+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 867+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 868+ public SHA384() { super("SHA-384", EVP_MD, SIZE, BLOCK_SIZE); } 869+ } 870+ 871+ public static class SHA512 extends OpenSSLDigest { 872+ private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha512"); 873+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 874+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 875+ public SHA512() { super("SHA-512", EVP_MD, SIZE, BLOCK_SIZE); } 876+ } 877+} 878diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-147/org/bouncycastle/crypto/encodings/OAEPEncoding.java 879--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2012-03-22 15:11:48.000000000 +0000 880+++ bcprov-jdk15on-147/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-01-23 01:01:51.934749316 +0000 881@@ -4,7 +4,9 @@ 882 import org.bouncycastle.crypto.CipherParameters; 883 import org.bouncycastle.crypto.Digest; 884 import org.bouncycastle.crypto.InvalidCipherTextException; 885-import org.bouncycastle.crypto.digests.SHA1Digest; 886+// BEGIN android-changed 887+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 888+// END android-changed 889 import org.bouncycastle.crypto.params.ParametersWithRandom; 890 891 import java.security.SecureRandom; 892@@ -26,7 +28,9 @@ 893 public OAEPEncoding( 894 AsymmetricBlockCipher cipher) 895 { 896- this(cipher, new SHA1Digest(), null); 897+ // BEGIN android-changed 898+ this(cipher, AndroidDigestFactory.getSHA1(), null); 899+ // END android-changed 900 } 901 902 public OAEPEncoding( 903diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-147/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 904--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2012-03-22 15:11:48.000000000 +0000 905+++ bcprov-jdk15on-147/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2013-01-23 01:01:51.934749316 +0000 906@@ -206,6 +206,12 @@ 907 { 908 throw new InvalidCipherTextException("unknown block type"); 909 } 910+ // BEGIN android-added 911+ if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) 912+ { 913+ throw new InvalidCipherTextException("invalid block type " + type); 914+ } 915+ // END android-added 916 917 if (useStrictLength && block.length != engine.getOutputBlockSize()) 918 { 919diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-147/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 920--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2012-03-22 15:11:48.000000000 +0000 921+++ bcprov-jdk15on-147/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2013-01-23 01:01:51.904748788 +0000 922@@ -6,7 +6,9 @@ 923 import org.bouncycastle.crypto.Digest; 924 import org.bouncycastle.crypto.InvalidCipherTextException; 925 import org.bouncycastle.crypto.Wrapper; 926-import org.bouncycastle.crypto.digests.SHA1Digest; 927+// BEGIN android-changed 928+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 929+// END android-changed 930 import org.bouncycastle.crypto.modes.CBCBlockCipher; 931 import org.bouncycastle.crypto.params.KeyParameter; 932 import org.bouncycastle.crypto.params.ParametersWithIV; 933@@ -52,7 +54,9 @@ 934 // 935 // checksum digest 936 // 937- Digest sha1 = new SHA1Digest(); 938+ // BEGIN android-changed 939+ Digest sha1 = AndroidDigestFactory.getSHA1(); 940+ // END android-changed 941 byte[] digest = new byte[20]; 942 943 /** 944diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-147/org/bouncycastle/crypto/generators/DHParametersHelper.java 945--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2012-03-22 15:11:48.000000000 +0000 946+++ bcprov-jdk15on-147/org/bouncycastle/crypto/generators/DHParametersHelper.java 2013-01-23 01:01:51.934749316 +0000 947@@ -3,10 +3,17 @@ 948 import java.math.BigInteger; 949 import java.security.SecureRandom; 950 951+// BEGIN android-added 952+import java.util.logging.Logger; 953+// END android-added 954 import org.bouncycastle.util.BigIntegers; 955 956 class DHParametersHelper 957 { 958+ // BEGIN android-added 959+ private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); 960+ // END android-added 961+ 962 private static final BigInteger ONE = BigInteger.valueOf(1); 963 private static final BigInteger TWO = BigInteger.valueOf(2); 964 965@@ -17,11 +24,19 @@ 966 */ 967 static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) 968 { 969+ // BEGIN android-added 970+ logger.info("Generating safe primes. This may take a long time."); 971+ long start = System.currentTimeMillis(); 972+ int tries = 0; 973+ // END android-added 974 BigInteger p, q; 975 int qLength = size - 1; 976 977 for (;;) 978 { 979+ // BEGIN android-added 980+ tries++; 981+ // END android-added 982 q = new BigInteger(qLength, 2, random); 983 984 // p <- 2q + 1 985@@ -32,6 +47,11 @@ 986 break; 987 } 988 } 989+ // BEGIN android-added 990+ long end = System.currentTimeMillis(); 991+ long duration = end - start; 992+ logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); 993+ // END android-added 994 995 return new BigInteger[] { p, q }; 996 } 997diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-147/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 998--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2012-03-22 15:11:48.000000000 +0000 999+++ bcprov-jdk15on-147/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2013-01-23 01:01:51.934749316 +0000 1000@@ -1,8 +1,9 @@ 1001 package org.bouncycastle.crypto.generators; 1002 1003 import org.bouncycastle.crypto.Digest; 1004-import org.bouncycastle.crypto.digests.SHA1Digest; 1005-import org.bouncycastle.crypto.digests.SHA256Digest; 1006+// BEGIN android-changed 1007+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1008+// END android-changed 1009 import org.bouncycastle.crypto.params.DSAParameters; 1010 import org.bouncycastle.crypto.params.DSAValidationParameters; 1011 import org.bouncycastle.util.Arrays; 1012@@ -75,7 +76,9 @@ 1013 byte[] part1 = new byte[20]; 1014 byte[] part2 = new byte[20]; 1015 byte[] u = new byte[20]; 1016- SHA1Digest sha1 = new SHA1Digest(); 1017+ // BEGIN android-changed 1018+ Digest sha1 = AndroidDigestFactory.getSHA1(); 1019+ // END android-changed 1020 int n = (L - 1) / 160; 1021 byte[] w = new byte[L / 8]; 1022 1023@@ -166,7 +169,9 @@ 1024 { 1025 // A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function 1026 // FIXME This should be configurable (digest size in bits must be >= N) 1027- Digest d = new SHA256Digest(); 1028+ // BEGIN android-changed 1029+ Digest d = AndroidDigestFactory.getSHA256(); 1030+ // END android-changed 1031 int outlen = d.getDigestSize() * 8; 1032 1033 // 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If 1034diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-147/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 1035--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-03-22 15:11:48.000000000 +0000 1036+++ bcprov-jdk15on-147/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2013-01-23 01:01:51.934749316 +0000 1037@@ -3,7 +3,9 @@ 1038 import org.bouncycastle.crypto.CipherParameters; 1039 import org.bouncycastle.crypto.Digest; 1040 import org.bouncycastle.crypto.PBEParametersGenerator; 1041-import org.bouncycastle.crypto.digests.MD5Digest; 1042+// BEGIN android-changed 1043+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1044+// END android-changed 1045 import org.bouncycastle.crypto.params.KeyParameter; 1046 import org.bouncycastle.crypto.params.ParametersWithIV; 1047 1048@@ -17,7 +19,9 @@ 1049 public class OpenSSLPBEParametersGenerator 1050 extends PBEParametersGenerator 1051 { 1052- private Digest digest = new MD5Digest(); 1053+ // BEGIN android-changed 1054+ private Digest digest = AndroidDigestFactory.getMD5(); 1055+ // END android-changed 1056 1057 /** 1058 * Construct a OpenSSL Parameters generator. 1059diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-147/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 1060--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2012-03-22 15:11:48.000000000 +0000 1061+++ bcprov-jdk15on-147/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-01-23 01:01:51.934749316 +0000 1062@@ -4,7 +4,9 @@ 1063 import org.bouncycastle.crypto.Digest; 1064 import org.bouncycastle.crypto.Mac; 1065 import org.bouncycastle.crypto.PBEParametersGenerator; 1066-import org.bouncycastle.crypto.digests.SHA1Digest; 1067+// BEGIN android-changed 1068+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1069+// END android-changed 1070 import org.bouncycastle.crypto.macs.HMac; 1071 import org.bouncycastle.crypto.params.KeyParameter; 1072 import org.bouncycastle.crypto.params.ParametersWithIV; 1073@@ -27,7 +29,9 @@ 1074 */ 1075 public PKCS5S2ParametersGenerator() 1076 { 1077- this(new SHA1Digest()); 1078+ // BEGIN android-changed 1079+ this(AndroidDigestFactory.getSHA1()); 1080+ // END android-changed 1081 } 1082 1083 public PKCS5S2ParametersGenerator(Digest digest) 1084diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-147/org/bouncycastle/crypto/macs/HMac.java 1085--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/macs/HMac.java 2012-03-22 15:11:48.000000000 +0000 1086+++ bcprov-jdk15on-147/org/bouncycastle/crypto/macs/HMac.java 2013-01-23 01:01:51.934749316 +0000 1087@@ -32,23 +32,31 @@ 1088 { 1089 blockLengths = new Hashtable(); 1090 1091- blockLengths.put("GOST3411", new Integer(32)); 1092+ // BEGIN android-removed 1093+ // blockLengths.put("GOST3411", Integer.valueOf(32)); 1094+ // 1095+ // blockLengths.put("MD2", Integer.valueOf(16)); 1096+ // blockLengths.put("MD4", Integer.valueOf(64)); 1097+ // END android-removed 1098+ blockLengths.put("MD5", Integer.valueOf(64)); 1099 1100- blockLengths.put("MD2", new Integer(16)); 1101- blockLengths.put("MD4", new Integer(64)); 1102- blockLengths.put("MD5", new Integer(64)); 1103+ // BEGIN android-removed 1104+ // blockLengths.put("RIPEMD128", Integer.valueOf(64)); 1105+ // blockLengths.put("RIPEMD160", Integer.valueOf(64)); 1106+ // END android-removed 1107 1108- blockLengths.put("RIPEMD128", new Integer(64)); 1109- blockLengths.put("RIPEMD160", new Integer(64)); 1110+ blockLengths.put("SHA-1", Integer.valueOf(64)); 1111+ // BEGIN android-removed 1112+ // blockLengths.put("SHA-224", Integer.valueOf(64)); 1113+ // END android-removed 1114+ blockLengths.put("SHA-256", Integer.valueOf(64)); 1115+ blockLengths.put("SHA-384", Integer.valueOf(128)); 1116+ blockLengths.put("SHA-512", Integer.valueOf(128)); 1117 1118- blockLengths.put("SHA-1", new Integer(64)); 1119- blockLengths.put("SHA-224", new Integer(64)); 1120- blockLengths.put("SHA-256", new Integer(64)); 1121- blockLengths.put("SHA-384", new Integer(128)); 1122- blockLengths.put("SHA-512", new Integer(128)); 1123- 1124- blockLengths.put("Tiger", new Integer(64)); 1125- blockLengths.put("Whirlpool", new Integer(64)); 1126+ // BEGIN android-removed 1127+ // blockLengths.put("Tiger", Integer.valueOf(64)); 1128+ // blockLengths.put("Whirlpool", Integer.valueOf(64)); 1129+ // END android-removed 1130 } 1131 1132 private static int getByteLength( 1133diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-147/org/bouncycastle/crypto/signers/RSADigestSigner.java 1134--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2012-03-22 15:11:48.000000000 +0000 1135+++ bcprov-jdk15on-147/org/bouncycastle/crypto/signers/RSADigestSigner.java 2013-01-23 01:01:51.934749316 +0000 1136@@ -39,18 +39,24 @@ 1137 */ 1138 static 1139 { 1140- oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1141- oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1142- oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1143+ // BEGIN android-removed 1144+ // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1145+ // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1146+ // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1147+ // END android-removed 1148 1149 oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); 1150- oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 1151+ // BEGIN android-removed 1152+ // oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 1153+ // END android-removed 1154 oidMap.put("SHA-256", NISTObjectIdentifiers.id_sha256); 1155 oidMap.put("SHA-384", NISTObjectIdentifiers.id_sha384); 1156 oidMap.put("SHA-512", NISTObjectIdentifiers.id_sha512); 1157 1158- oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1159- oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1160+ // BEGIN android-removed 1161+ // oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1162+ // oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1163+ // END android-removed 1164 oidMap.put("MD5", PKCSObjectIdentifiers.md5); 1165 } 1166 1167diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-147/org/bouncycastle/crypto/util/PrivateKeyFactory.java 1168--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2012-03-22 15:11:48.000000000 +0000 1169+++ bcprov-jdk15on-147/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2013-01-23 01:01:51.944749492 +0000 1170@@ -11,7 +11,9 @@ 1171 import org.bouncycastle.asn1.ASN1Sequence; 1172 import org.bouncycastle.asn1.DERInteger; 1173 import org.bouncycastle.asn1.nist.NISTNamedCurves; 1174-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1175+// BEGIN android-removed 1176+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1177+// END android-removed 1178 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1179 import org.bouncycastle.asn1.pkcs.DHParameter; 1180 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1181@@ -19,7 +21,9 @@ 1182 import org.bouncycastle.asn1.pkcs.RSAPrivateKey; 1183 import org.bouncycastle.asn1.sec.ECPrivateKey; 1184 import org.bouncycastle.asn1.sec.SECNamedCurves; 1185-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1186+// BEGIN android-removed 1187+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1188+// END android-removed 1189 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 1190 import org.bouncycastle.asn1.x509.DSAParameter; 1191 import org.bouncycastle.asn1.x9.X962NamedCurves; 1192@@ -33,8 +37,10 @@ 1193 import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; 1194 import org.bouncycastle.crypto.params.ECDomainParameters; 1195 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 1196-import org.bouncycastle.crypto.params.ElGamalParameters; 1197-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1198+// BEGIN android-removed 1199+// import org.bouncycastle.crypto.params.ElGamalParameters; 1200+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1201+// END android-removed 1202 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; 1203 1204 /** 1205@@ -100,14 +106,16 @@ 1206 1207 return new DHPrivateKeyParameters(derX.getValue(), dhParams); 1208 } 1209- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1210- { 1211- ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1212- DERInteger derX = (DERInteger)keyInfo.parsePrivateKey(); 1213- 1214- return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1215- params.getP(), params.getG())); 1216- } 1217+ // BEGIN android-removed 1218+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1219+ // { 1220+ // ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1221+ // DERInteger derX = (DERInteger)keyInfo.parsePrivateKey(); 1222+ // 1223+ // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1224+ // params.getP(), params.getG())); 1225+ // } 1226+ // END android-removed 1227 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) 1228 { 1229 DERInteger derX = (DERInteger)keyInfo.parsePrivateKey(); 1230@@ -140,10 +148,12 @@ 1231 { 1232 x9 = NISTNamedCurves.getByOID(oid); 1233 1234- if (x9 == null) 1235- { 1236- x9 = TeleTrusTNamedCurves.getByOID(oid); 1237- } 1238+ // BEGIN android-removed 1239+ // if (x9 == null) 1240+ // { 1241+ // x9 = TeleTrusTNamedCurves.getByOID(oid); 1242+ // } 1243+ // END android-removed 1244 } 1245 } 1246 } 1247diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-147/org/bouncycastle/crypto/util/PublicKeyFactory.java 1248--- bcprov-jdk15on-147.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2012-03-22 15:11:48.000000000 +0000 1249+++ bcprov-jdk15on-147/org/bouncycastle/crypto/util/PublicKeyFactory.java 2013-01-23 01:01:51.944749492 +0000 1250@@ -13,13 +13,17 @@ 1251 import org.bouncycastle.asn1.DERInteger; 1252 import org.bouncycastle.asn1.DEROctetString; 1253 import org.bouncycastle.asn1.nist.NISTNamedCurves; 1254-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1255+// BEGIN android-removed 1256+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1257+// END android-removed 1258 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1259 import org.bouncycastle.asn1.pkcs.DHParameter; 1260 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1261 import org.bouncycastle.asn1.pkcs.RSAPublicKey; 1262 import org.bouncycastle.asn1.sec.SECNamedCurves; 1263-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1264+// BEGIN android-removed 1265+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1266+// END android-removed 1267 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 1268 import org.bouncycastle.asn1.x509.DSAParameter; 1269 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 1270@@ -40,8 +44,10 @@ 1271 import org.bouncycastle.crypto.params.DSAPublicKeyParameters; 1272 import org.bouncycastle.crypto.params.ECDomainParameters; 1273 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 1274-import org.bouncycastle.crypto.params.ElGamalParameters; 1275-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1276+// BEGIN android-removed 1277+// import org.bouncycastle.crypto.params.ElGamalParameters; 1278+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1279+// END android-removed 1280 import org.bouncycastle.crypto.params.RSAKeyParameters; 1281 1282 /** 1283@@ -135,14 +141,16 @@ 1284 1285 return new DHPublicKeyParameters(derY.getValue(), dhParams); 1286 } 1287- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1288- { 1289- ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1290- DERInteger derY = (DERInteger)keyInfo.parsePublicKey(); 1291- 1292- return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1293- params.getP(), params.getG())); 1294- } 1295+ // BEGIN android-removed 1296+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1297+ // { 1298+ // ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1299+ // DERInteger derY = (DERInteger)keyInfo.parsePublicKey(); 1300+ // 1301+ // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1302+ // params.getP(), params.getG())); 1303+ // } 1304+ // END android-removed 1305 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) 1306 || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) 1307 { 1308@@ -177,10 +185,12 @@ 1309 { 1310 x9 = NISTNamedCurves.getByOID(oid); 1311 1312- if (x9 == null) 1313- { 1314- x9 = TeleTrusTNamedCurves.getByOID(oid); 1315- } 1316+ // BEGIN android-removed 1317+ // if (x9 == null) 1318+ // { 1319+ // x9 = TeleTrusTNamedCurves.getByOID(oid); 1320+ // } 1321+ // END android-removed 1322 } 1323 } 1324 } 1325diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 1326--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2012-03-22 15:11:48.000000000 +0000 1327+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2013-01-23 01:01:51.724745620 +0000 1328@@ -27,26 +27,34 @@ 1329 provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); 1330 provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); 1331 1332- provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); 1333+ // BEGIN android-changed 1334+ provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); 1335+ // END android-changed 1336 provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); 1337 1338 provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); 1339 1340- addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1341- addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1342- addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1343- addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1344- 1345- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); 1346- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); 1347- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); 1348- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); 1349- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); 1350- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); 1351- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); 1352- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); 1353- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); 1354- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1355+ // BEGIN android-removed 1356+ // addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1357+ // addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1358+ // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1359+ // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1360+ // END android-removed 1361+ 1362+ // BEGIN android-added 1363+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); 1364+ // END android-added 1365+ // BEGIN android-changed 1366+ provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); 1367+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); 1368+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); 1369+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); 1370+ provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); 1371+ provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); 1372+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); 1373+ provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); 1374+ provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); 1375+ // END android-changed 1376 1377 AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); 1378 1379diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/EC.java 1380--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2012-03-22 15:11:48.000000000 +0000 1381+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2013-01-23 01:01:51.674744740 +0000 1382@@ -1,7 +1,9 @@ 1383 package org.bouncycastle.jcajce.provider.asymmetric; 1384 1385-import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1386-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1387+// BEGIN android-removed 1388+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1389+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1390+// END android-removed 1391 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 1392 import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; 1393 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1394@@ -21,33 +23,43 @@ 1395 public void configure(ConfigurableProvider provider) 1396 { 1397 provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); 1398- provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1399- provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1400- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1401- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1402+ // BEGIN android-removed 1403+ // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1404+ // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1405+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1406+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1407+ // END android-removed 1408 1409 registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); 1410 // TODO Should this be an alias for ECDH? 1411 registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); 1412- registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1413- 1414- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1415- // TODO Should this be an alias for ECDH? 1416- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1417- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1418+ // BEGIN android-removed 1419+ // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1420+ // END android-removed 1421+ 1422+ // BEGIN android-removed 1423+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1424+ // // TODO Should this be an alias for ECDH? 1425+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1426+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1427+ // END android-removed 1428 1429 provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); 1430- provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1431- provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1432- provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1433- provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1434+ // BEGIN android-removed 1435+ // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1436+ // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1437+ // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1438+ // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1439+ // END android-removed 1440 1441 provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); 1442- provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1443- provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1444- provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1445- provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1446- provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1447+ // BEGIN android-removed 1448+ // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1449+ // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1450+ // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1451+ // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1452+ // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1453+ // END android-removed 1454 1455 provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); 1456 provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); 1457@@ -59,23 +71,29 @@ 1458 provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); 1459 provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); 1460 provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); 1461- provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1462- 1463- addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1464+ // BEGIN android-removed 1465+ // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1466+ // END android-removed 1467+ 1468+ // BEGIN android-removed 1469+ // addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1470+ // END android-removed 1471 addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); 1472 addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); 1473 addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); 1474- addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1475- 1476- provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1477- provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1478- provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1479- provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1480- provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1481- 1482- addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1483- addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1484- addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1485+ // BEGIN android-removed 1486+ // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1487+ // 1488+ // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1489+ // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1490+ // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1491+ // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1492+ // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1493+ // 1494+ // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1495+ // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1496+ // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1497+ // END android-removed 1498 } 1499 } 1500 } 1501diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 1502--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2012-03-22 15:11:48.000000000 +0000 1503+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2013-01-23 01:01:51.674744740 +0000 1504@@ -3,7 +3,9 @@ 1505 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1506 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1507 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1508-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1509+// BEGIN android-removed 1510+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1511+// END android-removed 1512 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 1513 import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; 1514 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1515@@ -24,41 +26,49 @@ 1516 public void configure(ConfigurableProvider provider) 1517 { 1518 provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); 1519- provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1520- 1521- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1522- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1523- 1524- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1525- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1526- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1527- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1528- 1529- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1530- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1531- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1532- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1533- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1534- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1535- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1536- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1537+ // BEGIN android-removed 1538+ // provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1539+ // 1540+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1541+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1542+ // 1543+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1544+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1545+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1546+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1547+ // 1548+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1549+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1550+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1551+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1552+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1553+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1554+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1555+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1556+ // END android-removed 1557 1558 provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); 1559- provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding"); 1560- provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1561- provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1562- provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1563- provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1564- provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1565- provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1566- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1567- provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1568+ // BEGIN android-changed 1569+ provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); 1570+ // END android-changed 1571+ // BEGIN android-removed 1572+ // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1573+ // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1574+ // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1575+ // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1576+ // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1577+ // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1578+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1579+ // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1580+ // END android-removed 1581 1582 provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); 1583 provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); 1584- provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1585- provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1586- provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1587+ // BEGIN android-removed 1588+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1589+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1590+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1591+ // END android-removed 1592 1593 provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); 1594 provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); 1595@@ -68,101 +78,117 @@ 1596 registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); 1597 registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); 1598 registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); 1599- registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1600- 1601- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1602- registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1603- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1604- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1605- 1606- 1607- provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1608- provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1609- provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1610- 1611- provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1612- provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1613- provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1614- provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1615- 1616- provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1617- provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1618- 1619- provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1620- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1621- provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1622- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1623- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1624- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1625- provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1626- 1627- 1628- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1629- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1630- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1631- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1632- provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHRSAANDMGF1", "SHA224withRSA/PSS"); 1633- provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHRSAANDMGF1", "SHA256withRSA/PSS"); 1634- provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHRSAANDMGF1", "SHA384withRSA/PSS"); 1635- provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHRSAANDMGF1", "SHA512withRSA/PSS"); 1636- 1637- if (provider.hasAlgorithm("MessageDigest", "MD2")) 1638- { 1639- addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1640- } 1641- 1642- if (provider.hasAlgorithm("MessageDigest", "MD2")) 1643- { 1644- addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1645- } 1646- 1647- if (provider.hasAlgorithm("MessageDigest", "MD2")) 1648+ // BEGIN android-removed 1649+ // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1650+ // 1651+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1652+ // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1653+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1654+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1655+ // 1656+ // 1657+ // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1658+ // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1659+ // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1660+ // 1661+ // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1662+ // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1663+ // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1664+ // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1665+ // 1666+ // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1667+ // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1668+ // 1669+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1670+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1671+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1672+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1673+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1674+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1675+ // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1676+ // 1677+ // 1678+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1679+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1680+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1681+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1682+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHRSAANDMGF1", "SHA224withRSA/PSS"); 1683+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHRSAANDMGF1", "SHA256withRSA/PSS"); 1684+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHRSAANDMGF1", "SHA384withRSA/PSS"); 1685+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHRSAANDMGF1", "SHA512withRSA/PSS"); 1686+ // 1687+ // if (provider.hasAlgorithm("MessageDigest", "MD2")) 1688+ // { 1689+ // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1690+ // } 1691+ // 1692+ // // BEGIN android-changed 1693+ // if (provider.hasAlgorithm("MessageDigest", "MD4")) 1694+ // // END android-changed 1695+ // { 1696+ // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1697+ // } 1698+ // END android-removed 1699+ 1700+ // BEGIN android-changed 1701+ if (provider.hasAlgorithm("MessageDigest", "MD5")) 1702+ // END android-changed 1703 { 1704 addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); 1705- provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1706- provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1707+ // BEGIN android-removed 1708+ // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1709+ // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1710+ // END android-removed 1711 } 1712 1713 if (provider.hasAlgorithm("MessageDigest", "SHA1")) 1714 { 1715- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1716- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1717- provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1718- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1719- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1720+ // BEGIN android-removed 1721+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1722+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1723+ // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1724+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1725+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1726+ // END android-removed 1727 1728 addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); 1729 1730- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1731- provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1732+ // BEGIN android-removed 1733+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1734+ // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1735+ // END android-removed 1736 provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1737 provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1738 } 1739 1740- addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); 1741+ // BEGIN android-removed 1742+ // addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); 1743+ // END android-removed 1744 addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption); 1745 addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); 1746 addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); 1747 1748- if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1749- { 1750- addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1751- addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1752- } 1753- 1754- if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1755- { 1756- addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1757- addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1758- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1759- provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1760- } 1761- 1762- if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1763- { 1764- addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1765- addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1766- } 1767+ // BEGIN android-removed 1768+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1769+ // { 1770+ // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1771+ // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1772+ // } 1773+ // 1774+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1775+ // { 1776+ // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1777+ // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1778+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1779+ // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1780+ // } 1781+ // 1782+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1783+ // { 1784+ // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1785+ // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1786+ // } 1787+ // END android-removed 1788 } 1789 1790 private void addDigestSignature( 1791diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/X509.java 1792--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-03-22 15:11:48.000000000 +0000 1793+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2013-01-23 01:01:51.724745620 +0000 1794@@ -18,8 +18,10 @@ 1795 1796 public void configure(ConfigurableProvider provider) 1797 { 1798- provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1799- provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1800+ // BEGIN android-removed 1801+ // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1802+ // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1803+ // END android-removed 1804 1805 // 1806 // certificate factories. 1807diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java 1808--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java 2012-03-22 15:11:48.000000000 +0000 1809+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java 2013-01-23 01:01:51.714745444 +0000 1810@@ -35,10 +35,12 @@ 1811 1812 static 1813 { 1814- Integer i64 = new Integer(64); 1815- Integer i192 = new Integer(192); 1816- Integer i128 = new Integer(128); 1817- Integer i256 = new Integer(256); 1818+ // BEGIN android-changed 1819+ Integer i64 = Integer.valueOf(64); 1820+ Integer i192 = Integer.valueOf(192); 1821+ Integer i128 = Integer.valueOf(128); 1822+ Integer i256 = Integer.valueOf(256); 1823+ // END android-changed 1824 1825 algorithms.put("DES", i64); 1826 algorithms.put("DESEDE", i192); 1827diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java 1828--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java 2012-03-22 15:11:48.000000000 +0000 1829+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java 2013-01-23 01:01:51.704745268 +0000 1830@@ -63,7 +63,9 @@ 1831 { 1832 if (!initialised) 1833 { 1834- Integer paramStrength = new Integer(strength); 1835+ // BEGIN android-changed 1836+ Integer paramStrength = Integer.valueOf(strength); 1837+ // END android-changed 1838 1839 if (params.containsKey(paramStrength)) 1840 { 1841diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 1842--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2012-03-22 15:11:48.000000000 +0000 1843+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-01-23 01:01:51.724745620 +0000 1844@@ -23,11 +23,16 @@ 1845 import org.bouncycastle.crypto.DSA; 1846 import org.bouncycastle.crypto.Digest; 1847 import org.bouncycastle.crypto.digests.NullDigest; 1848-import org.bouncycastle.crypto.digests.SHA1Digest; 1849-import org.bouncycastle.crypto.digests.SHA224Digest; 1850-import org.bouncycastle.crypto.digests.SHA256Digest; 1851-import org.bouncycastle.crypto.digests.SHA384Digest; 1852-import org.bouncycastle.crypto.digests.SHA512Digest; 1853+// BEGIN android-added 1854+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1855+// END android-added 1856+// BEGIN android-removed 1857+// import org.bouncycastle.crypto.digests.SHA1Digest; 1858+// import org.bouncycastle.crypto.digests.SHA224Digest; 1859+// import org.bouncycastle.crypto.digests.SHA256Digest; 1860+// import org.bouncycastle.crypto.digests.SHA384Digest; 1861+// import org.bouncycastle.crypto.digests.SHA512Digest; 1862+// END android-removed 1863 import org.bouncycastle.crypto.params.ParametersWithRandom; 1864 1865 public class DSASigner 1866@@ -228,45 +233,49 @@ 1867 { 1868 public stdDSA() 1869 { 1870- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1871+ // BEGIN android-changed 1872+ super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); 1873+ // END android-changed 1874 } 1875 } 1876 1877- static public class dsa224 1878- extends DSASigner 1879- { 1880- public dsa224() 1881- { 1882- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1883- } 1884- } 1885- 1886- static public class dsa256 1887- extends DSASigner 1888- { 1889- public dsa256() 1890- { 1891- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1892- } 1893- } 1894- 1895- static public class dsa384 1896- extends DSASigner 1897- { 1898- public dsa384() 1899- { 1900- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1901- } 1902- } 1903- 1904- static public class dsa512 1905- extends DSASigner 1906- { 1907- public dsa512() 1908- { 1909- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1910- } 1911- } 1912+ // BEGIN android-removed 1913+ // static public class dsa224 1914+ // extends DSASigner 1915+ // { 1916+ // public dsa224() 1917+ // { 1918+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1919+ // } 1920+ // } 1921+ // 1922+ // static public class dsa256 1923+ // extends DSASigner 1924+ // { 1925+ // public dsa256() 1926+ // { 1927+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1928+ // } 1929+ // } 1930+ // 1931+ // static public class dsa384 1932+ // extends DSASigner 1933+ // { 1934+ // public dsa384() 1935+ // { 1936+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1937+ // } 1938+ // } 1939+ // 1940+ // static public class dsa512 1941+ // extends DSASigner 1942+ // { 1943+ // public dsa512() 1944+ // { 1945+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1946+ // } 1947+ // } 1948+ // END android-removed 1949 1950 static public class noneDSA 1951 extends DSASigner 1952diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java 1953--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java 2012-03-22 15:11:48.000000000 +0000 1954+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java 2013-01-23 01:01:51.704745268 +0000 1955@@ -19,8 +19,10 @@ 1956 import org.bouncycastle.asn1.DERInteger; 1957 import org.bouncycastle.asn1.DERNull; 1958 import org.bouncycastle.asn1.DERObjectIdentifier; 1959-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 1960-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 1961+// BEGIN android-removed 1962+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 1963+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 1964+// END android-removed 1965 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 1966 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 1967 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 1968@@ -222,21 +224,23 @@ 1969 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 1970 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 1971 1972- if (ecP == null) // GOST Curve 1973- { 1974- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 1975- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 1976- 1977- ecSpec = new ECNamedCurveSpec( 1978- ECGOST3410NamedCurves.getName(oid), 1979- ellipticCurve, 1980- new ECPoint( 1981- gParam.getG().getX().toBigInteger(), 1982- gParam.getG().getY().toBigInteger()), 1983- gParam.getN(), 1984- gParam.getH()); 1985- } 1986- else 1987+ // BEGIN android-removed 1988+ // if (ecP == null) // GOST Curve 1989+ // { 1990+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 1991+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 1992+ // 1993+ // ecSpec = new ECNamedCurveSpec( 1994+ // ECGOST3410NamedCurves.getName(oid), 1995+ // ellipticCurve, 1996+ // new ECPoint( 1997+ // gParam.getG().getX().toBigInteger(), 1998+ // gParam.getG().getY().toBigInteger()), 1999+ // gParam.getN(), 2000+ // gParam.getH()); 2001+ // } 2002+ // else 2003+ // END android-removed 2004 { 2005 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 2006 2007@@ -350,11 +354,13 @@ 2008 2009 try 2010 { 2011- if (algorithm.equals("ECGOST3410")) 2012- { 2013- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 2014- } 2015- else 2016+ // BEGIN android-removed 2017+ // if (algorithm.equals("ECGOST3410")) 2018+ // { 2019+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 2020+ // } 2021+ // else 2022+ // END android-removed 2023 { 2024 2025 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 2026diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java 2027--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java 2012-03-22 15:11:48.000000000 +0000 2028+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java 2013-01-23 01:01:51.704745268 +0000 2029@@ -5,10 +5,14 @@ 2030 import java.security.PublicKey; 2031 2032 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 2033-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 2034+// BEGIN android-removed 2035+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 2036+// END android-removed 2037 import org.bouncycastle.asn1.nist.NISTNamedCurves; 2038 import org.bouncycastle.asn1.sec.SECNamedCurves; 2039-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 2040+// BEGIN android-removed 2041+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 2042+// END android-removed 2043 import org.bouncycastle.asn1.x9.X962NamedCurves; 2044 import org.bouncycastle.asn1.x9.X9ECParameters; 2045 import org.bouncycastle.crypto.params.AsymmetricKeyParameter; 2046@@ -166,14 +170,16 @@ 2047 { 2048 oid = NISTNamedCurves.getOID(name); 2049 } 2050- if (oid == null) 2051- { 2052- oid = TeleTrusTNamedCurves.getOID(name); 2053- } 2054- if (oid == null) 2055- { 2056- oid = ECGOST3410NamedCurves.getOID(name); 2057- } 2058+ // BEGIN android-removed 2059+ // if (oid == null) 2060+ // { 2061+ // oid = TeleTrusTNamedCurves.getOID(name); 2062+ // } 2063+ // if (oid == null) 2064+ // { 2065+ // oid = ECGOST3410NamedCurves.getOID(name); 2066+ // } 2067+ // END android-removed 2068 } 2069 2070 return oid; 2071@@ -191,10 +197,12 @@ 2072 { 2073 params = NISTNamedCurves.getByOID(oid); 2074 } 2075- if (params == null) 2076- { 2077- params = TeleTrusTNamedCurves.getByOID(oid); 2078- } 2079+ // BEGIN android-removed 2080+ // if (params == null) 2081+ // { 2082+ // params = TeleTrusTNamedCurves.getByOID(oid); 2083+ // } 2084+ // END android-removed 2085 } 2086 2087 return params; 2088@@ -212,14 +220,16 @@ 2089 { 2090 name = NISTNamedCurves.getName(oid); 2091 } 2092- if (name == null) 2093- { 2094- name = TeleTrusTNamedCurves.getName(oid); 2095- } 2096- if (name == null) 2097- { 2098- name = ECGOST3410NamedCurves.getName(oid); 2099- } 2100+ // BEGIN android-removed 2101+ // if (name == null) 2102+ // { 2103+ // name = TeleTrusTNamedCurves.getName(oid); 2104+ // } 2105+ // if (name == null) 2106+ // { 2107+ // name = ECGOST3410NamedCurves.getName(oid); 2108+ // } 2109+ // END android-removed 2110 } 2111 2112 return name; 2113diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2114--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2012-03-22 15:11:48.000000000 +0000 2115+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2013-01-23 01:01:51.704745268 +0000 2116@@ -23,20 +23,26 @@ 2117 import org.bouncycastle.crypto.CipherParameters; 2118 import org.bouncycastle.crypto.DerivationFunction; 2119 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; 2120-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2121-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2122-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2123-import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2124+// BEGIN android-removed 2125+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2126+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2127+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2128+// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2129+// END android-removed 2130 import org.bouncycastle.crypto.digests.SHA1Digest; 2131 import org.bouncycastle.crypto.params.ECDomainParameters; 2132 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 2133 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 2134-import org.bouncycastle.crypto.params.MQVPrivateParameters; 2135-import org.bouncycastle.crypto.params.MQVPublicParameters; 2136+// BEGIN android-removed 2137+// import org.bouncycastle.crypto.params.MQVPrivateParameters; 2138+// import org.bouncycastle.crypto.params.MQVPublicParameters; 2139+// END android-removed 2140 import org.bouncycastle.jce.interfaces.ECPrivateKey; 2141 import org.bouncycastle.jce.interfaces.ECPublicKey; 2142-import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2143-import org.bouncycastle.jce.interfaces.MQVPublicKey; 2144+// BEGIN android-removed 2145+// import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2146+// import org.bouncycastle.jce.interfaces.MQVPublicKey; 2147+// END android-removed 2148 2149 /** 2150 * Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363 2151@@ -52,9 +58,11 @@ 2152 2153 static 2154 { 2155- Integer i128 = new Integer(128); 2156- Integer i192 = new Integer(192); 2157- Integer i256 = new Integer(256); 2158+ // BEGIN android-changed 2159+ Integer i128 = Integer.valueOf(128); 2160+ Integer i192 = Integer.valueOf(192); 2161+ Integer i256 = Integer.valueOf(256); 2162+ // END android-changed 2163 2164 algorithms.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), i128); 2165 algorithms.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), i192); 2166@@ -69,7 +77,9 @@ 2167 private BigInteger result; 2168 private ECDomainParameters parameters; 2169 private BasicAgreement agreement; 2170- private DerivationFunction kdf; 2171+ // BEGIN android-removed 2172+ // private DerivationFunction kdf; 2173+ // END android-removed 2174 2175 private byte[] bigIntToBytes( 2176 BigInteger r) 2177@@ -84,7 +94,9 @@ 2178 { 2179 this.kaAlgorithm = kaAlgorithm; 2180 this.agreement = agreement; 2181- this.kdf = kdf; 2182+ // BEGIN android-removed 2183+ // this.kdf = kdf; 2184+ // END android-removed 2185 } 2186 2187 protected Key engineDoPhase( 2188@@ -103,25 +115,27 @@ 2189 } 2190 2191 CipherParameters pubKey; 2192- if (agreement instanceof ECMQVBasicAgreement) 2193- { 2194- if (!(key instanceof MQVPublicKey)) 2195- { 2196- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2197- + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2198- } 2199- 2200- MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2201- ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2202- ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2203- ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2204- ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2205- 2206- pubKey = new MQVPublicParameters(staticKey, ephemKey); 2207- 2208- // TODO Validate that all the keys are using the same parameters? 2209- } 2210- else 2211+ // BEGIN android-removed 2212+ // if (agreement instanceof ECMQVBasicAgreement) 2213+ // { 2214+ // if (!(key instanceof MQVPublicKey)) 2215+ // { 2216+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2217+ // + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2218+ // } 2219+ // 2220+ // MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2221+ // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2222+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2223+ // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2224+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2225+ // 2226+ // pubKey = new MQVPublicParameters(staticKey, ephemKey); 2227+ // 2228+ // // TODO Validate that all the keys are using the same parameters? 2229+ // } 2230+ // else 2231+ // END android-removed 2232 { 2233 if (!(key instanceof ECPublicKey)) 2234 { 2235@@ -142,11 +156,13 @@ 2236 protected byte[] engineGenerateSecret() 2237 throws IllegalStateException 2238 { 2239- if (kdf != null) 2240- { 2241- throw new UnsupportedOperationException( 2242- "KDF can only be used when algorithm is known"); 2243- } 2244+ // BEGIN android-removed 2245+ // if (kdf != null) 2246+ // { 2247+ // throw new UnsupportedOperationException( 2248+ // "KDF can only be used when algorithm is known"); 2249+ // } 2250+ // END android-removed 2251 2252 return bigIntToBytes(result); 2253 } 2254@@ -174,23 +190,25 @@ 2255 { 2256 byte[] secret = bigIntToBytes(result); 2257 2258- if (kdf != null) 2259- { 2260- if (!algorithms.containsKey(algorithm)) 2261- { 2262- throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2263- } 2264- 2265- int keySize = ((Integer)algorithms.get(algorithm)).intValue(); 2266- 2267- DHKDFParameters params = new DHKDFParameters(new DERObjectIdentifier(algorithm), keySize, secret); 2268- 2269- byte[] keyBytes = new byte[keySize / 8]; 2270- kdf.init(params); 2271- kdf.generateBytes(keyBytes, 0, keyBytes.length); 2272- secret = keyBytes; 2273- } 2274- else 2275+ // BEGIN android-removed 2276+ // if (kdf != null) 2277+ // { 2278+ // if (!algorithms.containsKey(algorithm)) 2279+ // { 2280+ // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2281+ // } 2282+ // 2283+ // int keySize = ((Integer)algorithms.get(algorithm)).intValue(); 2284+ // 2285+ // DHKDFParameters params = new DHKDFParameters(new DERObjectIdentifier(algorithm), keySize, secret); 2286+ // 2287+ // byte[] keyBytes = new byte[keySize / 8]; 2288+ // kdf.init(params); 2289+ // kdf.generateBytes(keyBytes, 0, keyBytes.length); 2290+ // secret = keyBytes; 2291+ // } 2292+ // else 2293+ // END android-removed 2294 { 2295 // TODO Should we be ensuring the key is the right length? 2296 } 2297@@ -218,35 +236,37 @@ 2298 private void initFromKey(Key key) 2299 throws InvalidKeyException 2300 { 2301- if (agreement instanceof ECMQVBasicAgreement) 2302- { 2303- if (!(key instanceof MQVPrivateKey)) 2304- { 2305- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2306- + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2307- } 2308- 2309- MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2310- ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2311- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2312- ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2313- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2314- 2315- ECPublicKeyParameters ephemPubKey = null; 2316- if (mqvPrivKey.getEphemeralPublicKey() != null) 2317- { 2318- ephemPubKey = (ECPublicKeyParameters) 2319- ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2320- } 2321- 2322- MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2323- this.parameters = staticPrivKey.getParameters(); 2324- 2325- // TODO Validate that all the keys are using the same parameters? 2326- 2327- agreement.init(localParams); 2328- } 2329- else 2330+ // BEGIN android-removed 2331+ // if (agreement instanceof ECMQVBasicAgreement) 2332+ // { 2333+ // if (!(key instanceof MQVPrivateKey)) 2334+ // { 2335+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2336+ // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2337+ // } 2338+ // 2339+ // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2340+ // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2341+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2342+ // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2343+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2344+ // 2345+ // ECPublicKeyParameters ephemPubKey = null; 2346+ // if (mqvPrivKey.getEphemeralPublicKey() != null) 2347+ // { 2348+ // ephemPubKey = (ECPublicKeyParameters) 2349+ // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2350+ // } 2351+ // 2352+ // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2353+ // this.parameters = staticPrivKey.getParameters(); 2354+ // 2355+ // // TODO Validate that all the keys are using the same parameters? 2356+ // 2357+ // agreement.init(localParams); 2358+ // } 2359+ // else 2360+ // END android-removed 2361 { 2362 if (!(key instanceof ECPrivateKey)) 2363 { 2364@@ -277,39 +297,41 @@ 2365 } 2366 } 2367 2368- public static class DHC 2369- extends KeyAgreementSpi 2370- { 2371- public DHC() 2372- { 2373- super("ECDHC", new ECDHCBasicAgreement(), null); 2374- } 2375- } 2376- 2377- public static class MQV 2378- extends KeyAgreementSpi 2379- { 2380- public MQV() 2381- { 2382- super("ECMQV", new ECMQVBasicAgreement(), null); 2383- } 2384- } 2385- 2386- public static class DHwithSHA1KDF 2387- extends KeyAgreementSpi 2388- { 2389- public DHwithSHA1KDF() 2390- { 2391- super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2392- } 2393- } 2394- 2395- public static class MQVwithSHA1KDF 2396- extends KeyAgreementSpi 2397- { 2398- public MQVwithSHA1KDF() 2399- { 2400- super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2401- } 2402- } 2403+ // BEGIN android-removed 2404+ // public static class DHC 2405+ // extends KeyAgreementSpi 2406+ // { 2407+ // public DHC() 2408+ // { 2409+ // super("ECDHC", new ECDHCBasicAgreement(), null); 2410+ // } 2411+ // } 2412+ // 2413+ // public static class MQV 2414+ // extends KeyAgreementSpi 2415+ // { 2416+ // public MQV() 2417+ // { 2418+ // super("ECMQV", new ECMQVBasicAgreement(), null); 2419+ // } 2420+ // } 2421+ // 2422+ // public static class DHwithSHA1KDF 2423+ // extends KeyAgreementSpi 2424+ // { 2425+ // public DHwithSHA1KDF() 2426+ // { 2427+ // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2428+ // } 2429+ // } 2430+ // 2431+ // public static class MQVwithSHA1KDF 2432+ // extends KeyAgreementSpi 2433+ // { 2434+ // public MQVwithSHA1KDF() 2435+ // { 2436+ // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2437+ // } 2438+ // } 2439+ // END android-removed 2440 } 2441diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2442--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2012-03-22 15:11:48.000000000 +0000 2443+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-01-23 01:01:51.704745268 +0000 2444@@ -200,14 +200,16 @@ 2445 } 2446 } 2447 2448- public static class ECGOST3410 2449- extends KeyFactorySpi 2450- { 2451- public ECGOST3410() 2452- { 2453- super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2454- } 2455- } 2456+ // BEGIN android-removed 2457+ // public static class ECGOST3410 2458+ // extends KeyFactorySpi 2459+ // { 2460+ // public ECGOST3410() 2461+ // { 2462+ // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2463+ // } 2464+ // } 2465+ // END android-removed 2466 2467 public static class ECDH 2468 extends KeyFactorySpi 2469diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2470--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2012-03-22 15:11:48.000000000 +0000 2471+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2013-01-23 01:01:51.704745268 +0000 2472@@ -12,7 +12,9 @@ 2473 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 2474 import org.bouncycastle.asn1.nist.NISTNamedCurves; 2475 import org.bouncycastle.asn1.sec.SECNamedCurves; 2476-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 2477+// BEGIN android-removed 2478+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 2479+// END android-removed 2480 import org.bouncycastle.asn1.x9.X962NamedCurves; 2481 import org.bouncycastle.asn1.x9.X9ECParameters; 2482 import org.bouncycastle.crypto.AsymmetricCipherKeyPair; 2483@@ -55,13 +57,15 @@ 2484 static { 2485 ecParameters = new Hashtable(); 2486 2487- ecParameters.put(new Integer(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192 2488- ecParameters.put(new Integer(239), new ECGenParameterSpec("prime239v1")); 2489- ecParameters.put(new Integer(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256 2490- 2491- ecParameters.put(new Integer(224), new ECGenParameterSpec("P-224")); 2492- ecParameters.put(new Integer(384), new ECGenParameterSpec("P-384")); 2493- ecParameters.put(new Integer(521), new ECGenParameterSpec("P-521")); 2494+ // BEGIN android-changed 2495+ ecParameters.put(Integer.valueOf(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192 2496+ ecParameters.put(Integer.valueOf(239), new ECGenParameterSpec("prime239v1")); 2497+ ecParameters.put(Integer.valueOf(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256 2498+ 2499+ ecParameters.put(Integer.valueOf(224), new ECGenParameterSpec("P-224")); 2500+ ecParameters.put(Integer.valueOf(384), new ECGenParameterSpec("P-384")); 2501+ ecParameters.put(Integer.valueOf(521), new ECGenParameterSpec("P-521")); 2502+ // END android-changed 2503 } 2504 2505 public EC() 2506@@ -85,8 +89,16 @@ 2507 SecureRandom random) 2508 { 2509 this.strength = strength; 2510+ // BEGIN android-added 2511+ if (random != null) { 2512+ // END android-added 2513 this.random = random; 2514- ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(new Integer(strength)); 2515+ // BEGIN android-added 2516+ } 2517+ // END android-added 2518+ // BEGIN android-changed 2519+ ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integer.valueOf(strength)); 2520+ // END android-changed 2521 2522 if (ecParams != null) 2523 { 2524@@ -110,6 +122,11 @@ 2525 SecureRandom random) 2526 throws InvalidAlgorithmParameterException 2527 { 2528+ // BEGIN android-added 2529+ if (random == null) { 2530+ random = this.random; 2531+ } 2532+ // END android-added 2533 if (params instanceof ECParameterSpec) 2534 { 2535 ECParameterSpec p = (ECParameterSpec)params; 2536@@ -154,10 +171,12 @@ 2537 { 2538 ecP = NISTNamedCurves.getByName(curveName); 2539 } 2540- if (ecP == null) 2541- { 2542- ecP = TeleTrusTNamedCurves.getByName(curveName); 2543- } 2544+ // BEGIN android-removed 2545+ // if (ecP == null) 2546+ // { 2547+ // ecP = TeleTrusTNamedCurves.getByName(curveName); 2548+ // } 2549+ // END android-removed 2550 if (ecP == null) 2551 { 2552 // See if it's actually an OID string (SunJSSE ServerHandshaker setupEphemeralECDHKeys bug) 2553@@ -173,10 +192,12 @@ 2554 { 2555 ecP = NISTNamedCurves.getByOID(oid); 2556 } 2557- if (ecP == null) 2558- { 2559- ecP = TeleTrusTNamedCurves.getByOID(oid); 2560- } 2561+ // BEGIN android-removed 2562+ // if (ecP == null) 2563+ // { 2564+ // ecP = TeleTrusTNamedCurves.getByOID(oid); 2565+ // } 2566+ // END android-removed 2567 if (ecP == null) 2568 { 2569 throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName); 2570@@ -231,7 +252,15 @@ 2571 { 2572 if (!initialised) 2573 { 2574- throw new IllegalStateException("EC Key Pair Generator not initialised"); 2575+ // BEGIN android-removed 2576+ // throw new IllegalStateException("EC Key Pair Generator not initialised"); 2577+ // END android-removed 2578+ // BEGIN android-added 2579+ /* 2580+ * KeyPairGenerator documentation says that a default initialization must be provided 2581+ */ 2582+ initialize(192, random); 2583+ // END android-added 2584 } 2585 2586 AsymmetricCipherKeyPair pair = engine.generateKeyPair(); 2587diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2588--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2012-03-22 15:11:48.000000000 +0000 2589+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2013-01-23 01:01:51.704745268 +0000 2590@@ -18,15 +18,22 @@ 2591 import org.bouncycastle.crypto.DSA; 2592 import org.bouncycastle.crypto.Digest; 2593 import org.bouncycastle.crypto.digests.NullDigest; 2594-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2595-import org.bouncycastle.crypto.digests.SHA1Digest; 2596-import org.bouncycastle.crypto.digests.SHA224Digest; 2597-import org.bouncycastle.crypto.digests.SHA256Digest; 2598-import org.bouncycastle.crypto.digests.SHA384Digest; 2599-import org.bouncycastle.crypto.digests.SHA512Digest; 2600+// BEGIN android-added 2601+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2602+// END android-added 2603+// BEGIN android-removed 2604+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2605+// import org.bouncycastle.crypto.digests.SHA1Digest; 2606+// import org.bouncycastle.crypto.digests.SHA224Digest; 2607+// import org.bouncycastle.crypto.digests.SHA256Digest; 2608+// import org.bouncycastle.crypto.digests.SHA384Digest; 2609+// import org.bouncycastle.crypto.digests.SHA512Digest; 2610+// END android-removed 2611 import org.bouncycastle.crypto.params.ParametersWithRandom; 2612 import org.bouncycastle.crypto.signers.ECDSASigner; 2613-import org.bouncycastle.crypto.signers.ECNRSigner; 2614+// BEGIN android-removed 2615+// import org.bouncycastle.crypto.signers.ECNRSigner; 2616+// END android-removed 2617 import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; 2618 import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; 2619 import org.bouncycastle.jce.interfaces.ECKey; 2620@@ -108,7 +115,9 @@ 2621 { 2622 public ecDSA() 2623 { 2624- super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); 2625+ // BEGIN android-changed 2626+ super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); 2627+ // END android-changed 2628 } 2629 } 2630 2631@@ -121,21 +130,25 @@ 2632 } 2633 } 2634 2635- static public class ecDSA224 2636- extends SignatureSpi 2637- { 2638- public ecDSA224() 2639- { 2640- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2641- } 2642- } 2643+ // BEGIN android-removed 2644+ // static public class ecDSA224 2645+ // extends SignatureSpi 2646+ // { 2647+ // public ecDSA224() 2648+ // { 2649+ // super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2650+ // } 2651+ // } 2652+ // END android-removed 2653 2654 static public class ecDSA256 2655 extends SignatureSpi 2656 { 2657 public ecDSA256() 2658 { 2659- super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); 2660+ // BEGIN android-changed 2661+ super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); 2662+ // END android-changed 2663 } 2664 } 2665 2666@@ -144,7 +157,9 @@ 2667 { 2668 public ecDSA384() 2669 { 2670- super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); 2671+ // BEGIN android-changed 2672+ super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); 2673+ // END android-changed 2674 } 2675 } 2676 2677@@ -153,90 +168,94 @@ 2678 { 2679 public ecDSA512() 2680 { 2681- super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); 2682- } 2683- } 2684- 2685- static public class ecDSARipeMD160 2686- extends SignatureSpi 2687- { 2688- public ecDSARipeMD160() 2689- { 2690- super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2691- } 2692- } 2693- 2694- static public class ecNR 2695- extends SignatureSpi 2696- { 2697- public ecNR() 2698- { 2699- super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2700- } 2701- } 2702- 2703- static public class ecNR224 2704- extends SignatureSpi 2705- { 2706- public ecNR224() 2707- { 2708- super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2709- } 2710- } 2711- 2712- static public class ecNR256 2713- extends SignatureSpi 2714- { 2715- public ecNR256() 2716- { 2717- super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2718- } 2719- } 2720- 2721- static public class ecNR384 2722- extends SignatureSpi 2723- { 2724- public ecNR384() 2725- { 2726- super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2727- } 2728- } 2729- 2730- static public class ecNR512 2731- extends SignatureSpi 2732- { 2733- public ecNR512() 2734- { 2735- super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2736- } 2737- } 2738- 2739- static public class ecCVCDSA 2740- extends SignatureSpi 2741- { 2742- public ecCVCDSA() 2743- { 2744- super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2745- } 2746- } 2747- 2748- static public class ecCVCDSA224 2749- extends SignatureSpi 2750- { 2751- public ecCVCDSA224() 2752- { 2753- super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2754- } 2755- } 2756- 2757- static public class ecCVCDSA256 2758- extends SignatureSpi 2759- { 2760- public ecCVCDSA256() 2761- { 2762- super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2763- } 2764- } 2765+ // BEGIN android-changed 2766+ super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); 2767+ // END android-changed 2768+ } 2769+ } 2770+ 2771+ // BEGIN android-removed 2772+ // static public class ecDSARipeMD160 2773+ // extends SignatureSpi 2774+ // { 2775+ // public ecDSARipeMD160() 2776+ // { 2777+ // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2778+ // } 2779+ // } 2780+ // 2781+ // static public class ecNR 2782+ // extends SignatureSpi 2783+ // { 2784+ // public ecNR() 2785+ // { 2786+ // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2787+ // } 2788+ // } 2789+ // 2790+ // static public class ecNR224 2791+ // extends SignatureSpi 2792+ // { 2793+ // public ecNR224() 2794+ // { 2795+ // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2796+ // } 2797+ // } 2798+ // 2799+ // static public class ecNR256 2800+ // extends SignatureSpi 2801+ // { 2802+ // public ecNR256() 2803+ // { 2804+ // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2805+ // } 2806+ // } 2807+ // 2808+ // static public class ecNR384 2809+ // extends SignatureSpi 2810+ // { 2811+ // public ecNR384() 2812+ // { 2813+ // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2814+ // } 2815+ // } 2816+ // 2817+ // static public class ecNR512 2818+ // extends SignatureSpi 2819+ // { 2820+ // public ecNR512() 2821+ // { 2822+ // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2823+ // } 2824+ // } 2825+ // 2826+ // static public class ecCVCDSA 2827+ // extends SignatureSpi 2828+ // { 2829+ // public ecCVCDSA() 2830+ // { 2831+ // super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2832+ // } 2833+ // } 2834+ // 2835+ // static public class ecCVCDSA224 2836+ // extends SignatureSpi 2837+ // { 2838+ // public ecCVCDSA224() 2839+ // { 2840+ // super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2841+ // } 2842+ // } 2843+ // 2844+ // static public class ecCVCDSA256 2845+ // extends SignatureSpi 2846+ // { 2847+ // public ecCVCDSA256() 2848+ // { 2849+ // super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2850+ // } 2851+ // } 2852+ // END android-removed 2853 2854 private static class StdDSAEncoder 2855 implements DSAEncoder 2856@@ -330,4 +349,4 @@ 2857 return sig; 2858 } 2859 } 2860-} 2861\ No newline at end of file 2862+} 2863diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java 2864--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java 2012-03-22 15:11:48.000000000 +0000 2865+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java 2013-01-23 01:01:51.694745092 +0000 2866@@ -55,11 +55,15 @@ 2867 { 2868 AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( 2869 DigestFactory.getOID(currentSpec.getDigestAlgorithm()), 2870- new DERNull()); 2871+ // BEGIN android-changed 2872+ DERNull.INSTANCE); 2873+ // END android-changed 2874 MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)currentSpec.getMGFParameters(); 2875 AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( 2876 PKCSObjectIdentifiers.id_mgf1, 2877- new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), new DERNull())); 2878+ // BEGIN android-changed 2879+ new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE)); 2880+ // END android-changed 2881 PSource.PSpecified pSource = (PSource.PSpecified)currentSpec.getPSource(); 2882 AlgorithmIdentifier pSourceAlgorithm = new AlgorithmIdentifier( 2883 PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(pSource.getValue())); 2884@@ -170,11 +174,15 @@ 2885 PSSParameterSpec pssSpec = currentSpec; 2886 AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( 2887 DigestFactory.getOID(pssSpec.getDigestAlgorithm()), 2888- new DERNull()); 2889+ // BEGIN android-changed 2890+ DERNull.INSTANCE); 2891+ // END android-changed 2892 MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)pssSpec.getMGFParameters(); 2893 AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( 2894 PKCSObjectIdentifiers.id_mgf1, 2895- new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), new DERNull())); 2896+ // BEGIN android-changed 2897+ new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE)); 2898+ // END android-changed 2899 RSASSAPSSparams pssP = new RSASSAPSSparams(hashAlgorithm, maskGenAlgorithm, new ASN1Integer(pssSpec.getSaltLength()), new ASN1Integer(pssSpec.getTrailerField())); 2900 2901 return pssP.getEncoded("DER"); 2902diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java 2903--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java 2012-03-22 15:11:48.000000000 +0000 2904+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java 2013-01-23 01:01:51.694745092 +0000 2905@@ -127,7 +127,9 @@ 2906 */ 2907 public byte[] getEncoded() 2908 { 2909- return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPrivateKey(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient())); 2910+ // BEGIN android-changed 2911+ return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKey(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient())); 2912+ // END android-changed 2913 } 2914 2915 /** 2916diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java 2917--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java 2012-03-22 15:11:48.000000000 +0000 2918+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java 2013-01-23 01:01:51.694745092 +0000 2919@@ -78,7 +78,9 @@ 2920 2921 public byte[] getEncoded() 2922 { 2923- return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new org.bouncycastle.asn1.pkcs.RSAPrivateKey(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO)); 2924+ // BEGIN android-changed 2925+ return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPrivateKey(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO)); 2926+ // END android-changed 2927 } 2928 2929 public boolean equals(Object o) 2930diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java 2931--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java 2012-03-22 15:11:48.000000000 +0000 2932+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java 2013-01-23 01:01:51.694745092 +0000 2933@@ -89,7 +89,9 @@ 2934 2935 public byte[] getEncoded() 2936 { 2937- return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new org.bouncycastle.asn1.pkcs.RSAPublicKey(getModulus(), getPublicExponent())); 2938+ // BEGIN android-changed 2939+ return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(getModulus(), getPublicExponent())); 2940+ // END android-changed 2941 } 2942 2943 public int hashCode() 2944diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2945--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2012-03-22 15:11:48.000000000 +0000 2946+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2013-01-23 01:01:51.684744916 +0000 2947@@ -26,7 +26,9 @@ 2948 import org.bouncycastle.crypto.CipherParameters; 2949 import org.bouncycastle.crypto.Digest; 2950 import org.bouncycastle.crypto.InvalidCipherTextException; 2951-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2952+// BEGIN android-removed 2953+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2954+// END android-removed 2955 import org.bouncycastle.crypto.encodings.OAEPEncoding; 2956 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 2957 import org.bouncycastle.crypto.engines.RSABlindedEngine; 2958@@ -197,10 +199,12 @@ 2959 { 2960 cipher = new PKCS1Encoding(new RSABlindedEngine()); 2961 } 2962- else if (pad.equals("ISO9796-1PADDING")) 2963- { 2964- cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2965- } 2966+ // BEGIN android-removed 2967+ // else if (pad.equals("ISO9796-1PADDING")) 2968+ // { 2969+ // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2970+ // } 2971+ // END android-removed 2972 else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) 2973 { 2974 initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); 2975@@ -213,10 +217,12 @@ 2976 { 2977 initFromSpec(OAEPParameterSpec.DEFAULT); 2978 } 2979- else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING")) 2980- { 2981- initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT)); 2982- } 2983+ // BEGIN android-removed 2984+ // else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING")) 2985+ // { 2986+ // initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT)); 2987+ // } 2988+ // END android-removed 2989 else if (pad.equals("OAEPWITHSHA256ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-256ANDMGF1PADDING")) 2990 { 2991 initFromSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT)); 2992@@ -534,48 +540,50 @@ 2993 } 2994 } 2995 2996- static public class PKCS1v1_5Padding 2997- extends CipherSpi 2998- { 2999- public PKCS1v1_5Padding() 3000- { 3001- super(new PKCS1Encoding(new RSABlindedEngine())); 3002- } 3003- } 3004- 3005- static public class PKCS1v1_5Padding_PrivateOnly 3006- extends CipherSpi 3007- { 3008- public PKCS1v1_5Padding_PrivateOnly() 3009- { 3010- super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 3011- } 3012- } 3013- 3014- static public class PKCS1v1_5Padding_PublicOnly 3015- extends CipherSpi 3016- { 3017- public PKCS1v1_5Padding_PublicOnly() 3018- { 3019- super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3020- } 3021- } 3022- 3023- static public class OAEPPadding 3024- extends CipherSpi 3025- { 3026- public OAEPPadding() 3027- { 3028- super(OAEPParameterSpec.DEFAULT); 3029- } 3030- } 3031- 3032- static public class ISO9796d1Padding 3033- extends CipherSpi 3034- { 3035- public ISO9796d1Padding() 3036- { 3037- super(new ISO9796d1Encoding(new RSABlindedEngine())); 3038- } 3039- } 3040+ // BEGIN android-removed 3041+ // static public class PKCS1v1_5Padding 3042+ // extends CipherSpi 3043+ // { 3044+ // public PKCS1v1_5Padding() 3045+ // { 3046+ // super(new PKCS1Encoding(new RSABlindedEngine())); 3047+ // } 3048+ // } 3049+ // 3050+ // static public class PKCS1v1_5Padding_PrivateOnly 3051+ // extends CipherSpi 3052+ // { 3053+ // public PKCS1v1_5Padding_PrivateOnly() 3054+ // { 3055+ // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 3056+ // } 3057+ // } 3058+ // 3059+ // static public class PKCS1v1_5Padding_PublicOnly 3060+ // extends CipherSpi 3061+ // { 3062+ // public PKCS1v1_5Padding_PublicOnly() 3063+ // { 3064+ // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3065+ // } 3066+ // } 3067+ // 3068+ // static public class OAEPPadding 3069+ // extends CipherSpi 3070+ // { 3071+ // public OAEPPadding() 3072+ // { 3073+ // super(OAEPParameterSpec.DEFAULT); 3074+ // } 3075+ // } 3076+ // 3077+ // static public class ISO9796d1Padding 3078+ // extends CipherSpi 3079+ // { 3080+ // public ISO9796d1Padding() 3081+ // { 3082+ // super(new ISO9796d1Encoding(new RSABlindedEngine())); 3083+ // } 3084+ // } 3085+ // END android-removed 3086 } 3087diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 3088--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2012-03-22 15:11:48.000000000 +0000 3089+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2013-01-23 01:01:51.684744916 +0000 3090@@ -17,24 +17,31 @@ 3091 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3092 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3093 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3094-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3095+// BEGIN android-removed 3096+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3097+// END android-removed 3098 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3099 import org.bouncycastle.asn1.x509.DigestInfo; 3100 import org.bouncycastle.crypto.AsymmetricBlockCipher; 3101 import org.bouncycastle.crypto.CipherParameters; 3102 import org.bouncycastle.crypto.Digest; 3103-import org.bouncycastle.crypto.digests.MD2Digest; 3104-import org.bouncycastle.crypto.digests.MD4Digest; 3105-import org.bouncycastle.crypto.digests.MD5Digest; 3106-import org.bouncycastle.crypto.digests.NullDigest; 3107-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3108-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3109-import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3110-import org.bouncycastle.crypto.digests.SHA1Digest; 3111-import org.bouncycastle.crypto.digests.SHA224Digest; 3112-import org.bouncycastle.crypto.digests.SHA256Digest; 3113-import org.bouncycastle.crypto.digests.SHA384Digest; 3114-import org.bouncycastle.crypto.digests.SHA512Digest; 3115+// BEGIN android-removed 3116+// import org.bouncycastle.crypto.digests.MD2Digest; 3117+// import org.bouncycastle.crypto.digests.MD4Digest; 3118+// import org.bouncycastle.crypto.digests.MD5Digest; 3119+// import org.bouncycastle.crypto.digests.NullDigest; 3120+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3121+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3122+// import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3123+// import org.bouncycastle.crypto.digests.SHA1Digest; 3124+// import org.bouncycastle.crypto.digests.SHA224Digest; 3125+// import org.bouncycastle.crypto.digests.SHA256Digest; 3126+// import org.bouncycastle.crypto.digests.SHA384Digest; 3127+// import org.bouncycastle.crypto.digests.SHA512Digest; 3128+// END android-removed 3129+// BEGIN android-added 3130+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 3131+// END android-added 3132 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 3133 import org.bouncycastle.crypto.engines.RSABlindedEngine; 3134 3135@@ -261,25 +268,31 @@ 3136 { 3137 public SHA1() 3138 { 3139- super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3140+ // BEGIN android-changed 3141+ super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); 3142+ // END android-changed 3143 } 3144 } 3145 3146- static public class SHA224 3147- extends DigestSignatureSpi 3148- { 3149- public SHA224() 3150- { 3151- super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3152- } 3153- } 3154+ // BEGIN android-removed 3155+ // static public class SHA224 3156+ // extends DigestSignatureSpi 3157+ // { 3158+ // public SHA224() 3159+ // { 3160+ // super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3161+ // } 3162+ // } 3163+ // END android-removed 3164 3165 static public class SHA256 3166 extends DigestSignatureSpi 3167 { 3168 public SHA256() 3169 { 3170- super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3171+ // BEGIN android-changed 3172+ super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); 3173+ // END android-changed 3174 } 3175 } 3176 3177@@ -288,7 +301,9 @@ 3178 { 3179 public SHA384() 3180 { 3181- super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3182+ // BEGIN android-changed 3183+ super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); 3184+ // END android-changed 3185 } 3186 } 3187 3188@@ -297,70 +312,78 @@ 3189 { 3190 public SHA512() 3191 { 3192- super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3193- } 3194- } 3195- 3196- static public class MD2 3197- extends DigestSignatureSpi 3198- { 3199- public MD2() 3200- { 3201- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3202+ // BEGIN android-changed 3203+ super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); 3204+ // END android-changed 3205 } 3206 } 3207 3208- static public class MD4 3209- extends DigestSignatureSpi 3210- { 3211- public MD4() 3212- { 3213- super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3214- } 3215- } 3216+ // BEGIN android-removed 3217+ // static public class MD2 3218+ // extends DigestSignatureSpi 3219+ // { 3220+ // public MD2() 3221+ // { 3222+ // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3223+ // } 3224+ // } 3225+ // 3226+ // static public class MD4 3227+ // extends DigestSignatureSpi 3228+ // { 3229+ // public MD4() 3230+ // { 3231+ // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3232+ // } 3233+ // } 3234+ // END android-removed 3235 3236 static public class MD5 3237 extends DigestSignatureSpi 3238 { 3239 public MD5() 3240 { 3241- super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3242+ // BEGIN android-changed 3243+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); 3244+ // END android-changed 3245 } 3246 } 3247 3248- static public class RIPEMD160 3249- extends DigestSignatureSpi 3250- { 3251- public RIPEMD160() 3252- { 3253- super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3254- } 3255- } 3256- 3257- static public class RIPEMD128 3258- extends DigestSignatureSpi 3259- { 3260- public RIPEMD128() 3261- { 3262- super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3263- } 3264- } 3265- 3266- static public class RIPEMD256 3267- extends DigestSignatureSpi 3268- { 3269- public RIPEMD256() 3270- { 3271- super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3272- } 3273- } 3274- 3275- static public class noneRSA 3276- extends DigestSignatureSpi 3277- { 3278- public noneRSA() 3279- { 3280- super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3281- } 3282- } 3283+ // BEGIN android-removed 3284+ // static public class RIPEMD160 3285+ // extends DigestSignatureSpi 3286+ // { 3287+ // public RIPEMD160() 3288+ // { 3289+ // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3290+ // } 3291+ // } 3292+ // 3293+ // static public class RIPEMD128 3294+ // extends DigestSignatureSpi 3295+ // { 3296+ // public RIPEMD128() 3297+ // { 3298+ // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3299+ // } 3300+ // } 3301+ // 3302+ // static public class RIPEMD256 3303+ // extends DigestSignatureSpi 3304+ // { 3305+ // public RIPEMD256() 3306+ // { 3307+ // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3308+ // } 3309+ // } 3310+ // 3311+ // static public class noneRSA 3312+ // extends DigestSignatureSpi 3313+ // { 3314+ // public noneRSA() 3315+ // { 3316+ // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3317+ // } 3318+ // } 3319+ // END android-removed 3320 } 3321diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 3322--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2012-03-22 15:11:48.000000000 +0000 3323+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2013-01-23 01:01:51.724745620 +0000 3324@@ -18,8 +18,10 @@ 3325 import javax.crypto.NoSuchPaddingException; 3326 import javax.crypto.spec.IvParameterSpec; 3327 import javax.crypto.spec.PBEParameterSpec; 3328-import javax.crypto.spec.RC2ParameterSpec; 3329-import javax.crypto.spec.RC5ParameterSpec; 3330+// BEGIN android-removed 3331+// import javax.crypto.spec.RC2ParameterSpec; 3332+// import javax.crypto.spec.RC5ParameterSpec; 3333+// END android-removed 3334 import javax.crypto.spec.SecretKeySpec; 3335 3336 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3337@@ -37,8 +39,10 @@ 3338 { 3339 IvParameterSpec.class, 3340 PBEParameterSpec.class, 3341- RC2ParameterSpec.class, 3342- RC5ParameterSpec.class 3343+ // BEGIN android-removed 3344+ // RC2ParameterSpec.class, 3345+ // RC5ParameterSpec.class 3346+ // END android-removed 3347 }; 3348 3349 3350diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java 3351--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java 2012-03-22 15:11:48.000000000 +0000 3352+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java 2013-01-23 01:01:51.724745620 +0000 3353@@ -27,7 +27,9 @@ 3354 { 3355 return generatePrivate(PrivateKeyInfo.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded())); 3356 } 3357- catch (IOException e) 3358+ // BEGIN android-changed 3359+ catch (Exception e) 3360+ // END android-changed 3361 { 3362 throw new InvalidKeySpecException("encoded key spec not recognised"); 3363 } 3364@@ -48,7 +50,9 @@ 3365 { 3366 return generatePublic(SubjectPublicKeyInfo.getInstance(((X509EncodedKeySpec)keySpec).getEncoded())); 3367 } 3368- catch (IOException e) 3369+ // BEGIN android-changed 3370+ catch (Exception e) 3371+ // END android-changed 3372 { 3373 throw new InvalidKeySpecException("encoded key spec not recognised"); 3374 } 3375diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 3376--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2012-03-22 15:11:48.000000000 +0000 3377+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2013-01-23 01:01:51.674744740 +0000 3378@@ -36,7 +36,9 @@ 3379 import org.bouncycastle.asn1.pkcs.SignedData; 3380 import org.bouncycastle.jce.provider.BouncyCastleProvider; 3381 import org.bouncycastle.util.io.pem.PemObject; 3382-import org.bouncycastle.util.io.pem.PemWriter; 3383+// BEGIN android-removed 3384+// import org.bouncycastle.util.io.pem.PemWriter; 3385+// END android-removed 3386 3387 /** 3388 * CertPath implementation for X.509 certificates. 3389@@ -298,27 +300,29 @@ 3390 return toDEREncoded(new ContentInfo( 3391 PKCSObjectIdentifiers.signedData, sd)); 3392 } 3393- else if (encoding.equalsIgnoreCase("PEM")) 3394- { 3395- ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3396- PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3397- 3398- try 3399- { 3400- for (int i = 0; i != certificates.size(); i++) 3401- { 3402- pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3403- } 3404- 3405- pWrt.close(); 3406- } 3407- catch (Exception e) 3408- { 3409- throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3410- } 3411- 3412- return bOut.toByteArray(); 3413- } 3414+ // BEGIN android-removed 3415+ // else if (encoding.equalsIgnoreCase("PEM")) 3416+ // { 3417+ // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3418+ // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3419+ // 3420+ // try 3421+ // { 3422+ // for (int i = 0; i != certificates.size(); i++) 3423+ // { 3424+ // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3425+ // } 3426+ // 3427+ // pWrt.close(); 3428+ // } 3429+ // catch (Exception e) 3430+ // { 3431+ // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3432+ // } 3433+ // 3434+ // return bOut.toByteArray(); 3435+ // } 3436+ // END android-removed 3437 else 3438 { 3439 throw new CertificateEncodingException("unsupported encoding: " + encoding); 3440diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/AES.java 3441--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2012-03-22 15:11:48.000000000 +0000 3442+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/AES.java 2013-01-23 01:01:51.744745972 +0000 3443@@ -1,31 +1,43 @@ 3444 package org.bouncycastle.jcajce.provider.symmetric; 3445 3446-import java.security.AlgorithmParameters; 3447-import java.security.InvalidAlgorithmParameterException; 3448+// BEGIN android-removed 3449+// import java.security.AlgorithmParameters; 3450+// import java.security.InvalidAlgorithmParameterException; 3451+// END android-removed 3452 import java.security.SecureRandom; 3453-import java.security.spec.AlgorithmParameterSpec; 3454- 3455-import javax.crypto.spec.IvParameterSpec; 3456+// BEGIN android-removed 3457+// import java.security.spec.AlgorithmParameterSpec; 3458+// 3459+// import javax.crypto.spec.IvParameterSpec; 3460+// END android-removed 3461 3462 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3463 import org.bouncycastle.crypto.BufferedBlockCipher; 3464 import org.bouncycastle.crypto.CipherKeyGenerator; 3465 import org.bouncycastle.crypto.engines.AESFastEngine; 3466 import org.bouncycastle.crypto.engines.AESWrapEngine; 3467-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3468-import org.bouncycastle.crypto.macs.CMac; 3469+// BEGIN android-removed 3470+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3471+// import org.bouncycastle.crypto.macs.CMac; 3472+// END android-removed 3473 import org.bouncycastle.crypto.modes.CBCBlockCipher; 3474 import org.bouncycastle.crypto.modes.CFBBlockCipher; 3475 import org.bouncycastle.crypto.modes.OFBBlockCipher; 3476 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3477-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3478+// BEGIN android-removed 3479+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3480+// END android-removed 3481 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 3482 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3483-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3484+// BEGIN android-removed 3485+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3486+// END android-removed 3487 import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 3488 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 3489 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; 3490-import org.bouncycastle.jce.provider.BouncyCastleProvider; 3491+// BEGIN android-removed 3492+// import org.bouncycastle.jce.provider.BouncyCastleProvider; 3493+// END android-removed 3494 3495 public final class AES 3496 { 3497@@ -69,15 +81,17 @@ 3498 } 3499 } 3500 3501- public static class AESCMAC 3502- extends BaseMac 3503- { 3504- public AESCMAC() 3505- { 3506- super(new CMac(new AESFastEngine())); 3507- } 3508- } 3509- 3510+ // BEGIN android-removed 3511+ // public static class AESCMAC 3512+ // extends BaseMac 3513+ // { 3514+ // public AESCMAC() 3515+ // { 3516+ // super(new CMac(new AESFastEngine())); 3517+ // } 3518+ // } 3519+ // END android-removed 3520+ 3521 static public class Wrap 3522 extends BaseWrapCipher 3523 { 3524@@ -86,15 +100,17 @@ 3525 super(new AESWrapEngine()); 3526 } 3527 } 3528- 3529- public static class RFC3211Wrap 3530- extends BaseWrapCipher 3531- { 3532- public RFC3211Wrap() 3533- { 3534- super(new RFC3211WrapEngine(new AESFastEngine()), 16); 3535- } 3536- } 3537+ 3538+ // BEGIN android-removed 3539+ // public static class RFC3211Wrap 3540+ // extends BaseWrapCipher 3541+ // { 3542+ // public RFC3211Wrap() 3543+ // { 3544+ // super(new RFC3211WrapEngine(new AESFastEngine()), 16); 3545+ // } 3546+ // } 3547+ // END android-removed 3548 3549 public static class KeyGen 3550 extends BaseKeyGenerator 3551@@ -110,70 +126,72 @@ 3552 } 3553 } 3554 3555- public static class KeyGen128 3556- extends KeyGen 3557- { 3558- public KeyGen128() 3559- { 3560- super(128); 3561- } 3562- } 3563- 3564- public static class KeyGen192 3565- extends KeyGen 3566- { 3567- public KeyGen192() 3568- { 3569- super(192); 3570- } 3571- } 3572- 3573- public static class KeyGen256 3574- extends KeyGen 3575- { 3576- public KeyGen256() 3577- { 3578- super(256); 3579- } 3580- } 3581- 3582- public static class AlgParamGen 3583- extends BaseAlgorithmParameterGenerator 3584- { 3585- protected void engineInit( 3586- AlgorithmParameterSpec genParamSpec, 3587- SecureRandom random) 3588- throws InvalidAlgorithmParameterException 3589- { 3590- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 3591- } 3592- 3593- protected AlgorithmParameters engineGenerateParameters() 3594- { 3595- byte[] iv = new byte[16]; 3596- 3597- if (random == null) 3598- { 3599- random = new SecureRandom(); 3600- } 3601- 3602- random.nextBytes(iv); 3603- 3604- AlgorithmParameters params; 3605- 3606- try 3607- { 3608- params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); 3609- params.init(new IvParameterSpec(iv)); 3610- } 3611- catch (Exception e) 3612- { 3613- throw new RuntimeException(e.getMessage()); 3614- } 3615- 3616- return params; 3617- } 3618- } 3619+ // BEGIN android-removed 3620+ // public static class KeyGen128 3621+ // extends KeyGen 3622+ // { 3623+ // public KeyGen128() 3624+ // { 3625+ // super(128); 3626+ // } 3627+ // } 3628+ // 3629+ // public static class KeyGen192 3630+ // extends KeyGen 3631+ // { 3632+ // public KeyGen192() 3633+ // { 3634+ // super(192); 3635+ // } 3636+ // } 3637+ // 3638+ // public static class KeyGen256 3639+ // extends KeyGen 3640+ // { 3641+ // public KeyGen256() 3642+ // { 3643+ // super(256); 3644+ // } 3645+ // } 3646+ // 3647+ // public static class AlgParamGen 3648+ // extends BaseAlgorithmParameterGenerator 3649+ // { 3650+ // protected void engineInit( 3651+ // AlgorithmParameterSpec genParamSpec, 3652+ // SecureRandom random) 3653+ // throws InvalidAlgorithmParameterException 3654+ // { 3655+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 3656+ // } 3657+ // 3658+ // protected AlgorithmParameters engineGenerateParameters() 3659+ // { 3660+ // byte[] iv = new byte[16]; 3661+ // 3662+ // if (random == null) 3663+ // { 3664+ // random = new SecureRandom(); 3665+ // } 3666+ // 3667+ // random.nextBytes(iv); 3668+ // 3669+ // AlgorithmParameters params; 3670+ // 3671+ // try 3672+ // { 3673+ // params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); 3674+ // params.init(new IvParameterSpec(iv)); 3675+ // } 3676+ // catch (Exception e) 3677+ // { 3678+ // throw new RuntimeException(e.getMessage()); 3679+ // } 3680+ // 3681+ // return params; 3682+ // } 3683+ // } 3684+ // END android-removed 3685 3686 public static class AlgParams 3687 extends IvAlgorithmParameters 3688@@ -212,58 +230,66 @@ 3689 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 3690 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 3691 3692- provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 3693- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 3694- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 3695- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 3696- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 3697- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 3698- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 3699+ // BEGIN android-removed 3700+ // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 3701+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 3702+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 3703+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 3704+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 3705+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 3706+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 3707+ // END android-removed 3708 3709 provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); 3710 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); 3711 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); 3712 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); 3713- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 3714- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 3715- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 3716- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 3717- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 3718- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 3719- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 3720- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 3721- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 3722- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 3723- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 3724- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 3725+ // BEGIN android-removed 3726+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 3727+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 3728+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 3729+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 3730+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 3731+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 3732+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 3733+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 3734+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 3735+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 3736+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 3737+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 3738+ // END android-removed 3739 provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); 3740 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); 3741 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); 3742 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); 3743- provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 3744+ // BEGIN android-removed 3745+ // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 3746+ // END android-removed 3747 3748 provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); 3749- provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 3750- provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 3751- provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 3752- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 3753- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 3754- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 3755- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 3756- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 3757- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 3758- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 3759- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 3760- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 3761- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 3762- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 3763- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 3764- provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 3765- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 3766- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 3767- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 3768- 3769- provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 3770+ // BEGIN android-removed 3771+ // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 3772+ // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 3773+ // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 3774+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 3775+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 3776+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 3777+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 3778+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 3779+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 3780+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 3781+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 3782+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 3783+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 3784+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 3785+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 3786+ // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 3787+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 3788+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 3789+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 3790+ // 3791+ // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 3792+ // END android-removed 3793 } 3794 } 3795 } 3796diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 3797--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2012-03-22 15:11:48.000000000 +0000 3798+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-01-23 01:01:51.744745972 +0000 3799@@ -27,7 +27,9 @@ 3800 { 3801 public KeyGen() 3802 { 3803- super("RC4", 128, new CipherKeyGenerator()); 3804+ // BEGIN android-changed 3805+ super("ARC4", 128, new CipherKeyGenerator()); 3806+ // END android-changed 3807 } 3808 } 3809 3810diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 3811--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-03-22 15:11:48.000000000 +0000 3812+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2013-01-23 01:01:51.744745972 +0000 3813@@ -64,7 +64,9 @@ 3814 { 3815 3816 provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); 3817- provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 3818+ // BEGIN android-removed 3819+ // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 3820+ // END android-removed 3821 provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); 3822 provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); 3823 provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); 3824diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/DES.java 3825--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2012-03-22 15:11:48.000000000 +0000 3826+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/DES.java 2013-01-23 01:01:51.744745972 +0000 3827@@ -16,11 +16,15 @@ 3828 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3829 import org.bouncycastle.crypto.KeyGenerationParameters; 3830 import org.bouncycastle.crypto.engines.DESEngine; 3831-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3832+// BEGIN android-removed 3833+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3834+// END android-removed 3835 import org.bouncycastle.crypto.generators.DESKeyGenerator; 3836 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 3837-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 3838-import org.bouncycastle.crypto.macs.CMac; 3839+// BEGIN android-removed 3840+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 3841+// import org.bouncycastle.crypto.macs.CMac; 3842+// END android-removed 3843 import org.bouncycastle.crypto.modes.CBCBlockCipher; 3844 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 3845 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3846@@ -48,115 +52,117 @@ 3847 } 3848 } 3849 3850- static public class CBC 3851- extends BaseBlockCipher 3852- { 3853- public CBC() 3854- { 3855- super(new CBCBlockCipher(new DESEngine()), 64); 3856- } 3857- } 3858- 3859- /** 3860- * DES CFB8 3861- */ 3862- public static class DESCFB8 3863- extends BaseMac 3864- { 3865- public DESCFB8() 3866- { 3867- super(new CFBBlockCipherMac(new DESEngine())); 3868- } 3869- } 3870- 3871- /** 3872- * DES64 3873- */ 3874- public static class DES64 3875- extends BaseMac 3876- { 3877- public DES64() 3878- { 3879- super(new CBCBlockCipherMac(new DESEngine(), 64)); 3880- } 3881- } 3882- 3883- /** 3884- * DES64with7816-4Padding 3885- */ 3886- public static class DES64with7816d4 3887- extends BaseMac 3888- { 3889- public DES64with7816d4() 3890- { 3891- super(new CBCBlockCipherMac(new DESEngine(), 64, new ISO7816d4Padding())); 3892- } 3893- } 3894- 3895- public static class CBCMAC 3896- extends BaseMac 3897- { 3898- public CBCMAC() 3899- { 3900- super(new CBCBlockCipherMac(new DESEngine())); 3901- } 3902- } 3903- 3904- static public class CMAC 3905- extends BaseMac 3906- { 3907- public CMAC() 3908- { 3909- super(new CMac(new DESEngine())); 3910- } 3911- } 3912- 3913- public static class RFC3211 3914- extends BaseWrapCipher 3915- { 3916- public RFC3211() 3917- { 3918- super(new RFC3211WrapEngine(new DESEngine()), 8); 3919- } 3920- } 3921- 3922- public static class AlgParamGen 3923- extends BaseAlgorithmParameterGenerator 3924- { 3925- protected void engineInit( 3926- AlgorithmParameterSpec genParamSpec, 3927- SecureRandom random) 3928- throws InvalidAlgorithmParameterException 3929- { 3930- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 3931- } 3932- 3933- protected AlgorithmParameters engineGenerateParameters() 3934- { 3935- byte[] iv = new byte[8]; 3936- 3937- if (random == null) 3938- { 3939- random = new SecureRandom(); 3940- } 3941- 3942- random.nextBytes(iv); 3943- 3944- AlgorithmParameters params; 3945- 3946- try 3947- { 3948- params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 3949- params.init(new IvParameterSpec(iv)); 3950- } 3951- catch (Exception e) 3952- { 3953- throw new RuntimeException(e.getMessage()); 3954- } 3955- 3956- return params; 3957- } 3958- } 3959+ // BEGIN android-removed 3960+ // static public class CBC 3961+ // extends BaseBlockCipher 3962+ // { 3963+ // public CBC() 3964+ // { 3965+ // super(new CBCBlockCipher(new DESEngine()), 64); 3966+ // } 3967+ // } 3968+ // 3969+ // /** 3970+ // * DES CFB8 3971+ // */ 3972+ // public static class DESCFB8 3973+ // extends BaseMac 3974+ // { 3975+ // public DESCFB8() 3976+ // { 3977+ // super(new CFBBlockCipherMac(new DESEngine())); 3978+ // } 3979+ // } 3980+ // 3981+ // /** 3982+ // * DES64 3983+ // */ 3984+ // public static class DES64 3985+ // extends BaseMac 3986+ // { 3987+ // public DES64() 3988+ // { 3989+ // super(new CBCBlockCipherMac(new DESEngine(), 64)); 3990+ // } 3991+ // } 3992+ // 3993+ // /** 3994+ // * DES64with7816-4Padding 3995+ // */ 3996+ // public static class DES64with7816d4 3997+ // extends BaseMac 3998+ // { 3999+ // public DES64with7816d4() 4000+ // { 4001+ // super(new CBCBlockCipherMac(new DESEngine(), 64, new ISO7816d4Padding())); 4002+ // } 4003+ // } 4004+ // 4005+ // public static class CBCMAC 4006+ // extends BaseMac 4007+ // { 4008+ // public CBCMAC() 4009+ // { 4010+ // super(new CBCBlockCipherMac(new DESEngine())); 4011+ // } 4012+ // } 4013+ // 4014+ // static public class CMAC 4015+ // extends BaseMac 4016+ // { 4017+ // public CMAC() 4018+ // { 4019+ // super(new CMac(new DESEngine())); 4020+ // } 4021+ // } 4022+ // 4023+ // public static class RFC3211 4024+ // extends BaseWrapCipher 4025+ // { 4026+ // public RFC3211() 4027+ // { 4028+ // super(new RFC3211WrapEngine(new DESEngine()), 8); 4029+ // } 4030+ // } 4031+ // 4032+ // public static class AlgParamGen 4033+ // extends BaseAlgorithmParameterGenerator 4034+ // { 4035+ // protected void engineInit( 4036+ // AlgorithmParameterSpec genParamSpec, 4037+ // SecureRandom random) 4038+ // throws InvalidAlgorithmParameterException 4039+ // { 4040+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 4041+ // } 4042+ // 4043+ // protected AlgorithmParameters engineGenerateParameters() 4044+ // { 4045+ // byte[] iv = new byte[8]; 4046+ // 4047+ // if (random == null) 4048+ // { 4049+ // random = new SecureRandom(); 4050+ // } 4051+ // 4052+ // random.nextBytes(iv); 4053+ // 4054+ // AlgorithmParameters params; 4055+ // 4056+ // try 4057+ // { 4058+ // params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 4059+ // params.init(new IvParameterSpec(iv)); 4060+ // } 4061+ // catch (Exception e) 4062+ // { 4063+ // throw new RuntimeException(e.getMessage()); 4064+ // } 4065+ // 4066+ // return params; 4067+ // } 4068+ // } 4069+ // END android-removed 4070 4071 /** 4072 * DES - the default for this is to generate a key in 4073@@ -263,36 +269,42 @@ 4074 { 4075 4076 provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); 4077- provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 4078- 4079- addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 4080- 4081- provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 4082+ // BEGIN android-removed 4083+ // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 4084+ // 4085+ // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 4086+ // 4087+ // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 4088+ // END android-removed 4089 4090 provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); 4091 4092 provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); 4093 4094- provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 4095- provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 4096- provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 4097- 4098- provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 4099- provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 4100- 4101- provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 4102- provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 4103- 4104- provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 4105- provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4106- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4107- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4108+ // BEGIN android-removed 4109+ // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 4110+ // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 4111+ // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 4112+ // 4113+ // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 4114+ // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 4115+ // 4116+ // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 4117+ // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 4118+ // 4119+ // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 4120+ // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4121+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4122+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4123+ // END android-removed 4124 4125 provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); 4126 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); 4127 4128- provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 4129- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 4130+ // BEGIN android-removed 4131+ // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 4132+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 4133+ // END android-removed 4134 } 4135 4136 private void addAlias(ConfigurableProvider provider, ASN1ObjectIdentifier oid, String name) 4137diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/DESede.java 4138--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2012-03-22 15:11:48.000000000 +0000 4139+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2013-01-23 01:01:51.744745972 +0000 4140@@ -1,30 +1,42 @@ 4141 package org.bouncycastle.jcajce.provider.symmetric; 4142 4143-import java.security.AlgorithmParameters; 4144-import java.security.InvalidAlgorithmParameterException; 4145+// BEGIN android-removed 4146+// import java.security.AlgorithmParameters; 4147+// import java.security.InvalidAlgorithmParameterException; 4148+// END android-removed 4149 import java.security.SecureRandom; 4150-import java.security.spec.AlgorithmParameterSpec; 4151+// BEGIN android-removed 4152+// import java.security.spec.AlgorithmParameterSpec; 4153+// END android-removed 4154 import java.security.spec.InvalidKeySpecException; 4155 import java.security.spec.KeySpec; 4156 4157 import javax.crypto.SecretKey; 4158 import javax.crypto.spec.DESedeKeySpec; 4159-import javax.crypto.spec.IvParameterSpec; 4160+// BEGIN android-removed 4161+// import javax.crypto.spec.IvParameterSpec; 4162+// END android-removed 4163 import javax.crypto.spec.SecretKeySpec; 4164 4165 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 4166 import org.bouncycastle.crypto.KeyGenerationParameters; 4167 import org.bouncycastle.crypto.engines.DESedeEngine; 4168 import org.bouncycastle.crypto.engines.DESedeWrapEngine; 4169-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4170+// BEGIN android-removed 4171+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4172+// END android-removed 4173 import org.bouncycastle.crypto.generators.DESedeKeyGenerator; 4174 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 4175-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4176-import org.bouncycastle.crypto.macs.CMac; 4177+// BEGIN android-removed 4178+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4179+// import org.bouncycastle.crypto.macs.CMac; 4180+// END android-removed 4181 import org.bouncycastle.crypto.modes.CBCBlockCipher; 4182 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 4183 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 4184-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4185+// BEGIN android-removed 4186+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4187+// END android-removed 4188 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 4189 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 4190 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4191@@ -57,17 +69,19 @@ 4192 } 4193 } 4194 4195- /** 4196- * DESede CFB8 4197- */ 4198- public static class DESedeCFB8 4199- extends BaseMac 4200- { 4201- public DESedeCFB8() 4202- { 4203- super(new CFBBlockCipherMac(new DESedeEngine())); 4204- } 4205- } 4206+ // BEGIN android-removed 4207+ // /** 4208+ // * DESede CFB8 4209+ // */ 4210+ // public static class DESedeCFB8 4211+ // extends BaseMac 4212+ // { 4213+ // public DESedeCFB8() 4214+ // { 4215+ // super(new CFBBlockCipherMac(new DESedeEngine())); 4216+ // } 4217+ // } 4218+ // END android-removed 4219 4220 /** 4221 * DESede64 4222@@ -102,15 +116,17 @@ 4223 } 4224 } 4225 4226- static public class CMAC 4227- extends BaseMac 4228- { 4229- public CMAC() 4230- { 4231- super(new CMac(new DESedeEngine())); 4232- } 4233- } 4234- 4235+ // BEGIN android-removed 4236+ // static public class CMAC 4237+ // extends BaseMac 4238+ // { 4239+ // public CMAC() 4240+ // { 4241+ // super(new CMac(new DESedeEngine())); 4242+ // } 4243+ // } 4244+ // END android-removed 4245+ 4246 public static class Wrap 4247 extends BaseWrapCipher 4248 { 4249@@ -119,15 +135,17 @@ 4250 super(new DESedeWrapEngine()); 4251 } 4252 } 4253- 4254- public static class RFC3211 4255- extends BaseWrapCipher 4256- { 4257- public RFC3211() 4258- { 4259- super(new RFC3211WrapEngine(new DESedeEngine()), 8); 4260- } 4261- } 4262+ 4263+ // BEGIN android-removed 4264+ // public static class RFC3211 4265+ // extends BaseWrapCipher 4266+ // { 4267+ // public RFC3211() 4268+ // { 4269+ // super(new RFC3211WrapEngine(new DESedeEngine()), 8); 4270+ // } 4271+ // } 4272+ // END android-removed 4273 4274 /** 4275 * DESede - the default for this is to generate a key in 4276@@ -217,43 +235,45 @@ 4277 } 4278 } 4279 4280- public static class AlgParamGen 4281- extends BaseAlgorithmParameterGenerator 4282- { 4283- protected void engineInit( 4284- AlgorithmParameterSpec genParamSpec, 4285- SecureRandom random) 4286- throws InvalidAlgorithmParameterException 4287- { 4288- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 4289- } 4290- 4291- protected AlgorithmParameters engineGenerateParameters() 4292- { 4293- byte[] iv = new byte[8]; 4294- 4295- if (random == null) 4296- { 4297- random = new SecureRandom(); 4298- } 4299- 4300- random.nextBytes(iv); 4301- 4302- AlgorithmParameters params; 4303- 4304- try 4305- { 4306- params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 4307- params.init(new IvParameterSpec(iv)); 4308- } 4309- catch (Exception e) 4310- { 4311- throw new RuntimeException(e.getMessage()); 4312- } 4313- 4314- return params; 4315- } 4316- } 4317+ // BEGIN android-removed 4318+ // public static class AlgParamGen 4319+ // extends BaseAlgorithmParameterGenerator 4320+ // { 4321+ // protected void engineInit( 4322+ // AlgorithmParameterSpec genParamSpec, 4323+ // SecureRandom random) 4324+ // throws InvalidAlgorithmParameterException 4325+ // { 4326+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 4327+ // } 4328+ // 4329+ // protected AlgorithmParameters engineGenerateParameters() 4330+ // { 4331+ // byte[] iv = new byte[8]; 4332+ // 4333+ // if (random == null) 4334+ // { 4335+ // random = new SecureRandom(); 4336+ // } 4337+ // 4338+ // random.nextBytes(iv); 4339+ // 4340+ // AlgorithmParameters params; 4341+ // 4342+ // try 4343+ // { 4344+ // params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 4345+ // params.init(new IvParameterSpec(iv)); 4346+ // } 4347+ // catch (Exception e) 4348+ // { 4349+ // throw new RuntimeException(e.getMessage()); 4350+ // } 4351+ // 4352+ // return params; 4353+ // } 4354+ // } 4355+ // END android-removed 4356 4357 static public class KeyFactory 4358 extends BaseSecretKeyFactory 4359@@ -337,18 +357,28 @@ 4360 public void configure(ConfigurableProvider provider) 4361 { 4362 provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); 4363- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 4364+ // BEGIN android-removed 4365+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 4366+ // END android-removed 4367 provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); 4368- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap"); 4369- provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 4370+ // BEGIN android-changed 4371+ provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); 4372+ // END android-changed 4373+ // BEGIN android-removed 4374+ // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 4375+ // END android-removed 4376 4377 if (provider.hasAlgorithm("MessageDigest", "SHA-1")) 4378 { 4379 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); 4380- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 4381- provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 4382+ // BEGIN android-removed 4383+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 4384+ // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 4385+ // END android-removed 4386 provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); 4387- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 4388+ // BEGIN android-removed 4389+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 4390+ // END android-removed 4391 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 4392 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 4393 provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 4394@@ -357,31 +387,37 @@ 4395 } 4396 4397 provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); 4398- provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 4399- provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 4400+ // BEGIN android-removed 4401+ // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 4402+ // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 4403+ // END android-removed 4404 4405 provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); 4406 4407- provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 4408- provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 4409- provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 4410- 4411- provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 4412- provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 4413- 4414- provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 4415- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 4416- 4417- provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 4418- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4419- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4420- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4421+ // BEGIN android-removed 4422+ // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 4423+ // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 4424+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 4425+ // 4426+ // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 4427+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 4428+ // 4429+ // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 4430+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 4431+ // 4432+ // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 4433+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4434+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4435+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4436+ // END android-removed 4437 4438 provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); 4439 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4440 4441- provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 4442- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4443+ // BEGIN android-removed 4444+ // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 4445+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4446+ // END android-removed 4447 } 4448 } 4449 } 4450diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java 4451--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java 2012-03-22 15:11:48.000000000 +0000 4452+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java 2013-01-23 01:01:51.744745972 +0000 4453@@ -7,13 +7,17 @@ 4454 4455 import javax.crypto.spec.IvParameterSpec; 4456 import javax.crypto.spec.PBEParameterSpec; 4457-import javax.crypto.spec.RC2ParameterSpec; 4458+// BEGIN android-removed 4459+// import javax.crypto.spec.RC2ParameterSpec; 4460+// END android-removed 4461 4462 import org.bouncycastle.asn1.ASN1Encoding; 4463 import org.bouncycastle.asn1.ASN1Primitive; 4464 import org.bouncycastle.asn1.pkcs.PBKDF2Params; 4465 import org.bouncycastle.asn1.pkcs.PKCS12PBEParams; 4466-import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 4467+// BEGIN android-removed 4468+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 4469+// END android-removed 4470 import org.bouncycastle.util.Arrays; 4471 4472 public abstract class BaseAlgorithmParameters 4473@@ -39,177 +43,179 @@ 4474 protected abstract AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4475 throws InvalidParameterSpecException; 4476 4477- public static class RC2AlgorithmParameters 4478- extends BaseAlgorithmParameters 4479- { 4480- private static final short[] table = { 4481- 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 4482- 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 4483- 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 4484- 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 4485- 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 4486- 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 4487- 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 4488- 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 4489- 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 4490- 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 4491- 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 4492- 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 4493- 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 4494- 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 4495- 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 4496- 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 4497- }; 4498- 4499- private static final short[] ekb = { 4500- 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 4501- 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 4502- 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 4503- 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 4504- 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 4505- 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 4506- 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 4507- 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 4508- 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 4509- 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 4510- 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 4511- 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 4512- 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 4513- 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 4514- 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 4515- 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 4516- }; 4517- 4518- private byte[] iv; 4519- private int parameterVersion = 58; 4520- 4521- protected byte[] engineGetEncoded() 4522- { 4523- return Arrays.clone(iv); 4524- } 4525- 4526- protected byte[] engineGetEncoded( 4527- String format) 4528- throws IOException 4529- { 4530- if (this.isASN1FormatString(format)) 4531- { 4532- if (parameterVersion == -1) 4533- { 4534- return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 4535- } 4536- else 4537- { 4538- return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 4539- } 4540- } 4541- 4542- if (format.equals("RAW")) 4543- { 4544- return engineGetEncoded(); 4545- } 4546- 4547- return null; 4548- } 4549- 4550- protected AlgorithmParameterSpec localEngineGetParameterSpec( 4551- Class paramSpec) 4552- throws InvalidParameterSpecException 4553- { 4554- if (paramSpec == RC2ParameterSpec.class) 4555- { 4556- if (parameterVersion != -1) 4557- { 4558- if (parameterVersion < 256) 4559- { 4560- return new RC2ParameterSpec(ekb[parameterVersion], iv); 4561- } 4562- else 4563- { 4564- return new RC2ParameterSpec(parameterVersion, iv); 4565- } 4566- } 4567- } 4568- 4569- if (paramSpec == IvParameterSpec.class) 4570- { 4571- return new IvParameterSpec(iv); 4572- } 4573- 4574- throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 4575- } 4576- 4577- protected void engineInit( 4578- AlgorithmParameterSpec paramSpec) 4579- throws InvalidParameterSpecException 4580- { 4581- if (paramSpec instanceof IvParameterSpec) 4582- { 4583- this.iv = ((IvParameterSpec)paramSpec).getIV(); 4584- } 4585- else if (paramSpec instanceof RC2ParameterSpec) 4586- { 4587- int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 4588- if (effKeyBits != -1) 4589- { 4590- if (effKeyBits < 256) 4591- { 4592- parameterVersion = table[effKeyBits]; 4593- } 4594- else 4595- { 4596- parameterVersion = effKeyBits; 4597- } 4598- } 4599- 4600- this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 4601- } 4602- else 4603- { 4604- throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 4605- } 4606- } 4607- 4608- protected void engineInit( 4609- byte[] params) 4610- throws IOException 4611- { 4612- this.iv = Arrays.clone(params); 4613- } 4614- 4615- protected void engineInit( 4616- byte[] params, 4617- String format) 4618- throws IOException 4619- { 4620- if (this.isASN1FormatString(format)) 4621- { 4622- RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 4623- 4624- if (p.getRC2ParameterVersion() != null) 4625- { 4626- parameterVersion = p.getRC2ParameterVersion().intValue(); 4627- } 4628- 4629- iv = p.getIV(); 4630- 4631- return; 4632- } 4633- 4634- if (format.equals("RAW")) 4635- { 4636- engineInit(params); 4637- return; 4638- } 4639- 4640- throw new IOException("Unknown parameters format in IV parameters object"); 4641- } 4642- 4643- protected String engineToString() 4644- { 4645- return "RC2 Parameters"; 4646- } 4647- } 4648+ // BEGIN android-removed 4649+ // public static class RC2AlgorithmParameters 4650+ // extends BaseAlgorithmParameters 4651+ // { 4652+ // private static final short[] table = { 4653+ // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 4654+ // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 4655+ // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 4656+ // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 4657+ // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 4658+ // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 4659+ // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 4660+ // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 4661+ // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 4662+ // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 4663+ // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 4664+ // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 4665+ // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 4666+ // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 4667+ // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 4668+ // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 4669+ // }; 4670+ // 4671+ // private static final short[] ekb = { 4672+ // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 4673+ // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 4674+ // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 4675+ // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 4676+ // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 4677+ // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 4678+ // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 4679+ // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 4680+ // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 4681+ // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 4682+ // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 4683+ // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 4684+ // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 4685+ // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 4686+ // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 4687+ // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 4688+ // }; 4689+ // 4690+ // private byte[] iv; 4691+ // private int parameterVersion = 58; 4692+ // 4693+ // protected byte[] engineGetEncoded() 4694+ // { 4695+ // return Arrays.clone(iv); 4696+ // } 4697+ // 4698+ // protected byte[] engineGetEncoded( 4699+ // String format) 4700+ // throws IOException 4701+ // { 4702+ // if (this.isASN1FormatString(format)) 4703+ // { 4704+ // if (parameterVersion == -1) 4705+ // { 4706+ // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 4707+ // } 4708+ // else 4709+ // { 4710+ // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 4711+ // } 4712+ // } 4713+ // 4714+ // if (format.equals("RAW")) 4715+ // { 4716+ // return engineGetEncoded(); 4717+ // } 4718+ // 4719+ // return null; 4720+ // } 4721+ // 4722+ // protected AlgorithmParameterSpec localEngineGetParameterSpec( 4723+ // Class paramSpec) 4724+ // throws InvalidParameterSpecException 4725+ // { 4726+ // if (paramSpec == RC2ParameterSpec.class) 4727+ // { 4728+ // if (parameterVersion != -1) 4729+ // { 4730+ // if (parameterVersion < 256) 4731+ // { 4732+ // return new RC2ParameterSpec(ekb[parameterVersion], iv); 4733+ // } 4734+ // else 4735+ // { 4736+ // return new RC2ParameterSpec(parameterVersion, iv); 4737+ // } 4738+ // } 4739+ // } 4740+ // 4741+ // if (paramSpec == IvParameterSpec.class) 4742+ // { 4743+ // return new IvParameterSpec(iv); 4744+ // } 4745+ // 4746+ // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 4747+ // } 4748+ // 4749+ // protected void engineInit( 4750+ // AlgorithmParameterSpec paramSpec) 4751+ // throws InvalidParameterSpecException 4752+ // { 4753+ // if (paramSpec instanceof IvParameterSpec) 4754+ // { 4755+ // this.iv = ((IvParameterSpec)paramSpec).getIV(); 4756+ // } 4757+ // else if (paramSpec instanceof RC2ParameterSpec) 4758+ // { 4759+ // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 4760+ // if (effKeyBits != -1) 4761+ // { 4762+ // if (effKeyBits < 256) 4763+ // { 4764+ // parameterVersion = table[effKeyBits]; 4765+ // } 4766+ // else 4767+ // { 4768+ // parameterVersion = effKeyBits; 4769+ // } 4770+ // } 4771+ // 4772+ // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 4773+ // } 4774+ // else 4775+ // { 4776+ // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 4777+ // } 4778+ // } 4779+ // 4780+ // protected void engineInit( 4781+ // byte[] params) 4782+ // throws IOException 4783+ // { 4784+ // this.iv = Arrays.clone(params); 4785+ // } 4786+ // 4787+ // protected void engineInit( 4788+ // byte[] params, 4789+ // String format) 4790+ // throws IOException 4791+ // { 4792+ // if (this.isASN1FormatString(format)) 4793+ // { 4794+ // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 4795+ // 4796+ // if (p.getRC2ParameterVersion() != null) 4797+ // { 4798+ // parameterVersion = p.getRC2ParameterVersion().intValue(); 4799+ // } 4800+ // 4801+ // iv = p.getIV(); 4802+ // 4803+ // return; 4804+ // } 4805+ // 4806+ // if (format.equals("RAW")) 4807+ // { 4808+ // engineInit(params); 4809+ // return; 4810+ // } 4811+ // 4812+ // throw new IOException("Unknown parameters format in IV parameters object"); 4813+ // } 4814+ // 4815+ // protected String engineToString() 4816+ // { 4817+ // return "RC2 Parameters"; 4818+ // } 4819+ // } 4820+ // END android-removed 4821 4822 public static class PBKDF2 4823 extends BaseAlgorithmParameters 4824diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 4825--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2012-03-22 15:11:48.000000000 +0000 4826+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2013-01-23 01:01:51.754746148 +0000 4827@@ -17,8 +17,10 @@ 4828 import javax.crypto.ShortBufferException; 4829 import javax.crypto.spec.IvParameterSpec; 4830 import javax.crypto.spec.PBEParameterSpec; 4831-import javax.crypto.spec.RC2ParameterSpec; 4832-import javax.crypto.spec.RC5ParameterSpec; 4833+// BEGIN android-removed 4834+// import javax.crypto.spec.RC2ParameterSpec; 4835+// import javax.crypto.spec.RC5ParameterSpec; 4836+// END android-removed 4837 4838 import org.bouncycastle.crypto.BufferedBlockCipher; 4839 import org.bouncycastle.crypto.CipherParameters; 4840@@ -29,12 +31,18 @@ 4841 import org.bouncycastle.crypto.modes.CCMBlockCipher; 4842 import org.bouncycastle.crypto.modes.CFBBlockCipher; 4843 import org.bouncycastle.crypto.modes.CTSBlockCipher; 4844-import org.bouncycastle.crypto.modes.EAXBlockCipher; 4845+// BEGIN android-removed 4846+// import org.bouncycastle.crypto.modes.EAXBlockCipher; 4847+// END android-removed 4848 import org.bouncycastle.crypto.modes.GCMBlockCipher; 4849-import org.bouncycastle.crypto.modes.GOFBBlockCipher; 4850+// BEGIN android-removed 4851+// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 4852+// END android-removed 4853 import org.bouncycastle.crypto.modes.OFBBlockCipher; 4854-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 4855-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 4856+// BEGIN android-removed 4857+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 4858+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 4859+// END android-removed 4860 import org.bouncycastle.crypto.modes.SICBlockCipher; 4861 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 4862 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 4863@@ -46,11 +54,17 @@ 4864 import org.bouncycastle.crypto.params.KeyParameter; 4865 import org.bouncycastle.crypto.params.ParametersWithIV; 4866 import org.bouncycastle.crypto.params.ParametersWithRandom; 4867-import org.bouncycastle.crypto.params.ParametersWithSBox; 4868+// BEGIN android-removed 4869+// import org.bouncycastle.crypto.params.ParametersWithSBox; 4870+// END android-removed 4871 import org.bouncycastle.crypto.params.RC2Parameters; 4872-import org.bouncycastle.crypto.params.RC5Parameters; 4873+// BEGIN android-removed 4874+// import org.bouncycastle.crypto.params.RC5Parameters; 4875+// END android-removed 4876 import org.bouncycastle.jce.provider.BouncyCastleProvider; 4877-import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 4878+// BEGIN android-removed 4879+// import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 4880+// END android-removed 4881 import org.bouncycastle.jce.spec.RepeatedSecretKeySpec; 4882 import org.bouncycastle.util.Strings; 4883 4884@@ -63,11 +77,15 @@ 4885 // 4886 private Class[] availableSpecs = 4887 { 4888- RC2ParameterSpec.class, 4889- RC5ParameterSpec.class, 4890+ // BEGIN android-removed 4891+ // RC2ParameterSpec.class, 4892+ // RC5ParameterSpec.class, 4893+ // END android-removed 4894 IvParameterSpec.class, 4895 PBEParameterSpec.class, 4896- GOST28147ParameterSpec.class 4897+ // BEGIN android-removed 4898+ // GOST28147ParameterSpec.class 4899+ // END android-removed 4900 }; 4901 4902 private org.bouncycastle.crypto.BlockCipher baseEngine; 4903@@ -222,20 +240,22 @@ 4904 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 4905 } 4906 } 4907- else if (modeName.startsWith("PGP")) 4908- { 4909- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 4910- 4911- ivLength = baseEngine.getBlockSize(); 4912- cipher = new BufferedGenericBlockCipher( 4913- new PGPCFBBlockCipher(baseEngine, inlineIV)); 4914- } 4915- else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 4916- { 4917- ivLength = 0; 4918- cipher = new BufferedGenericBlockCipher( 4919- new OpenPGPCFBBlockCipher(baseEngine)); 4920- } 4921+ // BEGIN android-removed 4922+ // else if (modeName.startsWith("PGP")) 4923+ // { 4924+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 4925+ 4926+ // ivLength = baseEngine.getBlockSize(); 4927+ // cipher = new BufferedGenericBlockCipher( 4928+ // new PGPCFBBlockCipher(baseEngine, inlineIV)); 4929+ // } 4930+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 4931+ // { 4932+ // ivLength = 0; 4933+ // cipher = new BufferedGenericBlockCipher( 4934+ // new OpenPGPCFBBlockCipher(baseEngine)); 4935+ // } 4936+ // END android-removed 4937 else if (modeName.startsWith("SIC")) 4938 { 4939 ivLength = baseEngine.getBlockSize(); 4940@@ -252,12 +272,14 @@ 4941 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 4942 new SICBlockCipher(baseEngine))); 4943 } 4944- else if (modeName.startsWith("GOFB")) 4945- { 4946- ivLength = baseEngine.getBlockSize(); 4947- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 4948- new GOFBBlockCipher(baseEngine))); 4949- } 4950+ // BEGIN android-removed 4951+ // else if (modeName.startsWith("GOFB")) 4952+ // { 4953+ // ivLength = baseEngine.getBlockSize(); 4954+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 4955+ // new GOFBBlockCipher(baseEngine))); 4956+ // } 4957+ // END android-removed 4958 else if (modeName.startsWith("CTS")) 4959 { 4960 ivLength = baseEngine.getBlockSize(); 4961@@ -268,11 +290,13 @@ 4962 ivLength = baseEngine.getBlockSize(); 4963 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 4964 } 4965- else if (modeName.startsWith("EAX")) 4966- { 4967- ivLength = baseEngine.getBlockSize(); 4968- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 4969- } 4970+ // BEGIN android-removed 4971+ // else if (modeName.startsWith("EAX")) 4972+ // { 4973+ // ivLength = baseEngine.getBlockSize(); 4974+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 4975+ // } 4976+ // END android-removed 4977 else if (modeName.startsWith("GCM")) 4978 { 4979 ivLength = baseEngine.getBlockSize(); 4980@@ -441,63 +465,65 @@ 4981 param = new KeyParameter(key.getEncoded()); 4982 } 4983 } 4984- else if (params instanceof GOST28147ParameterSpec) 4985- { 4986- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 4987- 4988- param = new ParametersWithSBox( 4989- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 4990- 4991- if (gost28147Param.getIV() != null && ivLength != 0) 4992- { 4993- param = new ParametersWithIV(param, gost28147Param.getIV()); 4994- ivParam = (ParametersWithIV)param; 4995- } 4996- } 4997- else if (params instanceof RC2ParameterSpec) 4998- { 4999- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 5000- 5001- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 5002- 5003- if (rc2Param.getIV() != null && ivLength != 0) 5004- { 5005- param = new ParametersWithIV(param, rc2Param.getIV()); 5006- ivParam = (ParametersWithIV)param; 5007- } 5008- } 5009- else if (params instanceof RC5ParameterSpec) 5010- { 5011- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 5012- 5013- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 5014- if (baseEngine.getAlgorithmName().startsWith("RC5")) 5015- { 5016- if (baseEngine.getAlgorithmName().equals("RC5-32")) 5017- { 5018- if (rc5Param.getWordSize() != 32) 5019- { 5020- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 5021- } 5022- } 5023- else if (baseEngine.getAlgorithmName().equals("RC5-64")) 5024- { 5025- if (rc5Param.getWordSize() != 64) 5026- { 5027- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 5028- } 5029- } 5030- } 5031- else 5032- { 5033- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 5034- } 5035- if ((rc5Param.getIV() != null) && (ivLength != 0)) 5036- { 5037- param = new ParametersWithIV(param, rc5Param.getIV()); 5038- ivParam = (ParametersWithIV)param; 5039- } 5040- } 5041+ // BEGIN android-removed 5042+ // else if (params instanceof GOST28147ParameterSpec) 5043+ // { 5044+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 5045+ // 5046+ // param = new ParametersWithSBox( 5047+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 5048+ // 5049+ // if (gost28147Param.getIV() != null && ivLength != 0) 5050+ // { 5051+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 5052+ // ivParam = (ParametersWithIV)param; 5053+ // } 5054+ // } 5055+ // else if (params instanceof RC2ParameterSpec) 5056+ // { 5057+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 5058+ // 5059+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 5060+ // 5061+ // if (rc2Param.getIV() != null && ivLength != 0) 5062+ // { 5063+ // param = new ParametersWithIV(param, rc2Param.getIV()); 5064+ // ivParam = (ParametersWithIV)param; 5065+ // } 5066+ // } 5067+ // else if (params instanceof RC5ParameterSpec) 5068+ // { 5069+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 5070+ // 5071+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 5072+ // if (baseEngine.getAlgorithmName().startsWith("RC5")) 5073+ // { 5074+ // if (baseEngine.getAlgorithmName().equals("RC5-32")) 5075+ // { 5076+ // if (rc5Param.getWordSize() != 32) 5077+ // { 5078+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 5079+ // } 5080+ // } 5081+ // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 5082+ // { 5083+ // if (rc5Param.getWordSize() != 64) 5084+ // { 5085+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 5086+ // } 5087+ // } 5088+ // } 5089+ // else 5090+ // { 5091+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 5092+ // } 5093+ // if ((rc5Param.getIV() != null) && (ivLength != 0)) 5094+ // { 5095+ // param = new ParametersWithIV(param, rc5Param.getIV()); 5096+ // ivParam = (ParametersWithIV)param; 5097+ // } 5098+ // } 5099+ // END android-removed 5100 else 5101 { 5102 throw new InvalidAlgorithmParameterException("unknown parameter type."); 5103@@ -701,10 +727,20 @@ 5104 int inputLen, 5105 byte[] output, 5106 int outputOffset) 5107- throws IllegalBlockSizeException, BadPaddingException 5108+ throws IllegalBlockSizeException, BadPaddingException, ShortBufferException 5109 { 5110+ // BEGIN android-note 5111+ // added ShortBufferException to the throws statement 5112+ // END android-note 5113 int len = 0; 5114 5115+ // BEGIN android-added 5116+ int outputLen = cipher.getOutputSize(inputLen); 5117+ 5118+ if (outputLen + outputOffset > output.length) { 5119+ throw new ShortBufferException("need at least " + outputLen + " bytes"); 5120+ } 5121+ // BEGIN android-added 5122 if (inputLen != 0) 5123 { 5124 len = cipher.processBytes(input, inputOffset, inputLen, output, outputOffset); 5125diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseKeyGenerator.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseKeyGenerator.java 5126--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseKeyGenerator.java 2012-03-22 15:11:48.000000000 +0000 5127+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseKeyGenerator.java 2013-01-23 01:01:51.744745972 +0000 5128@@ -56,6 +56,11 @@ 5129 { 5130 try 5131 { 5132+ // BEGIN android-added 5133+ if (random == null) { 5134+ random = new SecureRandom(); 5135+ } 5136+ // END android-added 5137 engine.init(new KeyGenerationParameters(random, keySize)); 5138 uninitialised = false; 5139 } 5140diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 5141--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2012-03-22 15:11:48.000000000 +0000 5142+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-01-23 01:01:51.744745972 +0000 5143@@ -11,25 +11,34 @@ 5144 5145 import org.bouncycastle.crypto.CipherParameters; 5146 import org.bouncycastle.crypto.Mac; 5147-import org.bouncycastle.crypto.digests.MD2Digest; 5148-import org.bouncycastle.crypto.digests.MD4Digest; 5149-import org.bouncycastle.crypto.digests.MD5Digest; 5150-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 5151-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 5152-import org.bouncycastle.crypto.digests.SHA1Digest; 5153-import org.bouncycastle.crypto.digests.SHA224Digest; 5154-import org.bouncycastle.crypto.digests.SHA256Digest; 5155-import org.bouncycastle.crypto.digests.SHA384Digest; 5156-import org.bouncycastle.crypto.digests.SHA512Digest; 5157-import org.bouncycastle.crypto.digests.TigerDigest; 5158+// BEGIN android-removed 5159+// import org.bouncycastle.crypto.digests.MD2Digest; 5160+// import org.bouncycastle.crypto.digests.MD4Digest; 5161+// import org.bouncycastle.crypto.digests.MD5Digest; 5162+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 5163+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 5164+// import org.bouncycastle.crypto.digests.SHA1Digest; 5165+// import org.bouncycastle.crypto.digests.SHA224Digest; 5166+// import org.bouncycastle.crypto.digests.SHA256Digest; 5167+// import org.bouncycastle.crypto.digests.SHA384Digest; 5168+// import org.bouncycastle.crypto.digests.SHA512Digest; 5169+// import org.bouncycastle.crypto.digests.TigerDigest; 5170+// END android-removed 5171+// BEGIN android-added 5172+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 5173+// END android-added 5174 import org.bouncycastle.crypto.engines.DESEngine; 5175 import org.bouncycastle.crypto.engines.RC2Engine; 5176 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5177-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5178-import org.bouncycastle.crypto.macs.GOST28147Mac; 5179+// BEGIN android-removed 5180+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5181+// import org.bouncycastle.crypto.macs.GOST28147Mac; 5182+// END android-removed 5183 import org.bouncycastle.crypto.macs.HMac; 5184-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5185-import org.bouncycastle.crypto.macs.OldHMac; 5186+// BEGIN android-removed 5187+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5188+// import org.bouncycastle.crypto.macs.OldHMac; 5189+// END android-removed 5190 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 5191 import org.bouncycastle.crypto.params.KeyParameter; 5192 import org.bouncycastle.crypto.params.ParametersWithIV; 5193@@ -179,91 +188,93 @@ 5194 } 5195 } 5196 5197- /** 5198- * GOST28147 5199- */ 5200- public static class GOST28147 5201- extends BaseMac 5202- { 5203- public GOST28147() 5204- { 5205- super(new GOST28147Mac()); 5206- } 5207- } 5208- 5209- 5210- 5211- /** 5212- * DES 5213- */ 5214- public static class DESCFB8 5215- extends BaseMac 5216- { 5217- public DESCFB8() 5218- { 5219- super(new CFBBlockCipherMac(new DESEngine())); 5220- } 5221- } 5222- 5223- /** 5224- * RC2CFB8 5225- */ 5226- public static class RC2CFB8 5227- extends BaseMac 5228- { 5229- public RC2CFB8() 5230- { 5231- super(new CFBBlockCipherMac(new RC2Engine())); 5232- } 5233- } 5234- 5235- /** 5236- * DES9797Alg3with7816-4Padding 5237- */ 5238- public static class DES9797Alg3with7816d4 5239- extends BaseMac 5240- { 5241- public DES9797Alg3with7816d4() 5242- { 5243- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5244- } 5245- } 5246- 5247- /** 5248- * DES9797Alg3 5249- */ 5250- public static class DES9797Alg3 5251- extends BaseMac 5252- { 5253- public DES9797Alg3() 5254- { 5255- super(new ISO9797Alg3Mac(new DESEngine())); 5256- } 5257- } 5258- 5259- /** 5260- * MD2 HMac 5261- */ 5262- public static class MD2 5263- extends BaseMac 5264- { 5265- public MD2() 5266- { 5267- super(new HMac(new MD2Digest())); 5268- } 5269- } 5270- 5271- /** 5272- * MD4 HMac 5273- */ 5274- public static class MD4 5275- extends BaseMac 5276- { 5277- public MD4() 5278- { 5279- super(new HMac(new MD4Digest())); 5280- } 5281- } 5282+ // BEGIN android-removed 5283+ // /** 5284+ // * GOST28147 5285+ // */ 5286+ // public static class GOST28147 5287+ // extends BaseMac 5288+ // { 5289+ // public GOST28147() 5290+ // { 5291+ // super(new GOST28147Mac()); 5292+ // } 5293+ // } 5294+ // 5295+ // 5296+ // 5297+ // /** 5298+ // * DES 5299+ // */ 5300+ // public static class DESCFB8 5301+ // extends BaseMac 5302+ // { 5303+ // public DESCFB8() 5304+ // { 5305+ // super(new CFBBlockCipherMac(new DESEngine())); 5306+ // } 5307+ // } 5308+ // 5309+ // /** 5310+ // * RC2CFB8 5311+ // */ 5312+ // public static class RC2CFB8 5313+ // extends BaseMac 5314+ // { 5315+ // public RC2CFB8() 5316+ // { 5317+ // super(new CFBBlockCipherMac(new RC2Engine())); 5318+ // } 5319+ // } 5320+ // 5321+ // /** 5322+ // * DES9797Alg3with7816-4Padding 5323+ // */ 5324+ // public static class DES9797Alg3with7816d4 5325+ // extends BaseMac 5326+ // { 5327+ // public DES9797Alg3with7816d4() 5328+ // { 5329+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5330+ // } 5331+ // } 5332+ // 5333+ // /** 5334+ // * DES9797Alg3 5335+ // */ 5336+ // public static class DES9797Alg3 5337+ // extends BaseMac 5338+ // { 5339+ // public DES9797Alg3() 5340+ // { 5341+ // super(new ISO9797Alg3Mac(new DESEngine())); 5342+ // } 5343+ // } 5344+ // 5345+ // /** 5346+ // * MD2 HMac 5347+ // */ 5348+ // public static class MD2 5349+ // extends BaseMac 5350+ // { 5351+ // public MD2() 5352+ // { 5353+ // super(new HMac(new MD2Digest())); 5354+ // } 5355+ // } 5356+ // 5357+ // /** 5358+ // * MD4 HMac 5359+ // */ 5360+ // public static class MD4 5361+ // extends BaseMac 5362+ // { 5363+ // public MD4() 5364+ // { 5365+ // super(new HMac(new MD4Digest())); 5366+ // } 5367+ // } 5368+ // END android-removed 5369 5370 /** 5371 * MD5 HMac 5372@@ -273,7 +284,9 @@ 5373 { 5374 public MD5() 5375 { 5376- super(new HMac(new MD5Digest())); 5377+ // BEGIN android-changed 5378+ super(new HMac(AndroidDigestFactory.getMD5())); 5379+ // END android-changed 5380 } 5381 } 5382 5383@@ -285,21 +298,25 @@ 5384 { 5385 public SHA1() 5386 { 5387- super(new HMac(new SHA1Digest())); 5388+ // BEGIN android-changed 5389+ super(new HMac(AndroidDigestFactory.getSHA1())); 5390+ // END android-changed 5391 } 5392 } 5393 5394- /** 5395- * SHA-224 HMac 5396- */ 5397- public static class SHA224 5398- extends BaseMac 5399- { 5400- public SHA224() 5401- { 5402- super(new HMac(new SHA224Digest())); 5403- } 5404- } 5405+ // BEGIN android-removed 5406+ // /** 5407+ // * SHA-224 HMac 5408+ // */ 5409+ // public static class SHA224 5410+ // extends BaseMac 5411+ // { 5412+ // public SHA224() 5413+ // { 5414+ // super(new HMac(new SHA224Digest())); 5415+ // } 5416+ // } 5417+ // END android-removed 5418 5419 /** 5420 * SHA-256 HMac 5421@@ -309,7 +326,7 @@ 5422 { 5423 public SHA256() 5424 { 5425- super(new HMac(new SHA256Digest())); 5426+ super(new HMac(AndroidDigestFactory.getSHA256())); 5427 } 5428 } 5429 5430@@ -321,18 +338,20 @@ 5431 { 5432 public SHA384() 5433 { 5434- super(new HMac(new SHA384Digest())); 5435+ super(new HMac(AndroidDigestFactory.getSHA384())); 5436 } 5437 } 5438 5439- public static class OldSHA384 5440- extends BaseMac 5441- { 5442- public OldSHA384() 5443- { 5444- super(new OldHMac(new SHA384Digest())); 5445- } 5446- } 5447+ // BEGIN android-removed 5448+ // public static class OldSHA384 5449+ // extends BaseMac 5450+ // { 5451+ // public OldSHA384() 5452+ // { 5453+ // super(new OldHMac(new SHA384Digest())); 5454+ // } 5455+ // } 5456+ // END android-removed 5457 5458 /** 5459 * SHA-512 HMac 5460@@ -342,75 +361,77 @@ 5461 { 5462 public SHA512() 5463 { 5464- super(new HMac(new SHA512Digest())); 5465- } 5466- } 5467- 5468- /** 5469- * SHA-512 HMac 5470- */ 5471- public static class OldSHA512 5472- extends BaseMac 5473- { 5474- public OldSHA512() 5475- { 5476- super(new OldHMac(new SHA512Digest())); 5477- } 5478- } 5479- 5480- /** 5481- * RIPEMD128 HMac 5482- */ 5483- public static class RIPEMD128 5484- extends BaseMac 5485- { 5486- public RIPEMD128() 5487- { 5488- super(new HMac(new RIPEMD128Digest())); 5489- } 5490- } 5491- 5492- /** 5493- * RIPEMD160 HMac 5494- */ 5495- public static class RIPEMD160 5496- extends BaseMac 5497- { 5498- public RIPEMD160() 5499- { 5500- super(new HMac(new RIPEMD160Digest())); 5501- } 5502- } 5503- 5504- /** 5505- * Tiger HMac 5506- */ 5507- public static class Tiger 5508- extends BaseMac 5509- { 5510- public Tiger() 5511- { 5512- super(new HMac(new TigerDigest())); 5513+ super(new HMac(AndroidDigestFactory.getSHA512())); 5514 } 5515 } 5516 5517+ // BEGIN android-removed 5518+ // /** 5519+ // * SHA-512 HMac 5520+ // */ 5521+ // public static class OldSHA512 5522+ // extends BaseMac 5523+ // { 5524+ // public OldSHA512() 5525+ // { 5526+ // super(new OldHMac(new SHA512Digest())); 5527+ // } 5528+ // } 5529+ // 5530+ // /** 5531+ // * RIPEMD128 HMac 5532+ // */ 5533+ // public static class RIPEMD128 5534+ // extends BaseMac 5535+ // { 5536+ // public RIPEMD128() 5537+ // { 5538+ // super(new HMac(new RIPEMD128Digest())); 5539+ // } 5540+ // } 5541 // 5542- // PKCS12 states that the same algorithm should be used 5543- // for the key generation as is used in the HMAC, so that 5544- // is what we do here. 5545+ // /** 5546+ // * RIPEMD160 HMac 5547+ // */ 5548+ // public static class RIPEMD160 5549+ // extends BaseMac 5550+ // { 5551+ // public RIPEMD160() 5552+ // { 5553+ // super(new HMac(new RIPEMD160Digest())); 5554+ // } 5555+ // } 5556 // 5557- 5558- /** 5559- * PBEWithHmacRIPEMD160 5560- */ 5561- public static class PBEWithRIPEMD160 5562- extends BaseMac 5563- { 5564- public PBEWithRIPEMD160() 5565- { 5566- super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 5567- } 5568- } 5569+ // /** 5570+ // * Tiger HMac 5571+ // */ 5572+ // public static class Tiger 5573+ // extends BaseMac 5574+ // { 5575+ // public Tiger() 5576+ // { 5577+ // super(new HMac(new TigerDigest())); 5578+ // } 5579+ // } 5580+ // 5581+ // // 5582+ // // PKCS12 states that the same algorithm should be used 5583+ // // for the key generation as is used in the HMAC, so that 5584+ // // is what we do here. 5585+ // // 5586+ // 5587+ // /** 5588+ // * PBEWithHmacRIPEMD160 5589+ // */ 5590+ // public static class PBEWithRIPEMD160 5591+ // extends BaseMac 5592+ // { 5593+ // public PBEWithRIPEMD160() 5594+ // { 5595+ // super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 5596+ // } 5597+ // } 5598+ // END android-removed 5599 5600 /** 5601 * PBEWithHmacSHA 5602@@ -420,19 +441,23 @@ 5603 { 5604 public PBEWithSHA() 5605 { 5606- super(new HMac(new SHA1Digest()), PKCS12, SHA1, 160); 5607+ // BEGIN android-changed 5608+ super(new HMac(AndroidDigestFactory.getSHA1()), PKCS12, SHA1, 160); 5609+ // END android-changed 5610 } 5611 } 5612 5613- /** 5614- * PBEWithHmacTiger 5615- */ 5616- public static class PBEWithTiger 5617- extends BaseMac 5618- { 5619- public PBEWithTiger() 5620- { 5621- super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 5622- } 5623- } 5624+ // BEGIN android-removed 5625+ // /** 5626+ // * PBEWithHmacTiger 5627+ // */ 5628+ // public static class PBEWithTiger 5629+ // extends BaseMac 5630+ // { 5631+ // public PBEWithTiger() 5632+ // { 5633+ // super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 5634+ // } 5635+ // } 5636+ // END android-removed 5637 } 5638diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 5639--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2012-03-22 15:11:48.000000000 +0000 5640+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2013-01-23 01:01:51.744745972 +0000 5641@@ -13,8 +13,10 @@ 5642 import javax.crypto.ShortBufferException; 5643 import javax.crypto.spec.IvParameterSpec; 5644 import javax.crypto.spec.PBEParameterSpec; 5645-import javax.crypto.spec.RC2ParameterSpec; 5646-import javax.crypto.spec.RC5ParameterSpec; 5647+// BEGIN android-removed 5648+// import javax.crypto.spec.RC2ParameterSpec; 5649+// import javax.crypto.spec.RC5ParameterSpec; 5650+// END android-removed 5651 5652 import org.bouncycastle.crypto.BlockCipher; 5653 import org.bouncycastle.crypto.CipherParameters; 5654@@ -34,8 +36,10 @@ 5655 // 5656 private Class[] availableSpecs = 5657 { 5658- RC2ParameterSpec.class, 5659- RC5ParameterSpec.class, 5660+ // BEGIN android-removed 5661+ // RC2ParameterSpec.class, 5662+ // RC5ParameterSpec.class, 5663+ // END android-removed 5664 IvParameterSpec.class, 5665 PBEParameterSpec.class 5666 }; 5667diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 5668--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2012-03-22 15:11:48.000000000 +0000 5669+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2013-01-23 01:01:51.744745972 +0000 5670@@ -22,8 +22,10 @@ 5671 import javax.crypto.ShortBufferException; 5672 import javax.crypto.spec.IvParameterSpec; 5673 import javax.crypto.spec.PBEParameterSpec; 5674-import javax.crypto.spec.RC2ParameterSpec; 5675-import javax.crypto.spec.RC5ParameterSpec; 5676+// BEGIN android-removed 5677+// import javax.crypto.spec.RC2ParameterSpec; 5678+// import javax.crypto.spec.RC5ParameterSpec; 5679+// END android-removed 5680 import javax.crypto.spec.SecretKeySpec; 5681 5682 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 5683@@ -45,8 +47,10 @@ 5684 { 5685 IvParameterSpec.class, 5686 PBEParameterSpec.class, 5687- RC2ParameterSpec.class, 5688- RC5ParameterSpec.class 5689+ // BEGIN android-removed 5690+ // RC2ParameterSpec.class, 5691+ // RC5ParameterSpec.class 5692+ // END android-removed 5693 }; 5694 5695 protected int pbeType = PKCS12; 5696@@ -258,16 +262,19 @@ 5697 return null; 5698 } 5699 5700+ // BEGIN android-changed 5701+ // added ShortBufferException to throws statement 5702 protected int engineDoFinal( 5703 byte[] input, 5704 int inputOffset, 5705 int inputLen, 5706 byte[] output, 5707 int outputOffset) 5708- throws IllegalBlockSizeException, BadPaddingException 5709+ throws IllegalBlockSizeException, BadPaddingException, ShortBufferException 5710 { 5711 return 0; 5712 } 5713+ // END android-changed 5714 5715 protected byte[] engineWrap( 5716 Key key) 5717@@ -300,7 +307,12 @@ 5718 byte[] wrappedKey, 5719 String wrappedKeyAlgorithm, 5720 int wrappedKeyType) 5721- throws InvalidKeyException 5722+ // BEGIN android-removed 5723+ // throws InvalidKeyException 5724+ // END android-removed 5725+ // BEGIN android-added 5726+ throws InvalidKeyException, NoSuchAlgorithmException 5727+ // END android-added 5728 { 5729 byte[] encoded; 5730 try 5731@@ -376,10 +388,12 @@ 5732 { 5733 throw new InvalidKeyException("Unknown key type " + e.getMessage()); 5734 } 5735- catch (NoSuchAlgorithmException e) 5736- { 5737- throw new InvalidKeyException("Unknown key type " + e.getMessage()); 5738- } 5739+ // BEGIN android-removed 5740+ // catch (NoSuchAlgorithmException e) 5741+ // { 5742+ // throw new InvalidKeyException("Unknown key type " + e.getMessage()); 5743+ // } 5744+ // END android-removed 5745 catch (InvalidKeySpecException e2) 5746 { 5747 throw new InvalidKeyException("Unknown key type " + e2.getMessage()); 5748diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 5749--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2012-03-22 15:11:48.000000000 +0000 5750+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-01-23 01:01:51.744745972 +0000 5751@@ -7,12 +7,17 @@ 5752 5753 import org.bouncycastle.crypto.CipherParameters; 5754 import org.bouncycastle.crypto.PBEParametersGenerator; 5755-import org.bouncycastle.crypto.digests.MD2Digest; 5756-import org.bouncycastle.crypto.digests.MD5Digest; 5757-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 5758-import org.bouncycastle.crypto.digests.SHA1Digest; 5759-import org.bouncycastle.crypto.digests.SHA256Digest; 5760-import org.bouncycastle.crypto.digests.TigerDigest; 5761+// BEGIN android-removed 5762+// import org.bouncycastle.crypto.digests.MD2Digest; 5763+// import org.bouncycastle.crypto.digests.MD5Digest; 5764+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 5765+// import org.bouncycastle.crypto.digests.SHA1Digest; 5766+// import org.bouncycastle.crypto.digests.SHA256Digest; 5767+// import org.bouncycastle.crypto.digests.TigerDigest; 5768+// END android-removed 5769+// BEGIN android-added 5770+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 5771+// END android-added 5772 import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; 5773 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 5774 import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; 5775@@ -28,10 +33,14 @@ 5776 // 5777 static final int MD5 = 0; 5778 static final int SHA1 = 1; 5779- static final int RIPEMD160 = 2; 5780- static final int TIGER = 3; 5781+ // BEGIN android-removed 5782+ // static final int RIPEMD160 = 2; 5783+ // static final int TIGER = 3; 5784+ // END android-removed 5785 static final int SHA256 = 4; 5786- static final int MD2 = 5; 5787+ // BEGIN android-removed 5788+ // static final int MD2 = 5; 5789+ // END android-removed 5790 5791 static final int PKCS5S1 = 0; 5792 static final int PKCS5S2 = 1; 5793@@ -53,14 +62,20 @@ 5794 { 5795 switch (hash) 5796 { 5797- case MD2: 5798- generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 5799- break; 5800+ // BEGIN android-removed 5801+ // case MD2: 5802+ // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 5803+ // break; 5804+ // END android-removed 5805 case MD5: 5806- generator = new PKCS5S1ParametersGenerator(new MD5Digest()); 5807+ // BEGIN android-changed 5808+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); 5809+ // END android-changed 5810 break; 5811 case SHA1: 5812- generator = new PKCS5S1ParametersGenerator(new SHA1Digest()); 5813+ // BEGIN android-changed 5814+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); 5815+ // END android-changed 5816 break; 5817 default: 5818 throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); 5819@@ -74,23 +89,33 @@ 5820 { 5821 switch (hash) 5822 { 5823- case MD2: 5824- generator = new PKCS12ParametersGenerator(new MD2Digest()); 5825- break; 5826+ // BEGIN android-removed 5827+ // case MD2: 5828+ // generator = new PKCS12ParametersGenerator(new MD2Digest()); 5829+ // break; 5830+ // END android-removed 5831 case MD5: 5832- generator = new PKCS12ParametersGenerator(new MD5Digest()); 5833+ // BEGIN android-changed 5834+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); 5835+ // END android-changed 5836 break; 5837 case SHA1: 5838- generator = new PKCS12ParametersGenerator(new SHA1Digest()); 5839- break; 5840- case RIPEMD160: 5841- generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 5842- break; 5843- case TIGER: 5844- generator = new PKCS12ParametersGenerator(new TigerDigest()); 5845- break; 5846+ // BEGIN android-changed 5847+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 5848+ // END android-changed 5849+ break; 5850+ // BEGIN android-removed 5851+ // case RIPEMD160: 5852+ // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 5853+ // break; 5854+ // case TIGER: 5855+ // generator = new PKCS12ParametersGenerator(new TigerDigest()); 5856+ // break; 5857+ // END android-removed 5858 case SHA256: 5859- generator = new PKCS12ParametersGenerator(new SHA256Digest()); 5860+ // BEGIN android-changed 5861+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); 5862+ // END android-changed 5863 break; 5864 default: 5865 throw new IllegalStateException("unknown digest scheme for PBE encryption."); 5866diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/util/DigestFactory.java 5867--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2012-03-22 15:11:48.000000000 +0000 5868+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-01-23 01:01:51.754746148 +0000 5869@@ -10,19 +10,26 @@ 5870 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 5871 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5872 import org.bouncycastle.crypto.Digest; 5873-import org.bouncycastle.crypto.digests.MD5Digest; 5874-import org.bouncycastle.crypto.digests.SHA1Digest; 5875-import org.bouncycastle.crypto.digests.SHA224Digest; 5876-import org.bouncycastle.crypto.digests.SHA256Digest; 5877-import org.bouncycastle.crypto.digests.SHA384Digest; 5878-import org.bouncycastle.crypto.digests.SHA512Digest; 5879+// BEGIN android-removed 5880+// import org.bouncycastle.crypto.digests.MD5Digest; 5881+// import org.bouncycastle.crypto.digests.SHA1Digest; 5882+// import org.bouncycastle.crypto.digests.SHA224Digest; 5883+// import org.bouncycastle.crypto.digests.SHA256Digest; 5884+// import org.bouncycastle.crypto.digests.SHA384Digest; 5885+// import org.bouncycastle.crypto.digests.SHA512Digest; 5886+// END android-removed 5887+// BEGIN android-added 5888+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 5889+// END android-added 5890 import org.bouncycastle.util.Strings; 5891 5892 public class DigestFactory 5893 { 5894 private static Set md5 = new HashSet(); 5895 private static Set sha1 = new HashSet(); 5896- private static Set sha224 = new HashSet(); 5897+ // BEGIN android-removed 5898+ // private static Set sha224 = new HashSet(); 5899+ // END android-removed 5900 private static Set sha256 = new HashSet(); 5901 private static Set sha384 = new HashSet(); 5902 private static Set sha512 = new HashSet(); 5903@@ -38,9 +45,11 @@ 5904 sha1.add("SHA-1"); 5905 sha1.add(OIWObjectIdentifiers.idSHA1.getId()); 5906 5907- sha224.add("SHA224"); 5908- sha224.add("SHA-224"); 5909- sha224.add(NISTObjectIdentifiers.id_sha224.getId()); 5910+ // BEGIN android-removed 5911+ // sha224.add("SHA224"); 5912+ // sha224.add("SHA-224"); 5913+ // sha224.add(NISTObjectIdentifiers.id_sha224.getId()); 5914+ // END android-removed 5915 5916 sha256.add("SHA256"); 5917 sha256.add("SHA-256"); 5918@@ -61,9 +70,11 @@ 5919 oids.put("SHA-1", OIWObjectIdentifiers.idSHA1); 5920 oids.put(OIWObjectIdentifiers.idSHA1.getId(), OIWObjectIdentifiers.idSHA1); 5921 5922- oids.put("SHA224", NISTObjectIdentifiers.id_sha224); 5923- oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); 5924- oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); 5925+ // BEGIN android-removed 5926+ // oids.put("SHA224", NISTObjectIdentifiers.id_sha224); 5927+ // oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); 5928+ // oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); 5929+ // END android-removed 5930 5931 oids.put("SHA256", NISTObjectIdentifiers.id_sha256); 5932 oids.put("SHA-256", NISTObjectIdentifiers.id_sha256); 5933@@ -85,27 +96,39 @@ 5934 5935 if (sha1.contains(digestName)) 5936 { 5937- return new SHA1Digest(); 5938+ // BEGIN android-changed 5939+ return AndroidDigestFactory.getSHA1(); 5940+ // END android-changed 5941 } 5942 if (md5.contains(digestName)) 5943 { 5944- return new MD5Digest(); 5945- } 5946- if (sha224.contains(digestName)) 5947- { 5948- return new SHA224Digest(); 5949- } 5950+ // BEGIN android-changed 5951+ return AndroidDigestFactory.getMD5(); 5952+ // END android-changed 5953+ } 5954+ // BEGIN android-removed 5955+ // if (sha224.contains(digestName)) 5956+ // { 5957+ // return new SHA224Digest(); 5958+ // } 5959+ // END android-removed 5960 if (sha256.contains(digestName)) 5961 { 5962- return new SHA256Digest(); 5963+ // BEGIN android-changed 5964+ return AndroidDigestFactory.getSHA256(); 5965+ // END android-changed 5966 } 5967 if (sha384.contains(digestName)) 5968 { 5969- return new SHA384Digest(); 5970+ // BEGIN android-changed 5971+ return AndroidDigestFactory.getSHA384(); 5972+ // END android-changed 5973 } 5974 if (sha512.contains(digestName)) 5975 { 5976- return new SHA512Digest(); 5977+ // BEGIN android-changed 5978+ return AndroidDigestFactory.getSHA512(); 5979+ // END android-changed 5980 } 5981 5982 return null; 5983@@ -116,7 +139,9 @@ 5984 String digest2) 5985 { 5986 return (sha1.contains(digest1) && sha1.contains(digest2)) 5987- || (sha224.contains(digest1) && sha224.contains(digest2)) 5988+ // BEGIN android-removed 5989+ // || (sha224.contains(digest1) && sha224.contains(digest2)) 5990+ // END android-removed 5991 || (sha256.contains(digest1) && sha256.contains(digest2)) 5992 || (sha384.contains(digest1) && sha384.contains(digest2)) 5993 || (sha512.contains(digest1) && sha512.contains(digest2)) 5994diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/ECNamedCurveTable.java bcprov-jdk15on-147/org/bouncycastle/jce/ECNamedCurveTable.java 5995--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/ECNamedCurveTable.java 2012-03-22 15:11:48.000000000 +0000 5996+++ bcprov-jdk15on-147/org/bouncycastle/jce/ECNamedCurveTable.java 2013-01-23 01:01:51.944749492 +0000 5997@@ -6,7 +6,9 @@ 5998 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 5999 import org.bouncycastle.asn1.nist.NISTNamedCurves; 6000 import org.bouncycastle.asn1.sec.SECNamedCurves; 6001-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 6002+// BEGIN android-removed 6003+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 6004+// END android-removed 6005 import org.bouncycastle.asn1.x9.X962NamedCurves; 6006 import org.bouncycastle.asn1.x9.X9ECParameters; 6007 import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 6008@@ -55,21 +57,23 @@ 6009 } 6010 } 6011 6012- if (ecP == null) 6013- { 6014- ecP = TeleTrusTNamedCurves.getByName(name); 6015- if (ecP == null) 6016- { 6017- try 6018- { 6019- ecP = TeleTrusTNamedCurves.getByOID(new ASN1ObjectIdentifier(name)); 6020- } 6021- catch (IllegalArgumentException e) 6022- { 6023- // ignore - not an oid 6024- } 6025- } 6026- } 6027+ // BEGIN android-removed 6028+ // if (ecP == null) 6029+ // { 6030+ // ecP = TeleTrusTNamedCurves.getByName(name); 6031+ // if (ecP == null) 6032+ // { 6033+ // try 6034+ // { 6035+ // ecP = TeleTrusTNamedCurves.getByOID(new ASN1ObjectIdentifier(name)); 6036+ // } 6037+ // catch (IllegalArgumentException e) 6038+ // { 6039+ // // ignore - not an oid 6040+ // } 6041+ // } 6042+ // } 6043+ // END android-removed 6044 6045 if (ecP == null) 6046 { 6047@@ -102,7 +106,9 @@ 6048 addEnumeration(v, X962NamedCurves.getNames()); 6049 addEnumeration(v, SECNamedCurves.getNames()); 6050 addEnumeration(v, NISTNamedCurves.getNames()); 6051- addEnumeration(v, TeleTrusTNamedCurves.getNames()); 6052+ // BEGIN android-removed 6053+ // addEnumeration(v, TeleTrusTNamedCurves.getNames()); 6054+ // END android-removed 6055 6056 return v.elements(); 6057 } 6058diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-147/org/bouncycastle/jce/PKCS10CertificationRequest.java 6059--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2012-03-22 15:11:48.000000000 +0000 6060+++ bcprov-jdk15on-147/org/bouncycastle/jce/PKCS10CertificationRequest.java 2013-01-23 01:01:51.984750196 +0000 6061@@ -30,14 +30,18 @@ 6062 import org.bouncycastle.asn1.DERBitString; 6063 import org.bouncycastle.asn1.DERNull; 6064 import org.bouncycastle.asn1.DERObjectIdentifier; 6065-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 6066+// BEGIN android-removed 6067+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 6068+// END android-removed 6069 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 6070 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 6071 import org.bouncycastle.asn1.pkcs.CertificationRequest; 6072 import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; 6073 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 6074 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 6075-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 6076+// BEGIN android-removed 6077+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 6078+// END android-removed 6079 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 6080 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 6081 import org.bouncycastle.asn1.x509.X509Name; 6082@@ -81,15 +85,20 @@ 6083 6084 static 6085 { 6086- algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6087- algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6088+ // BEGIN android-removed 6089+ // Dropping MD2 6090+ // algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6091+ // algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6092+ // END android-removed 6093 algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 6094 algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 6095 algorithms.put("RSAWITHMD5", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 6096 algorithms.put("SHA1WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 6097 algorithms.put("SHA1WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 6098- algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 6099- algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 6100+ // BEGIN android-removed 6101+ // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 6102+ // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 6103+ // END android-removed 6104 algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); 6105 algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); 6106 algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); 6107@@ -97,57 +106,78 @@ 6108 algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); 6109 algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); 6110 algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6111- algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6112+ // BEGIN android-removed 6113+ // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6114+ // END android-removed 6115 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6116 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6117 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6118 algorithms.put("RSAWITHSHA1", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 6119- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6120- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6121- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6122- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6123- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6124- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6125+ // BEGIN android-removed 6126+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6127+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6128+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6129+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6130+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6131+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6132+ // END android-removed 6133 algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3")); 6134 algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3")); 6135- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 6136+ // BEGIN android-removed 6137+ // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 6138+ // END android-removed 6139 algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); 6140 algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); 6141 algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); 6142 algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); 6143- algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 6144+ // BEGIN android-removed 6145+ // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 6146+ // END android-removed 6147 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 6148 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 6149 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 6150 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 6151- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6152- algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6153- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6154- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6155- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6156+ // BEGIN android-removed 6157+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6158+ // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6159+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6160+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6161+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6162+ // END android-removed 6163 6164 // 6165 // reverse mappings 6166 // 6167 oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA"); 6168- oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); 6169+ // BEGIN android-removed 6170+ // oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); 6171+ // END android-removed 6172 oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); 6173 oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); 6174 oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); 6175- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 6176- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 6177+ // BEGIN android-removed 6178+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 6179+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 6180+ // END android-removed 6181 6182 oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); 6183- oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 6184+ // BEGIN android-removed 6185+ // Dropping MD2 6186+ // oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 6187+ // END android-removed 6188 oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); 6189 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); 6190- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 6191+ // BEGIN android-removed 6192+ // oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 6193+ // END android-removed 6194 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); 6195 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); 6196 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); 6197 oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 6198 oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA"); 6199- oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); 6200+ // BEGIN android-removed 6201+ // oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); 6202+ // END android-removed 6203 oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); 6204 6205 // 6206@@ -161,35 +191,53 @@ 6207 // The parameters field SHALL be NULL for RSA based signature algorithms. 6208 // 6209 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); 6210- noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 6211+ // BEGIN android-removed 6212+ // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 6213+ // END android-removed 6214 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); 6215 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); 6216 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); 6217 noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); 6218- noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 6219+ // BEGIN android-removed 6220+ // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 6221+ // END android-removed 6222 noParams.add(NISTObjectIdentifiers.dsa_with_sha256); 6223 6224 // 6225 // RFC 4491 6226 // 6227- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6228- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6229+ // BEGIN android-removed 6230+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6231+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6232+ // END android-removed 6233 // 6234 // explicit params 6235 // 6236- AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); 6237+ // BEGIN android-changed 6238+ AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); 6239+ // END android-changed 6240 params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); 6241 6242- AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, new DERNull()); 6243- params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 6244- 6245- AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, new DERNull()); 6246+ // BEGIN android-removed 6247+ // // BEGIN android-changed 6248+ // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); 6249+ // // END android-changed 6250+ // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 6251+ // END android-removed 6252+ 6253+ // BEGIN android-changed 6254+ AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); 6255+ // END android-changed 6256 params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); 6257 6258- AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, new DERNull()); 6259+ // BEGIN android-changed 6260+ AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE); 6261+ // END android-changed 6262 params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId, 48)); 6263 6264- AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, new DERNull()); 6265+ // BEGIN android-changed 6266+ AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE); 6267+ // END android-changed 6268 params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId, 64)); 6269 } 6270 6271@@ -595,10 +643,12 @@ 6272 { 6273 return "SHA1"; 6274 } 6275- else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 6276- { 6277- return "SHA224"; 6278- } 6279+ // BEGIN android-removed 6280+ // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 6281+ // { 6282+ // return "SHA224"; 6283+ // } 6284+ // END android-removed 6285 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 6286 { 6287 return "SHA256"; 6288@@ -611,22 +661,24 @@ 6289 { 6290 return "SHA512"; 6291 } 6292- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 6293- { 6294- return "RIPEMD128"; 6295- } 6296- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 6297- { 6298- return "RIPEMD160"; 6299- } 6300- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 6301- { 6302- return "RIPEMD256"; 6303- } 6304- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 6305- { 6306- return "GOST3411"; 6307- } 6308+ // BEGIN android-removed 6309+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 6310+ // { 6311+ // return "RIPEMD128"; 6312+ // } 6313+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 6314+ // { 6315+ // return "RIPEMD160"; 6316+ // } 6317+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 6318+ // { 6319+ // return "RIPEMD256"; 6320+ // } 6321+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 6322+ // { 6323+ // return "GOST3411"; 6324+ // } 6325+ // END android-removed 6326 else 6327 { 6328 return digestAlgOID.getId(); 6329diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/BouncyCastleProvider.java 6330--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2012-03-22 15:11:48.000000000 +0000 6331+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2013-01-23 01:01:51.964749844 +0000 6332@@ -48,7 +48,10 @@ 6333 { 6334 private static String info = "BouncyCastle Security Provider v1.47"; 6335 6336- public static String PROVIDER_NAME = "BC"; 6337+ // BEGIN android-changed 6338+ // this constant should be final 6339+ public static final String PROVIDER_NAME = "BC"; 6340+ // END android-changed 6341 6342 public static final ProviderConfiguration CONFIGURATION = new BouncyCastleProviderConfiguration(); 6343 6344@@ -61,8 +64,13 @@ 6345 private static final String SYMMETRIC_CIPHER_PACKAGE = "org.bouncycastle.jcajce.provider.symmetric."; 6346 private static final String[] SYMMETRIC_CIPHERS = 6347 { 6348- "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "DES", "DESede", "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", 6349- "Noekeon", "RC2", "RC5", "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Skipjack", "TEA", "Twofish", "VMPC", "VMPCKSA3", "XTEA" 6350+ // BEGIN android-removed 6351+ // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "DES", "DESede", "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", 6352+ // "Noekeon", "RC2", "RC5", "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Skipjack", "TEA", "Twofish", "VMPC", "VMPCKSA3", "XTEA" 6353+ // END android-removed 6354+ // BEGIN android-added 6355+ "AES", "ARC4", "Blowfish", "DES", "DESede", 6356+ // END android-added 6357 }; 6358 6359 /* 6360@@ -79,7 +87,12 @@ 6361 6362 private static final String[] ASYMMETRIC_CIPHERS = 6363 { 6364- "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal" 6365+ // BEGIN android-removed 6366+ // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal" 6367+ // END android-removed 6368+ // BEGIN android-added 6369+ "DSA", "DH", "EC", "RSA", 6370+ // END android-added 6371 }; 6372 6373 /* 6374@@ -88,7 +101,12 @@ 6375 private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; 6376 private static final String[] DIGESTS = 6377 { 6378- "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "Tiger", "Whirlpool" 6379+ // BEGIN android-removed 6380+ // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "Tiger", "Whirlpool" 6381+ // END android-removed 6382+ // BEGIN android-added 6383+ "MD5", "SHA1", "SHA256", "SHA384", "SHA512", 6384+ // END android-added 6385 }; 6386 6387 /** 6388@@ -120,26 +138,28 @@ 6389 6390 loadAlgorithms(ASYMMETRIC_CIPHER_PACKAGE, ASYMMETRIC_CIPHERS); 6391 6392- // 6393- // X509Store 6394- // 6395- put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 6396- put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 6397- put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 6398- put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 6399- 6400- put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 6401- put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 6402- put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 6403- put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 6404- 6405- // 6406- // X509StreamParser 6407- // 6408- put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 6409- put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 6410- put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 6411- put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 6412+ // BEGIN android-removed 6413+ // // 6414+ // // X509Store 6415+ // // 6416+ // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 6417+ // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 6418+ // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 6419+ // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 6420+ // 6421+ // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 6422+ // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 6423+ // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 6424+ // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 6425+ // 6426+ // // 6427+ // // X509StreamParser 6428+ // // 6429+ // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 6430+ // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 6431+ // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 6432+ // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 6433+ // END android-removed 6434 6435 6436 // 6437@@ -148,14 +168,24 @@ 6438 put("KeyStore.BKS", "org.bouncycastle.jce.provider.JDKKeyStore"); 6439 put("KeyStore.BouncyCastle", "org.bouncycastle.jce.provider.JDKKeyStore$BouncyCastleStore"); 6440 put("KeyStore.PKCS12", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); 6441- put("KeyStore.BCPKCS12", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); 6442- put("KeyStore.PKCS12-DEF", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6443- 6444- put("KeyStore.PKCS12-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); 6445- put("KeyStore.PKCS12-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore3DES"); 6446- 6447- put("KeyStore.PKCS12-DEF-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6448- put("KeyStore.PKCS12-DEF-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore3DES"); 6449+ // BEGIN android-changed 6450+ put("Alg.Alias.KeyStore.BCPKCS12", "PKCS12"); 6451+ // END android-changed 6452+ // BEGIN android-removed 6453+ // put("KeyStore.PKCS12-DEF", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6454+ // END android-removed 6455+ 6456+ // BEGIN android-changed 6457+ put("Alg.Alias.KeyStore.PKCS12-3DES-40RC2", "PKCS12"); 6458+ // END android-changed 6459+ // BEGIN android-removed 6460+ // put("KeyStore.PKCS12-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore3DES"); 6461+ // END android-removed 6462+ 6463+ // BEGIN android-removed 6464+ // put("KeyStore.PKCS12-DEF-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6465+ // put("KeyStore.PKCS12-DEF-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore3DES"); 6466+ // END android-removed 6467 6468 put("Alg.Alias.KeyStore.UBER", "BouncyCastle"); 6469 put("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); 6470@@ -164,29 +194,41 @@ 6471 // 6472 // algorithm parameters 6473 // 6474- put("AlgorithmParameters.IES", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IES"); 6475+ // BEGIN android-removed 6476+ // put("AlgorithmParameters.IES", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IES"); 6477+ // END android-removed 6478 put("AlgorithmParameters.PKCS12PBE", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PKCS12PBE"); 6479 6480- put("AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PBKDF2"); 6481+ // BEGIN android-removed 6482+ // put("AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PBKDF2"); 6483+ // END android-removed 6484 6485 6486 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2", "PKCS12PBE"); 6487- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES", "PKCS12PBE"); 6488- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES", "PKCS12PBE"); 6489- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC2", "PKCS12PBE"); 6490- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC4", "PKCS12PBE"); 6491+ // BEGIN android-removed 6492+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES", "PKCS12PBE"); 6493+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES", "PKCS12PBE"); 6494+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC2", "PKCS12PBE"); 6495+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC4", "PKCS12PBE"); 6496+ // END android-removed 6497 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 6498- put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2-CBC", "PKCS12PBE"); 6499+ // BEGIN android-removed 6500+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2-CBC", "PKCS12PBE"); 6501+ // END android-removed 6502 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PKCS12PBE"); 6503 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PKCS12PBE"); 6504- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES3KEY-CBC", "PKCS12PBE"); 6505- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES2KEY-CBC", "PKCS12PBE"); 6506+ // BEGIN android-removed 6507+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES3KEY-CBC", "PKCS12PBE"); 6508+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES2KEY-CBC", "PKCS12PBE"); 6509+ // END android-removed 6510 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC2-CBC", "PKCS12PBE"); 6511 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC4", "PKCS12PBE"); 6512 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITRC2-CBC", "PKCS12PBE"); 6513 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITRC4", "PKCS12PBE"); 6514 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 6515- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 6516+ // BEGIN android-removed 6517+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 6518+ // END android-removed 6519 put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.1", "PKCS12PBE"); 6520 put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.2", "PKCS12PBE"); 6521 put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.3", "PKCS12PBE"); 6522@@ -217,12 +259,14 @@ 6523 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND128BITAES-CBC-BC","PKCS12PBE"); 6524 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND192BITAES-CBC-BC","PKCS12PBE"); 6525 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND256BITAES-CBC-BC","PKCS12PBE"); 6526- 6527- put("AlgorithmParameters.SHA1WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6528- put("AlgorithmParameters.SHA224WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6529- put("AlgorithmParameters.SHA256WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6530- put("AlgorithmParameters.SHA384WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6531- put("AlgorithmParameters.SHA512WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6532+ 6533+ // BEGIN android-removed 6534+ // put("AlgorithmParameters.SHA1WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6535+ // put("AlgorithmParameters.SHA224WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6536+ // put("AlgorithmParameters.SHA256WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6537+ // put("AlgorithmParameters.SHA384WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6538+ // put("AlgorithmParameters.SHA512WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6539+ // END android-removed 6540 6541 // 6542 // key agreement 6543@@ -235,16 +279,22 @@ 6544 put("Alg.Alias.Cipher.PBEWithSHAAnd3KeyTripleDES", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 6545 6546 6547- put("Cipher.ECIES", "org.bouncycastle.jce.provider.JCEIESCipher$ECIES"); 6548- put("Cipher.BrokenECIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenECIES"); 6549- put("Cipher.IES", "org.bouncycastle.jce.provider.JCEIESCipher$IES"); 6550- put("Cipher.BrokenIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenIES"); 6551+ // BEGIN android-removed 6552+ // put("Cipher.ECIES", "org.bouncycastle.jce.provider.JCEIESCipher$ECIES"); 6553+ // put("Cipher.BrokenECIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenECIES"); 6554+ // put("Cipher.IES", "org.bouncycastle.jce.provider.JCEIESCipher$IES"); 6555+ // put("Cipher.BrokenIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenIES"); 6556+ // END android-removed 6557 6558 put("Cipher.PBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithMD5AndDES"); 6559- put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 6560+ // BEGIN android-removed 6561+ // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 6562+ // END android-removed 6563 put("Cipher.PBEWITHMD5ANDRC2", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithMD5AndRC2"); 6564 put("Cipher.PBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHA1AndDES"); 6565- put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 6566+ // BEGIN android-removed 6567+ // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 6568+ // END android-removed 6569 put("Cipher.PBEWITHSHA1ANDRC2", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHA1AndRC2"); 6570 6571 put("Cipher.PBEWITHSHAAND128BITRC2-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAnd128BitRC2"); 6572@@ -286,10 +336,12 @@ 6573 put("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithAESCBC"); 6574 6575 put("Cipher.PBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAndTwofish"); 6576- put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 6577- 6578- put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6579- put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6580+ // BEGIN android-removed 6581+ // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 6582+ // 6583+ // put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6584+ // put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6585+ // END android-removed 6586 put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 6587 put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDDES"); 6588 put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 6589@@ -326,16 +378,20 @@ 6590 // 6591 // secret key factories. 6592 // 6593- put("SecretKeyFactory.PBEWITHMD2ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndDES"); 6594- 6595- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6596- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6597+ // BEGIN android-removed 6598+ // put("SecretKeyFactory.PBEWITHMD2ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndDES"); 6599+ // 6600+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6601+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6602+ // END android-removed 6603 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 6604 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDDES"); 6605 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 6606 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC, "PBEWITHSHA1ANDRC2"); 6607 6608- put("SecretKeyFactory.PBEWITHMD2ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndRC2"); 6609+ // BEGIN android-removed 6610+ // put("SecretKeyFactory.PBEWITHMD2ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndRC2"); 6611+ // END android-removed 6612 put("SecretKeyFactory.PBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5AndDES"); 6613 put("SecretKeyFactory.PBEWITHMD5ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5AndRC2"); 6614 put("SecretKeyFactory.PBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHA1AndDES"); 6615@@ -347,31 +403,39 @@ 6616 put("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAnd128BitRC2"); 6617 put("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAnd40BitRC2"); 6618 put("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAndTwofish"); 6619- put("SecretKeyFactory.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithRIPEMD160"); 6620+ // BEGIN android-removed 6621+ // put("SecretKeyFactory.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithRIPEMD160"); 6622+ // END android-removed 6623 put("SecretKeyFactory.PBEWITHHMACSHA1", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHA"); 6624- put("SecretKeyFactory.PBEWITHHMACTIGER", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithTiger"); 6625+ // BEGIN android-removed 6626+ // put("SecretKeyFactory.PBEWITHHMACTIGER", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithTiger"); 6627+ // END android-removed 6628 6629 put("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And128BitAESCBCOpenSSL"); 6630 put("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And192BitAESCBCOpenSSL"); 6631 put("SecretKeyFactory.PBEWITHMD5AND256BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And256BitAESCBCOpenSSL"); 6632 6633- put("Alg.Alias.SecretKeyFactory.PBE", "PBE/PKCS5"); 6634- 6635- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHMD5ANDDES", "PBE/PKCS5"); 6636- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHA1ANDDES", "PBE/PKCS5"); 6637- put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6638- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6639- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6640- put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAANDTWOFISH-CBC", "PBE/PKCS12"); 6641- 6642- put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 6643- put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6644+ // BEGIN android-removed 6645+ // put("Alg.Alias.SecretKeyFactory.PBE", "PBE/PKCS5"); 6646+ // 6647+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHMD5ANDDES", "PBE/PKCS5"); 6648+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHA1ANDDES", "PBE/PKCS5"); 6649+ // put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6650+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6651+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6652+ // put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAANDTWOFISH-CBC", "PBE/PKCS12"); 6653+ // 6654+ // put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 6655+ // put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6656+ // END android-removed 6657 put("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); 6658 put("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); 6659 put("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); 6660 put("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); 6661- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6662- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6663+ // BEGIN android-removed 6664+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6665+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6666+ // END android-removed 6667 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 6668 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6669 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 6670@@ -408,20 +472,31 @@ 6671 put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.getId(), "PBEWITHSHA256AND128BITAES-CBC-BC"); 6672 put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PBEWITHSHA256AND192BITAES-CBC-BC"); 6673 put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PBEWITHSHA256AND256BITAES-CBC-BC"); 6674+ // BEGIN android-added 6675+ 6676+ put("SecretKeyFactory.PBKDF2WithHmacSHA1", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBKDF2WithHmacSHA1"); 6677+ // END android-added 6678 6679 addMacAlgorithms(); 6680 6681 // Certification Path API 6682- put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 6683- put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 6684- put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 6685- put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 6686+ // BEGIN android-removed 6687+ // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 6688+ // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 6689+ // END android-removed 6690+ // BEGIN android-changed 6691+ // Use Alg.Alias so RFC3280 doesn't show up when iterating provider services, only PKIX 6692+ put("Alg.Alias.CertPathValidator.RFC3280", "PKIX"); 6693+ put("Alg.Alias.CertPathBuilder.RFC3280", "PKIX"); 6694+ // END android-changed 6695 put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 6696 put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 6697 put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); 6698- put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 6699- put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 6700- put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 6701+ // BEGIN android-removed 6702+ // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 6703+ // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 6704+ // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 6705+ // END android-removed 6706 } 6707 6708 private void loadAlgorithms(String packageName, String[] names) 6709@@ -469,21 +544,25 @@ 6710 private void addMacAlgorithms() 6711 { 6712 6713- put("Mac.DESWITHISO9797", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6714- put("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 6715- 6716- put("Mac.ISO9797ALG3MAC", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6717- put("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 6718- put("Mac.ISO9797ALG3WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3with7816d4"); 6719- put("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 6720- 6721- put("Mac.OLDHMACSHA384", "org.bouncycastle.jce.provider.JCEMac$OldSHA384"); 6722- 6723- put("Mac.OLDHMACSHA512", "org.bouncycastle.jce.provider.JCEMac$OldSHA512"); 6724+ // BEGIN android-removed 6725+ // put("Mac.DESWITHISO9797", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6726+ // put("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 6727+ // 6728+ // put("Mac.ISO9797ALG3MAC", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6729+ // put("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 6730+ // put("Mac.ISO9797ALG3WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3with7816d4"); 6731+ // put("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 6732+ // 6733+ // put("Mac.OLDHMACSHA384", "org.bouncycastle.jce.provider.JCEMac$OldSHA384"); 6734+ // 6735+ // put("Mac.OLDHMACSHA512", "org.bouncycastle.jce.provider.JCEMac$OldSHA512"); 6736+ // END android-removed 6737 6738 put("Mac.PBEWITHHMACSHA", "org.bouncycastle.jce.provider.JCEMac$PBEWithSHA"); 6739 put("Mac.PBEWITHHMACSHA1", "org.bouncycastle.jce.provider.JCEMac$PBEWithSHA"); 6740- put("Mac.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCEMac$PBEWithRIPEMD160"); 6741+ // BEGIN android-removed 6742+ // put("Mac.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCEMac$PBEWithRIPEMD160"); 6743+ // END android-removed 6744 put("Alg.Alias.Mac.1.3.14.3.2.26", "PBEWITHHMACSHA"); 6745 } 6746 6747diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/CertBlacklist.java 6748--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 6749+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/CertBlacklist.java 2013-01-23 01:01:51.974750020 +0000 6750@@ -0,0 +1,224 @@ 6751+/* 6752+ * Copyright (C) 2012 The Android Open Source Project 6753+ * 6754+ * Licensed under the Apache License, Version 2.0 (the "License"); 6755+ * you may not use this file except in compliance with the License. 6756+ * You may obtain a copy of the License at 6757+ * 6758+ * http://www.apache.org/licenses/LICENSE-2.0 6759+ * 6760+ * Unless required by applicable law or agreed to in writing, software 6761+ * distributed under the License is distributed on an "AS IS" BASIS, 6762+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 6763+ * See the License for the specific language governing permissions and 6764+ * limitations under the License. 6765+ */ 6766+ 6767+package org.bouncycastle.jce.provider; 6768+ 6769+import java.io.Closeable; 6770+import java.io.ByteArrayOutputStream; 6771+import java.io.FileNotFoundException; 6772+import java.io.IOException; 6773+import java.io.RandomAccessFile; 6774+import java.math.BigInteger; 6775+import java.security.PublicKey; 6776+import java.util.Arrays; 6777+import java.util.Collections; 6778+import java.util.HashSet; 6779+import java.util.Set; 6780+import java.util.logging.Level; 6781+import java.util.logging.Logger; 6782+import org.bouncycastle.crypto.Digest; 6783+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 6784+import org.bouncycastle.util.encoders.Hex; 6785+ 6786+public class CertBlacklist { 6787+ 6788+ private static final String ANDROID_DATA = System.getenv("ANDROID_DATA"); 6789+ private static final String BLACKLIST_ROOT = ANDROID_DATA + "/misc/keychain/"; 6790+ public static final String DEFAULT_PUBKEY_BLACKLIST_PATH = BLACKLIST_ROOT + "pubkey_blacklist.txt"; 6791+ public static final String DEFAULT_SERIAL_BLACKLIST_PATH = BLACKLIST_ROOT + "serial_blacklist.txt"; 6792+ 6793+ private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName()); 6794+ 6795+ // public for testing 6796+ public final Set<BigInteger> serialBlacklist; 6797+ public final Set<byte[]> pubkeyBlacklist; 6798+ 6799+ public CertBlacklist() { 6800+ this(DEFAULT_PUBKEY_BLACKLIST_PATH, DEFAULT_SERIAL_BLACKLIST_PATH); 6801+ } 6802+ 6803+ /** Test only interface, not for public use */ 6804+ public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) { 6805+ serialBlacklist = readSerialBlackList(serialBlacklistPath); 6806+ pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath); 6807+ } 6808+ 6809+ private static boolean isHex(String value) { 6810+ try { 6811+ new BigInteger(value, 16); 6812+ return true; 6813+ } catch (NumberFormatException e) { 6814+ logger.log(Level.WARNING, "Could not parse hex value " + value, e); 6815+ return false; 6816+ } 6817+ } 6818+ 6819+ private static boolean isPubkeyHash(String value) { 6820+ if (value.length() != 40) { 6821+ logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length()); 6822+ return false; 6823+ } 6824+ return isHex(value); 6825+ } 6826+ 6827+ private static String readBlacklist(String path) { 6828+ try { 6829+ return readFileAsString(path); 6830+ } catch (FileNotFoundException ignored) { 6831+ } catch (IOException e) { 6832+ logger.log(Level.WARNING, "Could not read blacklist", e); 6833+ } 6834+ return ""; 6835+ } 6836+ 6837+ // From IoUtils.readFileAsString 6838+ private static String readFileAsString(String path) throws IOException { 6839+ return readFileAsBytes(path).toString("UTF-8"); 6840+ } 6841+ 6842+ // Based on IoUtils.readFileAsBytes 6843+ private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException { 6844+ RandomAccessFile f = null; 6845+ try { 6846+ f = new RandomAccessFile(path, "r"); 6847+ ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length()); 6848+ byte[] buffer = new byte[8192]; 6849+ while (true) { 6850+ int byteCount = f.read(buffer); 6851+ if (byteCount == -1) { 6852+ return bytes; 6853+ } 6854+ bytes.write(buffer, 0, byteCount); 6855+ } 6856+ } finally { 6857+ closeQuietly(f); 6858+ } 6859+ } 6860+ 6861+ // Base on IoUtils.closeQuietly 6862+ private static void closeQuietly(Closeable closeable) { 6863+ if (closeable != null) { 6864+ try { 6865+ closeable.close(); 6866+ } catch (RuntimeException rethrown) { 6867+ throw rethrown; 6868+ } catch (Exception ignored) { 6869+ } 6870+ } 6871+ } 6872+ 6873+ private static final Set<BigInteger> readSerialBlackList(String path) { 6874+ 6875+ // start out with a base set of known bad values 6876+ Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList( 6877+ // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup 6878+ // Not a real certificate. For testing only. 6879+ new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16), 6880+ new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16), 6881+ new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16), 6882+ new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16), 6883+ new BigInteger("9239d5348f40d1695a745470e1f23f43", 16), 6884+ new BigInteger("e9028b9578e415dc1a710a2b88154447", 16), 6885+ new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16), 6886+ new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16), 6887+ new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), 6888+ new BigInteger("3e75ced46b693021218830ae86a82a71", 16), 6889+ new BigInteger("864", 16), 6890+ new BigInteger("827", 16) 6891+ )); 6892+ 6893+ // attempt to augment it with values taken from gservices 6894+ String serialBlacklist = readBlacklist(path); 6895+ if (!serialBlacklist.equals("")) { 6896+ for(String value : serialBlacklist.split(",")) { 6897+ try { 6898+ bl.add(new BigInteger(value, 16)); 6899+ } catch (NumberFormatException e) { 6900+ logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e); 6901+ } 6902+ } 6903+ } 6904+ 6905+ // whether that succeeds or fails, send it on its merry way 6906+ return Collections.unmodifiableSet(bl); 6907+ } 6908+ 6909+ private static final Set<byte[]> readPublicKeyBlackList(String path) { 6910+ 6911+ // start out with a base set of known bad values 6912+ Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList( 6913+ // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 6914+ // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl 6915+ "410f36363258f30b347d12ce4863e433437806a8".getBytes(), 6916+ // Subject: CN=DigiNotar Cyber CA 6917+ // Issuer: CN=GTE CyberTrust Global Root 6918+ "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(), 6919+ // Subject: CN=DigiNotar Services 1024 CA 6920+ // Issuer: CN=Entrust.net 6921+ "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(), 6922+ // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 6923+ // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 6924+ "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(), 6925+ // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven 6926+ // Issuer: CN=Staat der Nederlanden Overheid CA 6927+ "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(), 6928+ // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479 6929+ // Subject: O=Digicert Sdn. Bhd. 6930+ // Issuer: CN=GTE CyberTrust Global Root 6931+ "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(), 6932+ // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org 6933+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 6934+ "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), 6935+ // Subject: CN=*.EGO.GOV.TR 93 6936+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 6937+ "783333c9687df63377efceddd82efa9101913e8e".getBytes() 6938+ )); 6939+ 6940+ // attempt to augment it with values taken from gservices 6941+ String pubkeyBlacklist = readBlacklist(path); 6942+ if (!pubkeyBlacklist.equals("")) { 6943+ for (String value : pubkeyBlacklist.split(",")) { 6944+ value = value.trim(); 6945+ if (isPubkeyHash(value)) { 6946+ bl.add(value.getBytes()); 6947+ } else { 6948+ logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value); 6949+ } 6950+ } 6951+ } 6952+ 6953+ return bl; 6954+ } 6955+ 6956+ public boolean isPublicKeyBlackListed(PublicKey publicKey) { 6957+ byte[] encoded = publicKey.getEncoded(); 6958+ Digest digest = AndroidDigestFactory.getSHA1(); 6959+ digest.update(encoded, 0, encoded.length); 6960+ byte[] out = new byte[digest.getDigestSize()]; 6961+ digest.doFinal(out, 0); 6962+ for (byte[] blacklisted : pubkeyBlacklist) { 6963+ if (Arrays.equals(blacklisted, Hex.encode(out))) { 6964+ return true; 6965+ } 6966+ } 6967+ return false; 6968+ } 6969+ 6970+ public boolean isSerialNumberBlackListed(BigInteger serial) { 6971+ return serialBlacklist.contains(serial); 6972+ } 6973+ 6974+} 6975diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 6976--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2012-03-22 15:11:48.000000000 +0000 6977+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2013-01-23 01:01:51.954749668 +0000 6978@@ -61,13 +61,17 @@ 6979 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 6980 import org.bouncycastle.asn1.x509.X509Extension; 6981 import org.bouncycastle.asn1.x509.X509Extensions; 6982-import org.bouncycastle.jce.X509LDAPCertStoreParameters; 6983+// BEGIN android-removed 6984+// import org.bouncycastle.jce.X509LDAPCertStoreParameters; 6985+// END android-removed 6986 import org.bouncycastle.jce.exception.ExtCertPathValidatorException; 6987 import org.bouncycastle.util.Selector; 6988 import org.bouncycastle.util.StoreException; 6989 import org.bouncycastle.x509.ExtendedPKIXBuilderParameters; 6990 import org.bouncycastle.x509.ExtendedPKIXParameters; 6991-import org.bouncycastle.x509.X509AttributeCertStoreSelector; 6992+// BEGIN android-removed 6993+// import org.bouncycastle.x509.X509AttributeCertStoreSelector; 6994+// END android-removed 6995 import org.bouncycastle.x509.X509AttributeCertificate; 6996 import org.bouncycastle.x509.X509CRLStoreSelector; 6997 import org.bouncycastle.x509.X509CertStoreSelector; 6998@@ -247,7 +251,9 @@ 6999 { 7000 // look for URI 7001 List list = (List)it.next(); 7002- if (list.get(0).equals(new Integer(GeneralName.uniformResourceIdentifier))) 7003+ // BEGIN android-changed 7004+ if (list.get(0).equals(Integer.valueOf(GeneralName.uniformResourceIdentifier))) 7005+ // END android-changed 7006 { 7007 // found 7008 String temp = (String)list.get(1); 7009@@ -655,38 +661,40 @@ 7010 { 7011 try 7012 { 7013- if (location.startsWith("ldap://")) 7014- { 7015- // ldap://directory.d-trust.net/CN=D-TRUST 7016- // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE 7017- // skip "ldap://" 7018- location = location.substring(7); 7019- // after first / baseDN starts 7020- String base = null; 7021- String url = null; 7022- if (location.indexOf("/") != -1) 7023- { 7024- base = location.substring(location.indexOf("/")); 7025- // URL 7026- url = "ldap://" 7027- + location.substring(0, location.indexOf("/")); 7028- } 7029- else 7030- { 7031- url = "ldap://" + location; 7032- } 7033- // use all purpose parameters 7034- X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( 7035- url, base).build(); 7036- pkixParams.addAdditionalStore(X509Store.getInstance( 7037- "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7038- pkixParams.addAdditionalStore(X509Store.getInstance( 7039- "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7040- pkixParams.addAdditionalStore(X509Store.getInstance( 7041- "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7042- pkixParams.addAdditionalStore(X509Store.getInstance( 7043- "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7044- } 7045+ // BEGIN android-removed 7046+ // if (location.startsWith("ldap://")) 7047+ // { 7048+ // // ldap://directory.d-trust.net/CN=D-TRUST 7049+ // // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE 7050+ // // skip "ldap://" 7051+ // location = location.substring(7); 7052+ // // after first / baseDN starts 7053+ // String base = null; 7054+ // String url = null; 7055+ // if (location.indexOf("/") != -1) 7056+ // { 7057+ // base = location.substring(location.indexOf("/")); 7058+ // // URL 7059+ // url = "ldap://" 7060+ // + location.substring(0, location.indexOf("/")); 7061+ // } 7062+ // else 7063+ // { 7064+ // url = "ldap://" + location; 7065+ // } 7066+ // // use all purpose parameters 7067+ // X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( 7068+ // url, base).build(); 7069+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7070+ // "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7071+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7072+ // "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7073+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7074+ // "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7075+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7076+ // "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7077+ // } 7078+ // END android-removed 7079 } 7080 catch (Exception e) 7081 { 7082@@ -751,33 +759,35 @@ 7083 return certs; 7084 } 7085 7086- protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, 7087- List certStores) 7088- throws AnnotatedException 7089- { 7090- Set certs = new HashSet(); 7091- Iterator iter = certStores.iterator(); 7092- 7093- while (iter.hasNext()) 7094- { 7095- Object obj = iter.next(); 7096- 7097- if (obj instanceof X509Store) 7098- { 7099- X509Store certStore = (X509Store)obj; 7100- try 7101- { 7102- certs.addAll(certStore.getMatches(certSelect)); 7103- } 7104- catch (StoreException e) 7105- { 7106- throw new AnnotatedException( 7107- "Problem while picking certificates from X.509 store.", e); 7108- } 7109- } 7110- } 7111- return certs; 7112- } 7113+ // BEGIN android-removed 7114+ // protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, 7115+ // List certStores) 7116+ // throws AnnotatedException 7117+ // { 7118+ // Set certs = new HashSet(); 7119+ // Iterator iter = certStores.iterator(); 7120+ // 7121+ // while (iter.hasNext()) 7122+ // { 7123+ // Object obj = iter.next(); 7124+ // 7125+ // if (obj instanceof X509Store) 7126+ // { 7127+ // X509Store certStore = (X509Store)obj; 7128+ // try 7129+ // { 7130+ // certs.addAll(certStore.getMatches(certSelect)); 7131+ // } 7132+ // catch (StoreException e) 7133+ // { 7134+ // throw new AnnotatedException( 7135+ // "Problem while picking certificates from X.509 store.", e); 7136+ // } 7137+ // } 7138+ // } 7139+ // return certs; 7140+ // } 7141+ // END android-removed 7142 7143 protected static void addAdditionalStoresFromCRLDistributionPoint( 7144 CRLDistPoint crldp, ExtendedPKIXParameters pkixParams) 7145diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEBlockCipher.java 7146--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java 2012-03-22 15:11:48.000000000 +0000 7147+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEBlockCipher.java 2013-01-23 01:01:51.954749668 +0000 7148@@ -18,8 +18,10 @@ 7149 import javax.crypto.ShortBufferException; 7150 import javax.crypto.spec.IvParameterSpec; 7151 import javax.crypto.spec.PBEParameterSpec; 7152-import javax.crypto.spec.RC2ParameterSpec; 7153-import javax.crypto.spec.RC5ParameterSpec; 7154+// BEGIN android-removed 7155+// import javax.crypto.spec.RC2ParameterSpec; 7156+// import javax.crypto.spec.RC5ParameterSpec; 7157+// END android-removed 7158 7159 import org.bouncycastle.crypto.BlockCipher; 7160 import org.bouncycastle.crypto.BufferedBlockCipher; 7161@@ -28,7 +30,9 @@ 7162 import org.bouncycastle.crypto.InvalidCipherTextException; 7163 import org.bouncycastle.crypto.engines.AESFastEngine; 7164 import org.bouncycastle.crypto.engines.DESEngine; 7165-import org.bouncycastle.crypto.engines.GOST28147Engine; 7166+// BEGIN android-removed 7167+// import org.bouncycastle.crypto.engines.GOST28147Engine; 7168+// END android-removed 7169 import org.bouncycastle.crypto.engines.RC2Engine; 7170 import org.bouncycastle.crypto.engines.TwofishEngine; 7171 import org.bouncycastle.crypto.modes.AEADBlockCipher; 7172@@ -36,12 +40,18 @@ 7173 import org.bouncycastle.crypto.modes.CCMBlockCipher; 7174 import org.bouncycastle.crypto.modes.CFBBlockCipher; 7175 import org.bouncycastle.crypto.modes.CTSBlockCipher; 7176-import org.bouncycastle.crypto.modes.EAXBlockCipher; 7177+// BEGIN android-removed 7178+// import org.bouncycastle.crypto.modes.EAXBlockCipher; 7179+// END android-removed 7180 import org.bouncycastle.crypto.modes.GCMBlockCipher; 7181-import org.bouncycastle.crypto.modes.GOFBBlockCipher; 7182+// BEGIN android-removed 7183+// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 7184+// END android-removed 7185 import org.bouncycastle.crypto.modes.OFBBlockCipher; 7186-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 7187-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 7188+// BEGIN android-removed 7189+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 7190+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 7191+// END android-removed 7192 import org.bouncycastle.crypto.modes.SICBlockCipher; 7193 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 7194 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 7195@@ -53,12 +63,16 @@ 7196 import org.bouncycastle.crypto.params.KeyParameter; 7197 import org.bouncycastle.crypto.params.ParametersWithIV; 7198 import org.bouncycastle.crypto.params.ParametersWithRandom; 7199-import org.bouncycastle.crypto.params.ParametersWithSBox; 7200-import org.bouncycastle.crypto.params.RC2Parameters; 7201-import org.bouncycastle.crypto.params.RC5Parameters; 7202+// BEGIN android-removed 7203+// import org.bouncycastle.crypto.params.ParametersWithSBox; 7204+// import org.bouncycastle.crypto.params.RC2Parameters; 7205+// import org.bouncycastle.crypto.params.RC5Parameters; 7206+// END android-removed 7207 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; 7208 import org.bouncycastle.jcajce.provider.symmetric.util.PBE; 7209-import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 7210+// BEGIN android-removed 7211+// import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 7212+// END android-removed 7213 import org.bouncycastle.jce.spec.RepeatedSecretKeySpec; 7214 import org.bouncycastle.util.Strings; 7215 7216@@ -71,11 +85,15 @@ 7217 // 7218 private Class[] availableSpecs = 7219 { 7220- RC2ParameterSpec.class, 7221- RC5ParameterSpec.class, 7222+ // BEGIN android-removed 7223+ // RC2ParameterSpec.class, 7224+ // RC5ParameterSpec.class, 7225+ // END android-removed 7226 IvParameterSpec.class, 7227 PBEParameterSpec.class, 7228- GOST28147ParameterSpec.class 7229+ // BEGIN android-removed 7230+ // GOST28147ParameterSpec.class 7231+ // END android-removed 7232 }; 7233 7234 private BlockCipher baseEngine; 7235@@ -232,20 +250,22 @@ 7236 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 7237 } 7238 } 7239- else if (modeName.startsWith("PGP")) 7240- { 7241- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 7242- 7243- ivLength = baseEngine.getBlockSize(); 7244- cipher = new BufferedGenericBlockCipher( 7245- new PGPCFBBlockCipher(baseEngine, inlineIV)); 7246- } 7247- else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 7248- { 7249- ivLength = 0; 7250- cipher = new BufferedGenericBlockCipher( 7251- new OpenPGPCFBBlockCipher(baseEngine)); 7252- } 7253+ // BEGIN android-removed 7254+ // else if (modeName.startsWith("PGP")) 7255+ // { 7256+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 7257+ // 7258+ // ivLength = baseEngine.getBlockSize(); 7259+ // cipher = new BufferedGenericBlockCipher( 7260+ // new PGPCFBBlockCipher(baseEngine, inlineIV)); 7261+ // } 7262+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 7263+ // { 7264+ // ivLength = 0; 7265+ // cipher = new BufferedGenericBlockCipher( 7266+ // new OpenPGPCFBBlockCipher(baseEngine)); 7267+ // } 7268+ // END android-removed 7269 else if (modeName.startsWith("SIC")) 7270 { 7271 ivLength = baseEngine.getBlockSize(); 7272@@ -262,12 +282,14 @@ 7273 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7274 new SICBlockCipher(baseEngine))); 7275 } 7276- else if (modeName.startsWith("GOFB")) 7277- { 7278- ivLength = baseEngine.getBlockSize(); 7279- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7280- new GOFBBlockCipher(baseEngine))); 7281- } 7282+ // BEGIN android-removed 7283+ // else if (modeName.startsWith("GOFB")) 7284+ // { 7285+ // ivLength = baseEngine.getBlockSize(); 7286+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7287+ // new GOFBBlockCipher(baseEngine))); 7288+ // } 7289+ // END android-removed 7290 else if (modeName.startsWith("CTS")) 7291 { 7292 ivLength = baseEngine.getBlockSize(); 7293@@ -278,11 +300,13 @@ 7294 ivLength = baseEngine.getBlockSize(); 7295 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 7296 } 7297- else if (modeName.startsWith("EAX")) 7298- { 7299- ivLength = baseEngine.getBlockSize(); 7300- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 7301- } 7302+ // BEGIN android-removed 7303+ // else if (modeName.startsWith("EAX")) 7304+ // { 7305+ // ivLength = baseEngine.getBlockSize(); 7306+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 7307+ // } 7308+ // END android-removed 7309 else if (modeName.startsWith("GCM")) 7310 { 7311 ivLength = baseEngine.getBlockSize(); 7312@@ -371,13 +395,15 @@ 7313 throw new InvalidKeyException("Key for algorithm " + key.getAlgorithm() + " not suitable for symmetric enryption."); 7314 } 7315 7316- // 7317- // for RC5-64 we must have some default parameters 7318- // 7319- if (params == null && baseEngine.getAlgorithmName().startsWith("RC5-64")) 7320- { 7321- throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in."); 7322- } 7323+ // BEGIN android-removed 7324+ // // 7325+ // // for RC5-64 we must have some default parameters 7326+ // // 7327+ // if (params == null && baseEngine.getAlgorithmName().startsWith("RC5-64")) 7328+ // { 7329+ // throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in."); 7330+ // } 7331+ // END android-removed 7332 7333 // 7334 // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it). 7335@@ -451,63 +477,65 @@ 7336 param = new KeyParameter(key.getEncoded()); 7337 } 7338 } 7339- else if (params instanceof GOST28147ParameterSpec) 7340- { 7341- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7342- 7343- param = new ParametersWithSBox( 7344- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7345- 7346- if (gost28147Param.getIV() != null && ivLength != 0) 7347- { 7348- param = new ParametersWithIV(param, gost28147Param.getIV()); 7349- ivParam = (ParametersWithIV)param; 7350- } 7351- } 7352- else if (params instanceof RC2ParameterSpec) 7353- { 7354- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7355- 7356- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7357- 7358- if (rc2Param.getIV() != null && ivLength != 0) 7359- { 7360- param = new ParametersWithIV(param, rc2Param.getIV()); 7361- ivParam = (ParametersWithIV)param; 7362- } 7363- } 7364- else if (params instanceof RC5ParameterSpec) 7365- { 7366- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7367- 7368- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7369- if (baseEngine.getAlgorithmName().startsWith("RC5")) 7370- { 7371- if (baseEngine.getAlgorithmName().equals("RC5-32")) 7372- { 7373- if (rc5Param.getWordSize() != 32) 7374- { 7375- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7376- } 7377- } 7378- else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7379- { 7380- if (rc5Param.getWordSize() != 64) 7381- { 7382- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7383- } 7384- } 7385- } 7386- else 7387- { 7388- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7389- } 7390- if ((rc5Param.getIV() != null) && (ivLength != 0)) 7391- { 7392- param = new ParametersWithIV(param, rc5Param.getIV()); 7393- ivParam = (ParametersWithIV)param; 7394- } 7395- } 7396+ // BEGIN android-removed 7397+ // else if (params instanceof GOST28147ParameterSpec) 7398+ // { 7399+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7400+ // 7401+ // param = new ParametersWithSBox( 7402+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7403+ // 7404+ // if (gost28147Param.getIV() != null && ivLength != 0) 7405+ // { 7406+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 7407+ // ivParam = (ParametersWithIV)param; 7408+ // } 7409+ // } 7410+ // else if (params instanceof RC2ParameterSpec) 7411+ // { 7412+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7413+ // 7414+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7415+ // 7416+ // if (rc2Param.getIV() != null && ivLength != 0) 7417+ // { 7418+ // param = new ParametersWithIV(param, rc2Param.getIV()); 7419+ // ivParam = (ParametersWithIV)param; 7420+ // } 7421+ // } 7422+ // else if (params instanceof RC5ParameterSpec) 7423+ // { 7424+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7425+ // 7426+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7427+ // if (baseEngine.getAlgorithmName().startsWith("RC5")) 7428+ // { 7429+ // if (baseEngine.getAlgorithmName().equals("RC5-32")) 7430+ // { 7431+ // if (rc5Param.getWordSize() != 32) 7432+ // { 7433+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7434+ // } 7435+ // } 7436+ // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7437+ // { 7438+ // if (rc5Param.getWordSize() != 64) 7439+ // { 7440+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7441+ // } 7442+ // } 7443+ // } 7444+ // else 7445+ // { 7446+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7447+ // } 7448+ // if ((rc5Param.getIV() != null) && (ivLength != 0)) 7449+ // { 7450+ // param = new ParametersWithIV(param, rc5Param.getIV()); 7451+ // ivParam = (ParametersWithIV)param; 7452+ // } 7453+ // } 7454+ // END android-removed 7455 else 7456 { 7457 throw new InvalidAlgorithmParameterException("unknown parameter type."); 7458@@ -711,10 +739,21 @@ 7459 int inputLen, 7460 byte[] output, 7461 int outputOffset) 7462- throws IllegalBlockSizeException, BadPaddingException 7463+ throws IllegalBlockSizeException, BadPaddingException, ShortBufferException 7464 { 7465+ // BEGIN android-note 7466+ // added ShortBufferException to the throws statement 7467+ // END android-note 7468 int len = 0; 7469 7470+ // BEGIN android-added 7471+ int outputLen = cipher.getOutputSize(inputLen); 7472+ 7473+ if (outputLen + outputOffset > output.length) { 7474+ throw new ShortBufferException("need at least " + outputLen + " bytes"); 7475+ } 7476+ // BEGIN android-added 7477+ 7478 if (inputLen != 0) 7479 { 7480 len = cipher.processBytes(input, inputOffset, inputLen, output, outputOffset); 7481@@ -756,62 +795,64 @@ 7482 } 7483 } 7484 7485- /** 7486- * DESCBC 7487- */ 7488- static public class DESCBC 7489- extends JCEBlockCipher 7490- { 7491- public DESCBC() 7492- { 7493- super(new CBCBlockCipher(new DESEngine()), 64); 7494- } 7495- } 7496- 7497- /** 7498- * GOST28147 7499- */ 7500- static public class GOST28147 7501- extends JCEBlockCipher 7502- { 7503- public GOST28147() 7504- { 7505- super(new GOST28147Engine()); 7506- } 7507- } 7508- 7509- static public class GOST28147cbc 7510- extends JCEBlockCipher 7511- { 7512- public GOST28147cbc() 7513- { 7514- super(new CBCBlockCipher(new GOST28147Engine()), 64); 7515- } 7516- } 7517- 7518- /** 7519- * RC2 7520- */ 7521- static public class RC2 7522- extends JCEBlockCipher 7523- { 7524- public RC2() 7525- { 7526- super(new RC2Engine()); 7527- } 7528- } 7529- 7530- /** 7531- * RC2CBC 7532- */ 7533- static public class RC2CBC 7534- extends JCEBlockCipher 7535- { 7536- public RC2CBC() 7537- { 7538- super(new CBCBlockCipher(new RC2Engine()), 64); 7539- } 7540- } 7541+ // BEGIN android-removed 7542+ // /** 7543+ // * DESCBC 7544+ // */ 7545+ // static public class DESCBC 7546+ // extends JCEBlockCipher 7547+ // { 7548+ // public DESCBC() 7549+ // { 7550+ // super(new CBCBlockCipher(new DESEngine()), 64); 7551+ // } 7552+ // } 7553+ // 7554+ // /** 7555+ // * GOST28147 7556+ // */ 7557+ // static public class GOST28147 7558+ // extends JCEBlockCipher 7559+ // { 7560+ // public GOST28147() 7561+ // { 7562+ // super(new GOST28147Engine()); 7563+ // } 7564+ // } 7565+ // 7566+ // static public class GOST28147cbc 7567+ // extends JCEBlockCipher 7568+ // { 7569+ // public GOST28147cbc() 7570+ // { 7571+ // super(new CBCBlockCipher(new GOST28147Engine()), 64); 7572+ // } 7573+ // } 7574+ // 7575+ // /** 7576+ // * RC2 7577+ // */ 7578+ // static public class RC2 7579+ // extends JCEBlockCipher 7580+ // { 7581+ // public RC2() 7582+ // { 7583+ // super(new RC2Engine()); 7584+ // } 7585+ // } 7586+ // 7587+ // /** 7588+ // * RC2CBC 7589+ // */ 7590+ // static public class RC2CBC 7591+ // extends JCEBlockCipher 7592+ // { 7593+ // public RC2CBC() 7594+ // { 7595+ // super(new CBCBlockCipher(new RC2Engine()), 64); 7596+ // } 7597+ // } 7598+ // END android-removed 7599 7600 /** 7601 * PBEWithMD5AndDES 7602diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEECPrivateKey.java 7603--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2012-03-22 15:11:48.000000000 +0000 7604+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2013-01-23 01:01:51.964749844 +0000 7605@@ -20,8 +20,10 @@ 7606 import org.bouncycastle.asn1.DERInteger; 7607 import org.bouncycastle.asn1.DERNull; 7608 import org.bouncycastle.asn1.DERObjectIdentifier; 7609-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7610-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7611+// BEGIN android-removed 7612+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7613+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7614+// END android-removed 7615 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 7616 import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; 7617 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7618@@ -203,21 +205,23 @@ 7619 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 7620 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 7621 7622- if (ecP == null) // GOST Curve 7623- { 7624- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 7625- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 7626- 7627- ecSpec = new ECNamedCurveSpec( 7628- ECGOST3410NamedCurves.getName(oid), 7629- ellipticCurve, 7630- new ECPoint( 7631- gParam.getG().getX().toBigInteger(), 7632- gParam.getG().getY().toBigInteger()), 7633- gParam.getN(), 7634- gParam.getH()); 7635- } 7636- else 7637+ // BEGIN android-removed 7638+ // if (ecP == null) // GOST Curve 7639+ // { 7640+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 7641+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 7642+ // 7643+ // ecSpec = new ECNamedCurveSpec( 7644+ // ECGOST3410NamedCurves.getName(oid), 7645+ // ellipticCurve, 7646+ // new ECPoint( 7647+ // gParam.getG().getX().toBigInteger(), 7648+ // gParam.getG().getY().toBigInteger()), 7649+ // gParam.getN(), 7650+ // gParam.getH()); 7651+ // } 7652+ // else 7653+ // END android-removed 7654 { 7655 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 7656 7657@@ -331,11 +335,13 @@ 7658 7659 try 7660 { 7661- if (algorithm.equals("ECGOST3410")) 7662- { 7663- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7664- } 7665- else 7666+ // BEGIN android-removed 7667+ // if (algorithm.equals("ECGOST3410")) 7668+ // { 7669+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7670+ // } 7671+ // else 7672+ // END android-removed 7673 { 7674 7675 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7676diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEECPublicKey.java 7677--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2012-03-22 15:11:48.000000000 +0000 7678+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEECPublicKey.java 2013-01-23 01:01:51.954749668 +0000 7679@@ -18,9 +18,11 @@ 7680 import org.bouncycastle.asn1.DERBitString; 7681 import org.bouncycastle.asn1.DERNull; 7682 import org.bouncycastle.asn1.DEROctetString; 7683-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7684-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7685-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 7686+// BEGIN android-removed 7687+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7688+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7689+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 7690+// END android-removed 7691 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7692 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 7693 import org.bouncycastle.asn1.x9.X962Parameters; 7694@@ -33,9 +35,13 @@ 7695 import org.bouncycastle.jcajce.provider.asymmetric.ec.EC5Util; 7696 import org.bouncycastle.jcajce.provider.asymmetric.ec.ECUtil; 7697 import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; 7698-import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 7699+// BEGIN android-removed 7700+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 7701+// END android-removed 7702 import org.bouncycastle.jce.interfaces.ECPointEncoder; 7703-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 7704+// BEGIN android-removed 7705+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 7706+// END android-removed 7707 import org.bouncycastle.jce.spec.ECNamedCurveSpec; 7708 import org.bouncycastle.math.ec.ECCurve; 7709 7710@@ -46,7 +52,9 @@ 7711 private org.bouncycastle.math.ec.ECPoint q; 7712 private ECParameterSpec ecSpec; 7713 private boolean withCompression; 7714- private GOST3410PublicKeyAlgParameters gostParams; 7715+ // BEGIN android-removed 7716+ // private GOST3410PublicKeyAlgParameters gostParams; 7717+ // END android-removed 7718 7719 public JCEECPublicKey( 7720 String algorithm, 7721@@ -56,7 +64,9 @@ 7722 this.q = key.q; 7723 this.ecSpec = key.ecSpec; 7724 this.withCompression = key.withCompression; 7725- this.gostParams = key.gostParams; 7726+ // BEGIN android-removed 7727+ // this.gostParams = key.gostParams; 7728+ // END android-removed 7729 } 7730 7731 public JCEECPublicKey( 7732@@ -179,54 +189,56 @@ 7733 7734 private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) 7735 { 7736- if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 7737- { 7738- DERBitString bits = info.getPublicKeyData(); 7739- ASN1OctetString key; 7740- this.algorithm = "ECGOST3410"; 7741- 7742- try 7743- { 7744- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 7745- } 7746- catch (IOException ex) 7747- { 7748- throw new IllegalArgumentException("error recovering public key"); 7749- } 7750- 7751- byte[] keyEnc = key.getOctets(); 7752- byte[] x = new byte[32]; 7753- byte[] y = new byte[32]; 7754- 7755- for (int i = 0; i != x.length; i++) 7756- { 7757- x[i] = keyEnc[32 - 1 - i]; 7758- } 7759- 7760- for (int i = 0; i != y.length; i++) 7761- { 7762- y[i] = keyEnc[64 - 1 - i]; 7763- } 7764- 7765- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 7766- 7767- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 7768- 7769- ECCurve curve = spec.getCurve(); 7770- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 7771- 7772- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 7773- 7774- ecSpec = new ECNamedCurveSpec( 7775- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 7776- ellipticCurve, 7777- new ECPoint( 7778- spec.getG().getX().toBigInteger(), 7779- spec.getG().getY().toBigInteger()), 7780- spec.getN(), spec.getH()); 7781- 7782- } 7783- else 7784+ // BEGIN android-removed 7785+ // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 7786+ // { 7787+ // DERBitString bits = info.getPublicKeyData(); 7788+ // ASN1OctetString key; 7789+ // this.algorithm = "ECGOST3410"; 7790+ // 7791+ // try 7792+ // { 7793+ // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 7794+ // } 7795+ // catch (IOException ex) 7796+ // { 7797+ // throw new IllegalArgumentException("error recovering public key"); 7798+ // } 7799+ // 7800+ // byte[] keyEnc = key.getOctets(); 7801+ // byte[] x = new byte[32]; 7802+ // byte[] y = new byte[32]; 7803+ // 7804+ // for (int i = 0; i != x.length; i++) 7805+ // { 7806+ // x[i] = keyEnc[32 - 1 - i]; 7807+ // } 7808+ // 7809+ // for (int i = 0; i != y.length; i++) 7810+ // { 7811+ // y[i] = keyEnc[64 - 1 - i]; 7812+ // } 7813+ // 7814+ // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 7815+ // 7816+ // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 7817+ // 7818+ // ECCurve curve = spec.getCurve(); 7819+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 7820+ // 7821+ // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 7822+ // 7823+ // ecSpec = new ECNamedCurveSpec( 7824+ // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 7825+ // ellipticCurve, 7826+ // new ECPoint( 7827+ // spec.getG().getX().toBigInteger(), 7828+ // spec.getG().getY().toBigInteger()), 7829+ // spec.getN(), spec.getH()); 7830+ // 7831+ // } 7832+ // else 7833+ // END android-removed 7834 { 7835 X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); 7836 ECCurve curve; 7837@@ -315,45 +327,47 @@ 7838 ASN1Encodable params; 7839 SubjectPublicKeyInfo info; 7840 7841- if (algorithm.equals("ECGOST3410")) 7842- { 7843- if (gostParams != null) 7844- { 7845- params = gostParams; 7846- } 7847- else 7848- { 7849- if (ecSpec instanceof ECNamedCurveSpec) 7850- { 7851- params = new GOST3410PublicKeyAlgParameters( 7852- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 7853- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 7854- } 7855- else 7856- { // strictly speaking this may not be applicable... 7857- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 7858- 7859- X9ECParameters ecP = new X9ECParameters( 7860- curve, 7861- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 7862- ecSpec.getOrder(), 7863- BigInteger.valueOf(ecSpec.getCofactor()), 7864- ecSpec.getCurve().getSeed()); 7865- 7866- params = new X962Parameters(ecP); 7867- } 7868- } 7869- 7870- BigInteger bX = this.q.getX().toBigInteger(); 7871- BigInteger bY = this.q.getY().toBigInteger(); 7872- byte[] encKey = new byte[64]; 7873- 7874- extractBytes(encKey, 0, bX); 7875- extractBytes(encKey, 32, bY); 7876- 7877- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 7878- } 7879- else 7880+ // BEGIN android-removed 7881+ // if (algorithm.equals("ECGOST3410")) 7882+ // { 7883+ // if (gostParams != null) 7884+ // { 7885+ // params = gostParams; 7886+ // } 7887+ // else 7888+ // { 7889+ // if (ecSpec instanceof ECNamedCurveSpec) 7890+ // { 7891+ // params = new GOST3410PublicKeyAlgParameters( 7892+ // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 7893+ // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 7894+ // } 7895+ // else 7896+ // { // strictly speaking this may not be applicable... 7897+ // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 7898+ // 7899+ // X9ECParameters ecP = new X9ECParameters( 7900+ // curve, 7901+ // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 7902+ // ecSpec.getOrder(), 7903+ // BigInteger.valueOf(ecSpec.getCofactor()), 7904+ // ecSpec.getCurve().getSeed()); 7905+ // 7906+ // params = new X962Parameters(ecP); 7907+ // } 7908+ // } 7909+ // 7910+ // BigInteger bX = this.q.getX().toBigInteger(); 7911+ // BigInteger bY = this.q.getY().toBigInteger(); 7912+ // byte[] encKey = new byte[64]; 7913+ // 7914+ // extractBytes(encKey, 0, bX); 7915+ // extractBytes(encKey, 32, bY); 7916+ // 7917+ // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 7918+ // } 7919+ // else 7920+ // END android-removed 7921 { 7922 if (ecSpec instanceof ECNamedCurveSpec) 7923 { 7924diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEMac.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEMac.java 7925--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEMac.java 2012-03-22 15:11:48.000000000 +0000 7926+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEMac.java 2013-01-23 01:01:51.964749844 +0000 7927@@ -11,24 +11,35 @@ 7928 7929 import org.bouncycastle.crypto.CipherParameters; 7930 import org.bouncycastle.crypto.Mac; 7931-import org.bouncycastle.crypto.digests.MD2Digest; 7932-import org.bouncycastle.crypto.digests.MD4Digest; 7933-import org.bouncycastle.crypto.digests.MD5Digest; 7934-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 7935-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7936-import org.bouncycastle.crypto.digests.SHA1Digest; 7937-import org.bouncycastle.crypto.digests.SHA224Digest; 7938-import org.bouncycastle.crypto.digests.SHA256Digest; 7939-import org.bouncycastle.crypto.digests.SHA384Digest; 7940-import org.bouncycastle.crypto.digests.SHA512Digest; 7941-import org.bouncycastle.crypto.digests.TigerDigest; 7942+// BEGIN android-removed 7943+// import org.bouncycastle.crypto.digests.MD2Digest; 7944+// import org.bouncycastle.crypto.digests.MD4Digest; 7945+// import org.bouncycastle.crypto.digests.MD5Digest; 7946+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 7947+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7948+// import org.bouncycastle.crypto.digests.SHA1Digest; 7949+// import org.bouncycastle.crypto.digests.SHA224Digest; 7950+// import org.bouncycastle.crypto.digests.SHA256Digest; 7951+// import org.bouncycastle.crypto.digests.SHA384Digest; 7952+// import org.bouncycastle.crypto.digests.SHA512Digest; 7953+// import org.bouncycastle.crypto.digests.TigerDigest; 7954+// END android-removed 7955+// BEGIN android-added 7956+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7957+// END android-added 7958 import org.bouncycastle.crypto.engines.DESEngine; 7959-import org.bouncycastle.crypto.engines.RC2Engine; 7960+// BEGIN android-removed 7961+// import org.bouncycastle.crypto.engines.RC2Engine; 7962+// END android-removed 7963 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 7964-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 7965+// BEGIN android-removed 7966+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 7967+// END android-removed 7968 import org.bouncycastle.crypto.macs.HMac; 7969-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 7970-import org.bouncycastle.crypto.macs.OldHMac; 7971+// BEGIN android-removed 7972+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 7973+// import org.bouncycastle.crypto.macs.OldHMac; 7974+// END android-removed 7975 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 7976 import org.bouncycastle.crypto.params.KeyParameter; 7977 import org.bouncycastle.crypto.params.ParametersWithIV; 7978@@ -144,109 +155,111 @@ 7979 * the classes that extend directly off us. 7980 */ 7981 7982- /** 7983- * DES 7984- */ 7985- public static class DES 7986- extends JCEMac 7987- { 7988- public DES() 7989- { 7990- super(new CBCBlockCipherMac(new DESEngine())); 7991- } 7992- } 7993- 7994- /** 7995- * DES 64 bit MAC 7996- */ 7997- public static class DES64 7998- extends JCEMac 7999- { 8000- public DES64() 8001- { 8002- super(new CBCBlockCipherMac(new DESEngine(), 64)); 8003- } 8004- } 8005- 8006- /** 8007- * RC2 8008- */ 8009- public static class RC2 8010- extends JCEMac 8011- { 8012- public RC2() 8013- { 8014- super(new CBCBlockCipherMac(new RC2Engine())); 8015- } 8016- } 8017- 8018- 8019- 8020- 8021- /** 8022- * DES 8023- */ 8024- public static class DESCFB8 8025- extends JCEMac 8026- { 8027- public DESCFB8() 8028- { 8029- super(new CFBBlockCipherMac(new DESEngine())); 8030- } 8031- } 8032- 8033- /** 8034- * RC2CFB8 8035- */ 8036- 8037- 8038- /** 8039- * DES9797Alg3with7816-4Padding 8040- */ 8041- public static class DES9797Alg3with7816d4 8042- extends JCEMac 8043- { 8044- public DES9797Alg3with7816d4() 8045- { 8046- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 8047- } 8048- } 8049- 8050- /** 8051- * DES9797Alg3 8052- */ 8053- public static class DES9797Alg3 8054- extends JCEMac 8055- { 8056- public DES9797Alg3() 8057- { 8058- super(new ISO9797Alg3Mac(new DESEngine())); 8059- } 8060- } 8061- 8062- /** 8063- * MD2 HMac 8064- */ 8065- public static class MD2 8066- extends JCEMac 8067- { 8068- public MD2() 8069- { 8070- super(new HMac(new MD2Digest())); 8071- } 8072- } 8073- 8074- /** 8075- * MD4 HMac 8076- */ 8077- public static class MD4 8078- extends JCEMac 8079- { 8080- public MD4() 8081- { 8082- super(new HMac(new MD4Digest())); 8083- } 8084- } 8085+ // BEGIN android-removed 8086+ // /** 8087+ // * DES 8088+ // */ 8089+ // public static class DES 8090+ // extends JCEMac 8091+ // { 8092+ // public DES() 8093+ // { 8094+ // super(new CBCBlockCipherMac(new DESEngine())); 8095+ // } 8096+ // } 8097+ // 8098+ // /** 8099+ // * DES 64 bit MAC 8100+ // */ 8101+ // public static class DES64 8102+ // extends JCEMac 8103+ // { 8104+ // public DES64() 8105+ // { 8106+ // super(new CBCBlockCipherMac(new DESEngine(), 64)); 8107+ // } 8108+ // } 8109+ // 8110+ // /** 8111+ // * RC2 8112+ // */ 8113+ // public static class RC2 8114+ // extends JCEMac 8115+ // { 8116+ // public RC2() 8117+ // { 8118+ // super(new CBCBlockCipherMac(new RC2Engine())); 8119+ // } 8120+ // } 8121+ // 8122+ // 8123+ // 8124+ // 8125+ // /** 8126+ // * DES 8127+ // */ 8128+ // public static class DESCFB8 8129+ // extends JCEMac 8130+ // { 8131+ // public DESCFB8() 8132+ // { 8133+ // super(new CFBBlockCipherMac(new DESEngine())); 8134+ // } 8135+ // } 8136+ // 8137+ // /** 8138+ // * RC2CFB8 8139+ // */ 8140+ // 8141+ // 8142+ // /** 8143+ // * DES9797Alg3with7816-4Padding 8144+ // */ 8145+ // public static class DES9797Alg3with7816d4 8146+ // extends JCEMac 8147+ // { 8148+ // public DES9797Alg3with7816d4() 8149+ // { 8150+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 8151+ // } 8152+ // } 8153+ // 8154+ // /** 8155+ // * DES9797Alg3 8156+ // */ 8157+ // public static class DES9797Alg3 8158+ // extends JCEMac 8159+ // { 8160+ // public DES9797Alg3() 8161+ // { 8162+ // super(new ISO9797Alg3Mac(new DESEngine())); 8163+ // } 8164+ // } 8165+ // 8166+ // /** 8167+ // * MD2 HMac 8168+ // */ 8169+ // public static class MD2 8170+ // extends JCEMac 8171+ // { 8172+ // public MD2() 8173+ // { 8174+ // super(new HMac(new MD2Digest())); 8175+ // } 8176+ // } 8177+ // 8178+ // /** 8179+ // * MD4 HMac 8180+ // */ 8181+ // public static class MD4 8182+ // extends JCEMac 8183+ // { 8184+ // public MD4() 8185+ // { 8186+ // super(new HMac(new MD4Digest())); 8187+ // } 8188+ // } 8189+ // END android-removed 8190 8191 /** 8192 * MD5 HMac 8193@@ -256,7 +269,9 @@ 8194 { 8195 public MD5() 8196 { 8197- super(new HMac(new MD5Digest())); 8198+ // BEGIN android-changed 8199+ super(new HMac(AndroidDigestFactory.getMD5())); 8200+ // END android-changed 8201 } 8202 } 8203 8204@@ -268,21 +283,25 @@ 8205 { 8206 public SHA1() 8207 { 8208- super(new HMac(new SHA1Digest())); 8209+ // BEGIN android-changed 8210+ super(new HMac(AndroidDigestFactory.getSHA1())); 8211+ // END android-changed 8212 } 8213 } 8214 8215- /** 8216- * SHA-224 HMac 8217- */ 8218- public static class SHA224 8219- extends JCEMac 8220- { 8221- public SHA224() 8222- { 8223- super(new HMac(new SHA224Digest())); 8224- } 8225- } 8226+ // BEGIN android-removed 8227+ // /** 8228+ // * SHA-224 HMac 8229+ // */ 8230+ // public static class SHA224 8231+ // extends JCEMac 8232+ // { 8233+ // public SHA224() 8234+ // { 8235+ // super(new HMac(new SHA224Digest())); 8236+ // } 8237+ // } 8238+ // END android-removed 8239 8240 /** 8241 * SHA-256 HMac 8242@@ -292,7 +311,9 @@ 8243 { 8244 public SHA256() 8245 { 8246- super(new HMac(new SHA256Digest())); 8247+ // BEGIN android-changed 8248+ super(new HMac(AndroidDigestFactory.getSHA256())); 8249+ // END android-changed 8250 } 8251 } 8252 8253@@ -304,18 +325,22 @@ 8254 { 8255 public SHA384() 8256 { 8257- super(new HMac(new SHA384Digest())); 8258+ // BEGIN android-changed 8259+ super(new HMac(AndroidDigestFactory.getSHA384())); 8260+ // END android-changed 8261 } 8262 } 8263 8264- public static class OldSHA384 8265- extends JCEMac 8266- { 8267- public OldSHA384() 8268- { 8269- super(new OldHMac(new SHA384Digest())); 8270- } 8271- } 8272+ // BEGIN android-removed 8273+ // public static class OldSHA384 8274+ // extends JCEMac 8275+ // { 8276+ // public OldSHA384() 8277+ // { 8278+ // super(new OldHMac(new SHA384Digest())); 8279+ // } 8280+ // } 8281+ // END android-removed 8282 8283 /** 8284 * SHA-512 HMac 8285@@ -325,75 +350,80 @@ 8286 { 8287 public SHA512() 8288 { 8289- super(new HMac(new SHA512Digest())); 8290+ // BEGIN android-changed 8291+ super(new HMac(AndroidDigestFactory.getSHA512())); 8292+ // END android-changed 8293 } 8294 } 8295 8296- /** 8297- * SHA-512 HMac 8298- */ 8299- public static class OldSHA512 8300- extends JCEMac 8301- { 8302- public OldSHA512() 8303- { 8304- super(new OldHMac(new SHA512Digest())); 8305- } 8306- } 8307 8308- /** 8309- * RIPEMD128 HMac 8310- */ 8311- public static class RIPEMD128 8312- extends JCEMac 8313- { 8314- public RIPEMD128() 8315- { 8316- super(new HMac(new RIPEMD128Digest())); 8317- } 8318- } 8319- 8320- /** 8321- * RIPEMD160 HMac 8322- */ 8323- public static class RIPEMD160 8324- extends JCEMac 8325- { 8326- public RIPEMD160() 8327- { 8328- super(new HMac(new RIPEMD160Digest())); 8329- } 8330- } 8331- 8332- /** 8333- * Tiger HMac 8334- */ 8335- public static class Tiger 8336- extends JCEMac 8337- { 8338- public Tiger() 8339- { 8340- super(new HMac(new TigerDigest())); 8341- } 8342- } 8343- 8344+ // BEGIN android-removed 8345+ // /** 8346+ // * SHA-512 HMac 8347+ // */ 8348+ // public static class OldSHA512 8349+ // extends JCEMac 8350+ // { 8351+ // public OldSHA512() 8352+ // { 8353+ // super(new OldHMac(new SHA512Digest())); 8354+ // } 8355+ // } 8356 // 8357- // PKCS12 states that the same algorithm should be used 8358- // for the key generation as is used in the HMAC, so that 8359- // is what we do here. 8360+ // /** 8361+ // * RIPEMD128 HMac 8362+ // */ 8363+ // public static class RIPEMD128 8364+ // extends JCEMac 8365+ // { 8366+ // public RIPEMD128() 8367+ // { 8368+ // super(new HMac(new RIPEMD128Digest())); 8369+ // } 8370+ // } 8371 // 8372- 8373- /** 8374- * PBEWithHmacRIPEMD160 8375- */ 8376- public static class PBEWithRIPEMD160 8377- extends JCEMac 8378- { 8379- public PBEWithRIPEMD160() 8380- { 8381- super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 8382- } 8383- } 8384+ // /** 8385+ // * RIPEMD160 HMac 8386+ // */ 8387+ // public static class RIPEMD160 8388+ // extends JCEMac 8389+ // { 8390+ // public RIPEMD160() 8391+ // { 8392+ // super(new HMac(new RIPEMD160Digest())); 8393+ // } 8394+ // } 8395+ // 8396+ // /** 8397+ // * Tiger HMac 8398+ // */ 8399+ // public static class Tiger 8400+ // extends JCEMac 8401+ // { 8402+ // public Tiger() 8403+ // { 8404+ // super(new HMac(new TigerDigest())); 8405+ // } 8406+ // } 8407+ // 8408+ // // 8409+ // // PKCS12 states that the same algorithm should be used 8410+ // // for the key generation as is used in the HMAC, so that 8411+ // // is what we do here. 8412+ // // 8413+ // 8414+ // /** 8415+ // * PBEWithHmacRIPEMD160 8416+ // */ 8417+ // public static class PBEWithRIPEMD160 8418+ // extends JCEMac 8419+ // { 8420+ // public PBEWithRIPEMD160() 8421+ // { 8422+ // super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 8423+ // } 8424+ // } 8425+ // END android-removed 8426 8427 /** 8428 * PBEWithHmacSHA 8429@@ -403,19 +433,23 @@ 8430 { 8431 public PBEWithSHA() 8432 { 8433- super(new HMac(new SHA1Digest()), PKCS12, SHA1, 160); 8434+ // BEGIN android-changed 8435+ super(new HMac(AndroidDigestFactory.getSHA1()), PKCS12, SHA1, 160); 8436+ // END android-changed 8437 } 8438 } 8439 8440- /** 8441- * PBEWithHmacTiger 8442- */ 8443- public static class PBEWithTiger 8444- extends JCEMac 8445- { 8446- public PBEWithTiger() 8447- { 8448- super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 8449- } 8450- } 8451+ // BEGIN android-removed 8452+ // /** 8453+ // * PBEWithHmacTiger 8454+ // */ 8455+ // public static class PBEWithTiger 8456+ // extends JCEMac 8457+ // { 8458+ // public PBEWithTiger() 8459+ // { 8460+ // super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 8461+ // } 8462+ // } 8463+ // END android-removed 8464 } 8465diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 8466--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 2012-03-22 15:11:48.000000000 +0000 8467+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 2013-01-23 01:01:51.974750020 +0000 8468@@ -127,7 +127,9 @@ 8469 */ 8470 public byte[] getEncoded() 8471 { 8472- return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPrivateKey(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient())); 8473+ // BEGIN android-changed 8474+ return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKey(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient())); 8475+ // END android-changed 8476 } 8477 8478 /** 8479diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCERSAPrivateKey.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 8480--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 2012-03-22 15:11:48.000000000 +0000 8481+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 2013-01-23 01:01:51.974750020 +0000 8482@@ -78,7 +78,9 @@ 8483 8484 public byte[] getEncoded() 8485 { 8486- return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new org.bouncycastle.asn1.pkcs.RSAPrivateKey(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO)); 8487+ // BEGIN android-changed 8488+ return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPrivateKey(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO)); 8489+ // END android-changed 8490 } 8491 8492 public boolean equals(Object o) 8493diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCERSAPublicKey.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCERSAPublicKey.java 8494--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCERSAPublicKey.java 2012-03-22 15:11:48.000000000 +0000 8495+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCERSAPublicKey.java 2013-01-23 01:01:51.974750020 +0000 8496@@ -91,7 +91,9 @@ 8497 8498 public byte[] getEncoded() 8499 { 8500- return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPublicKeyStructure(getModulus(), getPublicExponent())); 8501+ // BEGIN android-changed 8502+ return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKeyStructure(getModulus(), getPublicExponent())); 8503+ // END android-changed 8504 } 8505 8506 public int hashCode() 8507diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 8508--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2012-03-22 15:11:48.000000000 +0000 8509+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2013-01-23 01:01:51.974750020 +0000 8510@@ -252,29 +252,31 @@ 8511 } 8512 } 8513 8514- /** 8515- * PBEWithMD2AndDES 8516- */ 8517- static public class PBEWithMD2AndDES 8518- extends DESPBEKeyFactory 8519- { 8520- public PBEWithMD2AndDES() 8521- { 8522- super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 8523- } 8524- } 8525- 8526- /** 8527- * PBEWithMD2AndRC2 8528- */ 8529- static public class PBEWithMD2AndRC2 8530- extends PBEKeyFactory 8531- { 8532- public PBEWithMD2AndRC2() 8533- { 8534- super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 8535- } 8536- } 8537+ // BEGIN android-removed 8538+ // /** 8539+ // * PBEWithMD2AndDES 8540+ // */ 8541+ // static public class PBEWithMD2AndDES 8542+ // extends DESPBEKeyFactory 8543+ // { 8544+ // public PBEWithMD2AndDES() 8545+ // { 8546+ // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 8547+ // } 8548+ // } 8549+ // 8550+ // /** 8551+ // * PBEWithMD2AndRC2 8552+ // */ 8553+ // static public class PBEWithMD2AndRC2 8554+ // extends PBEKeyFactory 8555+ // { 8556+ // public PBEWithMD2AndRC2() 8557+ // { 8558+ // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 8559+ // } 8560+ // } 8561+ // END android-removed 8562 8563 /** 8564 * PBEWithMD5AndDES 8565@@ -408,17 +410,19 @@ 8566 } 8567 } 8568 8569- /** 8570- * PBEWithHmacRIPEMD160 8571- */ 8572- public static class PBEWithRIPEMD160 8573- extends PBEKeyFactory 8574- { 8575- public PBEWithRIPEMD160() 8576- { 8577- super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0); 8578- } 8579- } 8580+ // BEGIN android-removed 8581+ // /** 8582+ // * PBEWithHmacRIPEMD160 8583+ // */ 8584+ // public static class PBEWithRIPEMD160 8585+ // extends PBEKeyFactory 8586+ // { 8587+ // public PBEWithRIPEMD160() 8588+ // { 8589+ // super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0); 8590+ // } 8591+ // } 8592+ // END android-removed 8593 8594 /** 8595 * PBEWithHmacSHA 8596@@ -432,17 +436,19 @@ 8597 } 8598 } 8599 8600- /** 8601- * PBEWithHmacTiger 8602- */ 8603- public static class PBEWithTiger 8604- extends PBEKeyFactory 8605- { 8606- public PBEWithTiger() 8607- { 8608- super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0); 8609- } 8610- } 8611+ // BEGIN android-removed 8612+ // /** 8613+ // * PBEWithHmacTiger 8614+ // */ 8615+ // public static class PBEWithTiger 8616+ // extends PBEKeyFactory 8617+ // { 8618+ // public PBEWithTiger() 8619+ // { 8620+ // super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0); 8621+ // } 8622+ // } 8623+ // END android-removed 8624 8625 /** 8626 * PBEWithSHA1And128BitAES-BC 8627@@ -551,4 +557,56 @@ 8628 super("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 256, 128); 8629 } 8630 } 8631+ // BEGIN android-added 8632+ static public class PBKDF2WithHmacSHA1 8633+ extends JCESecretKeyFactory 8634+ { 8635+ public PBKDF2WithHmacSHA1() 8636+ { 8637+ super("PBKDF2WithHmacSHA1", PKCSObjectIdentifiers.id_PBKDF2); 8638+ } 8639+ 8640+ protected SecretKey engineGenerateSecret( 8641+ KeySpec keySpec) 8642+ throws InvalidKeySpecException 8643+ { 8644+ if (keySpec instanceof PBEKeySpec) 8645+ { 8646+ PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; 8647+ 8648+ if (pbeSpec.getSalt() == null) 8649+ { 8650+ throw new InvalidKeySpecException("missing required salt"); 8651+ } 8652+ 8653+ if (pbeSpec.getIterationCount() <= 0) 8654+ { 8655+ throw new InvalidKeySpecException("positive iteration count required: " 8656+ + pbeSpec.getIterationCount()); 8657+ } 8658+ 8659+ if (pbeSpec.getKeyLength() <= 0) 8660+ { 8661+ throw new InvalidKeySpecException("positive key length required: " 8662+ + pbeSpec.getKeyLength()); 8663+ } 8664+ 8665+ if (pbeSpec.getPassword().length == 0) 8666+ { 8667+ throw new IllegalArgumentException("password empty"); 8668+ } 8669+ 8670+ int scheme = PKCS5S2; 8671+ int digest = SHA1; 8672+ int keySize = pbeSpec.getKeyLength(); 8673+ int ivSize = -1; 8674+ CipherParameters param = Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); 8675+ 8676+ return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); 8677+ } 8678+ 8679+ throw new InvalidKeySpecException("Invalid KeySpec"); 8680+ } 8681+ } 8682+ // END android-added 8683 } 8684diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEStreamCipher.java 8685--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java 2012-03-22 15:11:48.000000000 +0000 8686+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JCEStreamCipher.java 2013-01-23 01:01:51.984750196 +0000 8687@@ -14,20 +14,26 @@ 8688 import javax.crypto.ShortBufferException; 8689 import javax.crypto.spec.IvParameterSpec; 8690 import javax.crypto.spec.PBEParameterSpec; 8691-import javax.crypto.spec.RC2ParameterSpec; 8692-import javax.crypto.spec.RC5ParameterSpec; 8693+// BEGIN android-removed 8694+// import javax.crypto.spec.RC2ParameterSpec; 8695+// import javax.crypto.spec.RC5ParameterSpec; 8696+// END android-removed 8697 8698 import org.bouncycastle.crypto.BlockCipher; 8699 import org.bouncycastle.crypto.CipherParameters; 8700 import org.bouncycastle.crypto.DataLengthException; 8701 import org.bouncycastle.crypto.StreamBlockCipher; 8702 import org.bouncycastle.crypto.StreamCipher; 8703-import org.bouncycastle.crypto.engines.BlowfishEngine; 8704-import org.bouncycastle.crypto.engines.DESEngine; 8705-import org.bouncycastle.crypto.engines.DESedeEngine; 8706+// BEGIN android-removed 8707+// import org.bouncycastle.crypto.engines.BlowfishEngine; 8708+// import org.bouncycastle.crypto.engines.DESEngine; 8709+// import org.bouncycastle.crypto.engines.DESedeEngine; 8710+// END android-removed 8711 import org.bouncycastle.crypto.engines.RC4Engine; 8712-import org.bouncycastle.crypto.engines.SkipjackEngine; 8713-import org.bouncycastle.crypto.engines.TwofishEngine; 8714+// BEGIN android-removed 8715+// import org.bouncycastle.crypto.engines.SkipjackEngine; 8716+// import org.bouncycastle.crypto.engines.TwofishEngine; 8717+// END android-removed 8718 import org.bouncycastle.crypto.modes.CFBBlockCipher; 8719 import org.bouncycastle.crypto.modes.OFBBlockCipher; 8720 import org.bouncycastle.crypto.params.KeyParameter; 8721@@ -44,8 +50,10 @@ 8722 // 8723 private Class[] availableSpecs = 8724 { 8725- RC2ParameterSpec.class, 8726- RC5ParameterSpec.class, 8727+ // BEGIN android-removed 8728+ // RC2ParameterSpec.class, 8729+ // RC5ParameterSpec.class, 8730+ // END android-removed 8731 IvParameterSpec.class, 8732 PBEParameterSpec.class 8733 }; 8734@@ -376,125 +384,127 @@ 8735 * The ciphers that inherit from us. 8736 */ 8737 8738- /** 8739- * DES 8740- */ 8741- static public class DES_CFB8 8742- extends JCEStreamCipher 8743- { 8744- public DES_CFB8() 8745- { 8746- super(new CFBBlockCipher(new DESEngine(), 8), 64); 8747- } 8748- } 8749- 8750- /** 8751- * DESede 8752- */ 8753- static public class DESede_CFB8 8754- extends JCEStreamCipher 8755- { 8756- public DESede_CFB8() 8757- { 8758- super(new CFBBlockCipher(new DESedeEngine(), 8), 64); 8759- } 8760- } 8761- 8762- /** 8763- * SKIPJACK 8764- */ 8765- static public class Skipjack_CFB8 8766- extends JCEStreamCipher 8767- { 8768- public Skipjack_CFB8() 8769- { 8770- super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); 8771- } 8772- } 8773- 8774- /** 8775- * Blowfish 8776- */ 8777- static public class Blowfish_CFB8 8778- extends JCEStreamCipher 8779- { 8780- public Blowfish_CFB8() 8781- { 8782- super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); 8783- } 8784- } 8785- 8786- /** 8787- * Twofish 8788- */ 8789- static public class Twofish_CFB8 8790- extends JCEStreamCipher 8791- { 8792- public Twofish_CFB8() 8793- { 8794- super(new CFBBlockCipher(new TwofishEngine(), 8), 128); 8795- } 8796- } 8797- 8798- /** 8799- * DES 8800- */ 8801- static public class DES_OFB8 8802- extends JCEStreamCipher 8803- { 8804- public DES_OFB8() 8805- { 8806- super(new OFBBlockCipher(new DESEngine(), 8), 64); 8807- } 8808- } 8809- 8810- /** 8811- * DESede 8812- */ 8813- static public class DESede_OFB8 8814- extends JCEStreamCipher 8815- { 8816- public DESede_OFB8() 8817- { 8818- super(new OFBBlockCipher(new DESedeEngine(), 8), 64); 8819- } 8820- } 8821- 8822- /** 8823- * SKIPJACK 8824- */ 8825- static public class Skipjack_OFB8 8826- extends JCEStreamCipher 8827- { 8828- public Skipjack_OFB8() 8829- { 8830- super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); 8831- } 8832- } 8833- 8834- /** 8835- * Blowfish 8836- */ 8837- static public class Blowfish_OFB8 8838- extends JCEStreamCipher 8839- { 8840- public Blowfish_OFB8() 8841- { 8842- super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); 8843- } 8844- } 8845- 8846- /** 8847- * Twofish 8848- */ 8849- static public class Twofish_OFB8 8850- extends JCEStreamCipher 8851- { 8852- public Twofish_OFB8() 8853- { 8854- super(new OFBBlockCipher(new TwofishEngine(), 8), 128); 8855- } 8856- } 8857+ // BEGIN android-removed 8858+ // /** 8859+ // * DES 8860+ // */ 8861+ // static public class DES_CFB8 8862+ // extends JCEStreamCipher 8863+ // { 8864+ // public DES_CFB8() 8865+ // { 8866+ // super(new CFBBlockCipher(new DESEngine(), 8), 64); 8867+ // } 8868+ // } 8869+ // 8870+ // /** 8871+ // * DESede 8872+ // */ 8873+ // static public class DESede_CFB8 8874+ // extends JCEStreamCipher 8875+ // { 8876+ // public DESede_CFB8() 8877+ // { 8878+ // super(new CFBBlockCipher(new DESedeEngine(), 8), 64); 8879+ // } 8880+ // } 8881+ // 8882+ // /** 8883+ // * SKIPJACK 8884+ // */ 8885+ // static public class Skipjack_CFB8 8886+ // extends JCEStreamCipher 8887+ // { 8888+ // public Skipjack_CFB8() 8889+ // { 8890+ // super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); 8891+ // } 8892+ // } 8893+ // 8894+ // /** 8895+ // * Blowfish 8896+ // */ 8897+ // static public class Blowfish_CFB8 8898+ // extends JCEStreamCipher 8899+ // { 8900+ // public Blowfish_CFB8() 8901+ // { 8902+ // super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); 8903+ // } 8904+ // } 8905+ // 8906+ // /** 8907+ // * Twofish 8908+ // */ 8909+ // static public class Twofish_CFB8 8910+ // extends JCEStreamCipher 8911+ // { 8912+ // public Twofish_CFB8() 8913+ // { 8914+ // super(new CFBBlockCipher(new TwofishEngine(), 8), 128); 8915+ // } 8916+ // } 8917+ // 8918+ // /** 8919+ // * DES 8920+ // */ 8921+ // static public class DES_OFB8 8922+ // extends JCEStreamCipher 8923+ // { 8924+ // public DES_OFB8() 8925+ // { 8926+ // super(new OFBBlockCipher(new DESEngine(), 8), 64); 8927+ // } 8928+ // } 8929+ // 8930+ // /** 8931+ // * DESede 8932+ // */ 8933+ // static public class DESede_OFB8 8934+ // extends JCEStreamCipher 8935+ // { 8936+ // public DESede_OFB8() 8937+ // { 8938+ // super(new OFBBlockCipher(new DESedeEngine(), 8), 64); 8939+ // } 8940+ // } 8941+ // 8942+ // /** 8943+ // * SKIPJACK 8944+ // */ 8945+ // static public class Skipjack_OFB8 8946+ // extends JCEStreamCipher 8947+ // { 8948+ // public Skipjack_OFB8() 8949+ // { 8950+ // super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); 8951+ // } 8952+ // } 8953+ // 8954+ // /** 8955+ // * Blowfish 8956+ // */ 8957+ // static public class Blowfish_OFB8 8958+ // extends JCEStreamCipher 8959+ // { 8960+ // public Blowfish_OFB8() 8961+ // { 8962+ // super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); 8963+ // } 8964+ // } 8965+ // 8966+ // /** 8967+ // * Twofish 8968+ // */ 8969+ // static public class Twofish_OFB8 8970+ // extends JCEStreamCipher 8971+ // { 8972+ // public Twofish_OFB8() 8973+ // { 8974+ // super(new OFBBlockCipher(new TwofishEngine(), 8), 128); 8975+ // } 8976+ // } 8977+ // END android-removed 8978 8979 /** 8980 * PBEWithSHAAnd128BitRC4 8981diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 8982--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2012-03-22 15:11:48.000000000 +0000 8983+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2013-01-23 01:01:51.964749844 +0000 8984@@ -17,7 +17,9 @@ 8985 import org.bouncycastle.asn1.DERSequence; 8986 import org.bouncycastle.asn1.pkcs.PBKDF2Params; 8987 import org.bouncycastle.asn1.pkcs.PKCS12PBEParams; 8988-import org.bouncycastle.jce.spec.IESParameterSpec; 8989+// BEGIN android-removed 8990+// import org.bouncycastle.jce.spec.IESParameterSpec; 8991+// END android-removed 8992 8993 public abstract class JDKAlgorithmParameters 8994 extends AlgorithmParametersSpi 8995@@ -208,109 +210,111 @@ 8996 } 8997 } 8998 8999- public static class IES 9000- extends JDKAlgorithmParameters 9001- { 9002- IESParameterSpec currentSpec; 9003- 9004- /** 9005- * in the absence of a standard way of doing it this will do for 9006- * now... 9007- */ 9008- protected byte[] engineGetEncoded() 9009- { 9010- try 9011- { 9012- ASN1EncodableVector v = new ASN1EncodableVector(); 9013- 9014- v.add(new DEROctetString(currentSpec.getDerivationV())); 9015- v.add(new DEROctetString(currentSpec.getEncodingV())); 9016- v.add(new DERInteger(currentSpec.getMacKeySize())); 9017- 9018- return new DERSequence(v).getEncoded(ASN1Encoding.DER); 9019- } 9020- catch (IOException e) 9021- { 9022- throw new RuntimeException("Error encoding IESParameters"); 9023- } 9024- } 9025- 9026- protected byte[] engineGetEncoded( 9027- String format) 9028- { 9029- if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 9030- { 9031- return engineGetEncoded(); 9032- } 9033- 9034- return null; 9035- } 9036- 9037- protected AlgorithmParameterSpec localEngineGetParameterSpec( 9038- Class paramSpec) 9039- throws InvalidParameterSpecException 9040- { 9041- if (paramSpec == IESParameterSpec.class) 9042- { 9043- return currentSpec; 9044- } 9045- 9046- throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); 9047- } 9048- 9049- protected void engineInit( 9050- AlgorithmParameterSpec paramSpec) 9051- throws InvalidParameterSpecException 9052- { 9053- if (!(paramSpec instanceof IESParameterSpec)) 9054- { 9055- throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object"); 9056- } 9057- 9058- this.currentSpec = (IESParameterSpec)paramSpec; 9059- } 9060- 9061- protected void engineInit( 9062- byte[] params) 9063- throws IOException 9064- { 9065- try 9066- { 9067- ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(params); 9068- 9069- this.currentSpec = new IESParameterSpec( 9070- ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 9071- ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 9072- ((DERInteger)s.getObjectAt(0)).getValue().intValue()); 9073- } 9074- catch (ClassCastException e) 9075- { 9076- throw new IOException("Not a valid IES Parameter encoding."); 9077- } 9078- catch (ArrayIndexOutOfBoundsException e) 9079- { 9080- throw new IOException("Not a valid IES Parameter encoding."); 9081- } 9082- } 9083- 9084- protected void engineInit( 9085- byte[] params, 9086- String format) 9087- throws IOException 9088- { 9089- if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 9090- { 9091- engineInit(params); 9092- } 9093- else 9094- { 9095- throw new IOException("Unknown parameter format " + format); 9096- } 9097- } 9098- 9099- protected String engineToString() 9100- { 9101- return "IES Parameters"; 9102- } 9103- } 9104+ // BEGIN android-removed 9105+ // public static class IES 9106+ // extends JDKAlgorithmParameters 9107+ // { 9108+ // IESParameterSpec currentSpec; 9109+ // 9110+ // /** 9111+ // * in the absence of a standard way of doing it this will do for 9112+ // * now... 9113+ // */ 9114+ // protected byte[] engineGetEncoded() 9115+ // { 9116+ // try 9117+ // { 9118+ // ASN1EncodableVector v = new ASN1EncodableVector(); 9119+ // 9120+ // v.add(new DEROctetString(currentSpec.getDerivationV())); 9121+ // v.add(new DEROctetString(currentSpec.getEncodingV())); 9122+ // v.add(new DERInteger(currentSpec.getMacKeySize())); 9123+ // 9124+ // return new DERSequence(v).getEncoded(ASN1Encoding.DER); 9125+ // } 9126+ // catch (IOException e) 9127+ // { 9128+ // throw new RuntimeException("Error encoding IESParameters"); 9129+ // } 9130+ // } 9131+ // 9132+ // protected byte[] engineGetEncoded( 9133+ // String format) 9134+ // { 9135+ // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 9136+ // { 9137+ // return engineGetEncoded(); 9138+ // } 9139+ // 9140+ // return null; 9141+ // } 9142+ // 9143+ // protected AlgorithmParameterSpec localEngineGetParameterSpec( 9144+ // Class paramSpec) 9145+ // throws InvalidParameterSpecException 9146+ // { 9147+ // if (paramSpec == IESParameterSpec.class) 9148+ // { 9149+ // return currentSpec; 9150+ // } 9151+ // 9152+ // throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); 9153+ // } 9154+ // 9155+ // protected void engineInit( 9156+ // AlgorithmParameterSpec paramSpec) 9157+ // throws InvalidParameterSpecException 9158+ // { 9159+ // if (!(paramSpec instanceof IESParameterSpec)) 9160+ // { 9161+ // throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object"); 9162+ // } 9163+ // 9164+ // this.currentSpec = (IESParameterSpec)paramSpec; 9165+ // } 9166+ // 9167+ // protected void engineInit( 9168+ // byte[] params) 9169+ // throws IOException 9170+ // { 9171+ // try 9172+ // { 9173+ // ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(params); 9174+ // 9175+ // this.currentSpec = new IESParameterSpec( 9176+ // ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 9177+ // ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 9178+ // ((DERInteger)s.getObjectAt(0)).getValue().intValue()); 9179+ // } 9180+ // catch (ClassCastException e) 9181+ // { 9182+ // throw new IOException("Not a valid IES Parameter encoding."); 9183+ // } 9184+ // catch (ArrayIndexOutOfBoundsException e) 9185+ // { 9186+ // throw new IOException("Not a valid IES Parameter encoding."); 9187+ // } 9188+ // } 9189+ // 9190+ // protected void engineInit( 9191+ // byte[] params, 9192+ // String format) 9193+ // throws IOException 9194+ // { 9195+ // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 9196+ // { 9197+ // engineInit(params); 9198+ // } 9199+ // else 9200+ // { 9201+ // throw new IOException("Unknown parameter format " + format); 9202+ // } 9203+ // } 9204+ // 9205+ // protected String engineToString() 9206+ // { 9207+ // return "IES Parameters"; 9208+ // } 9209+ // } 9210+ // END android-removed 9211 } 9212diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JDKKeyStore.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JDKKeyStore.java 9213--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JDKKeyStore.java 2012-03-22 15:11:48.000000000 +0000 9214+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JDKKeyStore.java 2013-01-23 01:01:51.974750020 +0000 9215@@ -39,7 +39,12 @@ 9216 import org.bouncycastle.crypto.CipherParameters; 9217 import org.bouncycastle.crypto.Digest; 9218 import org.bouncycastle.crypto.PBEParametersGenerator; 9219-import org.bouncycastle.crypto.digests.SHA1Digest; 9220+// BEGIN android-added 9221+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 9222+// END android-added 9223+// BEGIN android-removed 9224+// import org.bouncycastle.crypto.digests.SHA1Digest; 9225+// END android-removed 9226 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 9227 import org.bouncycastle.crypto.io.DigestInputStream; 9228 import org.bouncycastle.crypto.io.DigestOutputStream; 9229@@ -498,7 +503,13 @@ 9230 9231 if (entry == null) 9232 { 9233- throw new KeyStoreException("no such entry as " + alias); 9234+ // BEGIN android-removed 9235+ // Only throw if there is a problem removing, not if missing 9236+ // throw new KeyStoreException("no such entry as " + alias); 9237+ // END android-removed 9238+ // BEGIN android-added 9239+ return; 9240+ // END android-added 9241 } 9242 9243 table.remove(alias); 9244@@ -817,12 +828,16 @@ 9245 // 9246 // we only do an integrity check if the password is provided. 9247 // 9248- HMac hMac = new HMac(new SHA1Digest()); 9249+ // BEGIN android-changed 9250+ HMac hMac = new HMac(AndroidDigestFactory.getSHA1()); 9251+ // END android-changed 9252 if (password != null && password.length != 0) 9253 { 9254 byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password); 9255 9256- PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest()); 9257+ // BEGIN android-changed 9258+ PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 9259+ // END android-changed 9260 pbeGen.init(passKey, salt, iterationCount); 9261 9262 CipherParameters macParams; 9263@@ -884,9 +899,11 @@ 9264 dOut.write(salt); 9265 dOut.writeInt(iterationCount); 9266 9267- HMac hMac = new HMac(new SHA1Digest()); 9268+ // BEGIN android-changed 9269+ HMac hMac = new HMac(AndroidDigestFactory.getSHA1()); 9270 MacOutputStream mOut = new MacOutputStream(hMac); 9271- PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest()); 9272+ PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 9273+ // END android-changed 9274 byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password); 9275 9276 pbeGen.init(passKey, salt, iterationCount); 9277@@ -974,7 +991,9 @@ 9278 Cipher cipher = this.makePBECipher(cipherAlg, Cipher.DECRYPT_MODE, password, salt, iterationCount); 9279 CipherInputStream cIn = new CipherInputStream(dIn, cipher); 9280 9281- Digest dig = new SHA1Digest(); 9282+ // BEGIN android-changed 9283+ Digest dig = AndroidDigestFactory.getSHA1(); 9284+ // END android-changed 9285 DigestInputStream dgIn = new DigestInputStream(cIn, dig); 9286 9287 this.loadStore(dgIn); 9288@@ -1013,7 +1032,9 @@ 9289 cipher = this.makePBECipher(STORE_CIPHER, Cipher.ENCRYPT_MODE, password, salt, iterationCount); 9290 9291 CipherOutputStream cOut = new CipherOutputStream(dOut, cipher); 9292- DigestOutputStream dgOut = new DigestOutputStream(new SHA1Digest()); 9293+ // BEGIN android-changed 9294+ DigestOutputStream dgOut = new DigestOutputStream(AndroidDigestFactory.getSHA1()); 9295+ // END android-changed 9296 9297 this.saveStore(new TeeOutputStream(cOut, dgOut)); 9298 9299diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 9300--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2012-03-22 15:11:48.000000000 +0000 9301+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2013-01-23 01:01:51.974750020 +0000 9302@@ -261,10 +261,13 @@ 9303 } 9304 } 9305 9306- if (c == null && k == null) 9307- { 9308- throw new KeyStoreException("no such entry as " + alias); 9309- } 9310+ // BEGIN android-removed 9311+ // Only throw if there is a problem removing, not if missing 9312+ // if (c == null && k == null) 9313+ // { 9314+ // throw new KeyStoreException("no such entry as " + alias); 9315+ // } 9316+ // END android-removed 9317 } 9318 9319 /** 9320@@ -439,6 +442,14 @@ 9321 9322 public Date engineGetCreationDate(String alias) 9323 { 9324+ // BEGIN android-added 9325+ if (alias == null) { 9326+ throw new NullPointerException("alias == null"); 9327+ } 9328+ if (keys.get(alias) == null && certs.get(alias) == null) { 9329+ return null; 9330+ } 9331+ // END android-added 9332 return new Date(); 9333 } 9334 9335@@ -497,6 +508,11 @@ 9336 Certificate[] chain) 9337 throws KeyStoreException 9338 { 9339+ // BEGIN android-added 9340+ if (!(key instanceof PrivateKey)) { 9341+ throw new KeyStoreException("PKCS12 does not support non-PrivateKeys"); 9342+ } 9343+ // END android-added 9344 if ((key instanceof PrivateKey) && (chain == null)) 9345 { 9346 throw new KeyStoreException("no certificate chain for private key"); 9347@@ -508,12 +524,18 @@ 9348 } 9349 9350 keys.put(alias, key); 9351+ // BEGIN android-added 9352+ if (chain != null) { 9353+ // END android-added 9354 certs.put(alias, chain[0]); 9355 9356 for (int i = 0; i != chain.length; i++) 9357 { 9358 chainCerts.put(new CertId(chain[i].getPublicKey()), chain[i]); 9359 } 9360+ // BEGIN android-added 9361+ } 9362+ // END android-added 9363 } 9364 9365 public int engineSize() 9366@@ -1489,7 +1511,9 @@ 9367 { 9368 byte[] res = calculatePbeMac(id_SHA1, mSalt, itCount, password, false, data); 9369 9370- AlgorithmIdentifier algId = new AlgorithmIdentifier(id_SHA1, new DERNull()); 9371+ // BEGIN android-changed 9372+ AlgorithmIdentifier algId = new AlgorithmIdentifier(id_SHA1, DERNull.INSTANCE); 9373+ // END android-changed 9374 DigestInfo dInfo = new DigestInfo(algId, res); 9375 9376 mData = new MacData(dInfo, mSalt, itCount); 9377@@ -1546,32 +1570,34 @@ 9378 } 9379 } 9380 9381- public static class BCPKCS12KeyStore3DES 9382- extends JDKPKCS12KeyStore 9383- { 9384- public BCPKCS12KeyStore3DES() 9385- { 9386- super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 9387- } 9388- } 9389- 9390- public static class DefPKCS12KeyStore 9391- extends JDKPKCS12KeyStore 9392- { 9393- public DefPKCS12KeyStore() 9394- { 9395- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 9396- } 9397- } 9398- 9399- public static class DefPKCS12KeyStore3DES 9400- extends JDKPKCS12KeyStore 9401- { 9402- public DefPKCS12KeyStore3DES() 9403- { 9404- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 9405- } 9406- } 9407+ // BEGIN android-removed 9408+ // public static class BCPKCS12KeyStore3DES 9409+ // extends JDKPKCS12KeyStore 9410+ // { 9411+ // public BCPKCS12KeyStore3DES() 9412+ // { 9413+ // super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 9414+ // } 9415+ // } 9416+ // 9417+ // public static class DefPKCS12KeyStore 9418+ // extends JDKPKCS12KeyStore 9419+ // { 9420+ // public DefPKCS12KeyStore() 9421+ // { 9422+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 9423+ // } 9424+ // } 9425+ // 9426+ // public static class DefPKCS12KeyStore3DES 9427+ // extends JDKPKCS12KeyStore 9428+ // { 9429+ // public DefPKCS12KeyStore3DES() 9430+ // { 9431+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 9432+ // } 9433+ // } 9434+ // END android-removed 9435 9436 private static class IgnoresCaseHashtable 9437 { 9438@@ -1580,7 +1606,9 @@ 9439 9440 public void put(String key, Object value) 9441 { 9442- String lower = Strings.toLowerCase(key); 9443+ // BEGIN android-changed 9444+ String lower = (key == null) ? null : Strings.toLowerCase(key); 9445+ // END android-changed 9446 String k = (String)keys.get(lower); 9447 if (k != null) 9448 { 9449@@ -1598,7 +1626,9 @@ 9450 9451 public Object remove(String alias) 9452 { 9453- String k = (String)keys.remove(Strings.toLowerCase(alias)); 9454+ // BEGIN android-changed 9455+ String k = (String)keys.remove(alias == null ? null : Strings.toLowerCase(alias)); 9456+ // END android-changed 9457 if (k == null) 9458 { 9459 return null; 9460@@ -1609,7 +1639,9 @@ 9461 9462 public Object get(String alias) 9463 { 9464- String k = (String)keys.get(Strings.toLowerCase(alias)); 9465+ // BEGIN android-changed 9466+ String k = (String)keys.get(alias == null ? null : Strings.toLowerCase(alias)); 9467+ // END android-changed 9468 if (k == null) 9469 { 9470 return null; 9471diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 9472--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2012-03-22 15:11:48.000000000 +0000 9473+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2013-01-23 01:01:51.984750196 +0000 9474@@ -1,5 +1,8 @@ 9475 package org.bouncycastle.jce.provider; 9476 9477+// BEGIN android-added 9478+import java.math.BigInteger; 9479+// END android-added 9480 import java.security.InvalidAlgorithmParameterException; 9481 import java.security.PublicKey; 9482 import java.security.cert.CertPath; 9483@@ -33,6 +36,9 @@ 9484 public class PKIXCertPathValidatorSpi 9485 extends CertPathValidatorSpi 9486 { 9487+ // BEGIN android-added 9488+ private final static CertBlacklist blacklist = new CertBlacklist(); 9489+ // END android-added 9490 9491 public CertPathValidatorResult engineValidate( 9492 CertPath certPath, 9493@@ -75,6 +81,22 @@ 9494 { 9495 throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); 9496 } 9497+ // BEGIN android-added 9498+ { 9499+ X509Certificate cert = (X509Certificate) certs.get(0); 9500+ 9501+ if (cert != null) { 9502+ BigInteger serial = cert.getSerialNumber(); 9503+ if (blacklist.isSerialNumberBlackListed(serial)) { 9504+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 9505+ String message = "Certificate revocation of serial 0x" + serial.toString(16); 9506+ System.out.println(message); 9507+ AnnotatedException e = new AnnotatedException(message); 9508+ throw new CertPathValidatorException(e.getMessage(), e, certPath, 0); 9509+ } 9510+ } 9511+ } 9512+ // END android-added 9513 9514 // 9515 // (b) 9516@@ -251,6 +273,15 @@ 9517 9518 for (index = certs.size() - 1; index >= 0; index--) 9519 { 9520+ // BEGIN android-added 9521+ if (blacklist.isPublicKeyBlackListed(workingPublicKey)) { 9522+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 9523+ String message = "Certificate revocation of public key " + workingPublicKey; 9524+ System.out.println(message); 9525+ AnnotatedException e = new AnnotatedException(message); 9526+ throw new CertPathValidatorException(e.getMessage(), e, certPath, index); 9527+ } 9528+ // END android-added 9529 // try 9530 // { 9531 // 9532diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 9533--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 2012-03-22 15:11:48.000000000 +0000 9534+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 2013-01-23 01:01:51.984750196 +0000 9535@@ -1533,7 +1533,9 @@ 9536 for (Enumeration e = permitted.getObjects(); e.hasMoreElements();) 9537 { 9538 GeneralSubtree subtree = GeneralSubtree.getInstance(e.nextElement()); 9539- Integer tagNo = new Integer(subtree.getBase().getTagNo()); 9540+ // BEGIN android-changed 9541+ Integer tagNo = Integer.valueOf(subtree.getBase().getTagNo()); 9542+ // END android-changed 9543 if (subtreesMap.get(tagNo) == null) 9544 { 9545 subtreesMap.put(tagNo, new HashSet()); 9546diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/X509CertificateObject.java 9547--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2012-03-22 15:11:48.000000000 +0000 9548+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-23 01:01:51.954749668 +0000 9549@@ -544,12 +544,20 @@ 9550 } 9551 } 9552 9553+ // BEGIN android-changed 9554+ private byte[] encoded; 9555+ // END android-changed 9556 public byte[] getEncoded() 9557 throws CertificateEncodingException 9558 { 9559 try 9560 { 9561- return c.getEncoded(ASN1Encoding.DER); 9562+ // BEGIN android-changed 9563+ if (encoded == null) { 9564+ encoded = c.getEncoded(ASN1Encoding.DER); 9565+ } 9566+ return encoded; 9567+ // END android-changed 9568 } 9569 catch (IOException e) 9570 { 9571diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-147/org/bouncycastle/jce/provider/X509SignatureUtil.java 9572--- bcprov-jdk15on-147.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2012-03-22 15:11:48.000000000 +0000 9573+++ bcprov-jdk15on-147/org/bouncycastle/jce/provider/X509SignatureUtil.java 2013-01-23 01:01:51.984750196 +0000 9574@@ -14,7 +14,9 @@ 9575 import org.bouncycastle.asn1.ASN1Sequence; 9576 import org.bouncycastle.asn1.DERNull; 9577 import org.bouncycastle.asn1.DERObjectIdentifier; 9578-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 9579+// BEGIN android-removed 9580+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 9581+// END android-removed 9582 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 9583 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 9584 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 9585@@ -25,7 +27,9 @@ 9586 9587 class X509SignatureUtil 9588 { 9589- private static final ASN1Null derNull = new DERNull(); 9590+ // BEGIN android-changed 9591+ private static final ASN1Null derNull = DERNull.INSTANCE; 9592+ // END android-changed 9593 9594 static void setSignatureParameters( 9595 Signature signature, 9596@@ -66,12 +70,14 @@ 9597 9598 if (params != null && !derNull.equals(params)) 9599 { 9600- if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 9601- { 9602- RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 9603- 9604- return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 9605- } 9606+ // BEGIN android-removed 9607+ // if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 9608+ // { 9609+ // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 9610+ // 9611+ // return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 9612+ // } 9613+ // END android-removed 9614 if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 9615 { 9616 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 9617@@ -98,10 +104,12 @@ 9618 { 9619 return "SHA1"; 9620 } 9621- else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 9622- { 9623- return "SHA224"; 9624- } 9625+ // BEGIN android-removed 9626+ // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 9627+ // { 9628+ // return "SHA224"; 9629+ // } 9630+ // END android-removed 9631 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 9632 { 9633 return "SHA256"; 9634@@ -114,22 +122,24 @@ 9635 { 9636 return "SHA512"; 9637 } 9638- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 9639- { 9640- return "RIPEMD128"; 9641- } 9642- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 9643- { 9644- return "RIPEMD160"; 9645- } 9646- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 9647- { 9648- return "RIPEMD256"; 9649- } 9650- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 9651- { 9652- return "GOST3411"; 9653- } 9654+ // BEGIN android-removed 9655+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 9656+ // { 9657+ // return "RIPEMD128"; 9658+ // } 9659+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 9660+ // { 9661+ // return "RIPEMD160"; 9662+ // } 9663+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 9664+ // { 9665+ // return "RIPEMD256"; 9666+ // } 9667+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 9668+ // { 9669+ // return "GOST3411"; 9670+ // } 9671+ // END android-removed 9672 else 9673 { 9674 return digestAlgOID.getId(); 9675diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-147/org/bouncycastle/x509/X509Util.java 9676--- bcprov-jdk15on-147.orig/org/bouncycastle/x509/X509Util.java 2012-03-22 15:11:48.000000000 +0000 9677+++ bcprov-jdk15on-147/org/bouncycastle/x509/X509Util.java 2013-01-23 01:01:51.894748612 +0000 9678@@ -25,12 +25,16 @@ 9679 import org.bouncycastle.asn1.ASN1Integer; 9680 import org.bouncycastle.asn1.DERNull; 9681 import org.bouncycastle.asn1.DERObjectIdentifier; 9682-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 9683+// BEGIN android-removed 9684+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 9685+// END android-removed 9686 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 9687 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 9688 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 9689 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 9690-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 9691+// BEGIN android-removed 9692+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 9693+// END android-removed 9694 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 9695 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 9696 import org.bouncycastle.jce.X509Principal; 9697@@ -44,14 +48,18 @@ 9698 9699 static 9700 { 9701- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 9702- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 9703+ // BEGIN android-removed 9704+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 9705+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 9706+ // END android-removed 9707 algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); 9708 algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); 9709 algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); 9710 algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption); 9711- algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9712- algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9713+ // BEGIN android-removed 9714+ // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9715+ // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9716+ // END android-removed 9717 algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); 9718 algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); 9719 algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); 9720@@ -59,45 +67,59 @@ 9721 algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); 9722 algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); 9723 algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9724- algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9725+ // BEGIN android-removed 9726+ // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9727+ // END android-removed 9728 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9729 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9730 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9731- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9732- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9733- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9734- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9735- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9736- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9737+ // BEGIN android-removed 9738+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9739+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9740+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9741+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9742+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9743+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9744+ // END android-removed 9745 algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); 9746 algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); 9747- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 9748+ // BEGIN android-removed 9749+ // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 9750+ // END android-removed 9751 algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); 9752 algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); 9753 algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); 9754 algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); 9755 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 9756- algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 9757+ // BEGIN android-removed 9758+ // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 9759+ // END android-removed 9760 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 9761 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 9762 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 9763- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9764- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9765- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9766- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9767- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9768+ // BEGIN android-removed 9769+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9770+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9771+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9772+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9773+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9774+ // END android-removed 9775 9776 // 9777 // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 9778 // The parameters field SHALL be NULL for RSA based signature algorithms. 9779 // 9780 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); 9781- noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 9782+ // BEGIN android-removed 9783+ // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 9784+ // END android-removed 9785 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); 9786 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); 9787 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); 9788 noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); 9789- noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 9790+ // BEGIN android-removed 9791+ // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 9792+ // END android-removed 9793 noParams.add(NISTObjectIdentifiers.dsa_with_sha256); 9794 noParams.add(NISTObjectIdentifiers.dsa_with_sha384); 9795 noParams.add(NISTObjectIdentifiers.dsa_with_sha512); 9796@@ -105,25 +127,39 @@ 9797 // 9798 // RFC 4491 9799 // 9800- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9801- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9802+ // BEGIN android-removed 9803+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9804+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9805+ // END android-removed 9806 9807 // 9808 // explicit params 9809 // 9810- AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); 9811+ // BEGIN android-changed 9812+ AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); 9813+ // END android-changed 9814 params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); 9815 9816- AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, new DERNull()); 9817- params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 9818- 9819- AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, new DERNull()); 9820+ // BEGIN android-removed 9821+ // // BEGIN android-changed 9822+ // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); 9823+ // // END android-changed 9824+ // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 9825+ // END android-removed 9826+ 9827+ // BEGIN android-changed 9828+ AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); 9829+ // END android-changed 9830 params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); 9831 9832- AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, new DERNull()); 9833+ // BEGIN android-changed 9834+ AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE); 9835+ // END android-changed 9836 params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId, 48)); 9837 9838- AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, new DERNull()); 9839+ // BEGIN android-changed 9840+ AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE); 9841+ // END android-changed 9842 params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId, 64)); 9843 } 9844 9845@@ -166,7 +202,9 @@ 9846 } 9847 else 9848 { 9849- return new AlgorithmIdentifier(sigOid, new DERNull()); 9850+ // BEGIN android-changed 9851+ return new AlgorithmIdentifier(sigOid, DERNull.INSTANCE); 9852+ // END android-changed 9853 } 9854 } 9855 9856diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/x509/extension/X509ExtensionUtil.java bcprov-jdk15on-147/org/bouncycastle/x509/extension/X509ExtensionUtil.java 9857--- bcprov-jdk15on-147.orig/org/bouncycastle/x509/extension/X509ExtensionUtil.java 2012-03-22 15:11:48.000000000 +0000 9858+++ bcprov-jdk15on-147/org/bouncycastle/x509/extension/X509ExtensionUtil.java 2013-01-23 01:01:51.884748436 +0000 9859@@ -62,7 +62,9 @@ 9860 { 9861 GeneralName genName = GeneralName.getInstance(it.nextElement()); 9862 List list = new ArrayList(); 9863- list.add(new Integer(genName.getTagNo())); 9864+ // BEGIN android-changed 9865+ list.add(Integer.valueOf(genName.getTagNo())); 9866+ // END android-changed 9867 switch (genName.getTagNo()) 9868 { 9869 case GeneralName.ediPartyName: 9870