1diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-148/org/bouncycastle/asn1/ASN1Null.java 2--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/ASN1Null.java 2013-02-10 00:37:58.000000000 +0000 3+++ bcprov-jdk15on-148/org/bouncycastle/asn1/ASN1Null.java 2012-09-17 23:04:47.000000000 +0000 4@@ -11,9 +11,11 @@ 5 /** 6 * @deprecated use DERNull.INSTANCE 7 */ 8- public ASN1Null() 9+ // BEGIN android-changed 10+ /*package*/ ASN1Null() 11 { 12 } 13+ // END android-changed 14 15 public static ASN1Null getInstance(Object o) 16 { 17diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERBoolean.java bcprov-jdk15on-148/org/bouncycastle/asn1/DERBoolean.java 18--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERBoolean.java 2013-02-10 00:37:58.000000000 +0000 19+++ bcprov-jdk15on-148/org/bouncycastle/asn1/DERBoolean.java 2012-09-17 23:04:47.000000000 +0000 20@@ -10,7 +10,9 @@ 21 private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; 22 private static final byte[] FALSE_VALUE = new byte[] { 0 }; 23 24- private byte[] value; 25+ // BEGIN android-changed 26+ final private byte[] value; 27+ // END android-changed 28 29 public static final ASN1Boolean FALSE = new ASN1Boolean(false); 30 public static final ASN1Boolean TRUE = new ASN1Boolean(true); 31@@ -55,6 +57,17 @@ 32 return (value != 0 ? TRUE : FALSE); 33 } 34 35+ // BEGIN android-added 36+ /** 37+ * return a DERBoolean from the passed in array. 38+ */ 39+ public static DERBoolean getInstance( 40+ byte[] octets) 41+ { 42+ return (octets[0] != 0) ? TRUE : FALSE; 43+ } 44+ 45+ // END android-added 46 /** 47 * return a Boolean from a tagged object. 48 * 49@@ -80,7 +93,9 @@ 50 } 51 } 52 53- DERBoolean( 54+ // BEGIN android-changed 55+ protected DERBoolean( 56+ // END android-changed 57 byte[] value) 58 { 59 if (value.length != 1) 60@@ -106,8 +121,10 @@ 61 * @deprecated use getInstance(boolean) method. 62 * @param value 63 */ 64- public DERBoolean( 65+ // BEGIN android-changed 66+ protected DERBoolean( 67 boolean value) 68+ // END android-changed 69 { 70 this.value = (value) ? TRUE_VALUE : FALSE_VALUE; 71 } 72diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-148/org/bouncycastle/asn1/DERNull.java 73--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERNull.java 2013-02-10 00:37:58.000000000 +0000 74+++ bcprov-jdk15on-148/org/bouncycastle/asn1/DERNull.java 2012-09-17 23:04:47.000000000 +0000 75@@ -15,7 +15,9 @@ 76 /** 77 * @deprecated use DERNull.INSTANCE 78 */ 79- public DERNull() 80+ // BEGIN android-changed 81+ protected DERNull() 82+ // END android-changed 83 { 84 } 85 86diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERObjectIdentifier.java bcprov-jdk15on-148/org/bouncycastle/asn1/DERObjectIdentifier.java 87--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERObjectIdentifier.java 2013-02-10 00:37:58.000000000 +0000 88+++ bcprov-jdk15on-148/org/bouncycastle/asn1/DERObjectIdentifier.java 2012-09-17 23:04:47.000000000 +0000 89@@ -144,7 +144,13 @@ 90 } 91 } 92 93- this.identifier = objId.toString(); 94+ // BEGIN android-changed 95+ /* 96+ * Intern the identifier so there aren't hundreds of duplicates 97+ * (in practice). 98+ */ 99+ this.identifier = objId.toString().intern(); 100+ // END android-changed 101 this.body = Arrays.clone(bytes); 102 } 103 104@@ -156,7 +162,13 @@ 105 throw new IllegalArgumentException("string " + identifier + " not an OID"); 106 } 107 108- this.identifier = identifier; 109+ // BEGIN android-changed 110+ /* 111+ * Intern the identifier so there aren't hundreds of duplicates 112+ * (in practice). 113+ */ 114+ this.identifier = identifier.intern(); 115+ // END android-changed 116 } 117 118 public String getId() 119diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-148/org/bouncycastle/asn1/DERPrintableString.java 120--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERPrintableString.java 2013-02-10 00:37:58.000000000 +0000 121+++ bcprov-jdk15on-148/org/bouncycastle/asn1/DERPrintableString.java 2012-09-17 23:04:47.000000000 +0000 122@@ -12,7 +12,9 @@ 123 extends ASN1Primitive 124 implements ASN1String 125 { 126- private byte[] string; 127+ // BEGIN android-changed 128+ private final byte[] string; 129+ // END android-changed 130 131 /** 132 * return a printable string from the passed in object. 133diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERT61String.java bcprov-jdk15on-148/org/bouncycastle/asn1/DERT61String.java 134--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/DERT61String.java 2013-02-10 00:37:58.000000000 +0000 135+++ bcprov-jdk15on-148/org/bouncycastle/asn1/DERT61String.java 2013-01-31 02:26:40.000000000 +0000 136@@ -82,12 +82,16 @@ 137 public DERT61String( 138 String string) 139 { 140- this.string = Strings.toUTF8ByteArray(string); 141+ // BEGIN android-changed 142+ this.string = Strings.toByteArray(string); 143+ // END android-changed 144 } 145 146 public String getString() 147 { 148- return Strings.fromUTF8ByteArray(string); 149+ // BEGIN android-changed 150+ return Strings.fromByteArray(string); 151+ // END android-changed 152 } 153 154 public String toString() 155diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-148/org/bouncycastle/asn1/cms/ContentInfo.java 156--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2013-02-10 00:37:58.000000000 +0000 157+++ bcprov-jdk15on-148/org/bouncycastle/asn1/cms/ContentInfo.java 2012-09-17 23:04:47.000000000 +0000 158@@ -12,7 +12,9 @@ 159 160 public class ContentInfo 161 extends ASN1Object 162- implements CMSObjectIdentifiers 163+ // BEGIN android-removed 164+ // implements CMSObjectIdentifiers 165+ // END android-removed 166 { 167 private ASN1ObjectIdentifier contentType; 168 private ASN1Encodable content; 169diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-148/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 170--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-02-10 00:37:58.000000000 +0000 171+++ bcprov-jdk15on-148/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2012-09-17 23:04:47.000000000 +0000 172@@ -10,8 +10,10 @@ 173 // 174 static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); 175 static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); 176- static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 177- static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 178+ // BEGIN android-removed 179+ // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 180+ // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 181+ // END android-removed 182 static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); 183 static final ASN1ObjectIdentifier sha1WithRSAEncryption = pkcs_1.branch("5"); 184 static final ASN1ObjectIdentifier srsaOAEPEncryptionSET = pkcs_1.branch("6"); 185@@ -22,7 +24,9 @@ 186 static final ASN1ObjectIdentifier sha256WithRSAEncryption = pkcs_1.branch("11"); 187 static final ASN1ObjectIdentifier sha384WithRSAEncryption = pkcs_1.branch("12"); 188 static final ASN1ObjectIdentifier sha512WithRSAEncryption = pkcs_1.branch("13"); 189- static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); 190+ // BEGIN android-removed 191+ // static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); 192+ // END android-removed 193 194 // 195 // pkcs-3 OBJECT IDENTIFIER ::= { 196@@ -66,13 +70,17 @@ 197 // md2 OBJECT IDENTIFIER ::= 198 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} 199 // 200- static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 201+ // BEGIN android-removed 202+ // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 203+ // END android-removed 204 205 // 206 // md4 OBJECT IDENTIFIER ::= 207 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} 208 // 209- static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 210+ // BEGIN android-removed 211+ // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 212+ // END android-removed 213 214 // 215 // md5 OBJECT IDENTIFIER ::= 216@@ -81,7 +89,9 @@ 217 static final ASN1ObjectIdentifier md5 = digestAlgorithm.branch("5"); 218 219 static final ASN1ObjectIdentifier id_hmacWithSHA1 = digestAlgorithm.branch("7"); 220- static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); 221+ // BEGIN android-removed 222+ // static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); 223+ // END android-removed 224 static final ASN1ObjectIdentifier id_hmacWithSHA256 = digestAlgorithm.branch("9"); 225 static final ASN1ObjectIdentifier id_hmacWithSHA384 = digestAlgorithm.branch("10"); 226 static final ASN1ObjectIdentifier id_hmacWithSHA512 = digestAlgorithm.branch("11"); 227diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-148/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 228--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2013-02-10 00:37:58.000000000 +0000 229+++ bcprov-jdk15on-148/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2012-09-17 23:04:47.000000000 +0000 230@@ -14,7 +14,9 @@ 231 import org.bouncycastle.asn1.DERSequence; 232 import org.bouncycastle.asn1.DERTaggedObject; 233 import org.bouncycastle.crypto.Digest; 234-import org.bouncycastle.crypto.digests.SHA1Digest; 235+// BEGIN android-changed 236+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 237+// END android-changed 238 239 /** 240 * The AuthorityKeyIdentifier object. 241@@ -106,7 +108,9 @@ 242 public AuthorityKeyIdentifier( 243 SubjectPublicKeyInfo spki) 244 { 245- Digest digest = new SHA1Digest(); 246+ // BEGIN android-changed 247+ Digest digest = AndroidDigestFactory.getSHA1(); 248+ // END android-changed 249 byte[] resBuf = new byte[digest.getDigestSize()]; 250 251 byte[] bytes = spki.getPublicKeyData().getBytes(); 252@@ -124,7 +128,9 @@ 253 GeneralNames name, 254 BigInteger serialNumber) 255 { 256- Digest digest = new SHA1Digest(); 257+ // BEGIN android-changed 258+ Digest digest = AndroidDigestFactory.getSHA1(); 259+ // END android-changed 260 byte[] resBuf = new byte[digest.getDigestSize()]; 261 262 byte[] bytes = spki.getPublicKeyData().getBytes(); 263diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java bcprov-jdk15on-148/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 264--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 2013-02-10 00:37:58.000000000 +0000 265+++ bcprov-jdk15on-148/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 2012-09-17 23:04:47.000000000 +0000 266@@ -6,7 +6,9 @@ 267 import org.bouncycastle.asn1.ASN1TaggedObject; 268 import org.bouncycastle.asn1.DEROctetString; 269 import org.bouncycastle.crypto.Digest; 270-import org.bouncycastle.crypto.digests.SHA1Digest; 271+// BEGIN android-changed 272+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 273+// END android-changed 274 275 /** 276 * The SubjectKeyIdentifier object. 277@@ -124,7 +126,9 @@ 278 279 private static byte[] getDigest(SubjectPublicKeyInfo spki) 280 { 281- Digest digest = new SHA1Digest(); 282+ // BEGIN android-changed 283+ Digest digest = AndroidDigestFactory.getSHA1(); 284+ // END android-changed 285 byte[] resBuf = new byte[digest.getDigestSize()]; 286 287 byte[] bytes = spki.getPublicKeyData().getBytes(); 288diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-148/org/bouncycastle/asn1/x509/X509Name.java 289--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/X509Name.java 2013-02-10 00:37:58.000000000 +0000 290+++ bcprov-jdk15on-148/org/bouncycastle/asn1/x509/X509Name.java 2012-09-17 23:04:47.000000000 +0000 291@@ -255,8 +255,10 @@ 292 */ 293 public static final Hashtable SymbolLookUp = DefaultLookUp; 294 295- private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility 296- private static final Boolean FALSE = new Boolean(false); 297+ // BEGIN android-changed 298+ private static final Boolean TRUE = Boolean.TRUE; 299+ private static final Boolean FALSE = Boolean.FALSE; 300+ // END android-changed 301 302 static 303 { 304@@ -445,7 +447,9 @@ 305 throw new IllegalArgumentException("cannot encode value"); 306 } 307 } 308- added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility 309+ // BEGIN android-changed 310+ added.addElement(Boolean.valueOf(i != 0)); 311+ // END android-changed 312 } 313 } 314 } 315diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-148/org/bouncycastle/asn1/x509/X509NameTokenizer.java 316--- bcprov-jdk15on-148.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-02-10 00:37:58.000000000 +0000 317+++ bcprov-jdk15on-148/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2012-09-17 23:04:47.000000000 +0000 318@@ -96,6 +96,17 @@ 319 } 320 else 321 { 322+ // BEGIN android-added 323+ // copied from a newer version of BouncyCastle 324+ if (c == '#' && buf.charAt(buf.length() - 1) == '=') 325+ { 326+ buf.append('\\'); 327+ } 328+ else if (c == '+' && separator != '+') 329+ { 330+ buf.append('\\'); 331+ } 332+ // END android-added 333 buf.append(c); 334 } 335 } 336diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 337--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000 338+++ bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2012-09-28 17:07:22.000000000 +0000 339@@ -0,0 +1,80 @@ 340+/* 341+ * Copyright (C) 2012 The Android Open Source Project 342+ * 343+ * Licensed under the Apache License, Version 2.0 (the "License"); 344+ * you may not use this file except in compliance with the License. 345+ * You may obtain a copy of the License at 346+ * 347+ * http://www.apache.org/licenses/LICENSE-2.0 348+ * 349+ * Unless required by applicable law or agreed to in writing, software 350+ * distributed under the License is distributed on an "AS IS" BASIS, 351+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 352+ * See the License for the specific language governing permissions and 353+ * limitations under the License. 354+ */ 355+ 356+package org.bouncycastle.crypto.digests; 357+ 358+import org.bouncycastle.crypto.Digest; 359+ 360+/** 361+ * Level of indirection to let us select OpenSSLDigest implementations 362+ * for libcore but fallback to BouncyCastle ones on the RI. 363+ */ 364+public final class AndroidDigestFactory { 365+ private static final String OpenSSLFactoryClassName 366+ = AndroidDigestFactory.class.getName() + "OpenSSL"; 367+ private static final String BouncyCastleFactoryClassName 368+ = AndroidDigestFactory.class.getName() + "BouncyCastle"; 369+ 370+ private static final AndroidDigestFactoryInterface FACTORY; 371+ static { 372+ Class factoryImplementationClass; 373+ try { 374+ factoryImplementationClass = Class.forName(OpenSSLFactoryClassName); 375+ // Double check for NativeCrypto in case we are running on RI for testing 376+ Class.forName("org.apache.harmony.xnet.provider.jsse.NativeCrypto"); 377+ } catch (ClassNotFoundException e1) { 378+ try { 379+ factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName); 380+ } catch (ClassNotFoundException e2) { 381+ throw new AssertionError("Failed to load AndroidDigestFactoryInterface " 382+ + "implementation. Looked for " 383+ + OpenSSLFactoryClassName + " and " 384+ + BouncyCastleFactoryClassName); 385+ } 386+ } 387+ if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) { 388+ throw new AssertionError(factoryImplementationClass 389+ + "does not implement AndroidDigestFactoryInterface"); 390+ } 391+ try { 392+ FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance(); 393+ } catch (InstantiationException e) { 394+ throw new AssertionError(e); 395+ } catch (IllegalAccessException e) { 396+ throw new AssertionError(e); 397+ } 398+ } 399+ 400+ public static Digest getMD5() { 401+ return FACTORY.getMD5(); 402+ } 403+ 404+ public static Digest getSHA1() { 405+ return FACTORY.getSHA1(); 406+ } 407+ 408+ public static Digest getSHA256() { 409+ return FACTORY.getSHA256(); 410+ } 411+ 412+ public static Digest getSHA384() { 413+ return FACTORY.getSHA384(); 414+ } 415+ 416+ public static Digest getSHA512() { 417+ return FACTORY.getSHA512(); 418+ } 419+} 420diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 421--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000 422+++ bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2012-09-17 23:04:47.000000000 +0000 423@@ -0,0 +1,37 @@ 424+/* 425+ * Copyright (C) 2012 The Android Open Source Project 426+ * 427+ * Licensed under the Apache License, Version 2.0 (the "License"); 428+ * you may not use this file except in compliance with the License. 429+ * You may obtain a copy of the License at 430+ * 431+ * http://www.apache.org/licenses/LICENSE-2.0 432+ * 433+ * Unless required by applicable law or agreed to in writing, software 434+ * distributed under the License is distributed on an "AS IS" BASIS, 435+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 436+ * See the License for the specific language governing permissions and 437+ * limitations under the License. 438+ */ 439+ 440+package org.bouncycastle.crypto.digests; 441+ 442+import org.bouncycastle.crypto.Digest; 443+ 444+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface { 445+ public Digest getMD5() { 446+ return new MD5Digest(); 447+ } 448+ public Digest getSHA1() { 449+ return new SHA1Digest(); 450+ } 451+ public Digest getSHA256() { 452+ return new SHA256Digest(); 453+ } 454+ public Digest getSHA384() { 455+ return new SHA384Digest(); 456+ } 457+ public Digest getSHA512() { 458+ return new SHA512Digest(); 459+ } 460+} 461diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 462--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000 463+++ bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2012-09-17 23:04:47.000000000 +0000 464@@ -0,0 +1,27 @@ 465+/* 466+ * Copyright (C) 2012 The Android Open Source Project 467+ * 468+ * Licensed under the Apache License, Version 2.0 (the "License"); 469+ * you may not use this file except in compliance with the License. 470+ * You may obtain a copy of the License at 471+ * 472+ * http://www.apache.org/licenses/LICENSE-2.0 473+ * 474+ * Unless required by applicable law or agreed to in writing, software 475+ * distributed under the License is distributed on an "AS IS" BASIS, 476+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 477+ * See the License for the specific language governing permissions and 478+ * limitations under the License. 479+ */ 480+ 481+package org.bouncycastle.crypto.digests; 482+ 483+import org.bouncycastle.crypto.Digest; 484+ 485+interface AndroidDigestFactoryInterface { 486+ public Digest getMD5(); 487+ public Digest getSHA1(); 488+ public Digest getSHA256(); 489+ public Digest getSHA384(); 490+ public Digest getSHA512(); 491+} 492diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 493--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000 494+++ bcprov-jdk15on-148/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2012-09-17 23:04:47.000000000 +0000 495@@ -0,0 +1,37 @@ 496+/* 497+ * Copyright (C) 2012 The Android Open Source Project 498+ * 499+ * Licensed under the Apache License, Version 2.0 (the "License"); 500+ * you may not use this file except in compliance with the License. 501+ * You may obtain a copy of the License at 502+ * 503+ * http://www.apache.org/licenses/LICENSE-2.0 504+ * 505+ * Unless required by applicable law or agreed to in writing, software 506+ * distributed under the License is distributed on an "AS IS" BASIS, 507+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 508+ * See the License for the specific language governing permissions and 509+ * limitations under the License. 510+ */ 511+ 512+package org.bouncycastle.crypto.digests; 513+ 514+import org.bouncycastle.crypto.Digest; 515+ 516+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface { 517+ public Digest getMD5() { 518+ return new OpenSSLDigest.MD5(); 519+ } 520+ public Digest getSHA1() { 521+ return new OpenSSLDigest.SHA1(); 522+ } 523+ public Digest getSHA256() { 524+ return new OpenSSLDigest.SHA256(); 525+ } 526+ public Digest getSHA384() { 527+ return new OpenSSLDigest.SHA384(); 528+ } 529+ public Digest getSHA512() { 530+ return new OpenSSLDigest.SHA512(); 531+ } 532+} 533diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-148/org/bouncycastle/crypto/digests/OpenSSLDigest.java 534--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 535+++ bcprov-jdk15on-148/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2013-02-28 01:42:11.000000000 +0000 536@@ -0,0 +1,159 @@ 537+/* 538+ * Copyright (C) 2008 The Android Open Source Project 539+ * 540+ * Licensed under the Apache License, Version 2.0 (the "License"); 541+ * you may not use this file except in compliance with the License. 542+ * You may obtain a copy of the License at 543+ * 544+ * http://www.apache.org/licenses/LICENSE-2.0 545+ * 546+ * Unless required by applicable law or agreed to in writing, software 547+ * distributed under the License is distributed on an "AS IS" BASIS, 548+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 549+ * See the License for the specific language governing permissions and 550+ * limitations under the License. 551+ */ 552+ 553+package org.bouncycastle.crypto.digests; 554+ 555+import org.apache.harmony.xnet.provider.jsse.NativeCrypto; 556+import org.bouncycastle.crypto.ExtendedDigest; 557+ 558+/** 559+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. 560+ */ 561+public class OpenSSLDigest implements ExtendedDigest { 562+ 563+ /** 564+ * Holds the standard name of the hashing algorithm, e.g. "SHA-1"; 565+ */ 566+ private final String algorithm; 567+ 568+ /** 569+ * Holds the EVP_MD for the hashing algorithm, e.g. EVP_get_digestbyname("sha1"); 570+ */ 571+ private final long evp_md; 572+ 573+ /** 574+ * Holds the output size of the message digest. 575+ */ 576+ private final int size; 577+ 578+ /** 579+ * Holds the block size of the message digest. 580+ */ 581+ private final int blockSize; 582+ 583+ /** 584+ * Holds a pointer to the native message digest context. It is 585+ * lazily initialized to avoid having to reallocate on reset when 586+ * its unlikely to be reused. 587+ */ 588+ private long ctx; 589+ 590+ /** 591+ * Holds a dummy buffer for writing single bytes to the digest. 592+ */ 593+ private final byte[] singleByte = new byte[1]; 594+ 595+ /** 596+ * Creates a new OpenSSLMessageDigest instance for the given algorithm 597+ * name. 598+ */ 599+ private OpenSSLDigest(String algorithm, long evp_md, int size, int blockSize) { 600+ this.algorithm = algorithm; 601+ this.evp_md = evp_md; 602+ this.size = size; 603+ this.blockSize = blockSize; 604+ } 605+ 606+ public String getAlgorithmName() { 607+ return algorithm; 608+ } 609+ 610+ public int getDigestSize() { 611+ return size; 612+ } 613+ 614+ public int getByteLength() { 615+ return blockSize; 616+ } 617+ 618+ public void reset() { 619+ free(); 620+ } 621+ 622+ public void update(byte in) { 623+ singleByte[0] = in; 624+ update(singleByte, 0, 1); 625+ } 626+ 627+ public void update(byte[] in, int inOff, int len) { 628+ NativeCrypto.EVP_DigestUpdate(getCtx(), in, inOff, len); 629+ } 630+ 631+ public int doFinal(byte[] out, int outOff) { 632+ int i = NativeCrypto.EVP_DigestFinal(getCtx(), out, outOff); 633+ ctx = 0; // EVP_DigestFinal frees the context as a side effect 634+ reset(); 635+ return i; 636+ } 637+ 638+ private long getCtx() { 639+ if (ctx == 0) { 640+ ctx = NativeCrypto.EVP_DigestInit(evp_md); 641+ } 642+ return ctx; 643+ } 644+ 645+ private void free() { 646+ if (ctx != 0) { 647+ NativeCrypto.EVP_MD_CTX_destroy(ctx); 648+ ctx = 0; 649+ } 650+ } 651+ 652+ @Override 653+ protected void finalize() throws Throwable { 654+ try { 655+ free(); 656+ } finally { 657+ super.finalize(); 658+ } 659+ } 660+ 661+ public static class MD5 extends OpenSSLDigest { 662+ private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("md5"); 663+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 664+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 665+ public MD5() { super("MD5", EVP_MD, SIZE, BLOCK_SIZE); } 666+ } 667+ 668+ public static class SHA1 extends OpenSSLDigest { 669+ private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha1"); 670+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 671+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 672+ public SHA1() { super("SHA-1", EVP_MD, SIZE, BLOCK_SIZE); } 673+ } 674+ 675+ public static class SHA256 extends OpenSSLDigest { 676+ private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha256"); 677+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 678+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 679+ public SHA256() { super("SHA-256", EVP_MD, SIZE, BLOCK_SIZE); } 680+ } 681+ 682+ public static class SHA384 extends OpenSSLDigest { 683+ private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha384"); 684+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 685+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 686+ public SHA384() { super("SHA-384", EVP_MD, SIZE, BLOCK_SIZE); } 687+ } 688+ 689+ public static class SHA512 extends OpenSSLDigest { 690+ private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha512"); 691+ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 692+ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); 693+ public SHA512() { super("SHA-512", EVP_MD, SIZE, BLOCK_SIZE); } 694+ } 695+} 696diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-148/org/bouncycastle/crypto/encodings/OAEPEncoding.java 697--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-02-10 00:37:58.000000000 +0000 698+++ bcprov-jdk15on-148/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2012-09-17 23:04:47.000000000 +0000 699@@ -4,7 +4,9 @@ 700 import org.bouncycastle.crypto.CipherParameters; 701 import org.bouncycastle.crypto.Digest; 702 import org.bouncycastle.crypto.InvalidCipherTextException; 703-import org.bouncycastle.crypto.digests.SHA1Digest; 704+// BEGIN android-changed 705+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 706+// END android-changed 707 import org.bouncycastle.crypto.params.ParametersWithRandom; 708 709 import java.security.SecureRandom; 710@@ -26,7 +28,9 @@ 711 public OAEPEncoding( 712 AsymmetricBlockCipher cipher) 713 { 714- this(cipher, new SHA1Digest(), null); 715+ // BEGIN android-changed 716+ this(cipher, AndroidDigestFactory.getSHA1(), null); 717+ // END android-changed 718 } 719 720 public OAEPEncoding( 721diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-148/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 722--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2013-02-10 00:37:58.000000000 +0000 723+++ bcprov-jdk15on-148/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2012-09-17 23:04:47.000000000 +0000 724@@ -216,6 +216,12 @@ 725 throw new InvalidCipherTextException("unknown block type"); 726 } 727 } 728+ // BEGIN android-added 729+ if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) 730+ { 731+ throw new InvalidCipherTextException("invalid block type " + type); 732+ } 733+ // END android-added 734 735 if (useStrictLength && block.length != engine.getOutputBlockSize()) 736 { 737diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/engines/AESFastEngine.java bcprov-jdk15on-148/org/bouncycastle/crypto/engines/AESFastEngine.java 738--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/engines/AESFastEngine.java 2013-02-10 00:37:58.000000000 +0000 739+++ bcprov-jdk15on-148/org/bouncycastle/crypto/engines/AESFastEngine.java 2012-09-17 23:04:47.000000000 +0000 740@@ -3,6 +3,9 @@ 741 import org.bouncycastle.crypto.BlockCipher; 742 import org.bouncycastle.crypto.CipherParameters; 743 import org.bouncycastle.crypto.DataLengthException; 744+// BEGIN android-added 745+import org.bouncycastle.crypto.OutputLengthException; 746+// END android-added 747 import org.bouncycastle.crypto.params.KeyParameter; 748 749 /** 750@@ -723,7 +726,9 @@ 751 752 if ((outOff + (32 / 2)) > out.length) 753 { 754- throw new DataLengthException("output buffer too short"); 755+ // BEGIN android-changed 756+ throw new OutputLengthException("output buffer too short"); 757+ // END android-changed 758 } 759 760 if (forEncryption) 761diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/engines/DESedeEngine.java bcprov-jdk15on-148/org/bouncycastle/crypto/engines/DESedeEngine.java 762--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/engines/DESedeEngine.java 2013-02-10 00:37:58.000000000 +0000 763+++ bcprov-jdk15on-148/org/bouncycastle/crypto/engines/DESedeEngine.java 2012-09-17 23:04:47.000000000 +0000 764@@ -2,6 +2,9 @@ 765 766 import org.bouncycastle.crypto.CipherParameters; 767 import org.bouncycastle.crypto.DataLengthException; 768+// BEGIN android-added 769+import org.bouncycastle.crypto.OutputLengthException; 770+// END android-added 771 import org.bouncycastle.crypto.params.KeyParameter; 772 773 /** 774@@ -99,7 +102,9 @@ 775 776 if ((outOff + BLOCK_SIZE) > out.length) 777 { 778- throw new DataLengthException("output buffer too short"); 779+ // BEGIN android-changed 780+ throw new OutputLengthException("output buffer too short"); 781+ // END android-changed 782 } 783 784 byte[] temp = new byte[BLOCK_SIZE]; 785diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-148/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 786--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2013-02-10 00:37:58.000000000 +0000 787+++ bcprov-jdk15on-148/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2012-09-17 23:04:47.000000000 +0000 788@@ -6,7 +6,9 @@ 789 import org.bouncycastle.crypto.Digest; 790 import org.bouncycastle.crypto.InvalidCipherTextException; 791 import org.bouncycastle.crypto.Wrapper; 792-import org.bouncycastle.crypto.digests.SHA1Digest; 793+// BEGIN android-changed 794+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 795+// END android-changed 796 import org.bouncycastle.crypto.modes.CBCBlockCipher; 797 import org.bouncycastle.crypto.params.KeyParameter; 798 import org.bouncycastle.crypto.params.ParametersWithIV; 799@@ -52,7 +54,9 @@ 800 // 801 // checksum digest 802 // 803- Digest sha1 = new SHA1Digest(); 804+ // BEGIN android-changed 805+ Digest sha1 = AndroidDigestFactory.getSHA1(); 806+ // END android-changed 807 byte[] digest = new byte[20]; 808 809 /** 810diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-148/org/bouncycastle/crypto/generators/DHParametersHelper.java 811--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2013-02-10 00:37:58.000000000 +0000 812+++ bcprov-jdk15on-148/org/bouncycastle/crypto/generators/DHParametersHelper.java 2012-09-17 23:04:47.000000000 +0000 813@@ -3,10 +3,17 @@ 814 import java.math.BigInteger; 815 import java.security.SecureRandom; 816 817+// BEGIN android-added 818+import java.util.logging.Logger; 819+// END android-added 820 import org.bouncycastle.util.BigIntegers; 821 822 class DHParametersHelper 823 { 824+ // BEGIN android-added 825+ private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); 826+ // END android-added 827+ 828 private static final BigInteger ONE = BigInteger.valueOf(1); 829 private static final BigInteger TWO = BigInteger.valueOf(2); 830 831@@ -17,11 +24,19 @@ 832 */ 833 static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) 834 { 835+ // BEGIN android-added 836+ logger.info("Generating safe primes. This may take a long time."); 837+ long start = System.currentTimeMillis(); 838+ int tries = 0; 839+ // END android-added 840 BigInteger p, q; 841 int qLength = size - 1; 842 843 for (;;) 844 { 845+ // BEGIN android-added 846+ tries++; 847+ // END android-added 848 q = new BigInteger(qLength, 2, random); 849 850 // p <- 2q + 1 851@@ -32,6 +47,11 @@ 852 break; 853 } 854 } 855+ // BEGIN android-added 856+ long end = System.currentTimeMillis(); 857+ long duration = end - start; 858+ logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); 859+ // END android-added 860 861 return new BigInteger[] { p, q }; 862 } 863diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-148/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 864--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2013-02-10 00:37:58.000000000 +0000 865+++ bcprov-jdk15on-148/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000 866@@ -1,8 +1,9 @@ 867 package org.bouncycastle.crypto.generators; 868 869 import org.bouncycastle.crypto.Digest; 870-import org.bouncycastle.crypto.digests.SHA1Digest; 871-import org.bouncycastle.crypto.digests.SHA256Digest; 872+// BEGIN android-changed 873+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 874+// END android-changed 875 import org.bouncycastle.crypto.params.DSAParameters; 876 import org.bouncycastle.crypto.params.DSAValidationParameters; 877 import org.bouncycastle.util.Arrays; 878@@ -75,7 +76,9 @@ 879 byte[] part1 = new byte[20]; 880 byte[] part2 = new byte[20]; 881 byte[] u = new byte[20]; 882- SHA1Digest sha1 = new SHA1Digest(); 883+ // BEGIN android-changed 884+ Digest sha1 = AndroidDigestFactory.getSHA1(); 885+ // END android-changed 886 int n = (L - 1) / 160; 887 byte[] w = new byte[L / 8]; 888 889@@ -166,7 +169,9 @@ 890 { 891 // A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function 892 // FIXME This should be configurable (digest size in bits must be >= N) 893- Digest d = new SHA256Digest(); 894+ // BEGIN android-changed 895+ Digest d = AndroidDigestFactory.getSHA256(); 896+ // END android-changed 897 int outlen = d.getDigestSize() * 8; 898 899 // 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If 900diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-148/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 901--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2013-02-10 00:37:58.000000000 +0000 902+++ bcprov-jdk15on-148/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000 903@@ -3,7 +3,9 @@ 904 import org.bouncycastle.crypto.CipherParameters; 905 import org.bouncycastle.crypto.Digest; 906 import org.bouncycastle.crypto.PBEParametersGenerator; 907-import org.bouncycastle.crypto.digests.MD5Digest; 908+// BEGIN android-changed 909+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 910+// END android-changed 911 import org.bouncycastle.crypto.params.KeyParameter; 912 import org.bouncycastle.crypto.params.ParametersWithIV; 913 914@@ -17,7 +19,9 @@ 915 public class OpenSSLPBEParametersGenerator 916 extends PBEParametersGenerator 917 { 918- private Digest digest = new MD5Digest(); 919+ // BEGIN android-changed 920+ private Digest digest = AndroidDigestFactory.getMD5(); 921+ // END android-changed 922 923 /** 924 * Construct a OpenSSL Parameters generator. 925diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-148/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 926--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-02-10 00:37:58.000000000 +0000 927+++ bcprov-jdk15on-148/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000 928@@ -4,7 +4,9 @@ 929 import org.bouncycastle.crypto.Digest; 930 import org.bouncycastle.crypto.Mac; 931 import org.bouncycastle.crypto.PBEParametersGenerator; 932-import org.bouncycastle.crypto.digests.SHA1Digest; 933+// BEGIN android-changed 934+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 935+// END android-changed 936 import org.bouncycastle.crypto.macs.HMac; 937 import org.bouncycastle.crypto.params.KeyParameter; 938 import org.bouncycastle.crypto.params.ParametersWithIV; 939@@ -27,7 +29,9 @@ 940 */ 941 public PKCS5S2ParametersGenerator() 942 { 943- this(new SHA1Digest()); 944+ // BEGIN android-changed 945+ this(AndroidDigestFactory.getSHA1()); 946+ // END android-changed 947 } 948 949 public PKCS5S2ParametersGenerator(Digest digest) 950diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-148/org/bouncycastle/crypto/macs/HMac.java 951--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/macs/HMac.java 2013-02-10 00:37:58.000000000 +0000 952+++ bcprov-jdk15on-148/org/bouncycastle/crypto/macs/HMac.java 2012-09-17 23:04:47.000000000 +0000 953@@ -33,23 +33,31 @@ 954 { 955 blockLengths = new Hashtable(); 956 957- blockLengths.put("GOST3411", Integers.valueOf(32)); 958- 959- blockLengths.put("MD2", Integers.valueOf(16)); 960- blockLengths.put("MD4", Integers.valueOf(64)); 961+ // BEGIN android-removed 962+ // blockLengths.put("GOST3411", Integers.valueOf(32)); 963+ // 964+ // blockLengths.put("MD2", Integers.valueOf(16)); 965+ // blockLengths.put("MD4", Integers.valueOf(64)); 966+ // END android-removed 967 blockLengths.put("MD5", Integers.valueOf(64)); 968 969- blockLengths.put("RIPEMD128", Integers.valueOf(64)); 970- blockLengths.put("RIPEMD160", Integers.valueOf(64)); 971+ // BEGIN android-removed 972+ // blockLengths.put("RIPEMD128", Integers.valueOf(64)); 973+ // blockLengths.put("RIPEMD160", Integers.valueOf(64)); 974+ // END android-removed 975 976 blockLengths.put("SHA-1", Integers.valueOf(64)); 977- blockLengths.put("SHA-224", Integers.valueOf(64)); 978+ // BEGIN android-removed 979+ // blockLengths.put("SHA-224", Integers.valueOf(64)); 980+ // END android-removed 981 blockLengths.put("SHA-256", Integers.valueOf(64)); 982 blockLengths.put("SHA-384", Integers.valueOf(128)); 983 blockLengths.put("SHA-512", Integers.valueOf(128)); 984 985- blockLengths.put("Tiger", Integers.valueOf(64)); 986- blockLengths.put("Whirlpool", Integers.valueOf(64)); 987+ // BEGIN android-removed 988+ // blockLengths.put("Tiger", Integers.valueOf(64)); 989+ // blockLengths.put("Whirlpool", Integers.valueOf(64)); 990+ // END android-removed 991 } 992 993 private static int getByteLength( 994diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-148/org/bouncycastle/crypto/signers/RSADigestSigner.java 995--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2013-02-10 00:37:58.000000000 +0000 996+++ bcprov-jdk15on-148/org/bouncycastle/crypto/signers/RSADigestSigner.java 2012-09-17 23:04:47.000000000 +0000 997@@ -39,18 +39,24 @@ 998 */ 999 static 1000 { 1001- oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1002- oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1003- oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1004+ // BEGIN android-removed 1005+ // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1006+ // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1007+ // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1008+ // END android-removed 1009 1010 oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); 1011- oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 1012+ // BEGIN android-removed 1013+ // oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 1014+ // END android-removed 1015 oidMap.put("SHA-256", NISTObjectIdentifiers.id_sha256); 1016 oidMap.put("SHA-384", NISTObjectIdentifiers.id_sha384); 1017 oidMap.put("SHA-512", NISTObjectIdentifiers.id_sha512); 1018 1019- oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1020- oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1021+ // BEGIN android-removed 1022+ // oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1023+ // oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1024+ // END android-removed 1025 oidMap.put("MD5", PKCSObjectIdentifiers.md5); 1026 } 1027 1028diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-148/org/bouncycastle/crypto/util/PrivateKeyFactory.java 1029--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2013-02-10 00:37:58.000000000 +0000 1030+++ bcprov-jdk15on-148/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2012-09-17 23:04:47.000000000 +0000 1031@@ -11,7 +11,9 @@ 1032 import org.bouncycastle.asn1.ASN1Primitive; 1033 import org.bouncycastle.asn1.ASN1Sequence; 1034 import org.bouncycastle.asn1.nist.NISTNamedCurves; 1035-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1036+// BEGIN android-removed 1037+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1038+// END android-removed 1039 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1040 import org.bouncycastle.asn1.pkcs.DHParameter; 1041 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1042@@ -19,7 +21,9 @@ 1043 import org.bouncycastle.asn1.pkcs.RSAPrivateKey; 1044 import org.bouncycastle.asn1.sec.ECPrivateKey; 1045 import org.bouncycastle.asn1.sec.SECNamedCurves; 1046-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1047+// BEGIN android-removed 1048+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1049+// END android-removed 1050 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 1051 import org.bouncycastle.asn1.x509.DSAParameter; 1052 import org.bouncycastle.asn1.x9.X962NamedCurves; 1053@@ -33,8 +37,10 @@ 1054 import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; 1055 import org.bouncycastle.crypto.params.ECDomainParameters; 1056 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 1057-import org.bouncycastle.crypto.params.ElGamalParameters; 1058-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1059+// BEGIN android-removed 1060+// import org.bouncycastle.crypto.params.ElGamalParameters; 1061+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1062+// END android-removed 1063 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; 1064 1065 /** 1066@@ -100,14 +106,16 @@ 1067 1068 return new DHPrivateKeyParameters(derX.getValue(), dhParams); 1069 } 1070- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1071- { 1072- ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1073- ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1074- 1075- return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1076- params.getP(), params.getG())); 1077- } 1078+ // BEGIN android-removed 1079+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1080+ // { 1081+ // ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1082+ // ASN1Integer = (ASN1Integer)keyInfo.parsePrivateKey(); 1083+ // 1084+ // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1085+ // params.getP(), params.getG())); 1086+ // } 1087+ // END android-removed 1088 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) 1089 { 1090 ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1091@@ -140,10 +148,12 @@ 1092 { 1093 x9 = NISTNamedCurves.getByOID(oid); 1094 1095- if (x9 == null) 1096- { 1097- x9 = TeleTrusTNamedCurves.getByOID(oid); 1098- } 1099+ // BEGIN android-removed 1100+ // if (x9 == null) 1101+ // { 1102+ // x9 = TeleTrusTNamedCurves.getByOID(oid); 1103+ // } 1104+ // END android-removed 1105 } 1106 } 1107 } 1108diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-148/org/bouncycastle/crypto/util/PublicKeyFactory.java 1109--- bcprov-jdk15on-148.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2013-02-10 00:37:58.000000000 +0000 1110+++ bcprov-jdk15on-148/org/bouncycastle/crypto/util/PublicKeyFactory.java 2012-09-17 23:04:47.000000000 +0000 1111@@ -13,13 +13,17 @@ 1112 import org.bouncycastle.asn1.ASN1Sequence; 1113 import org.bouncycastle.asn1.DEROctetString; 1114 import org.bouncycastle.asn1.nist.NISTNamedCurves; 1115-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1116+// BEGIN android-removed 1117+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1118+// END android-removed 1119 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1120 import org.bouncycastle.asn1.pkcs.DHParameter; 1121 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1122 import org.bouncycastle.asn1.pkcs.RSAPublicKey; 1123 import org.bouncycastle.asn1.sec.SECNamedCurves; 1124-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1125+// BEGIN android-removed 1126+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1127+// END android-removed 1128 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 1129 import org.bouncycastle.asn1.x509.DSAParameter; 1130 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 1131@@ -40,8 +44,10 @@ 1132 import org.bouncycastle.crypto.params.DSAPublicKeyParameters; 1133 import org.bouncycastle.crypto.params.ECDomainParameters; 1134 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 1135-import org.bouncycastle.crypto.params.ElGamalParameters; 1136-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1137+// BEGIN android-removed 1138+// import org.bouncycastle.crypto.params.ElGamalParameters; 1139+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1140+// END android-removed 1141 import org.bouncycastle.crypto.params.RSAKeyParameters; 1142 1143 /** 1144@@ -135,14 +141,16 @@ 1145 1146 return new DHPublicKeyParameters(derY.getValue(), dhParams); 1147 } 1148- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1149- { 1150- ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1151- ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1152- 1153- return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1154- params.getP(), params.getG())); 1155- } 1156+ // BEGIN android-removed 1157+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1158+ // { 1159+ // ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1160+ // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1161+ // 1162+ // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1163+ // params.getP(), params.getG())); 1164+ // } 1165+ // END android-removed 1166 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) 1167 || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) 1168 { 1169@@ -177,10 +185,12 @@ 1170 { 1171 x9 = NISTNamedCurves.getByOID(oid); 1172 1173- if (x9 == null) 1174- { 1175- x9 = TeleTrusTNamedCurves.getByOID(oid); 1176- } 1177+ // BEGIN android-removed 1178+ // if (x9 == null) 1179+ // { 1180+ // x9 = TeleTrusTNamedCurves.getByOID(oid); 1181+ // } 1182+ // END android-removed 1183 } 1184 } 1185 } 1186diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/DH.java 1187--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2013-02-10 00:37:58.000000000 +0000 1188+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2012-09-17 23:04:47.000000000 +0000 1189@@ -32,11 +32,13 @@ 1190 1191 provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); 1192 1193- provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1194- provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1195- provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1196- provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1197- provider.addAlgorithm("KeyPairGenerator.IES", PREFIX + "KeyPairGeneratorSpi"); 1198+ // BEGIN android-removed 1199+ // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1200+ // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1201+ // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1202+ // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1203+ // provider.addAlgorithm("KeyPairGenerator.IES", PREFIX + "KeyPairGeneratorSpi"); 1204+ // END android-removed 1205 } 1206 } 1207 } 1208diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 1209--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2013-02-10 00:37:58.000000000 +0000 1210+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2012-09-17 23:04:47.000000000 +0000 1211@@ -27,33 +27,43 @@ 1212 provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); 1213 provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); 1214 1215- provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); 1216+ // BEGIN android-changed 1217+ provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); 1218+ // END android-changed 1219 provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); 1220 1221 provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); 1222 1223- addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1224- addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1225- addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1226- addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1227- 1228- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); 1229- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); 1230- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); 1231- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); 1232- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); 1233- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); 1234- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); 1235- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); 1236- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); 1237+ // BEGIN android-removed 1238+ // addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1239+ // addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1240+ // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1241+ // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1242+ // END android-removed 1243+ 1244+ // BEGIN android-added 1245+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); 1246+ // END android-added 1247+ // BEGIN android-changed 1248+ provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); 1249+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); 1250+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); 1251+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); 1252+ provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); 1253+ provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); 1254+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); 1255+ provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); 1256 1257- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1258+ provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); 1259+ // END android-changed 1260 1261 AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); 1262 1263 for (int i = 0; i != DSAUtil.dsaOids.length; i++) 1264 { 1265- provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA"); 1266+ // BEGIN android-changed 1267+ provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); 1268+ // END android-changed 1269 1270 registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); 1271 registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); 1272diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/EC.java 1273--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2013-02-10 00:37:58.000000000 +0000 1274+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2012-09-17 23:04:47.000000000 +0000 1275@@ -1,7 +1,9 @@ 1276 package org.bouncycastle.jcajce.provider.asymmetric; 1277 1278-import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1279-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1280+// BEGIN android-removed 1281+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1282+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1283+// END android-removed 1284 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 1285 import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; 1286 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1287@@ -21,39 +23,49 @@ 1288 public void configure(ConfigurableProvider provider) 1289 { 1290 provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); 1291- provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1292- provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1293- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1294- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1295+ // BEGIN android-removed 1296+ // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1297+ // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1298+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1299+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1300+ // END android-removed 1301 1302 registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); 1303 // TODO Should this be an alias for ECDH? 1304 registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); 1305- registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1306- 1307- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1308- // TODO Should this be an alias for ECDH? 1309- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1310- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1311+ // BEGIN android-removed 1312+ // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1313+ // END android-removed 1314+ 1315+ // BEGIN android-removed 1316+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1317+ // // TODO Should this be an alias for ECDH? 1318+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1319+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1320+ // END android-removed 1321 1322 provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); 1323- provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1324- provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1325- provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1326- provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1327+ // BEGIN android-removed 1328+ // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1329+ // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1330+ // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1331+ // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1332+ // END android-removed 1333 1334 provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); 1335- provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1336- provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1337- provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1338- provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1339- provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1340- 1341- provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1342- provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1343- provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1344- provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1345- provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1346+ // BEGIN android-removed 1347+ // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1348+ // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1349+ // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1350+ // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1351+ // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1352+ // 1353+ // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1354+ // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1355+ // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1356+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1357+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1358+ // END android-removed 1359 1360 provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); 1361 provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); 1362@@ -65,23 +77,29 @@ 1363 provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); 1364 provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); 1365 provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); 1366- provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1367- 1368- addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1369+ // BEGIN android-removed 1370+ // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1371+ // END android-removed 1372+ 1373+ // BEGIN android-removed 1374+ // addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1375+ // END android-removed 1376 addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); 1377 addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); 1378 addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); 1379- addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1380- 1381- provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1382- provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1383- provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1384- provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1385- provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1386- 1387- addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1388- addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1389- addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1390+ // BEGIN android-removed 1391+ // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1392+ // 1393+ // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1394+ // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1395+ // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1396+ // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1397+ // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1398+ // 1399+ // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1400+ // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1401+ // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1402+ // END android-removed 1403 } 1404 } 1405 } 1406diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 1407--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2013-02-10 00:37:58.000000000 +0000 1408+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2012-11-01 05:41:05.000000000 +0000 1409@@ -3,7 +3,9 @@ 1410 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1411 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1412 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1413-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1414+// BEGIN android-removed 1415+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1416+// END android-removed 1417 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 1418 import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; 1419 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1420@@ -24,41 +26,49 @@ 1421 public void configure(ConfigurableProvider provider) 1422 { 1423 provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); 1424- provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1425- 1426- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1427- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1428- 1429- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1430- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1431- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1432- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1433- 1434- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1435- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1436- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1437- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1438- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1439- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1440- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1441- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1442+ // BEGIN android-removed 1443+ // provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1444+ // 1445+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1446+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1447+ // 1448+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1449+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1450+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1451+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1452+ // 1453+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1454+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1455+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1456+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1457+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1458+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1459+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1460+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1461+ // END android-removed 1462 1463 provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); 1464- provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding"); 1465- provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1466- provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1467- provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1468- provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1469- provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1470- provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1471- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1472- provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1473+ // BEGIN android-changed 1474+ provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); 1475+ // END android-changed 1476+ // BEGIN android-removed 1477+ // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1478+ // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1479+ // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1480+ // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1481+ // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1482+ // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1483+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1484+ // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1485+ // END android-removed 1486 1487 provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); 1488 provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); 1489- provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1490- provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1491- provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1492+ // BEGIN android-removed 1493+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1494+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1495+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1496+ // END android-removed 1497 1498 provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); 1499 provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); 1500@@ -68,101 +78,113 @@ 1501 registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); 1502 registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); 1503 registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); 1504- registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1505- 1506- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1507- registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1508- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1509- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1510- 1511- 1512- provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1513- provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1514- provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1515- 1516- provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1517- provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1518- provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1519- provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1520- 1521- provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1522- provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1523- 1524- provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1525- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1526- provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1527- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1528- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1529- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1530- provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1531- 1532- 1533- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1534- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1535- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1536- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1537- provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHRSAANDMGF1", "SHA224withRSA/PSS"); 1538- provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHRSAANDMGF1", "SHA256withRSA/PSS"); 1539- provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHRSAANDMGF1", "SHA384withRSA/PSS"); 1540- provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHRSAANDMGF1", "SHA512withRSA/PSS"); 1541- 1542- if (provider.hasAlgorithm("MessageDigest", "MD2")) 1543- { 1544- addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1545- } 1546- 1547- if (provider.hasAlgorithm("MessageDigest", "MD4")) 1548- { 1549- addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1550- } 1551+ // BEGIN android-removed 1552+ // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1553+ // 1554+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1555+ // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1556+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1557+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1558+ // 1559+ // 1560+ // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1561+ // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1562+ // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1563+ // 1564+ // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1565+ // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1566+ // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1567+ // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1568+ // 1569+ // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1570+ // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1571+ // 1572+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1573+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1574+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1575+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1576+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1577+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1578+ // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1579+ // 1580+ // 1581+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1582+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1583+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1584+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1585+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHRSAANDMGF1", "SHA224withRSA/PSS"); 1586+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHRSAANDMGF1", "SHA256withRSA/PSS"); 1587+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHRSAANDMGF1", "SHA384withRSA/PSS"); 1588+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHRSAANDMGF1", "SHA512withRSA/PSS"); 1589+ // 1590+ // if (provider.hasAlgorithm("MessageDigest", "MD2")) 1591+ // { 1592+ // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1593+ // } 1594+ // 1595+ // if (provider.hasAlgorithm("MessageDigest", "MD4")) 1596+ // { 1597+ // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1598+ // } 1599+ // END android-removed 1600 1601 if (provider.hasAlgorithm("MessageDigest", "MD5")) 1602 { 1603 addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); 1604- provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1605- provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1606+ // BEGIN android-removed 1607+ // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1608+ // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1609+ // END android-removed 1610 } 1611 1612 if (provider.hasAlgorithm("MessageDigest", "SHA1")) 1613 { 1614- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1615- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1616- provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1617- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1618- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1619+ // BEGIN android-removed 1620+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1621+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1622+ // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1623+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1624+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1625+ // END android-removed 1626 1627 addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); 1628 1629- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1630- provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1631+ // BEGIN android-removed 1632+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1633+ // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1634+ // END android-removed 1635 provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1636 provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1637 } 1638 1639- addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); 1640+ // BEGIN android-removed 1641+ // addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); 1642+ // END android-removed 1643 addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption); 1644 addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); 1645 addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); 1646 1647- if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1648- { 1649- addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1650- addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1651- } 1652- 1653- if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1654- { 1655- addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1656- addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1657- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1658- provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1659- } 1660- 1661- if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1662- { 1663- addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1664- addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1665- } 1666+ // BEGIN android-removed 1667+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1668+ // { 1669+ // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1670+ // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1671+ // } 1672+ // 1673+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1674+ // { 1675+ // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1676+ // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1677+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1678+ // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1679+ // } 1680+ // 1681+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1682+ // { 1683+ // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1684+ // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1685+ // } 1686+ // END android-removed 1687 } 1688 1689 private void addDigestSignature( 1690diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/X509.java 1691--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2013-02-10 00:37:58.000000000 +0000 1692+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-09-17 23:04:47.000000000 +0000 1693@@ -18,8 +18,10 @@ 1694 1695 public void configure(ConfigurableProvider provider) 1696 { 1697- provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1698- provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1699+ // BEGIN android-removed 1700+ // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1701+ // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1702+ // END android-removed 1703 1704 // 1705 // certificate factories. 1706diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 1707--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-02-10 00:37:58.000000000 +0000 1708+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2012-09-17 23:04:47.000000000 +0000 1709@@ -23,11 +23,16 @@ 1710 import org.bouncycastle.crypto.DSA; 1711 import org.bouncycastle.crypto.Digest; 1712 import org.bouncycastle.crypto.digests.NullDigest; 1713-import org.bouncycastle.crypto.digests.SHA1Digest; 1714-import org.bouncycastle.crypto.digests.SHA224Digest; 1715-import org.bouncycastle.crypto.digests.SHA256Digest; 1716-import org.bouncycastle.crypto.digests.SHA384Digest; 1717-import org.bouncycastle.crypto.digests.SHA512Digest; 1718+// BEGIN android-added 1719+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1720+// END android-added 1721+// BEGIN android-removed 1722+// import org.bouncycastle.crypto.digests.SHA1Digest; 1723+// import org.bouncycastle.crypto.digests.SHA224Digest; 1724+// import org.bouncycastle.crypto.digests.SHA256Digest; 1725+// import org.bouncycastle.crypto.digests.SHA384Digest; 1726+// import org.bouncycastle.crypto.digests.SHA512Digest; 1727+// END android-removed 1728 import org.bouncycastle.crypto.params.ParametersWithRandom; 1729 1730 public class DSASigner 1731@@ -228,45 +233,49 @@ 1732 { 1733 public stdDSA() 1734 { 1735- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1736+ // BEGIN android-changed 1737+ super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); 1738+ // END android-changed 1739 } 1740 } 1741 1742- static public class dsa224 1743- extends DSASigner 1744- { 1745- public dsa224() 1746- { 1747- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1748- } 1749- } 1750- 1751- static public class dsa256 1752- extends DSASigner 1753- { 1754- public dsa256() 1755- { 1756- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1757- } 1758- } 1759- 1760- static public class dsa384 1761- extends DSASigner 1762- { 1763- public dsa384() 1764- { 1765- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1766- } 1767- } 1768- 1769- static public class dsa512 1770- extends DSASigner 1771- { 1772- public dsa512() 1773- { 1774- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1775- } 1776- } 1777+ // BEGIN android-removed 1778+ // static public class dsa224 1779+ // extends DSASigner 1780+ // { 1781+ // public dsa224() 1782+ // { 1783+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1784+ // } 1785+ // } 1786+ // 1787+ // static public class dsa256 1788+ // extends DSASigner 1789+ // { 1790+ // public dsa256() 1791+ // { 1792+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1793+ // } 1794+ // } 1795+ // 1796+ // static public class dsa384 1797+ // extends DSASigner 1798+ // { 1799+ // public dsa384() 1800+ // { 1801+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1802+ // } 1803+ // } 1804+ // 1805+ // static public class dsa512 1806+ // extends DSASigner 1807+ // { 1808+ // public dsa512() 1809+ // { 1810+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1811+ // } 1812+ // } 1813+ // END android-removed 1814 1815 static public class noneDSA 1816 extends DSASigner 1817diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java 1818--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java 2013-02-10 00:37:58.000000000 +0000 1819+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java 2012-09-17 23:04:47.000000000 +0000 1820@@ -19,8 +19,10 @@ 1821 import org.bouncycastle.asn1.DERInteger; 1822 import org.bouncycastle.asn1.DERNull; 1823 import org.bouncycastle.asn1.DERObjectIdentifier; 1824-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 1825-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 1826+// BEGIN android-removed 1827+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 1828+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 1829+// END android-removed 1830 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 1831 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 1832 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 1833@@ -222,21 +224,23 @@ 1834 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 1835 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 1836 1837- if (ecP == null) // GOST Curve 1838- { 1839- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 1840- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 1841- 1842- ecSpec = new ECNamedCurveSpec( 1843- ECGOST3410NamedCurves.getName(oid), 1844- ellipticCurve, 1845- new ECPoint( 1846- gParam.getG().getX().toBigInteger(), 1847- gParam.getG().getY().toBigInteger()), 1848- gParam.getN(), 1849- gParam.getH()); 1850- } 1851- else 1852+ // BEGIN android-removed 1853+ // if (ecP == null) // GOST Curve 1854+ // { 1855+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 1856+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 1857+ // 1858+ // ecSpec = new ECNamedCurveSpec( 1859+ // ECGOST3410NamedCurves.getName(oid), 1860+ // ellipticCurve, 1861+ // new ECPoint( 1862+ // gParam.getG().getX().toBigInteger(), 1863+ // gParam.getG().getY().toBigInteger()), 1864+ // gParam.getN(), 1865+ // gParam.getH()); 1866+ // } 1867+ // else 1868+ // END android-removed 1869 { 1870 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 1871 1872@@ -350,11 +354,13 @@ 1873 1874 try 1875 { 1876- if (algorithm.equals("ECGOST3410")) 1877- { 1878- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 1879- } 1880- else 1881+ // BEGIN android-removed 1882+ // if (algorithm.equals("ECGOST3410")) 1883+ // { 1884+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 1885+ // } 1886+ // else 1887+ // END android-removed 1888 { 1889 1890 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 1891diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java 1892--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java 2013-02-10 00:37:58.000000000 +0000 1893+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java 2012-10-12 07:52:09.000000000 +0000 1894@@ -5,11 +5,15 @@ 1895 import java.security.PublicKey; 1896 1897 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1898-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 1899+// BEGIN android-removed 1900+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 1901+// END android-removed 1902 import org.bouncycastle.asn1.nist.NISTNamedCurves; 1903 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 1904 import org.bouncycastle.asn1.sec.SECNamedCurves; 1905-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1906+// BEGIN android-removed 1907+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 1908+// END android-removed 1909 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 1910 import org.bouncycastle.asn1.x9.X962NamedCurves; 1911 import org.bouncycastle.asn1.x9.X9ECParameters; 1912@@ -224,14 +228,16 @@ 1913 { 1914 oid = NISTNamedCurves.getOID(name); 1915 } 1916- if (oid == null) 1917- { 1918- oid = TeleTrusTNamedCurves.getOID(name); 1919- } 1920- if (oid == null) 1921- { 1922- oid = ECGOST3410NamedCurves.getOID(name); 1923- } 1924+ // BEGIN android-removed 1925+ // if (oid == null) 1926+ // { 1927+ // oid = TeleTrusTNamedCurves.getOID(name); 1928+ // } 1929+ // if (oid == null) 1930+ // { 1931+ // oid = ECGOST3410NamedCurves.getOID(name); 1932+ // } 1933+ // END android-removed 1934 } 1935 1936 return oid; 1937@@ -249,10 +255,12 @@ 1938 { 1939 params = NISTNamedCurves.getByOID(oid); 1940 } 1941- if (params == null) 1942- { 1943- params = TeleTrusTNamedCurves.getByOID(oid); 1944- } 1945+ // BEGIN android-removed 1946+ // if (params == null) 1947+ // { 1948+ // params = TeleTrusTNamedCurves.getByOID(oid); 1949+ // } 1950+ // END android-removed 1951 } 1952 1953 return params; 1954@@ -270,14 +278,16 @@ 1955 { 1956 name = NISTNamedCurves.getName(oid); 1957 } 1958- if (name == null) 1959- { 1960- name = TeleTrusTNamedCurves.getName(oid); 1961- } 1962- if (name == null) 1963- { 1964- name = ECGOST3410NamedCurves.getName(oid); 1965- } 1966+ // BEGIN android-removed 1967+ // if (name == null) 1968+ // { 1969+ // name = TeleTrusTNamedCurves.getName(oid); 1970+ // } 1971+ // if (name == null) 1972+ // { 1973+ // name = ECGOST3410NamedCurves.getName(oid); 1974+ // } 1975+ // END android-removed 1976 } 1977 1978 return name; 1979diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 1980--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2013-02-10 00:37:58.000000000 +0000 1981+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2013-03-19 19:26:57.000000000 +0000 1982@@ -23,20 +23,26 @@ 1983 import org.bouncycastle.crypto.CipherParameters; 1984 import org.bouncycastle.crypto.DerivationFunction; 1985 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; 1986-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 1987-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 1988-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 1989-import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 1990+// BEGIN android-removed 1991+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 1992+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 1993+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 1994+// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 1995+// END android-removed 1996 import org.bouncycastle.crypto.digests.SHA1Digest; 1997 import org.bouncycastle.crypto.params.ECDomainParameters; 1998 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 1999 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 2000-import org.bouncycastle.crypto.params.MQVPrivateParameters; 2001-import org.bouncycastle.crypto.params.MQVPublicParameters; 2002+// BEGIN android-removed 2003+// import org.bouncycastle.crypto.params.MQVPrivateParameters; 2004+// import org.bouncycastle.crypto.params.MQVPublicParameters; 2005+// END android-removed 2006 import org.bouncycastle.jce.interfaces.ECPrivateKey; 2007 import org.bouncycastle.jce.interfaces.ECPublicKey; 2008-import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2009-import org.bouncycastle.jce.interfaces.MQVPublicKey; 2010+// BEGIN android-removed 2011+// import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2012+// import org.bouncycastle.jce.interfaces.MQVPublicKey; 2013+// END android-removed 2014 import org.bouncycastle.util.Integers; 2015 2016 /** 2017@@ -70,7 +76,9 @@ 2018 private BigInteger result; 2019 private ECDomainParameters parameters; 2020 private BasicAgreement agreement; 2021- private DerivationFunction kdf; 2022+ // BEGIN android-removed 2023+ // private DerivationFunction kdf; 2024+ // END android-removed 2025 2026 private byte[] bigIntToBytes( 2027 BigInteger r) 2028@@ -85,7 +93,9 @@ 2029 { 2030 this.kaAlgorithm = kaAlgorithm; 2031 this.agreement = agreement; 2032- this.kdf = kdf; 2033+ // BEGIN android-removed 2034+ // this.kdf = kdf; 2035+ // END android-removed 2036 } 2037 2038 protected Key engineDoPhase( 2039@@ -104,25 +114,27 @@ 2040 } 2041 2042 CipherParameters pubKey; 2043- if (agreement instanceof ECMQVBasicAgreement) 2044- { 2045- if (!(key instanceof MQVPublicKey)) 2046- { 2047- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2048- + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2049- } 2050- 2051- MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2052- ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2053- ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2054- ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2055- ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2056- 2057- pubKey = new MQVPublicParameters(staticKey, ephemKey); 2058- 2059- // TODO Validate that all the keys are using the same parameters? 2060- } 2061- else 2062+ // BEGIN android-removed 2063+ // if (agreement instanceof ECMQVBasicAgreement) 2064+ // { 2065+ // if (!(key instanceof MQVPublicKey)) 2066+ // { 2067+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2068+ // + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2069+ // } 2070+ // 2071+ // MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2072+ // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2073+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2074+ // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2075+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2076+ // 2077+ // pubKey = new MQVPublicParameters(staticKey, ephemKey); 2078+ // 2079+ // // TODO Validate that all the keys are using the same parameters? 2080+ // } 2081+ // else 2082+ // END android-removed 2083 { 2084 if (!(key instanceof PublicKey)) 2085 { 2086@@ -143,11 +155,13 @@ 2087 protected byte[] engineGenerateSecret() 2088 throws IllegalStateException 2089 { 2090- if (kdf != null) 2091- { 2092- throw new UnsupportedOperationException( 2093- "KDF can only be used when algorithm is known"); 2094- } 2095+ // BEGIN android-removed 2096+ // if (kdf != null) 2097+ // { 2098+ // throw new UnsupportedOperationException( 2099+ // "KDF can only be used when algorithm is known"); 2100+ // } 2101+ // END android-removed 2102 2103 return bigIntToBytes(result); 2104 } 2105@@ -175,23 +189,25 @@ 2106 { 2107 byte[] secret = bigIntToBytes(result); 2108 2109- if (kdf != null) 2110- { 2111- if (!algorithms.containsKey(algorithm)) 2112- { 2113- throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2114- } 2115- 2116- int keySize = ((Integer)algorithms.get(algorithm)).intValue(); 2117- 2118- DHKDFParameters params = new DHKDFParameters(new DERObjectIdentifier(algorithm), keySize, secret); 2119- 2120- byte[] keyBytes = new byte[keySize / 8]; 2121- kdf.init(params); 2122- kdf.generateBytes(keyBytes, 0, keyBytes.length); 2123- secret = keyBytes; 2124- } 2125- else 2126+ // BEGIN android-removed 2127+ // if (kdf != null) 2128+ // { 2129+ // if (!algorithms.containsKey(algorithm)) 2130+ // { 2131+ // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2132+ // } 2133+ // 2134+ // int keySize = ((Integer)algorithms.get(algorithm)).intValue(); 2135+ // 2136+ // DHKDFParameters params = new DHKDFParameters(new DERObjectIdentifier(algorithm), keySize, secret); 2137+ // 2138+ // byte[] keyBytes = new byte[keySize / 8]; 2139+ // kdf.init(params); 2140+ // kdf.generateBytes(keyBytes, 0, keyBytes.length); 2141+ // secret = keyBytes; 2142+ // } 2143+ // else 2144+ // END android-removed 2145 { 2146 // TODO Should we be ensuring the key is the right length? 2147 } 2148@@ -205,6 +221,12 @@ 2149 SecureRandom random) 2150 throws InvalidKeyException, InvalidAlgorithmParameterException 2151 { 2152+ // BEGIN android-added 2153+ if (params != null) 2154+ { 2155+ throw new InvalidAlgorithmParameterException("No algorithm parameters supported"); 2156+ } 2157+ // END android-added 2158 initFromKey(key); 2159 } 2160 2161@@ -219,35 +241,37 @@ 2162 private void initFromKey(Key key) 2163 throws InvalidKeyException 2164 { 2165- if (agreement instanceof ECMQVBasicAgreement) 2166- { 2167- if (!(key instanceof MQVPrivateKey)) 2168- { 2169- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2170- + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2171- } 2172- 2173- MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2174- ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2175- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2176- ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2177- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2178- 2179- ECPublicKeyParameters ephemPubKey = null; 2180- if (mqvPrivKey.getEphemeralPublicKey() != null) 2181- { 2182- ephemPubKey = (ECPublicKeyParameters) 2183- ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2184- } 2185- 2186- MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2187- this.parameters = staticPrivKey.getParameters(); 2188- 2189- // TODO Validate that all the keys are using the same parameters? 2190- 2191- agreement.init(localParams); 2192- } 2193- else 2194+ // BEGIN android-removed 2195+ // if (agreement instanceof ECMQVBasicAgreement) 2196+ // { 2197+ // if (!(key instanceof MQVPrivateKey)) 2198+ // { 2199+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2200+ // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2201+ // } 2202+ // 2203+ // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2204+ // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2205+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2206+ // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2207+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2208+ // 2209+ // ECPublicKeyParameters ephemPubKey = null; 2210+ // if (mqvPrivKey.getEphemeralPublicKey() != null) 2211+ // { 2212+ // ephemPubKey = (ECPublicKeyParameters) 2213+ // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2214+ // } 2215+ // 2216+ // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2217+ // this.parameters = staticPrivKey.getParameters(); 2218+ // 2219+ // // TODO Validate that all the keys are using the same parameters? 2220+ // 2221+ // agreement.init(localParams); 2222+ // } 2223+ // else 2224+ // END android-removed 2225 { 2226 if (!(key instanceof PrivateKey)) 2227 { 2228@@ -278,39 +302,41 @@ 2229 } 2230 } 2231 2232- public static class DHC 2233- extends KeyAgreementSpi 2234- { 2235- public DHC() 2236- { 2237- super("ECDHC", new ECDHCBasicAgreement(), null); 2238- } 2239- } 2240- 2241- public static class MQV 2242- extends KeyAgreementSpi 2243- { 2244- public MQV() 2245- { 2246- super("ECMQV", new ECMQVBasicAgreement(), null); 2247- } 2248- } 2249- 2250- public static class DHwithSHA1KDF 2251- extends KeyAgreementSpi 2252- { 2253- public DHwithSHA1KDF() 2254- { 2255- super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2256- } 2257- } 2258- 2259- public static class MQVwithSHA1KDF 2260- extends KeyAgreementSpi 2261- { 2262- public MQVwithSHA1KDF() 2263- { 2264- super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2265- } 2266- } 2267+ // BEGIN android-removed 2268+ // public static class DHC 2269+ // extends KeyAgreementSpi 2270+ // { 2271+ // public DHC() 2272+ // { 2273+ // super("ECDHC", new ECDHCBasicAgreement(), null); 2274+ // } 2275+ // } 2276+ // 2277+ // public static class MQV 2278+ // extends KeyAgreementSpi 2279+ // { 2280+ // public MQV() 2281+ // { 2282+ // super("ECMQV", new ECMQVBasicAgreement(), null); 2283+ // } 2284+ // } 2285+ // 2286+ // public static class DHwithSHA1KDF 2287+ // extends KeyAgreementSpi 2288+ // { 2289+ // public DHwithSHA1KDF() 2290+ // { 2291+ // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2292+ // } 2293+ // } 2294+ // 2295+ // public static class MQVwithSHA1KDF 2296+ // extends KeyAgreementSpi 2297+ // { 2298+ // public MQVwithSHA1KDF() 2299+ // { 2300+ // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2301+ // } 2302+ // } 2303+ // END android-removed 2304 } 2305diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2306--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-02-10 00:37:58.000000000 +0000 2307+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2012-09-17 23:04:47.000000000 +0000 2308@@ -200,14 +200,16 @@ 2309 } 2310 } 2311 2312- public static class ECGOST3410 2313- extends KeyFactorySpi 2314- { 2315- public ECGOST3410() 2316- { 2317- super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2318- } 2319- } 2320+ // BEGIN android-removed 2321+ // public static class ECGOST3410 2322+ // extends KeyFactorySpi 2323+ // { 2324+ // public ECGOST3410() 2325+ // { 2326+ // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2327+ // } 2328+ // } 2329+ // END android-removed 2330 2331 public static class ECDH 2332 extends KeyFactorySpi 2333diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2334--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2013-02-10 00:37:58.000000000 +0000 2335+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2012-09-17 23:04:47.000000000 +0000 2336@@ -12,7 +12,9 @@ 2337 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 2338 import org.bouncycastle.asn1.nist.NISTNamedCurves; 2339 import org.bouncycastle.asn1.sec.SECNamedCurves; 2340-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 2341+// BEGIN android-removed 2342+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 2343+// END android-removed 2344 import org.bouncycastle.asn1.x9.X962NamedCurves; 2345 import org.bouncycastle.asn1.x9.X9ECParameters; 2346 import org.bouncycastle.crypto.AsymmetricCipherKeyPair; 2347@@ -86,7 +88,13 @@ 2348 SecureRandom random) 2349 { 2350 this.strength = strength; 2351+ // BEGIN android-added 2352+ if (random != null) { 2353+ // END android-added 2354 this.random = random; 2355+ // BEGIN android-added 2356+ } 2357+ // END android-added 2358 ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); 2359 2360 if (ecParams != null) 2361@@ -111,6 +119,11 @@ 2362 SecureRandom random) 2363 throws InvalidAlgorithmParameterException 2364 { 2365+ // BEGIN android-added 2366+ if (random == null) { 2367+ random = this.random; 2368+ } 2369+ // END android-added 2370 if (params instanceof ECParameterSpec) 2371 { 2372 ECParameterSpec p = (ECParameterSpec)params; 2373@@ -155,10 +168,12 @@ 2374 { 2375 ecP = NISTNamedCurves.getByName(curveName); 2376 } 2377- if (ecP == null) 2378- { 2379- ecP = TeleTrusTNamedCurves.getByName(curveName); 2380- } 2381+ // BEGIN android-removed 2382+ // if (ecP == null) 2383+ // { 2384+ // ecP = TeleTrusTNamedCurves.getByName(curveName); 2385+ // } 2386+ // END android-removed 2387 if (ecP == null) 2388 { 2389 // See if it's actually an OID string (SunJSSE ServerHandshaker setupEphemeralECDHKeys bug) 2390@@ -174,10 +189,12 @@ 2391 { 2392 ecP = NISTNamedCurves.getByOID(oid); 2393 } 2394- if (ecP == null) 2395- { 2396- ecP = TeleTrusTNamedCurves.getByOID(oid); 2397- } 2398+ // BEGIN android-removed 2399+ // if (ecP == null) 2400+ // { 2401+ // ecP = TeleTrusTNamedCurves.getByOID(oid); 2402+ // } 2403+ // END android-removed 2404 if (ecP == null) 2405 { 2406 throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName); 2407diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2408--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2013-02-10 00:37:58.000000000 +0000 2409+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2012-10-12 07:52:09.000000000 +0000 2410@@ -16,15 +16,22 @@ 2411 import org.bouncycastle.crypto.DSA; 2412 import org.bouncycastle.crypto.Digest; 2413 import org.bouncycastle.crypto.digests.NullDigest; 2414-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2415-import org.bouncycastle.crypto.digests.SHA1Digest; 2416-import org.bouncycastle.crypto.digests.SHA224Digest; 2417-import org.bouncycastle.crypto.digests.SHA256Digest; 2418-import org.bouncycastle.crypto.digests.SHA384Digest; 2419-import org.bouncycastle.crypto.digests.SHA512Digest; 2420+// BEGIN android-added 2421+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2422+// END android-added 2423+// BEGIN android-removed 2424+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2425+// import org.bouncycastle.crypto.digests.SHA1Digest; 2426+// import org.bouncycastle.crypto.digests.SHA224Digest; 2427+// import org.bouncycastle.crypto.digests.SHA256Digest; 2428+// import org.bouncycastle.crypto.digests.SHA384Digest; 2429+// import org.bouncycastle.crypto.digests.SHA512Digest; 2430+// END android-removed 2431 import org.bouncycastle.crypto.params.ParametersWithRandom; 2432 import org.bouncycastle.crypto.signers.ECDSASigner; 2433-import org.bouncycastle.crypto.signers.ECNRSigner; 2434+// BEGIN android-removed 2435+// import org.bouncycastle.crypto.signers.ECNRSigner; 2436+// END android-removed 2437 import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; 2438 import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; 2439 2440@@ -68,7 +75,9 @@ 2441 { 2442 public ecDSA() 2443 { 2444- super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); 2445+ // BEGIN android-changed 2446+ super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); 2447+ // END android-changed 2448 } 2449 } 2450 2451@@ -81,21 +90,25 @@ 2452 } 2453 } 2454 2455- static public class ecDSA224 2456- extends SignatureSpi 2457- { 2458- public ecDSA224() 2459- { 2460- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2461- } 2462- } 2463+ // BEGIN android-removed 2464+ // static public class ecDSA224 2465+ // extends SignatureSpi 2466+ // { 2467+ // public ecDSA224() 2468+ // { 2469+ // super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2470+ // } 2471+ // } 2472+ // END android-removed 2473 2474 static public class ecDSA256 2475 extends SignatureSpi 2476 { 2477 public ecDSA256() 2478 { 2479- super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); 2480+ // BEGIN android-changed 2481+ super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); 2482+ // END android-changed 2483 } 2484 } 2485 2486@@ -104,7 +117,9 @@ 2487 { 2488 public ecDSA384() 2489 { 2490- super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); 2491+ // BEGIN android-changed 2492+ super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); 2493+ // END android-changed 2494 } 2495 } 2496 2497@@ -113,90 +128,94 @@ 2498 { 2499 public ecDSA512() 2500 { 2501- super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); 2502- } 2503- } 2504- 2505- static public class ecDSARipeMD160 2506- extends SignatureSpi 2507- { 2508- public ecDSARipeMD160() 2509- { 2510- super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2511- } 2512- } 2513- 2514- static public class ecNR 2515- extends SignatureSpi 2516- { 2517- public ecNR() 2518- { 2519- super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2520- } 2521- } 2522- 2523- static public class ecNR224 2524- extends SignatureSpi 2525- { 2526- public ecNR224() 2527- { 2528- super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2529- } 2530- } 2531- 2532- static public class ecNR256 2533- extends SignatureSpi 2534- { 2535- public ecNR256() 2536- { 2537- super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2538- } 2539- } 2540- 2541- static public class ecNR384 2542- extends SignatureSpi 2543- { 2544- public ecNR384() 2545- { 2546- super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2547- } 2548- } 2549- 2550- static public class ecNR512 2551- extends SignatureSpi 2552- { 2553- public ecNR512() 2554- { 2555- super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2556- } 2557- } 2558- 2559- static public class ecCVCDSA 2560- extends SignatureSpi 2561- { 2562- public ecCVCDSA() 2563- { 2564- super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2565- } 2566- } 2567- 2568- static public class ecCVCDSA224 2569- extends SignatureSpi 2570- { 2571- public ecCVCDSA224() 2572- { 2573- super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2574- } 2575- } 2576- 2577- static public class ecCVCDSA256 2578- extends SignatureSpi 2579- { 2580- public ecCVCDSA256() 2581- { 2582- super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2583- } 2584- } 2585+ // BEGIN android-changed 2586+ super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); 2587+ // END android-changed 2588+ } 2589+ } 2590+ 2591+ // BEGIN android-removed 2592+ // static public class ecDSARipeMD160 2593+ // extends SignatureSpi 2594+ // { 2595+ // public ecDSARipeMD160() 2596+ // { 2597+ // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2598+ // } 2599+ // } 2600+ // 2601+ // static public class ecNR 2602+ // extends SignatureSpi 2603+ // { 2604+ // public ecNR() 2605+ // { 2606+ // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2607+ // } 2608+ // } 2609+ // 2610+ // static public class ecNR224 2611+ // extends SignatureSpi 2612+ // { 2613+ // public ecNR224() 2614+ // { 2615+ // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2616+ // } 2617+ // } 2618+ // 2619+ // static public class ecNR256 2620+ // extends SignatureSpi 2621+ // { 2622+ // public ecNR256() 2623+ // { 2624+ // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2625+ // } 2626+ // } 2627+ // 2628+ // static public class ecNR384 2629+ // extends SignatureSpi 2630+ // { 2631+ // public ecNR384() 2632+ // { 2633+ // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2634+ // } 2635+ // } 2636+ // 2637+ // static public class ecNR512 2638+ // extends SignatureSpi 2639+ // { 2640+ // public ecNR512() 2641+ // { 2642+ // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2643+ // } 2644+ // } 2645+ // 2646+ // static public class ecCVCDSA 2647+ // extends SignatureSpi 2648+ // { 2649+ // public ecCVCDSA() 2650+ // { 2651+ // super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2652+ // } 2653+ // } 2654+ // 2655+ // static public class ecCVCDSA224 2656+ // extends SignatureSpi 2657+ // { 2658+ // public ecCVCDSA224() 2659+ // { 2660+ // super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2661+ // } 2662+ // } 2663+ // 2664+ // static public class ecCVCDSA256 2665+ // extends SignatureSpi 2666+ // { 2667+ // public ecCVCDSA256() 2668+ // { 2669+ // super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2670+ // } 2671+ // } 2672+ // END android-removed 2673 2674 private static class StdDSAEncoder 2675 implements DSAEncoder 2676@@ -290,4 +309,4 @@ 2677 return sig; 2678 } 2679 } 2680-} 2681\ No newline at end of file 2682+} 2683diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2684--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2013-02-10 00:37:58.000000000 +0000 2685+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2012-09-17 23:04:47.000000000 +0000 2686@@ -26,7 +26,9 @@ 2687 import org.bouncycastle.crypto.CipherParameters; 2688 import org.bouncycastle.crypto.Digest; 2689 import org.bouncycastle.crypto.InvalidCipherTextException; 2690-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2691+// BEGIN android-removed 2692+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2693+// END android-removed 2694 import org.bouncycastle.crypto.encodings.OAEPEncoding; 2695 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 2696 import org.bouncycastle.crypto.engines.RSABlindedEngine; 2697@@ -197,10 +199,12 @@ 2698 { 2699 cipher = new PKCS1Encoding(new RSABlindedEngine()); 2700 } 2701- else if (pad.equals("ISO9796-1PADDING")) 2702- { 2703- cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2704- } 2705+ // BEGIN android-removed 2706+ // else if (pad.equals("ISO9796-1PADDING")) 2707+ // { 2708+ // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2709+ // } 2710+ // END android-removed 2711 else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) 2712 { 2713 initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); 2714@@ -213,10 +217,12 @@ 2715 { 2716 initFromSpec(OAEPParameterSpec.DEFAULT); 2717 } 2718- else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING")) 2719- { 2720- initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT)); 2721- } 2722+ // BEGIN android-removed 2723+ // else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING")) 2724+ // { 2725+ // initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT)); 2726+ // } 2727+ // END android-removed 2728 else if (pad.equals("OAEPWITHSHA256ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-256ANDMGF1PADDING")) 2729 { 2730 initFromSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT)); 2731@@ -539,48 +545,50 @@ 2732 } 2733 } 2734 2735- static public class PKCS1v1_5Padding 2736- extends CipherSpi 2737- { 2738- public PKCS1v1_5Padding() 2739- { 2740- super(new PKCS1Encoding(new RSABlindedEngine())); 2741- } 2742- } 2743- 2744- static public class PKCS1v1_5Padding_PrivateOnly 2745- extends CipherSpi 2746- { 2747- public PKCS1v1_5Padding_PrivateOnly() 2748- { 2749- super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 2750- } 2751- } 2752- 2753- static public class PKCS1v1_5Padding_PublicOnly 2754- extends CipherSpi 2755- { 2756- public PKCS1v1_5Padding_PublicOnly() 2757- { 2758- super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 2759- } 2760- } 2761- 2762- static public class OAEPPadding 2763- extends CipherSpi 2764- { 2765- public OAEPPadding() 2766- { 2767- super(OAEPParameterSpec.DEFAULT); 2768- } 2769- } 2770- 2771- static public class ISO9796d1Padding 2772- extends CipherSpi 2773- { 2774- public ISO9796d1Padding() 2775- { 2776- super(new ISO9796d1Encoding(new RSABlindedEngine())); 2777- } 2778- } 2779+ // BEGIN android-removed 2780+ // static public class PKCS1v1_5Padding 2781+ // extends CipherSpi 2782+ // { 2783+ // public PKCS1v1_5Padding() 2784+ // { 2785+ // super(new PKCS1Encoding(new RSABlindedEngine())); 2786+ // } 2787+ // } 2788+ // 2789+ // static public class PKCS1v1_5Padding_PrivateOnly 2790+ // extends CipherSpi 2791+ // { 2792+ // public PKCS1v1_5Padding_PrivateOnly() 2793+ // { 2794+ // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 2795+ // } 2796+ // } 2797+ // 2798+ // static public class PKCS1v1_5Padding_PublicOnly 2799+ // extends CipherSpi 2800+ // { 2801+ // public PKCS1v1_5Padding_PublicOnly() 2802+ // { 2803+ // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 2804+ // } 2805+ // } 2806+ // 2807+ // static public class OAEPPadding 2808+ // extends CipherSpi 2809+ // { 2810+ // public OAEPPadding() 2811+ // { 2812+ // super(OAEPParameterSpec.DEFAULT); 2813+ // } 2814+ // } 2815+ // 2816+ // static public class ISO9796d1Padding 2817+ // extends CipherSpi 2818+ // { 2819+ // public ISO9796d1Padding() 2820+ // { 2821+ // super(new ISO9796d1Encoding(new RSABlindedEngine())); 2822+ // } 2823+ // } 2824+ // END android-removed 2825 } 2826diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2827--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2013-02-10 00:37:58.000000000 +0000 2828+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2012-09-17 23:04:47.000000000 +0000 2829@@ -17,24 +17,31 @@ 2830 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 2831 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 2832 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 2833-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 2834+// BEGIN android-removed 2835+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 2836+// END android-removed 2837 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 2838 import org.bouncycastle.asn1.x509.DigestInfo; 2839 import org.bouncycastle.crypto.AsymmetricBlockCipher; 2840 import org.bouncycastle.crypto.CipherParameters; 2841 import org.bouncycastle.crypto.Digest; 2842-import org.bouncycastle.crypto.digests.MD2Digest; 2843-import org.bouncycastle.crypto.digests.MD4Digest; 2844-import org.bouncycastle.crypto.digests.MD5Digest; 2845-import org.bouncycastle.crypto.digests.NullDigest; 2846-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 2847-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2848-import org.bouncycastle.crypto.digests.RIPEMD256Digest; 2849-import org.bouncycastle.crypto.digests.SHA1Digest; 2850-import org.bouncycastle.crypto.digests.SHA224Digest; 2851-import org.bouncycastle.crypto.digests.SHA256Digest; 2852-import org.bouncycastle.crypto.digests.SHA384Digest; 2853-import org.bouncycastle.crypto.digests.SHA512Digest; 2854+// BEGIN android-removed 2855+// import org.bouncycastle.crypto.digests.MD2Digest; 2856+// import org.bouncycastle.crypto.digests.MD4Digest; 2857+// import org.bouncycastle.crypto.digests.MD5Digest; 2858+// import org.bouncycastle.crypto.digests.NullDigest; 2859+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 2860+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2861+// import org.bouncycastle.crypto.digests.RIPEMD256Digest; 2862+// import org.bouncycastle.crypto.digests.SHA1Digest; 2863+// import org.bouncycastle.crypto.digests.SHA224Digest; 2864+// import org.bouncycastle.crypto.digests.SHA256Digest; 2865+// import org.bouncycastle.crypto.digests.SHA384Digest; 2866+// import org.bouncycastle.crypto.digests.SHA512Digest; 2867+// END android-removed 2868+// BEGIN android-added 2869+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2870+// END android-added 2871 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 2872 import org.bouncycastle.crypto.engines.RSABlindedEngine; 2873 2874@@ -261,25 +268,31 @@ 2875 { 2876 public SHA1() 2877 { 2878- super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2879+ // BEGIN android-changed 2880+ super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); 2881+ // END android-changed 2882 } 2883 } 2884 2885- static public class SHA224 2886- extends DigestSignatureSpi 2887- { 2888- public SHA224() 2889- { 2890- super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2891- } 2892- } 2893+ // BEGIN android-removed 2894+ // static public class SHA224 2895+ // extends DigestSignatureSpi 2896+ // { 2897+ // public SHA224() 2898+ // { 2899+ // super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2900+ // } 2901+ // } 2902+ // END android-removed 2903 2904 static public class SHA256 2905 extends DigestSignatureSpi 2906 { 2907 public SHA256() 2908 { 2909- super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2910+ // BEGIN android-changed 2911+ super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); 2912+ // END android-changed 2913 } 2914 } 2915 2916@@ -288,7 +301,9 @@ 2917 { 2918 public SHA384() 2919 { 2920- super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2921+ // BEGIN android-changed 2922+ super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); 2923+ // END android-changed 2924 } 2925 } 2926 2927@@ -297,70 +312,78 @@ 2928 { 2929 public SHA512() 2930 { 2931- super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2932- } 2933- } 2934- 2935- static public class MD2 2936- extends DigestSignatureSpi 2937- { 2938- public MD2() 2939- { 2940- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2941+ // BEGIN android-changed 2942+ super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); 2943+ // END android-changed 2944 } 2945 } 2946 2947- static public class MD4 2948- extends DigestSignatureSpi 2949- { 2950- public MD4() 2951- { 2952- super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2953- } 2954- } 2955+ // BEGIN android-removed 2956+ // static public class MD2 2957+ // extends DigestSignatureSpi 2958+ // { 2959+ // public MD2() 2960+ // { 2961+ // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2962+ // } 2963+ // } 2964+ // 2965+ // static public class MD4 2966+ // extends DigestSignatureSpi 2967+ // { 2968+ // public MD4() 2969+ // { 2970+ // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2971+ // } 2972+ // } 2973+ // END android-removed 2974 2975 static public class MD5 2976 extends DigestSignatureSpi 2977 { 2978 public MD5() 2979 { 2980- super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2981+ // BEGIN android-changed 2982+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); 2983+ // END android-changed 2984 } 2985 } 2986 2987- static public class RIPEMD160 2988- extends DigestSignatureSpi 2989- { 2990- public RIPEMD160() 2991- { 2992- super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2993- } 2994- } 2995- 2996- static public class RIPEMD128 2997- extends DigestSignatureSpi 2998- { 2999- public RIPEMD128() 3000- { 3001- super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3002- } 3003- } 3004- 3005- static public class RIPEMD256 3006- extends DigestSignatureSpi 3007- { 3008- public RIPEMD256() 3009- { 3010- super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3011- } 3012- } 3013- 3014- static public class noneRSA 3015- extends DigestSignatureSpi 3016- { 3017- public noneRSA() 3018- { 3019- super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3020- } 3021- } 3022+ // BEGIN android-removed 3023+ // static public class RIPEMD160 3024+ // extends DigestSignatureSpi 3025+ // { 3026+ // public RIPEMD160() 3027+ // { 3028+ // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3029+ // } 3030+ // } 3031+ // 3032+ // static public class RIPEMD128 3033+ // extends DigestSignatureSpi 3034+ // { 3035+ // public RIPEMD128() 3036+ // { 3037+ // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3038+ // } 3039+ // } 3040+ // 3041+ // static public class RIPEMD256 3042+ // extends DigestSignatureSpi 3043+ // { 3044+ // public RIPEMD256() 3045+ // { 3046+ // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3047+ // } 3048+ // } 3049+ // 3050+ // static public class noneRSA 3051+ // extends DigestSignatureSpi 3052+ // { 3053+ // public noneRSA() 3054+ // { 3055+ // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3056+ // } 3057+ // } 3058+ // END android-removed 3059 } 3060diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 3061--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2013-02-10 00:37:58.000000000 +0000 3062+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2012-09-17 23:04:47.000000000 +0000 3063@@ -18,8 +18,10 @@ 3064 import javax.crypto.NoSuchPaddingException; 3065 import javax.crypto.spec.IvParameterSpec; 3066 import javax.crypto.spec.PBEParameterSpec; 3067-import javax.crypto.spec.RC2ParameterSpec; 3068-import javax.crypto.spec.RC5ParameterSpec; 3069+// BEGIN android-removed 3070+// import javax.crypto.spec.RC2ParameterSpec; 3071+// import javax.crypto.spec.RC5ParameterSpec; 3072+// END android-removed 3073 import javax.crypto.spec.SecretKeySpec; 3074 3075 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3076@@ -37,8 +39,10 @@ 3077 { 3078 IvParameterSpec.class, 3079 PBEParameterSpec.class, 3080- RC2ParameterSpec.class, 3081- RC5ParameterSpec.class 3082+ // BEGIN android-removed 3083+ // RC2ParameterSpec.class, 3084+ // RC5ParameterSpec.class 3085+ // END android-removed 3086 }; 3087 3088 3089diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java 3090--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java 2013-02-10 00:37:58.000000000 +0000 3091+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java 2013-02-21 00:01:31.000000000 +0000 3092@@ -334,7 +334,9 @@ 3093 3094 public Iterator engineGetCertPathEncodings() 3095 { 3096- return null; // TODO: PKIXCertPath.certPathEncodings.iterator(); 3097+ // BEGIN android-changed 3098+ return PKIXCertPath.certPathEncodings.iterator(); 3099+ // END android-changed 3100 } 3101 3102 public CertPath engineGenerateCertPath( 3103diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 3104--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2013-02-10 00:37:58.000000000 +0000 3105+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2013-02-21 00:01:31.000000000 +0000 3106@@ -36,7 +36,9 @@ 3107 import org.bouncycastle.asn1.pkcs.SignedData; 3108 import org.bouncycastle.jce.provider.BouncyCastleProvider; 3109 import org.bouncycastle.util.io.pem.PemObject; 3110-import org.bouncycastle.util.io.pem.PemWriter; 3111+// BEGIN android-removed 3112+// import org.bouncycastle.util.io.pem.PemWriter; 3113+// END android-removed 3114 3115 /** 3116 * CertPath implementation for X.509 certificates. 3117@@ -51,7 +53,9 @@ 3118 { 3119 List encodings = new ArrayList(); 3120 encodings.add("PkiPath"); 3121- encodings.add("PEM"); 3122+ // BEGIN android-removed 3123+ // encodings.add("PEM"); 3124+ // END android-removed 3125 encodings.add("PKCS7"); 3126 certPathEncodings = Collections.unmodifiableList(encodings); 3127 } 3128@@ -298,27 +302,29 @@ 3129 return toDEREncoded(new ContentInfo( 3130 PKCSObjectIdentifiers.signedData, sd)); 3131 } 3132- else if (encoding.equalsIgnoreCase("PEM")) 3133- { 3134- ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3135- PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3136- 3137- try 3138- { 3139- for (int i = 0; i != certificates.size(); i++) 3140- { 3141- pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3142- } 3143- 3144- pWrt.close(); 3145- } 3146- catch (Exception e) 3147- { 3148- throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3149- } 3150- 3151- return bOut.toByteArray(); 3152- } 3153+ // BEGIN android-removed 3154+ // else if (encoding.equalsIgnoreCase("PEM")) 3155+ // { 3156+ // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3157+ // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3158+ // 3159+ // try 3160+ // { 3161+ // for (int i = 0; i != certificates.size(); i++) 3162+ // { 3163+ // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3164+ // } 3165+ // 3166+ // pWrt.close(); 3167+ // } 3168+ // catch (Exception e) 3169+ // { 3170+ // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3171+ // } 3172+ // 3173+ // return bOut.toByteArray(); 3174+ // } 3175+ // END android-removed 3176 else 3177 { 3178 throw new CertificateEncodingException("unsupported encoding: " + encoding); 3179diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/AES.java 3180--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2013-02-10 00:37:58.000000000 +0000 3181+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/AES.java 2012-09-17 23:04:47.000000000 +0000 3182@@ -1,31 +1,43 @@ 3183 package org.bouncycastle.jcajce.provider.symmetric; 3184 3185-import java.security.AlgorithmParameters; 3186-import java.security.InvalidAlgorithmParameterException; 3187+// BEGIN android-removed 3188+// import java.security.AlgorithmParameters; 3189+// import java.security.InvalidAlgorithmParameterException; 3190+// END android-removed 3191 import java.security.SecureRandom; 3192-import java.security.spec.AlgorithmParameterSpec; 3193- 3194-import javax.crypto.spec.IvParameterSpec; 3195+// BEGIN android-removed 3196+// import java.security.spec.AlgorithmParameterSpec; 3197+// 3198+// import javax.crypto.spec.IvParameterSpec; 3199+// END android-removed 3200 3201 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3202 import org.bouncycastle.crypto.BufferedBlockCipher; 3203 import org.bouncycastle.crypto.CipherKeyGenerator; 3204 import org.bouncycastle.crypto.engines.AESFastEngine; 3205 import org.bouncycastle.crypto.engines.AESWrapEngine; 3206-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3207-import org.bouncycastle.crypto.macs.CMac; 3208+// BEGIN android-removed 3209+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3210+// import org.bouncycastle.crypto.macs.CMac; 3211+// END android-removed 3212 import org.bouncycastle.crypto.modes.CBCBlockCipher; 3213 import org.bouncycastle.crypto.modes.CFBBlockCipher; 3214 import org.bouncycastle.crypto.modes.OFBBlockCipher; 3215 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3216-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3217+// BEGIN android-removed 3218+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3219+// END android-removed 3220 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 3221 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3222-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3223+// BEGIN android-removed 3224+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3225+// END android-removed 3226 import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 3227 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 3228 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; 3229-import org.bouncycastle.jce.provider.BouncyCastleProvider; 3230+// BEGIN android-removed 3231+// import org.bouncycastle.jce.provider.BouncyCastleProvider; 3232+// END android-removed 3233 3234 public final class AES 3235 { 3236@@ -69,15 +81,17 @@ 3237 } 3238 } 3239 3240- public static class AESCMAC 3241- extends BaseMac 3242- { 3243- public AESCMAC() 3244- { 3245- super(new CMac(new AESFastEngine())); 3246- } 3247- } 3248- 3249+ // BEGIN android-removed 3250+ // public static class AESCMAC 3251+ // extends BaseMac 3252+ // { 3253+ // public AESCMAC() 3254+ // { 3255+ // super(new CMac(new AESFastEngine())); 3256+ // } 3257+ // } 3258+ // END android-removed 3259+ 3260 static public class Wrap 3261 extends BaseWrapCipher 3262 { 3263@@ -86,15 +100,17 @@ 3264 super(new AESWrapEngine()); 3265 } 3266 } 3267- 3268- public static class RFC3211Wrap 3269- extends BaseWrapCipher 3270- { 3271- public RFC3211Wrap() 3272- { 3273- super(new RFC3211WrapEngine(new AESFastEngine()), 16); 3274- } 3275- } 3276+ 3277+ // BEGIN android-removed 3278+ // public static class RFC3211Wrap 3279+ // extends BaseWrapCipher 3280+ // { 3281+ // public RFC3211Wrap() 3282+ // { 3283+ // super(new RFC3211WrapEngine(new AESFastEngine()), 16); 3284+ // } 3285+ // } 3286+ // END android-removed 3287 3288 public static class KeyGen 3289 extends BaseKeyGenerator 3290@@ -110,70 +126,72 @@ 3291 } 3292 } 3293 3294- public static class KeyGen128 3295- extends KeyGen 3296- { 3297- public KeyGen128() 3298- { 3299- super(128); 3300- } 3301- } 3302- 3303- public static class KeyGen192 3304- extends KeyGen 3305- { 3306- public KeyGen192() 3307- { 3308- super(192); 3309- } 3310- } 3311- 3312- public static class KeyGen256 3313- extends KeyGen 3314- { 3315- public KeyGen256() 3316- { 3317- super(256); 3318- } 3319- } 3320- 3321- public static class AlgParamGen 3322- extends BaseAlgorithmParameterGenerator 3323- { 3324- protected void engineInit( 3325- AlgorithmParameterSpec genParamSpec, 3326- SecureRandom random) 3327- throws InvalidAlgorithmParameterException 3328- { 3329- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 3330- } 3331- 3332- protected AlgorithmParameters engineGenerateParameters() 3333- { 3334- byte[] iv = new byte[16]; 3335- 3336- if (random == null) 3337- { 3338- random = new SecureRandom(); 3339- } 3340- 3341- random.nextBytes(iv); 3342- 3343- AlgorithmParameters params; 3344- 3345- try 3346- { 3347- params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); 3348- params.init(new IvParameterSpec(iv)); 3349- } 3350- catch (Exception e) 3351- { 3352- throw new RuntimeException(e.getMessage()); 3353- } 3354- 3355- return params; 3356- } 3357- } 3358+ // BEGIN android-removed 3359+ // public static class KeyGen128 3360+ // extends KeyGen 3361+ // { 3362+ // public KeyGen128() 3363+ // { 3364+ // super(128); 3365+ // } 3366+ // } 3367+ // 3368+ // public static class KeyGen192 3369+ // extends KeyGen 3370+ // { 3371+ // public KeyGen192() 3372+ // { 3373+ // super(192); 3374+ // } 3375+ // } 3376+ // 3377+ // public static class KeyGen256 3378+ // extends KeyGen 3379+ // { 3380+ // public KeyGen256() 3381+ // { 3382+ // super(256); 3383+ // } 3384+ // } 3385+ // 3386+ // public static class AlgParamGen 3387+ // extends BaseAlgorithmParameterGenerator 3388+ // { 3389+ // protected void engineInit( 3390+ // AlgorithmParameterSpec genParamSpec, 3391+ // SecureRandom random) 3392+ // throws InvalidAlgorithmParameterException 3393+ // { 3394+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 3395+ // } 3396+ // 3397+ // protected AlgorithmParameters engineGenerateParameters() 3398+ // { 3399+ // byte[] iv = new byte[16]; 3400+ // 3401+ // if (random == null) 3402+ // { 3403+ // random = new SecureRandom(); 3404+ // } 3405+ // 3406+ // random.nextBytes(iv); 3407+ // 3408+ // AlgorithmParameters params; 3409+ // 3410+ // try 3411+ // { 3412+ // params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); 3413+ // params.init(new IvParameterSpec(iv)); 3414+ // } 3415+ // catch (Exception e) 3416+ // { 3417+ // throw new RuntimeException(e.getMessage()); 3418+ // } 3419+ // 3420+ // return params; 3421+ // } 3422+ // } 3423+ // END android-removed 3424 3425 public static class AlgParams 3426 extends IvAlgorithmParameters 3427@@ -212,58 +230,66 @@ 3428 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 3429 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 3430 3431- provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 3432- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 3433- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 3434- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 3435- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 3436- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 3437- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 3438+ // BEGIN android-removed 3439+ // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 3440+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 3441+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 3442+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 3443+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 3444+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 3445+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 3446+ // END android-removed 3447 3448 provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); 3449 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); 3450 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); 3451 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); 3452- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 3453- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 3454- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 3455- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 3456- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 3457- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 3458- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 3459- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 3460- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 3461- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 3462- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 3463- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 3464+ // BEGIN android-removed 3465+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 3466+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 3467+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 3468+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 3469+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 3470+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 3471+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 3472+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 3473+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 3474+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 3475+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 3476+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 3477+ // END android-removed 3478 provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); 3479 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); 3480 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); 3481 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); 3482- provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 3483+ // BEGIN android-removed 3484+ // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 3485+ // END android-removed 3486 3487 provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); 3488- provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 3489- provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 3490- provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 3491- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 3492- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 3493- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 3494- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 3495- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 3496- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 3497- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 3498- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 3499- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 3500- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 3501- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 3502- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 3503- provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 3504- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 3505- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 3506- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 3507- 3508- provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 3509+ // BEGIN android-removed 3510+ // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 3511+ // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 3512+ // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 3513+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 3514+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 3515+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 3516+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 3517+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 3518+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 3519+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 3520+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 3521+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 3522+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 3523+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 3524+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 3525+ // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 3526+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 3527+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 3528+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 3529+ // 3530+ // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 3531+ // END android-removed 3532 } 3533 } 3534 } 3535diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 3536--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-02-10 00:37:58.000000000 +0000 3537+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2012-09-17 23:04:47.000000000 +0000 3538@@ -27,7 +27,9 @@ 3539 { 3540 public KeyGen() 3541 { 3542- super("RC4", 128, new CipherKeyGenerator()); 3543+ // BEGIN android-changed 3544+ super("ARC4", 128, new CipherKeyGenerator()); 3545+ // END android-changed 3546 } 3547 } 3548 3549diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 3550--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2013-02-10 00:37:58.000000000 +0000 3551+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-09-17 23:04:47.000000000 +0000 3552@@ -64,7 +64,9 @@ 3553 { 3554 3555 provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); 3556- provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 3557+ // BEGIN android-removed 3558+ // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 3559+ // END android-removed 3560 provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); 3561 provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); 3562 provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); 3563diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/DES.java 3564--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2013-02-10 00:37:58.000000000 +0000 3565+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/DES.java 2012-09-17 23:04:47.000000000 +0000 3566@@ -16,11 +16,15 @@ 3567 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3568 import org.bouncycastle.crypto.KeyGenerationParameters; 3569 import org.bouncycastle.crypto.engines.DESEngine; 3570-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3571+// BEGIN android-removed 3572+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3573+// END android-removed 3574 import org.bouncycastle.crypto.generators.DESKeyGenerator; 3575 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 3576-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 3577-import org.bouncycastle.crypto.macs.CMac; 3578+// BEGIN android-removed 3579+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 3580+// import org.bouncycastle.crypto.macs.CMac; 3581+// END android-removed 3582 import org.bouncycastle.crypto.modes.CBCBlockCipher; 3583 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 3584 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3585@@ -48,115 +52,117 @@ 3586 } 3587 } 3588 3589- static public class CBC 3590- extends BaseBlockCipher 3591- { 3592- public CBC() 3593- { 3594- super(new CBCBlockCipher(new DESEngine()), 64); 3595- } 3596- } 3597- 3598- /** 3599- * DES CFB8 3600- */ 3601- public static class DESCFB8 3602- extends BaseMac 3603- { 3604- public DESCFB8() 3605- { 3606- super(new CFBBlockCipherMac(new DESEngine())); 3607- } 3608- } 3609- 3610- /** 3611- * DES64 3612- */ 3613- public static class DES64 3614- extends BaseMac 3615- { 3616- public DES64() 3617- { 3618- super(new CBCBlockCipherMac(new DESEngine(), 64)); 3619- } 3620- } 3621- 3622- /** 3623- * DES64with7816-4Padding 3624- */ 3625- public static class DES64with7816d4 3626- extends BaseMac 3627- { 3628- public DES64with7816d4() 3629- { 3630- super(new CBCBlockCipherMac(new DESEngine(), 64, new ISO7816d4Padding())); 3631- } 3632- } 3633- 3634- public static class CBCMAC 3635- extends BaseMac 3636- { 3637- public CBCMAC() 3638- { 3639- super(new CBCBlockCipherMac(new DESEngine())); 3640- } 3641- } 3642- 3643- static public class CMAC 3644- extends BaseMac 3645- { 3646- public CMAC() 3647- { 3648- super(new CMac(new DESEngine())); 3649- } 3650- } 3651- 3652- public static class RFC3211 3653- extends BaseWrapCipher 3654- { 3655- public RFC3211() 3656- { 3657- super(new RFC3211WrapEngine(new DESEngine()), 8); 3658- } 3659- } 3660- 3661- public static class AlgParamGen 3662- extends BaseAlgorithmParameterGenerator 3663- { 3664- protected void engineInit( 3665- AlgorithmParameterSpec genParamSpec, 3666- SecureRandom random) 3667- throws InvalidAlgorithmParameterException 3668- { 3669- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 3670- } 3671- 3672- protected AlgorithmParameters engineGenerateParameters() 3673- { 3674- byte[] iv = new byte[8]; 3675- 3676- if (random == null) 3677- { 3678- random = new SecureRandom(); 3679- } 3680- 3681- random.nextBytes(iv); 3682- 3683- AlgorithmParameters params; 3684- 3685- try 3686- { 3687- params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 3688- params.init(new IvParameterSpec(iv)); 3689- } 3690- catch (Exception e) 3691- { 3692- throw new RuntimeException(e.getMessage()); 3693- } 3694- 3695- return params; 3696- } 3697- } 3698+ // BEGIN android-removed 3699+ // static public class CBC 3700+ // extends BaseBlockCipher 3701+ // { 3702+ // public CBC() 3703+ // { 3704+ // super(new CBCBlockCipher(new DESEngine()), 64); 3705+ // } 3706+ // } 3707+ // 3708+ // /** 3709+ // * DES CFB8 3710+ // */ 3711+ // public static class DESCFB8 3712+ // extends BaseMac 3713+ // { 3714+ // public DESCFB8() 3715+ // { 3716+ // super(new CFBBlockCipherMac(new DESEngine())); 3717+ // } 3718+ // } 3719+ // 3720+ // /** 3721+ // * DES64 3722+ // */ 3723+ // public static class DES64 3724+ // extends BaseMac 3725+ // { 3726+ // public DES64() 3727+ // { 3728+ // super(new CBCBlockCipherMac(new DESEngine(), 64)); 3729+ // } 3730+ // } 3731+ // 3732+ // /** 3733+ // * DES64with7816-4Padding 3734+ // */ 3735+ // public static class DES64with7816d4 3736+ // extends BaseMac 3737+ // { 3738+ // public DES64with7816d4() 3739+ // { 3740+ // super(new CBCBlockCipherMac(new DESEngine(), 64, new ISO7816d4Padding())); 3741+ // } 3742+ // } 3743+ // 3744+ // public static class CBCMAC 3745+ // extends BaseMac 3746+ // { 3747+ // public CBCMAC() 3748+ // { 3749+ // super(new CBCBlockCipherMac(new DESEngine())); 3750+ // } 3751+ // } 3752+ // 3753+ // static public class CMAC 3754+ // extends BaseMac 3755+ // { 3756+ // public CMAC() 3757+ // { 3758+ // super(new CMac(new DESEngine())); 3759+ // } 3760+ // } 3761+ // 3762+ // public static class RFC3211 3763+ // extends BaseWrapCipher 3764+ // { 3765+ // public RFC3211() 3766+ // { 3767+ // super(new RFC3211WrapEngine(new DESEngine()), 8); 3768+ // } 3769+ // } 3770+ // 3771+ // public static class AlgParamGen 3772+ // extends BaseAlgorithmParameterGenerator 3773+ // { 3774+ // protected void engineInit( 3775+ // AlgorithmParameterSpec genParamSpec, 3776+ // SecureRandom random) 3777+ // throws InvalidAlgorithmParameterException 3778+ // { 3779+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 3780+ // } 3781+ // 3782+ // protected AlgorithmParameters engineGenerateParameters() 3783+ // { 3784+ // byte[] iv = new byte[8]; 3785+ // 3786+ // if (random == null) 3787+ // { 3788+ // random = new SecureRandom(); 3789+ // } 3790+ // 3791+ // random.nextBytes(iv); 3792+ // 3793+ // AlgorithmParameters params; 3794+ // 3795+ // try 3796+ // { 3797+ // params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 3798+ // params.init(new IvParameterSpec(iv)); 3799+ // } 3800+ // catch (Exception e) 3801+ // { 3802+ // throw new RuntimeException(e.getMessage()); 3803+ // } 3804+ // 3805+ // return params; 3806+ // } 3807+ // } 3808+ // END android-removed 3809 3810 /** 3811 * DES - the default for this is to generate a key in 3812@@ -263,36 +269,42 @@ 3813 { 3814 3815 provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); 3816- provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 3817- 3818- addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 3819- 3820- provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 3821+ // BEGIN android-removed 3822+ // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 3823+ // 3824+ // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 3825+ // 3826+ // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 3827+ // END android-removed 3828 3829 provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); 3830 3831 provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); 3832 3833- provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 3834- provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 3835- provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 3836- 3837- provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 3838- provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 3839- 3840- provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 3841- provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 3842- 3843- provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 3844- provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 3845- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 3846- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 3847+ // BEGIN android-removed 3848+ // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 3849+ // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 3850+ // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 3851+ // 3852+ // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 3853+ // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 3854+ // 3855+ // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 3856+ // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 3857+ // 3858+ // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 3859+ // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 3860+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 3861+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 3862+ // END android-removed 3863 3864 provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); 3865 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); 3866 3867- provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 3868- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 3869+ // BEGIN android-removed 3870+ // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 3871+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 3872+ // END android-removed 3873 } 3874 3875 private void addAlias(ConfigurableProvider provider, ASN1ObjectIdentifier oid, String name) 3876diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/DESede.java 3877--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2013-02-10 00:37:58.000000000 +0000 3878+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2012-09-17 23:04:47.000000000 +0000 3879@@ -1,30 +1,42 @@ 3880 package org.bouncycastle.jcajce.provider.symmetric; 3881 3882-import java.security.AlgorithmParameters; 3883-import java.security.InvalidAlgorithmParameterException; 3884+// BEGIN android-removed 3885+// import java.security.AlgorithmParameters; 3886+// import java.security.InvalidAlgorithmParameterException; 3887+// END android-removed 3888 import java.security.SecureRandom; 3889-import java.security.spec.AlgorithmParameterSpec; 3890+// BEGIN android-removed 3891+// import java.security.spec.AlgorithmParameterSpec; 3892+// END android-removed 3893 import java.security.spec.InvalidKeySpecException; 3894 import java.security.spec.KeySpec; 3895 3896 import javax.crypto.SecretKey; 3897 import javax.crypto.spec.DESedeKeySpec; 3898-import javax.crypto.spec.IvParameterSpec; 3899+// BEGIN android-removed 3900+// import javax.crypto.spec.IvParameterSpec; 3901+// END android-removed 3902 import javax.crypto.spec.SecretKeySpec; 3903 3904 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3905 import org.bouncycastle.crypto.KeyGenerationParameters; 3906 import org.bouncycastle.crypto.engines.DESedeEngine; 3907 import org.bouncycastle.crypto.engines.DESedeWrapEngine; 3908-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3909+// BEGIN android-removed 3910+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3911+// END android-removed 3912 import org.bouncycastle.crypto.generators.DESedeKeyGenerator; 3913 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 3914-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 3915-import org.bouncycastle.crypto.macs.CMac; 3916+// BEGIN android-removed 3917+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 3918+// import org.bouncycastle.crypto.macs.CMac; 3919+// END android-removed 3920 import org.bouncycastle.crypto.modes.CBCBlockCipher; 3921 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 3922 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3923-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3924+// BEGIN android-removed 3925+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3926+// END android-removed 3927 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 3928 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3929 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3930@@ -57,17 +69,19 @@ 3931 } 3932 } 3933 3934- /** 3935- * DESede CFB8 3936- */ 3937- public static class DESedeCFB8 3938- extends BaseMac 3939- { 3940- public DESedeCFB8() 3941- { 3942- super(new CFBBlockCipherMac(new DESedeEngine())); 3943- } 3944- } 3945+ // BEGIN android-removed 3946+ // /** 3947+ // * DESede CFB8 3948+ // */ 3949+ // public static class DESedeCFB8 3950+ // extends BaseMac 3951+ // { 3952+ // public DESedeCFB8() 3953+ // { 3954+ // super(new CFBBlockCipherMac(new DESedeEngine())); 3955+ // } 3956+ // } 3957+ // END android-removed 3958 3959 /** 3960 * DESede64 3961@@ -102,15 +116,17 @@ 3962 } 3963 } 3964 3965- static public class CMAC 3966- extends BaseMac 3967- { 3968- public CMAC() 3969- { 3970- super(new CMac(new DESedeEngine())); 3971- } 3972- } 3973- 3974+ // BEGIN android-removed 3975+ // static public class CMAC 3976+ // extends BaseMac 3977+ // { 3978+ // public CMAC() 3979+ // { 3980+ // super(new CMac(new DESedeEngine())); 3981+ // } 3982+ // } 3983+ // END android-removed 3984+ 3985 public static class Wrap 3986 extends BaseWrapCipher 3987 { 3988@@ -119,15 +135,17 @@ 3989 super(new DESedeWrapEngine()); 3990 } 3991 } 3992- 3993- public static class RFC3211 3994- extends BaseWrapCipher 3995- { 3996- public RFC3211() 3997- { 3998- super(new RFC3211WrapEngine(new DESedeEngine()), 8); 3999- } 4000- } 4001+ 4002+ // BEGIN android-removed 4003+ // public static class RFC3211 4004+ // extends BaseWrapCipher 4005+ // { 4006+ // public RFC3211() 4007+ // { 4008+ // super(new RFC3211WrapEngine(new DESedeEngine()), 8); 4009+ // } 4010+ // } 4011+ // END android-removed 4012 4013 /** 4014 * DESede - the default for this is to generate a key in 4015@@ -217,43 +235,45 @@ 4016 } 4017 } 4018 4019- public static class AlgParamGen 4020- extends BaseAlgorithmParameterGenerator 4021- { 4022- protected void engineInit( 4023- AlgorithmParameterSpec genParamSpec, 4024- SecureRandom random) 4025- throws InvalidAlgorithmParameterException 4026- { 4027- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 4028- } 4029- 4030- protected AlgorithmParameters engineGenerateParameters() 4031- { 4032- byte[] iv = new byte[8]; 4033- 4034- if (random == null) 4035- { 4036- random = new SecureRandom(); 4037- } 4038- 4039- random.nextBytes(iv); 4040- 4041- AlgorithmParameters params; 4042- 4043- try 4044- { 4045- params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 4046- params.init(new IvParameterSpec(iv)); 4047- } 4048- catch (Exception e) 4049- { 4050- throw new RuntimeException(e.getMessage()); 4051- } 4052- 4053- return params; 4054- } 4055- } 4056+ // BEGIN android-removed 4057+ // public static class AlgParamGen 4058+ // extends BaseAlgorithmParameterGenerator 4059+ // { 4060+ // protected void engineInit( 4061+ // AlgorithmParameterSpec genParamSpec, 4062+ // SecureRandom random) 4063+ // throws InvalidAlgorithmParameterException 4064+ // { 4065+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 4066+ // } 4067+ // 4068+ // protected AlgorithmParameters engineGenerateParameters() 4069+ // { 4070+ // byte[] iv = new byte[8]; 4071+ // 4072+ // if (random == null) 4073+ // { 4074+ // random = new SecureRandom(); 4075+ // } 4076+ // 4077+ // random.nextBytes(iv); 4078+ // 4079+ // AlgorithmParameters params; 4080+ // 4081+ // try 4082+ // { 4083+ // params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 4084+ // params.init(new IvParameterSpec(iv)); 4085+ // } 4086+ // catch (Exception e) 4087+ // { 4088+ // throw new RuntimeException(e.getMessage()); 4089+ // } 4090+ // 4091+ // return params; 4092+ // } 4093+ // } 4094+ // END android-removed 4095 4096 static public class KeyFactory 4097 extends BaseSecretKeyFactory 4098@@ -337,18 +357,28 @@ 4099 public void configure(ConfigurableProvider provider) 4100 { 4101 provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); 4102- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 4103+ // BEGIN android-removed 4104+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 4105+ // END android-removed 4106 provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); 4107- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap"); 4108- provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 4109+ // BEGIN android-changed 4110+ provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); 4111+ // END android-changed 4112+ // BEGIN android-removed 4113+ // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 4114+ // END android-removed 4115 4116 if (provider.hasAlgorithm("MessageDigest", "SHA-1")) 4117 { 4118 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); 4119- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 4120- provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 4121+ // BEGIN android-removed 4122+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 4123+ // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 4124+ // END android-removed 4125 provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); 4126- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 4127+ // BEGIN android-removed 4128+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 4129+ // END android-removed 4130 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 4131 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 4132 provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 4133@@ -357,31 +387,37 @@ 4134 } 4135 4136 provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); 4137- provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 4138- provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 4139+ // BEGIN android-removed 4140+ // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 4141+ // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 4142+ // END android-removed 4143 4144 provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); 4145 4146- provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 4147- provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 4148- provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 4149- 4150- provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 4151- provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 4152- 4153- provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 4154- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 4155- 4156- provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 4157- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4158- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4159- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4160+ // BEGIN android-removed 4161+ // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 4162+ // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 4163+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 4164+ // 4165+ // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 4166+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 4167+ // 4168+ // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 4169+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 4170+ // 4171+ // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 4172+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4173+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4174+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4175+ // END android-removed 4176 4177 provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); 4178 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4179 4180- provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 4181- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4182+ // BEGIN android-removed 4183+ // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 4184+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4185+ // END android-removed 4186 } 4187 } 4188 } 4189diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java 4190--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java 2013-02-10 00:37:58.000000000 +0000 4191+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java 2012-09-17 23:04:47.000000000 +0000 4192@@ -7,13 +7,17 @@ 4193 4194 import javax.crypto.spec.IvParameterSpec; 4195 import javax.crypto.spec.PBEParameterSpec; 4196-import javax.crypto.spec.RC2ParameterSpec; 4197+// BEGIN android-removed 4198+// import javax.crypto.spec.RC2ParameterSpec; 4199+// END android-removed 4200 4201 import org.bouncycastle.asn1.ASN1Encoding; 4202 import org.bouncycastle.asn1.ASN1Primitive; 4203 import org.bouncycastle.asn1.pkcs.PBKDF2Params; 4204 import org.bouncycastle.asn1.pkcs.PKCS12PBEParams; 4205-import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 4206+// BEGIN android-removed 4207+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 4208+// END android-removed 4209 import org.bouncycastle.util.Arrays; 4210 4211 public abstract class BaseAlgorithmParameters 4212@@ -39,177 +43,179 @@ 4213 protected abstract AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4214 throws InvalidParameterSpecException; 4215 4216- public static class RC2AlgorithmParameters 4217- extends BaseAlgorithmParameters 4218- { 4219- private static final short[] table = { 4220- 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 4221- 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 4222- 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 4223- 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 4224- 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 4225- 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 4226- 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 4227- 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 4228- 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 4229- 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 4230- 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 4231- 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 4232- 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 4233- 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 4234- 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 4235- 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 4236- }; 4237- 4238- private static final short[] ekb = { 4239- 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 4240- 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 4241- 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 4242- 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 4243- 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 4244- 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 4245- 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 4246- 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 4247- 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 4248- 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 4249- 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 4250- 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 4251- 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 4252- 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 4253- 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 4254- 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 4255- }; 4256- 4257- private byte[] iv; 4258- private int parameterVersion = 58; 4259- 4260- protected byte[] engineGetEncoded() 4261- { 4262- return Arrays.clone(iv); 4263- } 4264- 4265- protected byte[] engineGetEncoded( 4266- String format) 4267- throws IOException 4268- { 4269- if (this.isASN1FormatString(format)) 4270- { 4271- if (parameterVersion == -1) 4272- { 4273- return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 4274- } 4275- else 4276- { 4277- return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 4278- } 4279- } 4280- 4281- if (format.equals("RAW")) 4282- { 4283- return engineGetEncoded(); 4284- } 4285- 4286- return null; 4287- } 4288- 4289- protected AlgorithmParameterSpec localEngineGetParameterSpec( 4290- Class paramSpec) 4291- throws InvalidParameterSpecException 4292- { 4293- if (paramSpec == RC2ParameterSpec.class) 4294- { 4295- if (parameterVersion != -1) 4296- { 4297- if (parameterVersion < 256) 4298- { 4299- return new RC2ParameterSpec(ekb[parameterVersion], iv); 4300- } 4301- else 4302- { 4303- return new RC2ParameterSpec(parameterVersion, iv); 4304- } 4305- } 4306- } 4307- 4308- if (paramSpec == IvParameterSpec.class) 4309- { 4310- return new IvParameterSpec(iv); 4311- } 4312- 4313- throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 4314- } 4315- 4316- protected void engineInit( 4317- AlgorithmParameterSpec paramSpec) 4318- throws InvalidParameterSpecException 4319- { 4320- if (paramSpec instanceof IvParameterSpec) 4321- { 4322- this.iv = ((IvParameterSpec)paramSpec).getIV(); 4323- } 4324- else if (paramSpec instanceof RC2ParameterSpec) 4325- { 4326- int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 4327- if (effKeyBits != -1) 4328- { 4329- if (effKeyBits < 256) 4330- { 4331- parameterVersion = table[effKeyBits]; 4332- } 4333- else 4334- { 4335- parameterVersion = effKeyBits; 4336- } 4337- } 4338- 4339- this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 4340- } 4341- else 4342- { 4343- throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 4344- } 4345- } 4346- 4347- protected void engineInit( 4348- byte[] params) 4349- throws IOException 4350- { 4351- this.iv = Arrays.clone(params); 4352- } 4353- 4354- protected void engineInit( 4355- byte[] params, 4356- String format) 4357- throws IOException 4358- { 4359- if (this.isASN1FormatString(format)) 4360- { 4361- RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 4362- 4363- if (p.getRC2ParameterVersion() != null) 4364- { 4365- parameterVersion = p.getRC2ParameterVersion().intValue(); 4366- } 4367- 4368- iv = p.getIV(); 4369- 4370- return; 4371- } 4372- 4373- if (format.equals("RAW")) 4374- { 4375- engineInit(params); 4376- return; 4377- } 4378- 4379- throw new IOException("Unknown parameters format in IV parameters object"); 4380- } 4381- 4382- protected String engineToString() 4383- { 4384- return "RC2 Parameters"; 4385- } 4386- } 4387+ // BEGIN android-removed 4388+ // public static class RC2AlgorithmParameters 4389+ // extends BaseAlgorithmParameters 4390+ // { 4391+ // private static final short[] table = { 4392+ // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 4393+ // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 4394+ // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 4395+ // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 4396+ // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 4397+ // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 4398+ // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 4399+ // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 4400+ // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 4401+ // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 4402+ // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 4403+ // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 4404+ // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 4405+ // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 4406+ // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 4407+ // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 4408+ // }; 4409+ // 4410+ // private static final short[] ekb = { 4411+ // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 4412+ // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 4413+ // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 4414+ // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 4415+ // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 4416+ // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 4417+ // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 4418+ // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 4419+ // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 4420+ // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 4421+ // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 4422+ // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 4423+ // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 4424+ // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 4425+ // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 4426+ // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 4427+ // }; 4428+ // 4429+ // private byte[] iv; 4430+ // private int parameterVersion = 58; 4431+ // 4432+ // protected byte[] engineGetEncoded() 4433+ // { 4434+ // return Arrays.clone(iv); 4435+ // } 4436+ // 4437+ // protected byte[] engineGetEncoded( 4438+ // String format) 4439+ // throws IOException 4440+ // { 4441+ // if (this.isASN1FormatString(format)) 4442+ // { 4443+ // if (parameterVersion == -1) 4444+ // { 4445+ // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 4446+ // } 4447+ // else 4448+ // { 4449+ // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 4450+ // } 4451+ // } 4452+ // 4453+ // if (format.equals("RAW")) 4454+ // { 4455+ // return engineGetEncoded(); 4456+ // } 4457+ // 4458+ // return null; 4459+ // } 4460+ // 4461+ // protected AlgorithmParameterSpec localEngineGetParameterSpec( 4462+ // Class paramSpec) 4463+ // throws InvalidParameterSpecException 4464+ // { 4465+ // if (paramSpec == RC2ParameterSpec.class) 4466+ // { 4467+ // if (parameterVersion != -1) 4468+ // { 4469+ // if (parameterVersion < 256) 4470+ // { 4471+ // return new RC2ParameterSpec(ekb[parameterVersion], iv); 4472+ // } 4473+ // else 4474+ // { 4475+ // return new RC2ParameterSpec(parameterVersion, iv); 4476+ // } 4477+ // } 4478+ // } 4479+ // 4480+ // if (paramSpec == IvParameterSpec.class) 4481+ // { 4482+ // return new IvParameterSpec(iv); 4483+ // } 4484+ // 4485+ // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 4486+ // } 4487+ // 4488+ // protected void engineInit( 4489+ // AlgorithmParameterSpec paramSpec) 4490+ // throws InvalidParameterSpecException 4491+ // { 4492+ // if (paramSpec instanceof IvParameterSpec) 4493+ // { 4494+ // this.iv = ((IvParameterSpec)paramSpec).getIV(); 4495+ // } 4496+ // else if (paramSpec instanceof RC2ParameterSpec) 4497+ // { 4498+ // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 4499+ // if (effKeyBits != -1) 4500+ // { 4501+ // if (effKeyBits < 256) 4502+ // { 4503+ // parameterVersion = table[effKeyBits]; 4504+ // } 4505+ // else 4506+ // { 4507+ // parameterVersion = effKeyBits; 4508+ // } 4509+ // } 4510+ // 4511+ // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 4512+ // } 4513+ // else 4514+ // { 4515+ // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 4516+ // } 4517+ // } 4518+ // 4519+ // protected void engineInit( 4520+ // byte[] params) 4521+ // throws IOException 4522+ // { 4523+ // this.iv = Arrays.clone(params); 4524+ // } 4525+ // 4526+ // protected void engineInit( 4527+ // byte[] params, 4528+ // String format) 4529+ // throws IOException 4530+ // { 4531+ // if (this.isASN1FormatString(format)) 4532+ // { 4533+ // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 4534+ // 4535+ // if (p.getRC2ParameterVersion() != null) 4536+ // { 4537+ // parameterVersion = p.getRC2ParameterVersion().intValue(); 4538+ // } 4539+ // 4540+ // iv = p.getIV(); 4541+ // 4542+ // return; 4543+ // } 4544+ // 4545+ // if (format.equals("RAW")) 4546+ // { 4547+ // engineInit(params); 4548+ // return; 4549+ // } 4550+ // 4551+ // throw new IOException("Unknown parameters format in IV parameters object"); 4552+ // } 4553+ // 4554+ // protected String engineToString() 4555+ // { 4556+ // return "RC2 Parameters"; 4557+ // } 4558+ // } 4559+ // END android-removed 4560 4561 public static class PBKDF2 4562 extends BaseAlgorithmParameters 4563diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 4564--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2013-02-10 00:37:58.000000000 +0000 4565+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2012-09-17 23:04:47.000000000 +0000 4566@@ -17,8 +17,10 @@ 4567 import javax.crypto.ShortBufferException; 4568 import javax.crypto.spec.IvParameterSpec; 4569 import javax.crypto.spec.PBEParameterSpec; 4570-import javax.crypto.spec.RC2ParameterSpec; 4571-import javax.crypto.spec.RC5ParameterSpec; 4572+// BEGIN android-removed 4573+// import javax.crypto.spec.RC2ParameterSpec; 4574+// import javax.crypto.spec.RC5ParameterSpec; 4575+// END android-removed 4576 4577 import org.bouncycastle.crypto.BufferedBlockCipher; 4578 import org.bouncycastle.crypto.CipherParameters; 4579@@ -30,12 +32,18 @@ 4580 import org.bouncycastle.crypto.modes.CCMBlockCipher; 4581 import org.bouncycastle.crypto.modes.CFBBlockCipher; 4582 import org.bouncycastle.crypto.modes.CTSBlockCipher; 4583-import org.bouncycastle.crypto.modes.EAXBlockCipher; 4584+// BEGIN android-removed 4585+// import org.bouncycastle.crypto.modes.EAXBlockCipher; 4586+// END android-removed 4587 import org.bouncycastle.crypto.modes.GCMBlockCipher; 4588-import org.bouncycastle.crypto.modes.GOFBBlockCipher; 4589+// BEGIN android-removed 4590+// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 4591+// END android-removed 4592 import org.bouncycastle.crypto.modes.OFBBlockCipher; 4593-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 4594-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 4595+// BEGIN android-removed 4596+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 4597+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 4598+// END android-removed 4599 import org.bouncycastle.crypto.modes.SICBlockCipher; 4600 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 4601 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 4602@@ -47,11 +55,17 @@ 4603 import org.bouncycastle.crypto.params.KeyParameter; 4604 import org.bouncycastle.crypto.params.ParametersWithIV; 4605 import org.bouncycastle.crypto.params.ParametersWithRandom; 4606-import org.bouncycastle.crypto.params.ParametersWithSBox; 4607+// BEGIN android-removed 4608+// import org.bouncycastle.crypto.params.ParametersWithSBox; 4609+// END android-removed 4610 import org.bouncycastle.crypto.params.RC2Parameters; 4611-import org.bouncycastle.crypto.params.RC5Parameters; 4612+// BEGIN android-removed 4613+// import org.bouncycastle.crypto.params.RC5Parameters; 4614+// END android-removed 4615 import org.bouncycastle.jce.provider.BouncyCastleProvider; 4616-import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 4617+// BEGIN android-removed 4618+// import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 4619+// END android-removed 4620 import org.bouncycastle.jce.spec.RepeatedSecretKeySpec; 4621 import org.bouncycastle.util.Strings; 4622 4623@@ -64,11 +78,15 @@ 4624 // 4625 private Class[] availableSpecs = 4626 { 4627- RC2ParameterSpec.class, 4628- RC5ParameterSpec.class, 4629+ // BEGIN android-removed 4630+ // RC2ParameterSpec.class, 4631+ // RC5ParameterSpec.class, 4632+ // END android-removed 4633 IvParameterSpec.class, 4634 PBEParameterSpec.class, 4635- GOST28147ParameterSpec.class 4636+ // BEGIN android-removed 4637+ // GOST28147ParameterSpec.class 4638+ // END android-removed 4639 }; 4640 4641 private org.bouncycastle.crypto.BlockCipher baseEngine; 4642@@ -223,20 +241,22 @@ 4643 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 4644 } 4645 } 4646- else if (modeName.startsWith("PGP")) 4647- { 4648- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 4649- 4650- ivLength = baseEngine.getBlockSize(); 4651- cipher = new BufferedGenericBlockCipher( 4652- new PGPCFBBlockCipher(baseEngine, inlineIV)); 4653- } 4654- else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 4655- { 4656- ivLength = 0; 4657- cipher = new BufferedGenericBlockCipher( 4658- new OpenPGPCFBBlockCipher(baseEngine)); 4659- } 4660+ // BEGIN android-removed 4661+ // else if (modeName.startsWith("PGP")) 4662+ // { 4663+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 4664+ 4665+ // ivLength = baseEngine.getBlockSize(); 4666+ // cipher = new BufferedGenericBlockCipher( 4667+ // new PGPCFBBlockCipher(baseEngine, inlineIV)); 4668+ // } 4669+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 4670+ // { 4671+ // ivLength = 0; 4672+ // cipher = new BufferedGenericBlockCipher( 4673+ // new OpenPGPCFBBlockCipher(baseEngine)); 4674+ // } 4675+ // END android-removed 4676 else if (modeName.startsWith("SIC")) 4677 { 4678 ivLength = baseEngine.getBlockSize(); 4679@@ -253,12 +273,14 @@ 4680 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 4681 new SICBlockCipher(baseEngine))); 4682 } 4683- else if (modeName.startsWith("GOFB")) 4684- { 4685- ivLength = baseEngine.getBlockSize(); 4686- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 4687- new GOFBBlockCipher(baseEngine))); 4688- } 4689+ // BEGIN android-removed 4690+ // else if (modeName.startsWith("GOFB")) 4691+ // { 4692+ // ivLength = baseEngine.getBlockSize(); 4693+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 4694+ // new GOFBBlockCipher(baseEngine))); 4695+ // } 4696+ // END android-removed 4697 else if (modeName.startsWith("CTS")) 4698 { 4699 ivLength = baseEngine.getBlockSize(); 4700@@ -269,11 +291,13 @@ 4701 ivLength = baseEngine.getBlockSize(); 4702 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 4703 } 4704- else if (modeName.startsWith("EAX")) 4705- { 4706- ivLength = baseEngine.getBlockSize(); 4707- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 4708- } 4709+ // BEGIN android-removed 4710+ // else if (modeName.startsWith("EAX")) 4711+ // { 4712+ // ivLength = baseEngine.getBlockSize(); 4713+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 4714+ // } 4715+ // END android-removed 4716 else if (modeName.startsWith("GCM")) 4717 { 4718 ivLength = baseEngine.getBlockSize(); 4719@@ -442,63 +466,65 @@ 4720 param = new KeyParameter(key.getEncoded()); 4721 } 4722 } 4723- else if (params instanceof GOST28147ParameterSpec) 4724- { 4725- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 4726- 4727- param = new ParametersWithSBox( 4728- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 4729- 4730- if (gost28147Param.getIV() != null && ivLength != 0) 4731- { 4732- param = new ParametersWithIV(param, gost28147Param.getIV()); 4733- ivParam = (ParametersWithIV)param; 4734- } 4735- } 4736- else if (params instanceof RC2ParameterSpec) 4737- { 4738- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 4739- 4740- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 4741- 4742- if (rc2Param.getIV() != null && ivLength != 0) 4743- { 4744- param = new ParametersWithIV(param, rc2Param.getIV()); 4745- ivParam = (ParametersWithIV)param; 4746- } 4747- } 4748- else if (params instanceof RC5ParameterSpec) 4749- { 4750- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 4751- 4752- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 4753- if (baseEngine.getAlgorithmName().startsWith("RC5")) 4754- { 4755- if (baseEngine.getAlgorithmName().equals("RC5-32")) 4756- { 4757- if (rc5Param.getWordSize() != 32) 4758- { 4759- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 4760- } 4761- } 4762- else if (baseEngine.getAlgorithmName().equals("RC5-64")) 4763- { 4764- if (rc5Param.getWordSize() != 64) 4765- { 4766- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 4767- } 4768- } 4769- } 4770- else 4771- { 4772- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 4773- } 4774- if ((rc5Param.getIV() != null) && (ivLength != 0)) 4775- { 4776- param = new ParametersWithIV(param, rc5Param.getIV()); 4777- ivParam = (ParametersWithIV)param; 4778- } 4779- } 4780+ // BEGIN android-removed 4781+ // else if (params instanceof GOST28147ParameterSpec) 4782+ // { 4783+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 4784+ // 4785+ // param = new ParametersWithSBox( 4786+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 4787+ // 4788+ // if (gost28147Param.getIV() != null && ivLength != 0) 4789+ // { 4790+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 4791+ // ivParam = (ParametersWithIV)param; 4792+ // } 4793+ // } 4794+ // else if (params instanceof RC2ParameterSpec) 4795+ // { 4796+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 4797+ // 4798+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 4799+ // 4800+ // if (rc2Param.getIV() != null && ivLength != 0) 4801+ // { 4802+ // param = new ParametersWithIV(param, rc2Param.getIV()); 4803+ // ivParam = (ParametersWithIV)param; 4804+ // } 4805+ // } 4806+ // else if (params instanceof RC5ParameterSpec) 4807+ // { 4808+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 4809+ // 4810+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 4811+ // if (baseEngine.getAlgorithmName().startsWith("RC5")) 4812+ // { 4813+ // if (baseEngine.getAlgorithmName().equals("RC5-32")) 4814+ // { 4815+ // if (rc5Param.getWordSize() != 32) 4816+ // { 4817+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 4818+ // } 4819+ // } 4820+ // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 4821+ // { 4822+ // if (rc5Param.getWordSize() != 64) 4823+ // { 4824+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 4825+ // } 4826+ // } 4827+ // } 4828+ // else 4829+ // { 4830+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 4831+ // } 4832+ // if ((rc5Param.getIV() != null) && (ivLength != 0)) 4833+ // { 4834+ // param = new ParametersWithIV(param, rc5Param.getIV()); 4835+ // ivParam = (ParametersWithIV)param; 4836+ // } 4837+ // } 4838+ // END android-removed 4839 else 4840 { 4841 throw new InvalidAlgorithmParameterException("unknown parameter type."); 4842diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 4843--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-02-10 00:37:58.000000000 +0000 4844+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2012-09-17 23:04:47.000000000 +0000 4845@@ -11,25 +11,34 @@ 4846 4847 import org.bouncycastle.crypto.CipherParameters; 4848 import org.bouncycastle.crypto.Mac; 4849-import org.bouncycastle.crypto.digests.MD2Digest; 4850-import org.bouncycastle.crypto.digests.MD4Digest; 4851-import org.bouncycastle.crypto.digests.MD5Digest; 4852-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 4853-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 4854-import org.bouncycastle.crypto.digests.SHA1Digest; 4855-import org.bouncycastle.crypto.digests.SHA224Digest; 4856-import org.bouncycastle.crypto.digests.SHA256Digest; 4857-import org.bouncycastle.crypto.digests.SHA384Digest; 4858-import org.bouncycastle.crypto.digests.SHA512Digest; 4859-import org.bouncycastle.crypto.digests.TigerDigest; 4860+// BEGIN android-removed 4861+// import org.bouncycastle.crypto.digests.MD2Digest; 4862+// import org.bouncycastle.crypto.digests.MD4Digest; 4863+// import org.bouncycastle.crypto.digests.MD5Digest; 4864+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 4865+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 4866+// import org.bouncycastle.crypto.digests.SHA1Digest; 4867+// import org.bouncycastle.crypto.digests.SHA224Digest; 4868+// import org.bouncycastle.crypto.digests.SHA256Digest; 4869+// import org.bouncycastle.crypto.digests.SHA384Digest; 4870+// import org.bouncycastle.crypto.digests.SHA512Digest; 4871+// import org.bouncycastle.crypto.digests.TigerDigest; 4872+// END android-removed 4873+// BEGIN android-added 4874+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 4875+// END android-added 4876 import org.bouncycastle.crypto.engines.DESEngine; 4877 import org.bouncycastle.crypto.engines.RC2Engine; 4878 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 4879-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4880-import org.bouncycastle.crypto.macs.GOST28147Mac; 4881+// BEGIN android-removed 4882+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4883+// import org.bouncycastle.crypto.macs.GOST28147Mac; 4884+// END android-removed 4885 import org.bouncycastle.crypto.macs.HMac; 4886-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 4887-import org.bouncycastle.crypto.macs.OldHMac; 4888+// BEGIN android-removed 4889+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 4890+// import org.bouncycastle.crypto.macs.OldHMac; 4891+// END android-removed 4892 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 4893 import org.bouncycastle.crypto.params.KeyParameter; 4894 import org.bouncycastle.crypto.params.ParametersWithIV; 4895@@ -179,91 +188,93 @@ 4896 } 4897 } 4898 4899- /** 4900- * GOST28147 4901- */ 4902- public static class GOST28147 4903- extends BaseMac 4904- { 4905- public GOST28147() 4906- { 4907- super(new GOST28147Mac()); 4908- } 4909- } 4910- 4911- 4912- 4913- /** 4914- * DES 4915- */ 4916- public static class DESCFB8 4917- extends BaseMac 4918- { 4919- public DESCFB8() 4920- { 4921- super(new CFBBlockCipherMac(new DESEngine())); 4922- } 4923- } 4924- 4925- /** 4926- * RC2CFB8 4927- */ 4928- public static class RC2CFB8 4929- extends BaseMac 4930- { 4931- public RC2CFB8() 4932- { 4933- super(new CFBBlockCipherMac(new RC2Engine())); 4934- } 4935- } 4936- 4937- /** 4938- * DES9797Alg3with7816-4Padding 4939- */ 4940- public static class DES9797Alg3with7816d4 4941- extends BaseMac 4942- { 4943- public DES9797Alg3with7816d4() 4944- { 4945- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 4946- } 4947- } 4948- 4949- /** 4950- * DES9797Alg3 4951- */ 4952- public static class DES9797Alg3 4953- extends BaseMac 4954- { 4955- public DES9797Alg3() 4956- { 4957- super(new ISO9797Alg3Mac(new DESEngine())); 4958- } 4959- } 4960- 4961- /** 4962- * MD2 HMac 4963- */ 4964- public static class MD2 4965- extends BaseMac 4966- { 4967- public MD2() 4968- { 4969- super(new HMac(new MD2Digest())); 4970- } 4971- } 4972- 4973- /** 4974- * MD4 HMac 4975- */ 4976- public static class MD4 4977- extends BaseMac 4978- { 4979- public MD4() 4980- { 4981- super(new HMac(new MD4Digest())); 4982- } 4983- } 4984+ // BEGIN android-removed 4985+ // /** 4986+ // * GOST28147 4987+ // */ 4988+ // public static class GOST28147 4989+ // extends BaseMac 4990+ // { 4991+ // public GOST28147() 4992+ // { 4993+ // super(new GOST28147Mac()); 4994+ // } 4995+ // } 4996+ // 4997+ // 4998+ // 4999+ // /** 5000+ // * DES 5001+ // */ 5002+ // public static class DESCFB8 5003+ // extends BaseMac 5004+ // { 5005+ // public DESCFB8() 5006+ // { 5007+ // super(new CFBBlockCipherMac(new DESEngine())); 5008+ // } 5009+ // } 5010+ // 5011+ // /** 5012+ // * RC2CFB8 5013+ // */ 5014+ // public static class RC2CFB8 5015+ // extends BaseMac 5016+ // { 5017+ // public RC2CFB8() 5018+ // { 5019+ // super(new CFBBlockCipherMac(new RC2Engine())); 5020+ // } 5021+ // } 5022+ // 5023+ // /** 5024+ // * DES9797Alg3with7816-4Padding 5025+ // */ 5026+ // public static class DES9797Alg3with7816d4 5027+ // extends BaseMac 5028+ // { 5029+ // public DES9797Alg3with7816d4() 5030+ // { 5031+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5032+ // } 5033+ // } 5034+ // 5035+ // /** 5036+ // * DES9797Alg3 5037+ // */ 5038+ // public static class DES9797Alg3 5039+ // extends BaseMac 5040+ // { 5041+ // public DES9797Alg3() 5042+ // { 5043+ // super(new ISO9797Alg3Mac(new DESEngine())); 5044+ // } 5045+ // } 5046+ // 5047+ // /** 5048+ // * MD2 HMac 5049+ // */ 5050+ // public static class MD2 5051+ // extends BaseMac 5052+ // { 5053+ // public MD2() 5054+ // { 5055+ // super(new HMac(new MD2Digest())); 5056+ // } 5057+ // } 5058+ // 5059+ // /** 5060+ // * MD4 HMac 5061+ // */ 5062+ // public static class MD4 5063+ // extends BaseMac 5064+ // { 5065+ // public MD4() 5066+ // { 5067+ // super(new HMac(new MD4Digest())); 5068+ // } 5069+ // } 5070+ // END android-removed 5071 5072 /** 5073 * MD5 HMac 5074@@ -273,7 +284,9 @@ 5075 { 5076 public MD5() 5077 { 5078- super(new HMac(new MD5Digest())); 5079+ // BEGIN android-changed 5080+ super(new HMac(AndroidDigestFactory.getMD5())); 5081+ // END android-changed 5082 } 5083 } 5084 5085@@ -285,21 +298,25 @@ 5086 { 5087 public SHA1() 5088 { 5089- super(new HMac(new SHA1Digest())); 5090+ // BEGIN android-changed 5091+ super(new HMac(AndroidDigestFactory.getSHA1())); 5092+ // END android-changed 5093 } 5094 } 5095 5096- /** 5097- * SHA-224 HMac 5098- */ 5099- public static class SHA224 5100- extends BaseMac 5101- { 5102- public SHA224() 5103- { 5104- super(new HMac(new SHA224Digest())); 5105- } 5106- } 5107+ // BEGIN android-removed 5108+ // /** 5109+ // * SHA-224 HMac 5110+ // */ 5111+ // public static class SHA224 5112+ // extends BaseMac 5113+ // { 5114+ // public SHA224() 5115+ // { 5116+ // super(new HMac(new SHA224Digest())); 5117+ // } 5118+ // } 5119+ // END android-removed 5120 5121 /** 5122 * SHA-256 HMac 5123@@ -309,7 +326,7 @@ 5124 { 5125 public SHA256() 5126 { 5127- super(new HMac(new SHA256Digest())); 5128+ super(new HMac(AndroidDigestFactory.getSHA256())); 5129 } 5130 } 5131 5132@@ -321,18 +338,20 @@ 5133 { 5134 public SHA384() 5135 { 5136- super(new HMac(new SHA384Digest())); 5137+ super(new HMac(AndroidDigestFactory.getSHA384())); 5138 } 5139 } 5140 5141- public static class OldSHA384 5142- extends BaseMac 5143- { 5144- public OldSHA384() 5145- { 5146- super(new OldHMac(new SHA384Digest())); 5147- } 5148- } 5149+ // BEGIN android-removed 5150+ // public static class OldSHA384 5151+ // extends BaseMac 5152+ // { 5153+ // public OldSHA384() 5154+ // { 5155+ // super(new OldHMac(new SHA384Digest())); 5156+ // } 5157+ // } 5158+ // END android-removed 5159 5160 /** 5161 * SHA-512 HMac 5162@@ -342,75 +361,77 @@ 5163 { 5164 public SHA512() 5165 { 5166- super(new HMac(new SHA512Digest())); 5167- } 5168- } 5169- 5170- /** 5171- * SHA-512 HMac 5172- */ 5173- public static class OldSHA512 5174- extends BaseMac 5175- { 5176- public OldSHA512() 5177- { 5178- super(new OldHMac(new SHA512Digest())); 5179- } 5180- } 5181- 5182- /** 5183- * RIPEMD128 HMac 5184- */ 5185- public static class RIPEMD128 5186- extends BaseMac 5187- { 5188- public RIPEMD128() 5189- { 5190- super(new HMac(new RIPEMD128Digest())); 5191- } 5192- } 5193- 5194- /** 5195- * RIPEMD160 HMac 5196- */ 5197- public static class RIPEMD160 5198- extends BaseMac 5199- { 5200- public RIPEMD160() 5201- { 5202- super(new HMac(new RIPEMD160Digest())); 5203- } 5204- } 5205- 5206- /** 5207- * Tiger HMac 5208- */ 5209- public static class Tiger 5210- extends BaseMac 5211- { 5212- public Tiger() 5213- { 5214- super(new HMac(new TigerDigest())); 5215+ super(new HMac(AndroidDigestFactory.getSHA512())); 5216 } 5217 } 5218 5219+ // BEGIN android-removed 5220+ // /** 5221+ // * SHA-512 HMac 5222+ // */ 5223+ // public static class OldSHA512 5224+ // extends BaseMac 5225+ // { 5226+ // public OldSHA512() 5227+ // { 5228+ // super(new OldHMac(new SHA512Digest())); 5229+ // } 5230+ // } 5231+ // 5232+ // /** 5233+ // * RIPEMD128 HMac 5234+ // */ 5235+ // public static class RIPEMD128 5236+ // extends BaseMac 5237+ // { 5238+ // public RIPEMD128() 5239+ // { 5240+ // super(new HMac(new RIPEMD128Digest())); 5241+ // } 5242+ // } 5243 // 5244- // PKCS12 states that the same algorithm should be used 5245- // for the key generation as is used in the HMAC, so that 5246- // is what we do here. 5247+ // /** 5248+ // * RIPEMD160 HMac 5249+ // */ 5250+ // public static class RIPEMD160 5251+ // extends BaseMac 5252+ // { 5253+ // public RIPEMD160() 5254+ // { 5255+ // super(new HMac(new RIPEMD160Digest())); 5256+ // } 5257+ // } 5258 // 5259- 5260- /** 5261- * PBEWithHmacRIPEMD160 5262- */ 5263- public static class PBEWithRIPEMD160 5264- extends BaseMac 5265- { 5266- public PBEWithRIPEMD160() 5267- { 5268- super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 5269- } 5270- } 5271+ // /** 5272+ // * Tiger HMac 5273+ // */ 5274+ // public static class Tiger 5275+ // extends BaseMac 5276+ // { 5277+ // public Tiger() 5278+ // { 5279+ // super(new HMac(new TigerDigest())); 5280+ // } 5281+ // } 5282+ // 5283+ // // 5284+ // // PKCS12 states that the same algorithm should be used 5285+ // // for the key generation as is used in the HMAC, so that 5286+ // // is what we do here. 5287+ // // 5288+ // 5289+ // /** 5290+ // * PBEWithHmacRIPEMD160 5291+ // */ 5292+ // public static class PBEWithRIPEMD160 5293+ // extends BaseMac 5294+ // { 5295+ // public PBEWithRIPEMD160() 5296+ // { 5297+ // super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 5298+ // } 5299+ // } 5300+ // END android-removed 5301 5302 /** 5303 * PBEWithHmacSHA 5304@@ -420,19 +441,23 @@ 5305 { 5306 public PBEWithSHA() 5307 { 5308- super(new HMac(new SHA1Digest()), PKCS12, SHA1, 160); 5309+ // BEGIN android-changed 5310+ super(new HMac(AndroidDigestFactory.getSHA1()), PKCS12, SHA1, 160); 5311+ // END android-changed 5312 } 5313 } 5314 5315- /** 5316- * PBEWithHmacTiger 5317- */ 5318- public static class PBEWithTiger 5319- extends BaseMac 5320- { 5321- public PBEWithTiger() 5322- { 5323- super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 5324- } 5325- } 5326+ // BEGIN android-removed 5327+ // /** 5328+ // * PBEWithHmacTiger 5329+ // */ 5330+ // public static class PBEWithTiger 5331+ // extends BaseMac 5332+ // { 5333+ // public PBEWithTiger() 5334+ // { 5335+ // super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 5336+ // } 5337+ // } 5338+ // END android-removed 5339 } 5340diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 5341--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2013-02-10 00:37:58.000000000 +0000 5342+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2012-09-17 23:04:47.000000000 +0000 5343@@ -13,8 +13,10 @@ 5344 import javax.crypto.ShortBufferException; 5345 import javax.crypto.spec.IvParameterSpec; 5346 import javax.crypto.spec.PBEParameterSpec; 5347-import javax.crypto.spec.RC2ParameterSpec; 5348-import javax.crypto.spec.RC5ParameterSpec; 5349+// BEGIN android-removed 5350+// import javax.crypto.spec.RC2ParameterSpec; 5351+// import javax.crypto.spec.RC5ParameterSpec; 5352+// END android-removed 5353 5354 import org.bouncycastle.crypto.BlockCipher; 5355 import org.bouncycastle.crypto.CipherParameters; 5356@@ -34,8 +36,10 @@ 5357 // 5358 private Class[] availableSpecs = 5359 { 5360- RC2ParameterSpec.class, 5361- RC5ParameterSpec.class, 5362+ // BEGIN android-removed 5363+ // RC2ParameterSpec.class, 5364+ // RC5ParameterSpec.class, 5365+ // END android-removed 5366 IvParameterSpec.class, 5367 PBEParameterSpec.class 5368 }; 5369diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 5370--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2013-02-10 00:37:58.000000000 +0000 5371+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2012-09-17 23:04:47.000000000 +0000 5372@@ -22,8 +22,10 @@ 5373 import javax.crypto.ShortBufferException; 5374 import javax.crypto.spec.IvParameterSpec; 5375 import javax.crypto.spec.PBEParameterSpec; 5376-import javax.crypto.spec.RC2ParameterSpec; 5377-import javax.crypto.spec.RC5ParameterSpec; 5378+// BEGIN android-removed 5379+// import javax.crypto.spec.RC2ParameterSpec; 5380+// import javax.crypto.spec.RC5ParameterSpec; 5381+// END android-removed 5382 import javax.crypto.spec.SecretKeySpec; 5383 5384 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 5385@@ -45,8 +47,10 @@ 5386 { 5387 IvParameterSpec.class, 5388 PBEParameterSpec.class, 5389- RC2ParameterSpec.class, 5390- RC5ParameterSpec.class 5391+ // BEGIN android-removed 5392+ // RC2ParameterSpec.class, 5393+ // RC5ParameterSpec.class 5394+ // END android-removed 5395 }; 5396 5397 protected int pbeType = PKCS12; 5398@@ -258,6 +262,8 @@ 5399 return null; 5400 } 5401 5402+ // BEGIN android-changed 5403+ // added ShortBufferException to throws statement 5404 protected int engineDoFinal( 5405 byte[] input, 5406 int inputOffset, 5407@@ -268,6 +274,7 @@ 5408 { 5409 return 0; 5410 } 5411+ // END android-changed 5412 5413 protected byte[] engineWrap( 5414 Key key) 5415diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 5416--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-02-10 00:37:58.000000000 +0000 5417+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2012-09-17 23:04:47.000000000 +0000 5418@@ -7,13 +7,18 @@ 5419 5420 import org.bouncycastle.crypto.CipherParameters; 5421 import org.bouncycastle.crypto.PBEParametersGenerator; 5422-import org.bouncycastle.crypto.digests.GOST3411Digest; 5423-import org.bouncycastle.crypto.digests.MD2Digest; 5424-import org.bouncycastle.crypto.digests.MD5Digest; 5425-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 5426-import org.bouncycastle.crypto.digests.SHA1Digest; 5427-import org.bouncycastle.crypto.digests.SHA256Digest; 5428-import org.bouncycastle.crypto.digests.TigerDigest; 5429+// BEGIN android-removed 5430+// import org.bouncycastle.crypto.digests.GOST3411Digest; 5431+// import org.bouncycastle.crypto.digests.MD2Digest; 5432+// import org.bouncycastle.crypto.digests.MD5Digest; 5433+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 5434+// import org.bouncycastle.crypto.digests.SHA1Digest; 5435+// import org.bouncycastle.crypto.digests.SHA256Digest; 5436+// import org.bouncycastle.crypto.digests.TigerDigest; 5437+// END android-removed 5438+// BEGIN android-added 5439+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 5440+// END android-added 5441 import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; 5442 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 5443 import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; 5444@@ -29,11 +34,15 @@ 5445 // 5446 static final int MD5 = 0; 5447 static final int SHA1 = 1; 5448- static final int RIPEMD160 = 2; 5449- static final int TIGER = 3; 5450+ // BEGIN android-removed 5451+ // static final int RIPEMD160 = 2; 5452+ // static final int TIGER = 3; 5453+ // END android-removed 5454 static final int SHA256 = 4; 5455- static final int MD2 = 5; 5456- static final int GOST3411 = 6; 5457+ // BEGIN android-removed 5458+ // static final int MD2 = 5; 5459+ // static final int GOST3411 = 6; 5460+ // END android-removed 5461 5462 static final int PKCS5S1 = 0; 5463 static final int PKCS5S2 = 1; 5464@@ -55,14 +64,20 @@ 5465 { 5466 switch (hash) 5467 { 5468- case MD2: 5469- generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 5470- break; 5471+ // BEGIN android-removed 5472+ // case MD2: 5473+ // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 5474+ // break; 5475+ // END android-removed 5476 case MD5: 5477- generator = new PKCS5S1ParametersGenerator(new MD5Digest()); 5478+ // BEGIN android-changed 5479+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); 5480+ // END android-changed 5481 break; 5482 case SHA1: 5483- generator = new PKCS5S1ParametersGenerator(new SHA1Digest()); 5484+ // BEGIN android-changed 5485+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); 5486+ // END android-changed 5487 break; 5488 default: 5489 throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); 5490@@ -76,27 +91,39 @@ 5491 { 5492 switch (hash) 5493 { 5494- case MD2: 5495- generator = new PKCS12ParametersGenerator(new MD2Digest()); 5496- break; 5497+ // BEGIN android-removed 5498+ // case MD2: 5499+ // generator = new PKCS12ParametersGenerator(new MD2Digest()); 5500+ // break; 5501+ // END android-removed 5502 case MD5: 5503- generator = new PKCS12ParametersGenerator(new MD5Digest()); 5504+ // BEGIN android-changed 5505+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); 5506+ // END android-changed 5507 break; 5508 case SHA1: 5509- generator = new PKCS12ParametersGenerator(new SHA1Digest()); 5510- break; 5511- case RIPEMD160: 5512- generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 5513- break; 5514- case TIGER: 5515- generator = new PKCS12ParametersGenerator(new TigerDigest()); 5516- break; 5517+ // BEGIN android-changed 5518+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 5519+ // END android-changed 5520+ break; 5521+ // BEGIN android-removed 5522+ // case RIPEMD160: 5523+ // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 5524+ // break; 5525+ // case TIGER: 5526+ // generator = new PKCS12ParametersGenerator(new TigerDigest()); 5527+ // break; 5528+ // END android-removed 5529 case SHA256: 5530- generator = new PKCS12ParametersGenerator(new SHA256Digest()); 5531- break; 5532- case GOST3411: 5533- generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 5534- break; 5535+ // BEGIN android-changed 5536+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); 5537+ // END android-changed 5538+ break; 5539+ // BEGIN android-removed 5540+ // case GOST3411: 5541+ // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 5542+ // break; 5543+ // END android-removed 5544 default: 5545 throw new IllegalStateException("unknown digest scheme for PBE encryption."); 5546 } 5547diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/util/DigestFactory.java 5548--- bcprov-jdk15on-148.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-02-10 00:37:58.000000000 +0000 5549+++ bcprov-jdk15on-148/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2012-09-17 23:04:47.000000000 +0000 5550@@ -10,19 +10,26 @@ 5551 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 5552 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5553 import org.bouncycastle.crypto.Digest; 5554-import org.bouncycastle.crypto.digests.MD5Digest; 5555-import org.bouncycastle.crypto.digests.SHA1Digest; 5556-import org.bouncycastle.crypto.digests.SHA224Digest; 5557-import org.bouncycastle.crypto.digests.SHA256Digest; 5558-import org.bouncycastle.crypto.digests.SHA384Digest; 5559-import org.bouncycastle.crypto.digests.SHA512Digest; 5560+// BEGIN android-removed 5561+// import org.bouncycastle.crypto.digests.MD5Digest; 5562+// import org.bouncycastle.crypto.digests.SHA1Digest; 5563+// import org.bouncycastle.crypto.digests.SHA224Digest; 5564+// import org.bouncycastle.crypto.digests.SHA256Digest; 5565+// import org.bouncycastle.crypto.digests.SHA384Digest; 5566+// import org.bouncycastle.crypto.digests.SHA512Digest; 5567+// END android-removed 5568+// BEGIN android-added 5569+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 5570+// END android-added 5571 import org.bouncycastle.util.Strings; 5572 5573 public class DigestFactory 5574 { 5575 private static Set md5 = new HashSet(); 5576 private static Set sha1 = new HashSet(); 5577- private static Set sha224 = new HashSet(); 5578+ // BEGIN android-removed 5579+ // private static Set sha224 = new HashSet(); 5580+ // END android-removed 5581 private static Set sha256 = new HashSet(); 5582 private static Set sha384 = new HashSet(); 5583 private static Set sha512 = new HashSet(); 5584@@ -38,9 +45,11 @@ 5585 sha1.add("SHA-1"); 5586 sha1.add(OIWObjectIdentifiers.idSHA1.getId()); 5587 5588- sha224.add("SHA224"); 5589- sha224.add("SHA-224"); 5590- sha224.add(NISTObjectIdentifiers.id_sha224.getId()); 5591+ // BEGIN android-removed 5592+ // sha224.add("SHA224"); 5593+ // sha224.add("SHA-224"); 5594+ // sha224.add(NISTObjectIdentifiers.id_sha224.getId()); 5595+ // END android-removed 5596 5597 sha256.add("SHA256"); 5598 sha256.add("SHA-256"); 5599@@ -61,9 +70,11 @@ 5600 oids.put("SHA-1", OIWObjectIdentifiers.idSHA1); 5601 oids.put(OIWObjectIdentifiers.idSHA1.getId(), OIWObjectIdentifiers.idSHA1); 5602 5603- oids.put("SHA224", NISTObjectIdentifiers.id_sha224); 5604- oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); 5605- oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); 5606+ // BEGIN android-removed 5607+ // oids.put("SHA224", NISTObjectIdentifiers.id_sha224); 5608+ // oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); 5609+ // oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); 5610+ // END android-removed 5611 5612 oids.put("SHA256", NISTObjectIdentifiers.id_sha256); 5613 oids.put("SHA-256", NISTObjectIdentifiers.id_sha256); 5614@@ -85,27 +96,39 @@ 5615 5616 if (sha1.contains(digestName)) 5617 { 5618- return new SHA1Digest(); 5619+ // BEGIN android-changed 5620+ return AndroidDigestFactory.getSHA1(); 5621+ // END android-changed 5622 } 5623 if (md5.contains(digestName)) 5624 { 5625- return new MD5Digest(); 5626- } 5627- if (sha224.contains(digestName)) 5628- { 5629- return new SHA224Digest(); 5630- } 5631+ // BEGIN android-changed 5632+ return AndroidDigestFactory.getMD5(); 5633+ // END android-changed 5634+ } 5635+ // BEGIN android-removed 5636+ // if (sha224.contains(digestName)) 5637+ // { 5638+ // return new SHA224Digest(); 5639+ // } 5640+ // END android-removed 5641 if (sha256.contains(digestName)) 5642 { 5643- return new SHA256Digest(); 5644+ // BEGIN android-changed 5645+ return AndroidDigestFactory.getSHA256(); 5646+ // END android-changed 5647 } 5648 if (sha384.contains(digestName)) 5649 { 5650- return new SHA384Digest(); 5651+ // BEGIN android-changed 5652+ return AndroidDigestFactory.getSHA384(); 5653+ // END android-changed 5654 } 5655 if (sha512.contains(digestName)) 5656 { 5657- return new SHA512Digest(); 5658+ // BEGIN android-changed 5659+ return AndroidDigestFactory.getSHA512(); 5660+ // END android-changed 5661 } 5662 5663 return null; 5664@@ -116,7 +139,9 @@ 5665 String digest2) 5666 { 5667 return (sha1.contains(digest1) && sha1.contains(digest2)) 5668- || (sha224.contains(digest1) && sha224.contains(digest2)) 5669+ // BEGIN android-removed 5670+ // || (sha224.contains(digest1) && sha224.contains(digest2)) 5671+ // END android-removed 5672 || (sha256.contains(digest1) && sha256.contains(digest2)) 5673 || (sha384.contains(digest1) && sha384.contains(digest2)) 5674 || (sha512.contains(digest1) && sha512.contains(digest2)) 5675diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/ECNamedCurveTable.java bcprov-jdk15on-148/org/bouncycastle/jce/ECNamedCurveTable.java 5676--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/ECNamedCurveTable.java 2013-02-10 00:37:58.000000000 +0000 5677+++ bcprov-jdk15on-148/org/bouncycastle/jce/ECNamedCurveTable.java 2012-09-17 23:04:47.000000000 +0000 5678@@ -6,7 +6,9 @@ 5679 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 5680 import org.bouncycastle.asn1.nist.NISTNamedCurves; 5681 import org.bouncycastle.asn1.sec.SECNamedCurves; 5682-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 5683+// BEGIN android-removed 5684+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 5685+// END android-removed 5686 import org.bouncycastle.asn1.x9.X962NamedCurves; 5687 import org.bouncycastle.asn1.x9.X9ECParameters; 5688 import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 5689@@ -55,21 +57,23 @@ 5690 } 5691 } 5692 5693- if (ecP == null) 5694- { 5695- ecP = TeleTrusTNamedCurves.getByName(name); 5696- if (ecP == null) 5697- { 5698- try 5699- { 5700- ecP = TeleTrusTNamedCurves.getByOID(new ASN1ObjectIdentifier(name)); 5701- } 5702- catch (IllegalArgumentException e) 5703- { 5704- // ignore - not an oid 5705- } 5706- } 5707- } 5708+ // BEGIN android-removed 5709+ // if (ecP == null) 5710+ // { 5711+ // ecP = TeleTrusTNamedCurves.getByName(name); 5712+ // if (ecP == null) 5713+ // { 5714+ // try 5715+ // { 5716+ // ecP = TeleTrusTNamedCurves.getByOID(new ASN1ObjectIdentifier(name)); 5717+ // } 5718+ // catch (IllegalArgumentException e) 5719+ // { 5720+ // // ignore - not an oid 5721+ // } 5722+ // } 5723+ // } 5724+ // END android-removed 5725 5726 if (ecP == null) 5727 { 5728@@ -102,7 +106,9 @@ 5729 addEnumeration(v, X962NamedCurves.getNames()); 5730 addEnumeration(v, SECNamedCurves.getNames()); 5731 addEnumeration(v, NISTNamedCurves.getNames()); 5732- addEnumeration(v, TeleTrusTNamedCurves.getNames()); 5733+ // BEGIN android-removed 5734+ // addEnumeration(v, TeleTrusTNamedCurves.getNames()); 5735+ // END android-removed 5736 5737 return v.elements(); 5738 } 5739diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-148/org/bouncycastle/jce/PKCS10CertificationRequest.java 5740--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2013-02-10 00:37:58.000000000 +0000 5741+++ bcprov-jdk15on-148/org/bouncycastle/jce/PKCS10CertificationRequest.java 2012-09-17 23:04:47.000000000 +0000 5742@@ -30,14 +30,18 @@ 5743 import org.bouncycastle.asn1.DERBitString; 5744 import org.bouncycastle.asn1.DERNull; 5745 import org.bouncycastle.asn1.DERObjectIdentifier; 5746-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 5747+// BEGIN android-removed 5748+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 5749+// END android-removed 5750 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 5751 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 5752 import org.bouncycastle.asn1.pkcs.CertificationRequest; 5753 import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; 5754 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5755 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 5756-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 5757+// BEGIN android-removed 5758+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 5759+// END android-removed 5760 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 5761 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 5762 import org.bouncycastle.asn1.x509.X509Name; 5763@@ -81,15 +85,20 @@ 5764 5765 static 5766 { 5767- algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 5768- algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 5769+ // BEGIN android-removed 5770+ // Dropping MD2 5771+ // algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 5772+ // algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 5773+ // END android-removed 5774 algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 5775 algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 5776 algorithms.put("RSAWITHMD5", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 5777 algorithms.put("SHA1WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 5778 algorithms.put("SHA1WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 5779- algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 5780- algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 5781+ // BEGIN android-removed 5782+ // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 5783+ // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 5784+ // END android-removed 5785 algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); 5786 algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); 5787 algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); 5788@@ -97,57 +106,78 @@ 5789 algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); 5790 algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); 5791 algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 5792- algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 5793+ // BEGIN android-removed 5794+ // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 5795+ // END android-removed 5796 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 5797 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 5798 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 5799 algorithms.put("RSAWITHSHA1", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 5800- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 5801- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 5802- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 5803- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 5804- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 5805- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 5806+ // BEGIN android-removed 5807+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 5808+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 5809+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 5810+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 5811+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 5812+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 5813+ // END android-removed 5814 algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3")); 5815 algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3")); 5816- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 5817+ // BEGIN android-removed 5818+ // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 5819+ // END android-removed 5820 algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); 5821 algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); 5822 algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); 5823 algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); 5824- algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 5825+ // BEGIN android-removed 5826+ // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 5827+ // END android-removed 5828 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 5829 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 5830 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 5831 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 5832- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 5833- algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 5834- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5835- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5836- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5837+ // BEGIN android-removed 5838+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 5839+ // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 5840+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5841+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5842+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5843+ // END android-removed 5844 5845 // 5846 // reverse mappings 5847 // 5848 oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA"); 5849- oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); 5850+ // BEGIN android-removed 5851+ // oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); 5852+ // END android-removed 5853 oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); 5854 oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); 5855 oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); 5856- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 5857- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 5858+ // BEGIN android-removed 5859+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 5860+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 5861+ // END android-removed 5862 5863 oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); 5864- oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 5865+ // BEGIN android-removed 5866+ // Dropping MD2 5867+ // oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 5868+ // END android-removed 5869 oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); 5870 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); 5871- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 5872+ // BEGIN android-removed 5873+ // oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 5874+ // END android-removed 5875 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); 5876 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); 5877 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); 5878 oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 5879 oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA"); 5880- oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); 5881+ // BEGIN android-removed 5882+ // oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); 5883+ // END android-removed 5884 oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); 5885 5886 // 5887@@ -161,27 +191,35 @@ 5888 // The parameters field SHALL be NULL for RSA based signature algorithms. 5889 // 5890 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); 5891- noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 5892+ // BEGIN android-removed 5893+ // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 5894+ // END android-removed 5895 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); 5896 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); 5897 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); 5898 noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); 5899- noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 5900+ // BEGIN android-removed 5901+ // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 5902+ // END android-removed 5903 noParams.add(NISTObjectIdentifiers.dsa_with_sha256); 5904 5905 // 5906 // RFC 4491 5907 // 5908- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 5909- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5910+ // BEGIN android-removed 5911+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 5912+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 5913+ // END android-removed 5914 // 5915 // explicit params 5916 // 5917 AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); 5918 params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); 5919 5920- AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); 5921- params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 5922+ // BEGIN android-removed 5923+ // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); 5924+ // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 5925+ // END android-removed 5926 5927 AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); 5928 params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); 5929@@ -600,10 +638,12 @@ 5930 { 5931 return "SHA1"; 5932 } 5933- else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 5934- { 5935- return "SHA224"; 5936- } 5937+ // BEGIN android-removed 5938+ // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 5939+ // { 5940+ // return "SHA224"; 5941+ // } 5942+ // END android-removed 5943 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 5944 { 5945 return "SHA256"; 5946@@ -616,22 +656,24 @@ 5947 { 5948 return "SHA512"; 5949 } 5950- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 5951- { 5952- return "RIPEMD128"; 5953- } 5954- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 5955- { 5956- return "RIPEMD160"; 5957- } 5958- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 5959- { 5960- return "RIPEMD256"; 5961- } 5962- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 5963- { 5964- return "GOST3411"; 5965- } 5966+ // BEGIN android-removed 5967+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 5968+ // { 5969+ // return "RIPEMD128"; 5970+ // } 5971+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 5972+ // { 5973+ // return "RIPEMD160"; 5974+ // } 5975+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 5976+ // { 5977+ // return "RIPEMD256"; 5978+ // } 5979+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 5980+ // { 5981+ // return "GOST3411"; 5982+ // } 5983+ // END android-removed 5984 else 5985 { 5986 return digestAlgOID.getId(); 5987diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/BouncyCastleProvider.java 5988--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2013-02-10 00:37:58.000000000 +0000 5989+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2012-09-17 23:04:47.000000000 +0000 5990@@ -11,7 +11,9 @@ 5991 5992 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 5993 import org.bouncycastle.asn1.bc.BCObjectIdentifiers; 5994-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 5995+// BEGIN android-removed 5996+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 5997+// END android-removed 5998 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5999 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 6000 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 6001@@ -49,7 +51,10 @@ 6002 { 6003 private static String info = "BouncyCastle Security Provider v1.48"; 6004 6005- public static String PROVIDER_NAME = "BC"; 6006+ // BEGIN android-changed 6007+ // this constant should be final 6008+ public static final String PROVIDER_NAME = "BC"; 6009+ // END android-changed 6010 6011 public static final ProviderConfiguration CONFIGURATION = new BouncyCastleProviderConfiguration(); 6012 6013@@ -62,8 +67,13 @@ 6014 private static final String SYMMETRIC_CIPHER_PACKAGE = "org.bouncycastle.jcajce.provider.symmetric."; 6015 private static final String[] SYMMETRIC_CIPHERS = 6016 { 6017- "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "DES", "DESede", "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", 6018- "Noekeon", "RC2", "RC5", "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Skipjack", "TEA", "Twofish", "VMPC", "VMPCKSA3", "XTEA" 6019+ // BEGIN android-removed 6020+ // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "DES", "DESede", "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", 6021+ // "Noekeon", "RC2", "RC5", "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Skipjack", "TEA", "Twofish", "VMPC", "VMPCKSA3", "XTEA" 6022+ // END android-removed 6023+ // BEGIN android-added 6024+ "AES", "ARC4", "Blowfish", "DES", "DESede", 6025+ // END android-added 6026 }; 6027 6028 /* 6029@@ -80,7 +90,12 @@ 6030 6031 private static final String[] ASYMMETRIC_CIPHERS = 6032 { 6033- "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 6034+ // BEGIN android-removed 6035+ // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 6036+ // END android-removed 6037+ // BEGIN android-added 6038+ "DSA", "DH", "EC", "RSA", 6039+ // END android-added 6040 }; 6041 6042 /* 6043@@ -89,7 +104,12 @@ 6044 private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; 6045 private static final String[] DIGESTS = 6046 { 6047- "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Tiger", "Whirlpool" 6048+ // BEGIN android-removed 6049+ // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Tiger", "Whirlpool" 6050+ // END android-removed 6051+ // BEGIN android-added 6052+ "MD5", "SHA1", "SHA256", "SHA384", "SHA512", 6053+ // END android-added 6054 }; 6055 6056 /** 6057@@ -121,26 +141,28 @@ 6058 6059 loadAlgorithms(ASYMMETRIC_CIPHER_PACKAGE, ASYMMETRIC_CIPHERS); 6060 6061- // 6062- // X509Store 6063- // 6064- put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 6065- put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 6066- put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 6067- put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 6068- 6069- put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 6070- put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 6071- put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 6072- put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 6073- 6074- // 6075- // X509StreamParser 6076- // 6077- put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 6078- put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 6079- put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 6080- put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 6081+ // BEGIN android-removed 6082+ // // 6083+ // // X509Store 6084+ // // 6085+ // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 6086+ // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 6087+ // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 6088+ // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 6089+ // 6090+ // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 6091+ // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 6092+ // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 6093+ // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 6094+ // 6095+ // // 6096+ // // X509StreamParser 6097+ // // 6098+ // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 6099+ // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 6100+ // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 6101+ // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 6102+ // END android-removed 6103 6104 6105 // 6106@@ -149,14 +171,24 @@ 6107 put("KeyStore.BKS", "org.bouncycastle.jce.provider.JDKKeyStore"); 6108 put("KeyStore.BouncyCastle", "org.bouncycastle.jce.provider.JDKKeyStore$BouncyCastleStore"); 6109 put("KeyStore.PKCS12", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); 6110- put("KeyStore.BCPKCS12", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); 6111- put("KeyStore.PKCS12-DEF", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6112- 6113- put("KeyStore.PKCS12-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); 6114- put("KeyStore.PKCS12-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore3DES"); 6115- 6116- put("KeyStore.PKCS12-DEF-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6117- put("KeyStore.PKCS12-DEF-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore3DES"); 6118+ // BEGIN android-changed 6119+ put("Alg.Alias.KeyStore.BCPKCS12", "PKCS12"); 6120+ // END android-changed 6121+ // BEGIN android-removed 6122+ // put("KeyStore.PKCS12-DEF", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6123+ // END android-removed 6124+ 6125+ // BEGIN android-changed 6126+ put("Alg.Alias.KeyStore.PKCS12-3DES-40RC2", "PKCS12"); 6127+ // END android-changed 6128+ // BEGIN android-removed 6129+ // put("KeyStore.PKCS12-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore3DES"); 6130+ // END android-removed 6131+ 6132+ // BEGIN android-removed 6133+ // put("KeyStore.PKCS12-DEF-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); 6134+ // put("KeyStore.PKCS12-DEF-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore3DES"); 6135+ // END android-removed 6136 6137 put("Alg.Alias.KeyStore.UBER", "BouncyCastle"); 6138 put("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); 6139@@ -165,29 +197,41 @@ 6140 // 6141 // algorithm parameters 6142 // 6143- put("AlgorithmParameters.IES", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IES"); 6144+ // BEGIN android-removed 6145+ // put("AlgorithmParameters.IES", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IES"); 6146+ // END android-removed 6147 put("AlgorithmParameters.PKCS12PBE", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PKCS12PBE"); 6148 6149- put("AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PBKDF2"); 6150+ // BEGIN android-removed 6151+ // put("AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PBKDF2"); 6152+ // END android-removed 6153 6154 6155 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2", "PKCS12PBE"); 6156- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES", "PKCS12PBE"); 6157- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES", "PKCS12PBE"); 6158- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC2", "PKCS12PBE"); 6159- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC4", "PKCS12PBE"); 6160+ // BEGIN android-removed 6161+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES", "PKCS12PBE"); 6162+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES", "PKCS12PBE"); 6163+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC2", "PKCS12PBE"); 6164+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC4", "PKCS12PBE"); 6165+ // END android-removed 6166 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 6167- put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2-CBC", "PKCS12PBE"); 6168+ // BEGIN android-removed 6169+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2-CBC", "PKCS12PBE"); 6170+ // END android-removed 6171 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PKCS12PBE"); 6172 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PKCS12PBE"); 6173- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES3KEY-CBC", "PKCS12PBE"); 6174- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES2KEY-CBC", "PKCS12PBE"); 6175+ // BEGIN android-removed 6176+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES3KEY-CBC", "PKCS12PBE"); 6177+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES2KEY-CBC", "PKCS12PBE"); 6178+ // END android-removed 6179 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC2-CBC", "PKCS12PBE"); 6180 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC4", "PKCS12PBE"); 6181 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITRC2-CBC", "PKCS12PBE"); 6182 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITRC4", "PKCS12PBE"); 6183 put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 6184- put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 6185+ // BEGIN android-removed 6186+ // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 6187+ // END android-removed 6188 put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.1", "PKCS12PBE"); 6189 put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.2", "PKCS12PBE"); 6190 put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.3", "PKCS12PBE"); 6191@@ -218,12 +262,14 @@ 6192 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND128BITAES-CBC-BC","PKCS12PBE"); 6193 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND192BITAES-CBC-BC","PKCS12PBE"); 6194 put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND256BITAES-CBC-BC","PKCS12PBE"); 6195- 6196- put("AlgorithmParameters.SHA1WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6197- put("AlgorithmParameters.SHA224WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6198- put("AlgorithmParameters.SHA256WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6199- put("AlgorithmParameters.SHA384WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6200- put("AlgorithmParameters.SHA512WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6201+ 6202+ // BEGIN android-removed 6203+ // put("AlgorithmParameters.SHA1WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6204+ // put("AlgorithmParameters.SHA224WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6205+ // put("AlgorithmParameters.SHA256WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6206+ // put("AlgorithmParameters.SHA384WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6207+ // put("AlgorithmParameters.SHA512WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); 6208+ // END android-removed 6209 6210 // 6211 // key agreement 6212@@ -235,14 +281,20 @@ 6213 // 6214 put("Alg.Alias.Cipher.PBEWithSHAAnd3KeyTripleDES", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 6215 6216- put("Cipher.IES", "org.bouncycastle.jce.provider.JCEIESCipher$IES"); 6217- put("Cipher.BrokenIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenIES"); 6218+ // BEGIN android-removed 6219+ // put("Cipher.IES", "org.bouncycastle.jce.provider.JCEIESCipher$IES"); 6220+ // put("Cipher.BrokenIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenIES"); 6221+ // END android-removed 6222 6223 put("Cipher.PBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithMD5AndDES"); 6224- put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 6225+ // BEGIN android-removed 6226+ // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 6227+ // END android-removed 6228 put("Cipher.PBEWITHMD5ANDRC2", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithMD5AndRC2"); 6229 put("Cipher.PBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHA1AndDES"); 6230- put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 6231+ // BEGIN android-removed 6232+ // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 6233+ // END android-removed 6234 put("Cipher.PBEWITHSHA1ANDRC2", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHA1AndRC2"); 6235 6236 put("Cipher.PBEWITHSHAAND128BITRC2-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAnd128BitRC2"); 6237@@ -284,10 +336,12 @@ 6238 put("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithAESCBC"); 6239 6240 put("Cipher.PBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAndTwofish"); 6241- put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 6242- 6243- put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6244- put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6245+ // BEGIN android-removed 6246+ // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 6247+ // 6248+ // put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6249+ // put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6250+ // END android-removed 6251 put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 6252 put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDDES"); 6253 put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 6254@@ -324,16 +378,20 @@ 6255 // 6256 // secret key factories. 6257 // 6258- put("SecretKeyFactory.PBEWITHMD2ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndDES"); 6259- 6260- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6261- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6262+ // BEGIN android-removed 6263+ // put("SecretKeyFactory.PBEWITHMD2ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndDES"); 6264+ // 6265+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6266+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6267+ // END android-removed 6268 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 6269 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDDES"); 6270 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 6271 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC, "PBEWITHSHA1ANDRC2"); 6272 6273- put("SecretKeyFactory.PBEWITHMD2ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndRC2"); 6274+ // BEGIN android-removed 6275+ // put("SecretKeyFactory.PBEWITHMD2ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndRC2"); 6276+ // END android-removed 6277 put("SecretKeyFactory.PBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5AndDES"); 6278 put("SecretKeyFactory.PBEWITHMD5ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5AndRC2"); 6279 put("SecretKeyFactory.PBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHA1AndDES"); 6280@@ -345,33 +403,41 @@ 6281 put("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAnd128BitRC2"); 6282 put("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAnd40BitRC2"); 6283 put("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAndTwofish"); 6284- put("SecretKeyFactory.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithRIPEMD160"); 6285+ // BEGIN android-removed 6286+ // put("SecretKeyFactory.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithRIPEMD160"); 6287+ // END android-removed 6288 put("SecretKeyFactory.PBEWITHHMACSHA1", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHA"); 6289- put("SecretKeyFactory.PBEWITHHMACTIGER", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithTiger"); 6290+ // BEGIN android-removed 6291+ // put("SecretKeyFactory.PBEWITHHMACTIGER", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithTiger"); 6292+ // END android-removed 6293 6294 put("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And128BitAESCBCOpenSSL"); 6295 put("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And192BitAESCBCOpenSSL"); 6296 put("SecretKeyFactory.PBEWITHMD5AND256BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And256BitAESCBCOpenSSL"); 6297 6298- put("SecretKeyFactory." + CryptoProObjectIdentifiers.gostR3411, "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithGOST3411"); 6299- 6300- put("Alg.Alias.SecretKeyFactory.PBE", "PBE/PKCS5"); 6301- 6302- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHMD5ANDDES", "PBE/PKCS5"); 6303- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHA1ANDDES", "PBE/PKCS5"); 6304- put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6305- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6306- put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6307- put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAANDTWOFISH-CBC", "PBE/PKCS12"); 6308- 6309- put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 6310- put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6311+ // BEGIN android-removed 6312+ // put("SecretKeyFactory." + CryptoProObjectIdentifiers.gostR3411, "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithGOST3411"); 6313+ // 6314+ // put("Alg.Alias.SecretKeyFactory.PBE", "PBE/PKCS5"); 6315+ // 6316+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHMD5ANDDES", "PBE/PKCS5"); 6317+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHA1ANDDES", "PBE/PKCS5"); 6318+ // put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6319+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6320+ // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBE/PKCS12"); 6321+ // put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAANDTWOFISH-CBC", "PBE/PKCS12"); 6322+ // 6323+ // put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 6324+ // put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6325+ // END android-removed 6326 put("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); 6327 put("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); 6328 put("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); 6329 put("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); 6330- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6331- put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6332+ // BEGIN android-removed 6333+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 6334+ // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6335+ // END android-removed 6336 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 6337 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6338 put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 6339@@ -408,20 +474,31 @@ 6340 put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.getId(), "PBEWITHSHA256AND128BITAES-CBC-BC"); 6341 put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PBEWITHSHA256AND192BITAES-CBC-BC"); 6342 put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PBEWITHSHA256AND256BITAES-CBC-BC"); 6343+ // BEGIN android-added 6344+ 6345+ put("SecretKeyFactory.PBKDF2WithHmacSHA1", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBKDF2WithHmacSHA1"); 6346+ // END android-added 6347 6348 addMacAlgorithms(); 6349 6350 // Certification Path API 6351- put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 6352- put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 6353- put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 6354- put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 6355+ // BEGIN android-removed 6356+ // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 6357+ // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 6358+ // END android-removed 6359+ // BEGIN android-changed 6360+ // Use Alg.Alias so RFC3280 doesn't show up when iterating provider services, only PKIX 6361+ put("Alg.Alias.CertPathValidator.RFC3280", "PKIX"); 6362+ put("Alg.Alias.CertPathBuilder.RFC3280", "PKIX"); 6363+ // END android-changed 6364 put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 6365 put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 6366 put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); 6367- put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 6368- put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 6369- put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 6370+ // BEGIN android-removed 6371+ // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 6372+ // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 6373+ // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 6374+ // END android-removed 6375 } 6376 6377 private void loadAlgorithms(String packageName, String[] names) 6378@@ -468,21 +545,25 @@ 6379 private void addMacAlgorithms() 6380 { 6381 6382- put("Mac.DESWITHISO9797", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6383- put("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 6384- 6385- put("Mac.ISO9797ALG3MAC", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6386- put("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 6387- put("Mac.ISO9797ALG3WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3with7816d4"); 6388- put("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 6389- 6390- put("Mac.OLDHMACSHA384", "org.bouncycastle.jce.provider.JCEMac$OldSHA384"); 6391- 6392- put("Mac.OLDHMACSHA512", "org.bouncycastle.jce.provider.JCEMac$OldSHA512"); 6393+ // BEGIN android-removed 6394+ // put("Mac.DESWITHISO9797", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6395+ // put("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 6396+ // 6397+ // put("Mac.ISO9797ALG3MAC", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); 6398+ // put("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 6399+ // put("Mac.ISO9797ALG3WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3with7816d4"); 6400+ // put("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 6401+ // 6402+ // put("Mac.OLDHMACSHA384", "org.bouncycastle.jce.provider.JCEMac$OldSHA384"); 6403+ // 6404+ // put("Mac.OLDHMACSHA512", "org.bouncycastle.jce.provider.JCEMac$OldSHA512"); 6405+ // END android-removed 6406 6407 put("Mac.PBEWITHHMACSHA", "org.bouncycastle.jce.provider.JCEMac$PBEWithSHA"); 6408 put("Mac.PBEWITHHMACSHA1", "org.bouncycastle.jce.provider.JCEMac$PBEWithSHA"); 6409- put("Mac.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCEMac$PBEWithRIPEMD160"); 6410+ // BEGIN android-removed 6411+ // put("Mac.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCEMac$PBEWithRIPEMD160"); 6412+ // END android-removed 6413 put("Alg.Alias.Mac.1.3.14.3.2.26", "PBEWITHHMACSHA"); 6414 } 6415 6416diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/CertBlacklist.java 6417--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 6418+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/CertBlacklist.java 2013-01-16 01:38:43.000000000 +0000 6419@@ -0,0 +1,224 @@ 6420+/* 6421+ * Copyright (C) 2012 The Android Open Source Project 6422+ * 6423+ * Licensed under the Apache License, Version 2.0 (the "License"); 6424+ * you may not use this file except in compliance with the License. 6425+ * You may obtain a copy of the License at 6426+ * 6427+ * http://www.apache.org/licenses/LICENSE-2.0 6428+ * 6429+ * Unless required by applicable law or agreed to in writing, software 6430+ * distributed under the License is distributed on an "AS IS" BASIS, 6431+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 6432+ * See the License for the specific language governing permissions and 6433+ * limitations under the License. 6434+ */ 6435+ 6436+package org.bouncycastle.jce.provider; 6437+ 6438+import java.io.Closeable; 6439+import java.io.ByteArrayOutputStream; 6440+import java.io.FileNotFoundException; 6441+import java.io.IOException; 6442+import java.io.RandomAccessFile; 6443+import java.math.BigInteger; 6444+import java.security.PublicKey; 6445+import java.util.Arrays; 6446+import java.util.Collections; 6447+import java.util.HashSet; 6448+import java.util.Set; 6449+import java.util.logging.Level; 6450+import java.util.logging.Logger; 6451+import org.bouncycastle.crypto.Digest; 6452+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 6453+import org.bouncycastle.util.encoders.Hex; 6454+ 6455+public class CertBlacklist { 6456+ 6457+ private static final String ANDROID_DATA = System.getenv("ANDROID_DATA"); 6458+ private static final String BLACKLIST_ROOT = ANDROID_DATA + "/misc/keychain/"; 6459+ public static final String DEFAULT_PUBKEY_BLACKLIST_PATH = BLACKLIST_ROOT + "pubkey_blacklist.txt"; 6460+ public static final String DEFAULT_SERIAL_BLACKLIST_PATH = BLACKLIST_ROOT + "serial_blacklist.txt"; 6461+ 6462+ private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName()); 6463+ 6464+ // public for testing 6465+ public final Set<BigInteger> serialBlacklist; 6466+ public final Set<byte[]> pubkeyBlacklist; 6467+ 6468+ public CertBlacklist() { 6469+ this(DEFAULT_PUBKEY_BLACKLIST_PATH, DEFAULT_SERIAL_BLACKLIST_PATH); 6470+ } 6471+ 6472+ /** Test only interface, not for public use */ 6473+ public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) { 6474+ serialBlacklist = readSerialBlackList(serialBlacklistPath); 6475+ pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath); 6476+ } 6477+ 6478+ private static boolean isHex(String value) { 6479+ try { 6480+ new BigInteger(value, 16); 6481+ return true; 6482+ } catch (NumberFormatException e) { 6483+ logger.log(Level.WARNING, "Could not parse hex value " + value, e); 6484+ return false; 6485+ } 6486+ } 6487+ 6488+ private static boolean isPubkeyHash(String value) { 6489+ if (value.length() != 40) { 6490+ logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length()); 6491+ return false; 6492+ } 6493+ return isHex(value); 6494+ } 6495+ 6496+ private static String readBlacklist(String path) { 6497+ try { 6498+ return readFileAsString(path); 6499+ } catch (FileNotFoundException ignored) { 6500+ } catch (IOException e) { 6501+ logger.log(Level.WARNING, "Could not read blacklist", e); 6502+ } 6503+ return ""; 6504+ } 6505+ 6506+ // From IoUtils.readFileAsString 6507+ private static String readFileAsString(String path) throws IOException { 6508+ return readFileAsBytes(path).toString("UTF-8"); 6509+ } 6510+ 6511+ // Based on IoUtils.readFileAsBytes 6512+ private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException { 6513+ RandomAccessFile f = null; 6514+ try { 6515+ f = new RandomAccessFile(path, "r"); 6516+ ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length()); 6517+ byte[] buffer = new byte[8192]; 6518+ while (true) { 6519+ int byteCount = f.read(buffer); 6520+ if (byteCount == -1) { 6521+ return bytes; 6522+ } 6523+ bytes.write(buffer, 0, byteCount); 6524+ } 6525+ } finally { 6526+ closeQuietly(f); 6527+ } 6528+ } 6529+ 6530+ // Base on IoUtils.closeQuietly 6531+ private static void closeQuietly(Closeable closeable) { 6532+ if (closeable != null) { 6533+ try { 6534+ closeable.close(); 6535+ } catch (RuntimeException rethrown) { 6536+ throw rethrown; 6537+ } catch (Exception ignored) { 6538+ } 6539+ } 6540+ } 6541+ 6542+ private static final Set<BigInteger> readSerialBlackList(String path) { 6543+ 6544+ // start out with a base set of known bad values 6545+ Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList( 6546+ // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup 6547+ // Not a real certificate. For testing only. 6548+ new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16), 6549+ new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16), 6550+ new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16), 6551+ new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16), 6552+ new BigInteger("9239d5348f40d1695a745470e1f23f43", 16), 6553+ new BigInteger("e9028b9578e415dc1a710a2b88154447", 16), 6554+ new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16), 6555+ new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16), 6556+ new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), 6557+ new BigInteger("3e75ced46b693021218830ae86a82a71", 16), 6558+ new BigInteger("864", 16), 6559+ new BigInteger("827", 16) 6560+ )); 6561+ 6562+ // attempt to augment it with values taken from gservices 6563+ String serialBlacklist = readBlacklist(path); 6564+ if (!serialBlacklist.equals("")) { 6565+ for(String value : serialBlacklist.split(",")) { 6566+ try { 6567+ bl.add(new BigInteger(value, 16)); 6568+ } catch (NumberFormatException e) { 6569+ logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e); 6570+ } 6571+ } 6572+ } 6573+ 6574+ // whether that succeeds or fails, send it on its merry way 6575+ return Collections.unmodifiableSet(bl); 6576+ } 6577+ 6578+ private static final Set<byte[]> readPublicKeyBlackList(String path) { 6579+ 6580+ // start out with a base set of known bad values 6581+ Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList( 6582+ // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 6583+ // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl 6584+ "410f36363258f30b347d12ce4863e433437806a8".getBytes(), 6585+ // Subject: CN=DigiNotar Cyber CA 6586+ // Issuer: CN=GTE CyberTrust Global Root 6587+ "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(), 6588+ // Subject: CN=DigiNotar Services 1024 CA 6589+ // Issuer: CN=Entrust.net 6590+ "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(), 6591+ // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 6592+ // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 6593+ "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(), 6594+ // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven 6595+ // Issuer: CN=Staat der Nederlanden Overheid CA 6596+ "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(), 6597+ // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479 6598+ // Subject: O=Digicert Sdn. Bhd. 6599+ // Issuer: CN=GTE CyberTrust Global Root 6600+ "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(), 6601+ // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org 6602+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 6603+ "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), 6604+ // Subject: CN=*.EGO.GOV.TR 93 6605+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 6606+ "783333c9687df63377efceddd82efa9101913e8e".getBytes() 6607+ )); 6608+ 6609+ // attempt to augment it with values taken from gservices 6610+ String pubkeyBlacklist = readBlacklist(path); 6611+ if (!pubkeyBlacklist.equals("")) { 6612+ for (String value : pubkeyBlacklist.split(",")) { 6613+ value = value.trim(); 6614+ if (isPubkeyHash(value)) { 6615+ bl.add(value.getBytes()); 6616+ } else { 6617+ logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value); 6618+ } 6619+ } 6620+ } 6621+ 6622+ return bl; 6623+ } 6624+ 6625+ public boolean isPublicKeyBlackListed(PublicKey publicKey) { 6626+ byte[] encoded = publicKey.getEncoded(); 6627+ Digest digest = AndroidDigestFactory.getSHA1(); 6628+ digest.update(encoded, 0, encoded.length); 6629+ byte[] out = new byte[digest.getDigestSize()]; 6630+ digest.doFinal(out, 0); 6631+ for (byte[] blacklisted : pubkeyBlacklist) { 6632+ if (Arrays.equals(blacklisted, Hex.encode(out))) { 6633+ return true; 6634+ } 6635+ } 6636+ return false; 6637+ } 6638+ 6639+ public boolean isSerialNumberBlackListed(BigInteger serial) { 6640+ return serialBlacklist.contains(serial); 6641+ } 6642+ 6643+} 6644diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 6645--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2013-02-10 00:37:58.000000000 +0000 6646+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2012-09-17 23:04:47.000000000 +0000 6647@@ -61,14 +61,18 @@ 6648 import org.bouncycastle.asn1.x509.PolicyInformation; 6649 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 6650 import org.bouncycastle.asn1.x509.X509Extension; 6651-import org.bouncycastle.jce.X509LDAPCertStoreParameters; 6652+// BEGIN android-removed 6653+// import org.bouncycastle.jce.X509LDAPCertStoreParameters; 6654+// END android-removed 6655 import org.bouncycastle.jce.exception.ExtCertPathValidatorException; 6656 import org.bouncycastle.util.Integers; 6657 import org.bouncycastle.util.Selector; 6658 import org.bouncycastle.util.StoreException; 6659 import org.bouncycastle.x509.ExtendedPKIXBuilderParameters; 6660 import org.bouncycastle.x509.ExtendedPKIXParameters; 6661-import org.bouncycastle.x509.X509AttributeCertStoreSelector; 6662+// BEGIN android-removed 6663+// import org.bouncycastle.x509.X509AttributeCertStoreSelector; 6664+// END android-removed 6665 import org.bouncycastle.x509.X509AttributeCertificate; 6666 import org.bouncycastle.x509.X509CRLStoreSelector; 6667 import org.bouncycastle.x509.X509CertStoreSelector; 6668@@ -656,38 +660,40 @@ 6669 { 6670 try 6671 { 6672- if (location.startsWith("ldap://")) 6673- { 6674- // ldap://directory.d-trust.net/CN=D-TRUST 6675- // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE 6676- // skip "ldap://" 6677- location = location.substring(7); 6678- // after first / baseDN starts 6679- String base = null; 6680- String url = null; 6681- if (location.indexOf("/") != -1) 6682- { 6683- base = location.substring(location.indexOf("/")); 6684- // URL 6685- url = "ldap://" 6686- + location.substring(0, location.indexOf("/")); 6687- } 6688- else 6689- { 6690- url = "ldap://" + location; 6691- } 6692- // use all purpose parameters 6693- X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( 6694- url, base).build(); 6695- pkixParams.addAdditionalStore(X509Store.getInstance( 6696- "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6697- pkixParams.addAdditionalStore(X509Store.getInstance( 6698- "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6699- pkixParams.addAdditionalStore(X509Store.getInstance( 6700- "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6701- pkixParams.addAdditionalStore(X509Store.getInstance( 6702- "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6703- } 6704+ // BEGIN android-removed 6705+ // if (location.startsWith("ldap://")) 6706+ // { 6707+ // // ldap://directory.d-trust.net/CN=D-TRUST 6708+ // // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE 6709+ // // skip "ldap://" 6710+ // location = location.substring(7); 6711+ // // after first / baseDN starts 6712+ // String base = null; 6713+ // String url = null; 6714+ // if (location.indexOf("/") != -1) 6715+ // { 6716+ // base = location.substring(location.indexOf("/")); 6717+ // // URL 6718+ // url = "ldap://" 6719+ // + location.substring(0, location.indexOf("/")); 6720+ // } 6721+ // else 6722+ // { 6723+ // url = "ldap://" + location; 6724+ // } 6725+ // // use all purpose parameters 6726+ // X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( 6727+ // url, base).build(); 6728+ // pkixParams.addAdditionalStore(X509Store.getInstance( 6729+ // "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6730+ // pkixParams.addAdditionalStore(X509Store.getInstance( 6731+ // "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6732+ // pkixParams.addAdditionalStore(X509Store.getInstance( 6733+ // "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6734+ // pkixParams.addAdditionalStore(X509Store.getInstance( 6735+ // "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 6736+ // } 6737+ // END android-removed 6738 } 6739 catch (Exception e) 6740 { 6741@@ -752,33 +758,35 @@ 6742 return certs; 6743 } 6744 6745- protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, 6746- List certStores) 6747- throws AnnotatedException 6748- { 6749- Set certs = new HashSet(); 6750- Iterator iter = certStores.iterator(); 6751- 6752- while (iter.hasNext()) 6753- { 6754- Object obj = iter.next(); 6755- 6756- if (obj instanceof X509Store) 6757- { 6758- X509Store certStore = (X509Store)obj; 6759- try 6760- { 6761- certs.addAll(certStore.getMatches(certSelect)); 6762- } 6763- catch (StoreException e) 6764- { 6765- throw new AnnotatedException( 6766- "Problem while picking certificates from X.509 store.", e); 6767- } 6768- } 6769- } 6770- return certs; 6771- } 6772+ // BEGIN android-removed 6773+ // protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, 6774+ // List certStores) 6775+ // throws AnnotatedException 6776+ // { 6777+ // Set certs = new HashSet(); 6778+ // Iterator iter = certStores.iterator(); 6779+ // 6780+ // while (iter.hasNext()) 6781+ // { 6782+ // Object obj = iter.next(); 6783+ // 6784+ // if (obj instanceof X509Store) 6785+ // { 6786+ // X509Store certStore = (X509Store)obj; 6787+ // try 6788+ // { 6789+ // certs.addAll(certStore.getMatches(certSelect)); 6790+ // } 6791+ // catch (StoreException e) 6792+ // { 6793+ // throw new AnnotatedException( 6794+ // "Problem while picking certificates from X.509 store.", e); 6795+ // } 6796+ // } 6797+ // } 6798+ // return certs; 6799+ // } 6800+ // END android-removed 6801 6802 protected static void addAdditionalStoresFromCRLDistributionPoint( 6803 CRLDistPoint crldp, ExtendedPKIXParameters pkixParams) 6804diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEBlockCipher.java 6805--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java 2013-02-10 00:37:58.000000000 +0000 6806+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEBlockCipher.java 2013-01-29 02:13:59.000000000 +0000 6807@@ -24,8 +24,10 @@ 6808 import javax.crypto.ShortBufferException; 6809 import javax.crypto.spec.IvParameterSpec; 6810 import javax.crypto.spec.PBEParameterSpec; 6811-import javax.crypto.spec.RC2ParameterSpec; 6812-import javax.crypto.spec.RC5ParameterSpec; 6813+// BEGIN android-removed 6814+// import javax.crypto.spec.RC2ParameterSpec; 6815+// import javax.crypto.spec.RC5ParameterSpec; 6816+// END android-removed 6817 import javax.crypto.spec.SecretKeySpec; 6818 6819 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 6820@@ -44,12 +46,18 @@ 6821 import org.bouncycastle.crypto.modes.CCMBlockCipher; 6822 import org.bouncycastle.crypto.modes.CFBBlockCipher; 6823 import org.bouncycastle.crypto.modes.CTSBlockCipher; 6824-import org.bouncycastle.crypto.modes.EAXBlockCipher; 6825+// BEGIN android-removed 6826+// import org.bouncycastle.crypto.modes.EAXBlockCipher; 6827+// END android-removed 6828 import org.bouncycastle.crypto.modes.GCMBlockCipher; 6829-import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6830+// BEGIN android-removed 6831+// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6832+// END android-removed 6833 import org.bouncycastle.crypto.modes.OFBBlockCipher; 6834-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6835-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6836+// BEGIN android-removed 6837+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6838+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6839+// END android-removed 6840 import org.bouncycastle.crypto.modes.SICBlockCipher; 6841 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 6842 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 6843@@ -61,12 +69,16 @@ 6844 import org.bouncycastle.crypto.params.KeyParameter; 6845 import org.bouncycastle.crypto.params.ParametersWithIV; 6846 import org.bouncycastle.crypto.params.ParametersWithRandom; 6847-import org.bouncycastle.crypto.params.ParametersWithSBox; 6848-import org.bouncycastle.crypto.params.RC2Parameters; 6849-import org.bouncycastle.crypto.params.RC5Parameters; 6850+// BEGIN android-removed 6851+// import org.bouncycastle.crypto.params.ParametersWithSBox; 6852+// import org.bouncycastle.crypto.params.RC2Parameters; 6853+// import org.bouncycastle.crypto.params.RC5Parameters; 6854+// END android-removed 6855 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; 6856 import org.bouncycastle.jcajce.provider.symmetric.util.PBE; 6857-import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 6858+// BEGIN android-removed 6859+// import org.bouncycastle.jce.spec.GOST28147ParameterSpec; 6860+// END android-removed 6861 import org.bouncycastle.jce.spec.RepeatedSecretKeySpec; 6862 import org.bouncycastle.util.Strings; 6863 6864@@ -79,11 +91,15 @@ 6865 // 6866 private Class[] availableSpecs = 6867 { 6868- RC2ParameterSpec.class, 6869- RC5ParameterSpec.class, 6870+ // BEGIN android-removed 6871+ // RC2ParameterSpec.class, 6872+ // RC5ParameterSpec.class, 6873+ // END android-removed 6874 IvParameterSpec.class, 6875 PBEParameterSpec.class, 6876- GOST28147ParameterSpec.class 6877+ // BEGIN android-removed 6878+ // GOST28147ParameterSpec.class 6879+ // END android-removed 6880 }; 6881 6882 private BlockCipher baseEngine; 6883@@ -240,20 +256,22 @@ 6884 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 6885 } 6886 } 6887- else if (modeName.startsWith("PGP")) 6888- { 6889- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6890- 6891- ivLength = baseEngine.getBlockSize(); 6892- cipher = new BufferedGenericBlockCipher( 6893- new PGPCFBBlockCipher(baseEngine, inlineIV)); 6894- } 6895- else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6896- { 6897- ivLength = 0; 6898- cipher = new BufferedGenericBlockCipher( 6899- new OpenPGPCFBBlockCipher(baseEngine)); 6900- } 6901+ // BEGIN android-removed 6902+ // else if (modeName.startsWith("PGP")) 6903+ // { 6904+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6905+ // 6906+ // ivLength = baseEngine.getBlockSize(); 6907+ // cipher = new BufferedGenericBlockCipher( 6908+ // new PGPCFBBlockCipher(baseEngine, inlineIV)); 6909+ // } 6910+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6911+ // { 6912+ // ivLength = 0; 6913+ // cipher = new BufferedGenericBlockCipher( 6914+ // new OpenPGPCFBBlockCipher(baseEngine)); 6915+ // } 6916+ // END android-removed 6917 else if (modeName.startsWith("SIC")) 6918 { 6919 ivLength = baseEngine.getBlockSize(); 6920@@ -270,12 +288,14 @@ 6921 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6922 new SICBlockCipher(baseEngine))); 6923 } 6924- else if (modeName.startsWith("GOFB")) 6925- { 6926- ivLength = baseEngine.getBlockSize(); 6927- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6928- new GOFBBlockCipher(baseEngine))); 6929- } 6930+ // BEGIN android-removed 6931+ // else if (modeName.startsWith("GOFB")) 6932+ // { 6933+ // ivLength = baseEngine.getBlockSize(); 6934+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6935+ // new GOFBBlockCipher(baseEngine))); 6936+ // } 6937+ // END android-removed 6938 else if (modeName.startsWith("CTS")) 6939 { 6940 ivLength = baseEngine.getBlockSize(); 6941@@ -286,11 +306,13 @@ 6942 ivLength = baseEngine.getBlockSize(); 6943 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 6944 } 6945- else if (modeName.startsWith("EAX")) 6946- { 6947- ivLength = baseEngine.getBlockSize(); 6948- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6949- } 6950+ // BEGIN android-removed 6951+ // else if (modeName.startsWith("EAX")) 6952+ // { 6953+ // ivLength = baseEngine.getBlockSize(); 6954+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6955+ // } 6956+ // END android-removed 6957 else if (modeName.startsWith("GCM")) 6958 { 6959 ivLength = baseEngine.getBlockSize(); 6960@@ -379,13 +401,15 @@ 6961 throw new InvalidKeyException("Key for algorithm " + key.getAlgorithm() + " not suitable for symmetric enryption."); 6962 } 6963 6964- // 6965- // for RC5-64 we must have some default parameters 6966- // 6967- if (params == null && baseEngine.getAlgorithmName().startsWith("RC5-64")) 6968- { 6969- throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in."); 6970- } 6971+ // BEGIN android-removed 6972+ // // 6973+ // // for RC5-64 we must have some default parameters 6974+ // // 6975+ // if (params == null && baseEngine.getAlgorithmName().startsWith("RC5-64")) 6976+ // { 6977+ // throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in."); 6978+ // } 6979+ // END android-removed 6980 6981 // 6982 // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it). 6983@@ -459,63 +483,65 @@ 6984 param = new KeyParameter(key.getEncoded()); 6985 } 6986 } 6987- else if (params instanceof GOST28147ParameterSpec) 6988- { 6989- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6990- 6991- param = new ParametersWithSBox( 6992- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 6993- 6994- if (gost28147Param.getIV() != null && ivLength != 0) 6995- { 6996- param = new ParametersWithIV(param, gost28147Param.getIV()); 6997- ivParam = (ParametersWithIV)param; 6998- } 6999- } 7000- else if (params instanceof RC2ParameterSpec) 7001- { 7002- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7003- 7004- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7005- 7006- if (rc2Param.getIV() != null && ivLength != 0) 7007- { 7008- param = new ParametersWithIV(param, rc2Param.getIV()); 7009- ivParam = (ParametersWithIV)param; 7010- } 7011- } 7012- else if (params instanceof RC5ParameterSpec) 7013- { 7014- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7015- 7016- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7017- if (baseEngine.getAlgorithmName().startsWith("RC5")) 7018- { 7019- if (baseEngine.getAlgorithmName().equals("RC5-32")) 7020- { 7021- if (rc5Param.getWordSize() != 32) 7022- { 7023- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7024- } 7025- } 7026- else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7027- { 7028- if (rc5Param.getWordSize() != 64) 7029- { 7030- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7031- } 7032- } 7033- } 7034- else 7035- { 7036- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7037- } 7038- if ((rc5Param.getIV() != null) && (ivLength != 0)) 7039- { 7040- param = new ParametersWithIV(param, rc5Param.getIV()); 7041- ivParam = (ParametersWithIV)param; 7042- } 7043- } 7044+ // BEGIN android-removed 7045+ // else if (params instanceof GOST28147ParameterSpec) 7046+ // { 7047+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7048+ // 7049+ // param = new ParametersWithSBox( 7050+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7051+ // 7052+ // if (gost28147Param.getIV() != null && ivLength != 0) 7053+ // { 7054+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 7055+ // ivParam = (ParametersWithIV)param; 7056+ // } 7057+ // } 7058+ // else if (params instanceof RC2ParameterSpec) 7059+ // { 7060+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7061+ // 7062+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7063+ // 7064+ // if (rc2Param.getIV() != null && ivLength != 0) 7065+ // { 7066+ // param = new ParametersWithIV(param, rc2Param.getIV()); 7067+ // ivParam = (ParametersWithIV)param; 7068+ // } 7069+ // } 7070+ // else if (params instanceof RC5ParameterSpec) 7071+ // { 7072+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7073+ // 7074+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7075+ // if (baseEngine.getAlgorithmName().startsWith("RC5")) 7076+ // { 7077+ // if (baseEngine.getAlgorithmName().equals("RC5-32")) 7078+ // { 7079+ // if (rc5Param.getWordSize() != 32) 7080+ // { 7081+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7082+ // } 7083+ // } 7084+ // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7085+ // { 7086+ // if (rc5Param.getWordSize() != 64) 7087+ // { 7088+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7089+ // } 7090+ // } 7091+ // } 7092+ // else 7093+ // { 7094+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7095+ // } 7096+ // if ((rc5Param.getIV() != null) && (ivLength != 0)) 7097+ // { 7098+ // param = new ParametersWithIV(param, rc5Param.getIV()); 7099+ // ivParam = (ParametersWithIV)param; 7100+ // } 7101+ // } 7102+ // END android-removed 7103 else 7104 { 7105 throw new InvalidAlgorithmParameterException("unknown parameter type."); 7106diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEECPrivateKey.java 7107--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2013-02-10 00:37:58.000000000 +0000 7108+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2012-09-17 23:04:47.000000000 +0000 7109@@ -20,8 +20,10 @@ 7110 import org.bouncycastle.asn1.DERInteger; 7111 import org.bouncycastle.asn1.DERNull; 7112 import org.bouncycastle.asn1.DERObjectIdentifier; 7113-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7114-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7115+// BEGIN android-removed 7116+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7117+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7118+// END android-removed 7119 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 7120 import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; 7121 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7122@@ -203,21 +205,23 @@ 7123 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 7124 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 7125 7126- if (ecP == null) // GOST Curve 7127- { 7128- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 7129- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 7130- 7131- ecSpec = new ECNamedCurveSpec( 7132- ECGOST3410NamedCurves.getName(oid), 7133- ellipticCurve, 7134- new ECPoint( 7135- gParam.getG().getX().toBigInteger(), 7136- gParam.getG().getY().toBigInteger()), 7137- gParam.getN(), 7138- gParam.getH()); 7139- } 7140- else 7141+ // BEGIN android-removed 7142+ // if (ecP == null) // GOST Curve 7143+ // { 7144+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 7145+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 7146+ // 7147+ // ecSpec = new ECNamedCurveSpec( 7148+ // ECGOST3410NamedCurves.getName(oid), 7149+ // ellipticCurve, 7150+ // new ECPoint( 7151+ // gParam.getG().getX().toBigInteger(), 7152+ // gParam.getG().getY().toBigInteger()), 7153+ // gParam.getN(), 7154+ // gParam.getH()); 7155+ // } 7156+ // else 7157+ // END android-removed 7158 { 7159 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 7160 7161@@ -331,11 +335,13 @@ 7162 7163 try 7164 { 7165- if (algorithm.equals("ECGOST3410")) 7166- { 7167- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7168- } 7169- else 7170+ // BEGIN android-removed 7171+ // if (algorithm.equals("ECGOST3410")) 7172+ // { 7173+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7174+ // } 7175+ // else 7176+ // END android-removed 7177 { 7178 7179 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7180diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEECPublicKey.java 7181--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2013-02-10 00:37:58.000000000 +0000 7182+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEECPublicKey.java 2012-09-17 23:04:47.000000000 +0000 7183@@ -18,9 +18,11 @@ 7184 import org.bouncycastle.asn1.DERBitString; 7185 import org.bouncycastle.asn1.DERNull; 7186 import org.bouncycastle.asn1.DEROctetString; 7187-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7188-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7189-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 7190+// BEGIN android-removed 7191+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7192+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7193+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 7194+// END android-removed 7195 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7196 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 7197 import org.bouncycastle.asn1.x9.X962Parameters; 7198@@ -33,9 +35,13 @@ 7199 import org.bouncycastle.jcajce.provider.asymmetric.ec.EC5Util; 7200 import org.bouncycastle.jcajce.provider.asymmetric.ec.ECUtil; 7201 import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; 7202-import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 7203+// BEGIN android-removed 7204+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 7205+// END android-removed 7206 import org.bouncycastle.jce.interfaces.ECPointEncoder; 7207-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 7208+// BEGIN android-removed 7209+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 7210+// END android-removed 7211 import org.bouncycastle.jce.spec.ECNamedCurveSpec; 7212 import org.bouncycastle.math.ec.ECCurve; 7213 7214@@ -46,7 +52,9 @@ 7215 private org.bouncycastle.math.ec.ECPoint q; 7216 private ECParameterSpec ecSpec; 7217 private boolean withCompression; 7218- private GOST3410PublicKeyAlgParameters gostParams; 7219+ // BEGIN android-removed 7220+ // private GOST3410PublicKeyAlgParameters gostParams; 7221+ // END android-removed 7222 7223 public JCEECPublicKey( 7224 String algorithm, 7225@@ -56,7 +64,9 @@ 7226 this.q = key.q; 7227 this.ecSpec = key.ecSpec; 7228 this.withCompression = key.withCompression; 7229- this.gostParams = key.gostParams; 7230+ // BEGIN android-removed 7231+ // this.gostParams = key.gostParams; 7232+ // END android-removed 7233 } 7234 7235 public JCEECPublicKey( 7236@@ -179,54 +189,56 @@ 7237 7238 private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) 7239 { 7240- if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 7241- { 7242- DERBitString bits = info.getPublicKeyData(); 7243- ASN1OctetString key; 7244- this.algorithm = "ECGOST3410"; 7245- 7246- try 7247- { 7248- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 7249- } 7250- catch (IOException ex) 7251- { 7252- throw new IllegalArgumentException("error recovering public key"); 7253- } 7254- 7255- byte[] keyEnc = key.getOctets(); 7256- byte[] x = new byte[32]; 7257- byte[] y = new byte[32]; 7258- 7259- for (int i = 0; i != x.length; i++) 7260- { 7261- x[i] = keyEnc[32 - 1 - i]; 7262- } 7263- 7264- for (int i = 0; i != y.length; i++) 7265- { 7266- y[i] = keyEnc[64 - 1 - i]; 7267- } 7268- 7269- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 7270- 7271- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 7272- 7273- ECCurve curve = spec.getCurve(); 7274- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 7275- 7276- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 7277- 7278- ecSpec = new ECNamedCurveSpec( 7279- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 7280- ellipticCurve, 7281- new ECPoint( 7282- spec.getG().getX().toBigInteger(), 7283- spec.getG().getY().toBigInteger()), 7284- spec.getN(), spec.getH()); 7285- 7286- } 7287- else 7288+ // BEGIN android-removed 7289+ // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 7290+ // { 7291+ // DERBitString bits = info.getPublicKeyData(); 7292+ // ASN1OctetString key; 7293+ // this.algorithm = "ECGOST3410"; 7294+ // 7295+ // try 7296+ // { 7297+ // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 7298+ // } 7299+ // catch (IOException ex) 7300+ // { 7301+ // throw new IllegalArgumentException("error recovering public key"); 7302+ // } 7303+ // 7304+ // byte[] keyEnc = key.getOctets(); 7305+ // byte[] x = new byte[32]; 7306+ // byte[] y = new byte[32]; 7307+ // 7308+ // for (int i = 0; i != x.length; i++) 7309+ // { 7310+ // x[i] = keyEnc[32 - 1 - i]; 7311+ // } 7312+ // 7313+ // for (int i = 0; i != y.length; i++) 7314+ // { 7315+ // y[i] = keyEnc[64 - 1 - i]; 7316+ // } 7317+ // 7318+ // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 7319+ // 7320+ // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 7321+ // 7322+ // ECCurve curve = spec.getCurve(); 7323+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 7324+ // 7325+ // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 7326+ // 7327+ // ecSpec = new ECNamedCurveSpec( 7328+ // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 7329+ // ellipticCurve, 7330+ // new ECPoint( 7331+ // spec.getG().getX().toBigInteger(), 7332+ // spec.getG().getY().toBigInteger()), 7333+ // spec.getN(), spec.getH()); 7334+ // 7335+ // } 7336+ // else 7337+ // END android-removed 7338 { 7339 X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); 7340 ECCurve curve; 7341@@ -315,52 +327,54 @@ 7342 ASN1Encodable params; 7343 SubjectPublicKeyInfo info; 7344 7345- if (algorithm.equals("ECGOST3410")) 7346- { 7347- if (gostParams != null) 7348- { 7349- params = gostParams; 7350- } 7351- else 7352- { 7353- if (ecSpec instanceof ECNamedCurveSpec) 7354- { 7355- params = new GOST3410PublicKeyAlgParameters( 7356- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 7357- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 7358- } 7359- else 7360- { // strictly speaking this may not be applicable... 7361- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 7362- 7363- X9ECParameters ecP = new X9ECParameters( 7364- curve, 7365- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 7366- ecSpec.getOrder(), 7367- BigInteger.valueOf(ecSpec.getCofactor()), 7368- ecSpec.getCurve().getSeed()); 7369- 7370- params = new X962Parameters(ecP); 7371- } 7372- } 7373- 7374- BigInteger bX = this.q.getX().toBigInteger(); 7375- BigInteger bY = this.q.getY().toBigInteger(); 7376- byte[] encKey = new byte[64]; 7377- 7378- extractBytes(encKey, 0, bX); 7379- extractBytes(encKey, 32, bY); 7380- 7381- try 7382- { 7383- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 7384- } 7385- catch (IOException e) 7386- { 7387- return null; 7388- } 7389- } 7390- else 7391+ // BEGIN android-removed 7392+ // if (algorithm.equals("ECGOST3410")) 7393+ // { 7394+ // if (gostParams != null) 7395+ // { 7396+ // params = gostParams; 7397+ // } 7398+ // else 7399+ // { 7400+ // if (ecSpec instanceof ECNamedCurveSpec) 7401+ // { 7402+ // params = new GOST3410PublicKeyAlgParameters( 7403+ // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 7404+ // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 7405+ // } 7406+ // else 7407+ // { // strictly speaking this may not be applicable... 7408+ // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 7409+ // 7410+ // X9ECParameters ecP = new X9ECParameters( 7411+ // curve, 7412+ // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 7413+ // ecSpec.getOrder(), 7414+ // BigInteger.valueOf(ecSpec.getCofactor()), 7415+ // ecSpec.getCurve().getSeed()); 7416+ // 7417+ // params = new X962Parameters(ecP); 7418+ // } 7419+ // } 7420+ // 7421+ // BigInteger bX = this.q.getX().toBigInteger(); 7422+ // BigInteger bY = this.q.getY().toBigInteger(); 7423+ // byte[] encKey = new byte[64]; 7424+ // 7425+ // extractBytes(encKey, 0, bX); 7426+ // extractBytes(encKey, 32, bY); 7427+ // 7428+ // try 7429+ // { 7430+ // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 7431+ // } 7432+ // catch (IOException e) 7433+ // { 7434+ // return null; 7435+ // } 7436+ // } 7437+ // else 7438+ // END android-removed 7439 { 7440 if (ecSpec instanceof ECNamedCurveSpec) 7441 { 7442diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEMac.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEMac.java 7443--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEMac.java 2013-02-10 00:37:58.000000000 +0000 7444+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEMac.java 2012-09-17 23:04:47.000000000 +0000 7445@@ -11,24 +11,35 @@ 7446 7447 import org.bouncycastle.crypto.CipherParameters; 7448 import org.bouncycastle.crypto.Mac; 7449-import org.bouncycastle.crypto.digests.MD2Digest; 7450-import org.bouncycastle.crypto.digests.MD4Digest; 7451-import org.bouncycastle.crypto.digests.MD5Digest; 7452-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 7453-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7454-import org.bouncycastle.crypto.digests.SHA1Digest; 7455-import org.bouncycastle.crypto.digests.SHA224Digest; 7456-import org.bouncycastle.crypto.digests.SHA256Digest; 7457-import org.bouncycastle.crypto.digests.SHA384Digest; 7458-import org.bouncycastle.crypto.digests.SHA512Digest; 7459-import org.bouncycastle.crypto.digests.TigerDigest; 7460+// BEGIN android-removed 7461+// import org.bouncycastle.crypto.digests.MD2Digest; 7462+// import org.bouncycastle.crypto.digests.MD4Digest; 7463+// import org.bouncycastle.crypto.digests.MD5Digest; 7464+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 7465+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7466+// import org.bouncycastle.crypto.digests.SHA1Digest; 7467+// import org.bouncycastle.crypto.digests.SHA224Digest; 7468+// import org.bouncycastle.crypto.digests.SHA256Digest; 7469+// import org.bouncycastle.crypto.digests.SHA384Digest; 7470+// import org.bouncycastle.crypto.digests.SHA512Digest; 7471+// import org.bouncycastle.crypto.digests.TigerDigest; 7472+// END android-removed 7473+// BEGIN android-added 7474+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7475+// END android-added 7476 import org.bouncycastle.crypto.engines.DESEngine; 7477-import org.bouncycastle.crypto.engines.RC2Engine; 7478+// BEGIN android-removed 7479+// import org.bouncycastle.crypto.engines.RC2Engine; 7480+// END android-removed 7481 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 7482-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 7483+// BEGIN android-removed 7484+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 7485+// END android-removed 7486 import org.bouncycastle.crypto.macs.HMac; 7487-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 7488-import org.bouncycastle.crypto.macs.OldHMac; 7489+// BEGIN android-removed 7490+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 7491+// import org.bouncycastle.crypto.macs.OldHMac; 7492+// END android-removed 7493 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 7494 import org.bouncycastle.crypto.params.KeyParameter; 7495 import org.bouncycastle.crypto.params.ParametersWithIV; 7496@@ -144,109 +155,111 @@ 7497 * the classes that extend directly off us. 7498 */ 7499 7500- /** 7501- * DES 7502- */ 7503- public static class DES 7504- extends JCEMac 7505- { 7506- public DES() 7507- { 7508- super(new CBCBlockCipherMac(new DESEngine())); 7509- } 7510- } 7511- 7512- /** 7513- * DES 64 bit MAC 7514- */ 7515- public static class DES64 7516- extends JCEMac 7517- { 7518- public DES64() 7519- { 7520- super(new CBCBlockCipherMac(new DESEngine(), 64)); 7521- } 7522- } 7523- 7524- /** 7525- * RC2 7526- */ 7527- public static class RC2 7528- extends JCEMac 7529- { 7530- public RC2() 7531- { 7532- super(new CBCBlockCipherMac(new RC2Engine())); 7533- } 7534- } 7535- 7536- 7537- 7538- 7539- /** 7540- * DES 7541- */ 7542- public static class DESCFB8 7543- extends JCEMac 7544- { 7545- public DESCFB8() 7546- { 7547- super(new CFBBlockCipherMac(new DESEngine())); 7548- } 7549- } 7550- 7551- /** 7552- * RC2CFB8 7553- */ 7554- 7555- 7556- /** 7557- * DES9797Alg3with7816-4Padding 7558- */ 7559- public static class DES9797Alg3with7816d4 7560- extends JCEMac 7561- { 7562- public DES9797Alg3with7816d4() 7563- { 7564- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 7565- } 7566- } 7567- 7568- /** 7569- * DES9797Alg3 7570- */ 7571- public static class DES9797Alg3 7572- extends JCEMac 7573- { 7574- public DES9797Alg3() 7575- { 7576- super(new ISO9797Alg3Mac(new DESEngine())); 7577- } 7578- } 7579- 7580- /** 7581- * MD2 HMac 7582- */ 7583- public static class MD2 7584- extends JCEMac 7585- { 7586- public MD2() 7587- { 7588- super(new HMac(new MD2Digest())); 7589- } 7590- } 7591- 7592- /** 7593- * MD4 HMac 7594- */ 7595- public static class MD4 7596- extends JCEMac 7597- { 7598- public MD4() 7599- { 7600- super(new HMac(new MD4Digest())); 7601- } 7602- } 7603+ // BEGIN android-removed 7604+ // /** 7605+ // * DES 7606+ // */ 7607+ // public static class DES 7608+ // extends JCEMac 7609+ // { 7610+ // public DES() 7611+ // { 7612+ // super(new CBCBlockCipherMac(new DESEngine())); 7613+ // } 7614+ // } 7615+ // 7616+ // /** 7617+ // * DES 64 bit MAC 7618+ // */ 7619+ // public static class DES64 7620+ // extends JCEMac 7621+ // { 7622+ // public DES64() 7623+ // { 7624+ // super(new CBCBlockCipherMac(new DESEngine(), 64)); 7625+ // } 7626+ // } 7627+ // 7628+ // /** 7629+ // * RC2 7630+ // */ 7631+ // public static class RC2 7632+ // extends JCEMac 7633+ // { 7634+ // public RC2() 7635+ // { 7636+ // super(new CBCBlockCipherMac(new RC2Engine())); 7637+ // } 7638+ // } 7639+ // 7640+ // 7641+ // 7642+ // 7643+ // /** 7644+ // * DES 7645+ // */ 7646+ // public static class DESCFB8 7647+ // extends JCEMac 7648+ // { 7649+ // public DESCFB8() 7650+ // { 7651+ // super(new CFBBlockCipherMac(new DESEngine())); 7652+ // } 7653+ // } 7654+ // 7655+ // /** 7656+ // * RC2CFB8 7657+ // */ 7658+ // 7659+ // 7660+ // /** 7661+ // * DES9797Alg3with7816-4Padding 7662+ // */ 7663+ // public static class DES9797Alg3with7816d4 7664+ // extends JCEMac 7665+ // { 7666+ // public DES9797Alg3with7816d4() 7667+ // { 7668+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 7669+ // } 7670+ // } 7671+ // 7672+ // /** 7673+ // * DES9797Alg3 7674+ // */ 7675+ // public static class DES9797Alg3 7676+ // extends JCEMac 7677+ // { 7678+ // public DES9797Alg3() 7679+ // { 7680+ // super(new ISO9797Alg3Mac(new DESEngine())); 7681+ // } 7682+ // } 7683+ // 7684+ // /** 7685+ // * MD2 HMac 7686+ // */ 7687+ // public static class MD2 7688+ // extends JCEMac 7689+ // { 7690+ // public MD2() 7691+ // { 7692+ // super(new HMac(new MD2Digest())); 7693+ // } 7694+ // } 7695+ // 7696+ // /** 7697+ // * MD4 HMac 7698+ // */ 7699+ // public static class MD4 7700+ // extends JCEMac 7701+ // { 7702+ // public MD4() 7703+ // { 7704+ // super(new HMac(new MD4Digest())); 7705+ // } 7706+ // } 7707+ // END android-removed 7708 7709 /** 7710 * MD5 HMac 7711@@ -256,7 +269,9 @@ 7712 { 7713 public MD5() 7714 { 7715- super(new HMac(new MD5Digest())); 7716+ // BEGIN android-changed 7717+ super(new HMac(AndroidDigestFactory.getMD5())); 7718+ // END android-changed 7719 } 7720 } 7721 7722@@ -268,21 +283,25 @@ 7723 { 7724 public SHA1() 7725 { 7726- super(new HMac(new SHA1Digest())); 7727+ // BEGIN android-changed 7728+ super(new HMac(AndroidDigestFactory.getSHA1())); 7729+ // END android-changed 7730 } 7731 } 7732 7733- /** 7734- * SHA-224 HMac 7735- */ 7736- public static class SHA224 7737- extends JCEMac 7738- { 7739- public SHA224() 7740- { 7741- super(new HMac(new SHA224Digest())); 7742- } 7743- } 7744+ // BEGIN android-removed 7745+ // /** 7746+ // * SHA-224 HMac 7747+ // */ 7748+ // public static class SHA224 7749+ // extends JCEMac 7750+ // { 7751+ // public SHA224() 7752+ // { 7753+ // super(new HMac(new SHA224Digest())); 7754+ // } 7755+ // } 7756+ // END android-removed 7757 7758 /** 7759 * SHA-256 HMac 7760@@ -292,7 +311,9 @@ 7761 { 7762 public SHA256() 7763 { 7764- super(new HMac(new SHA256Digest())); 7765+ // BEGIN android-changed 7766+ super(new HMac(AndroidDigestFactory.getSHA256())); 7767+ // END android-changed 7768 } 7769 } 7770 7771@@ -304,18 +325,22 @@ 7772 { 7773 public SHA384() 7774 { 7775- super(new HMac(new SHA384Digest())); 7776+ // BEGIN android-changed 7777+ super(new HMac(AndroidDigestFactory.getSHA384())); 7778+ // END android-changed 7779 } 7780 } 7781 7782- public static class OldSHA384 7783- extends JCEMac 7784- { 7785- public OldSHA384() 7786- { 7787- super(new OldHMac(new SHA384Digest())); 7788- } 7789- } 7790+ // BEGIN android-removed 7791+ // public static class OldSHA384 7792+ // extends JCEMac 7793+ // { 7794+ // public OldSHA384() 7795+ // { 7796+ // super(new OldHMac(new SHA384Digest())); 7797+ // } 7798+ // } 7799+ // END android-removed 7800 7801 /** 7802 * SHA-512 HMac 7803@@ -325,75 +350,80 @@ 7804 { 7805 public SHA512() 7806 { 7807- super(new HMac(new SHA512Digest())); 7808+ // BEGIN android-changed 7809+ super(new HMac(AndroidDigestFactory.getSHA512())); 7810+ // END android-changed 7811 } 7812 } 7813 7814- /** 7815- * SHA-512 HMac 7816- */ 7817- public static class OldSHA512 7818- extends JCEMac 7819- { 7820- public OldSHA512() 7821- { 7822- super(new OldHMac(new SHA512Digest())); 7823- } 7824- } 7825 7826- /** 7827- * RIPEMD128 HMac 7828- */ 7829- public static class RIPEMD128 7830- extends JCEMac 7831- { 7832- public RIPEMD128() 7833- { 7834- super(new HMac(new RIPEMD128Digest())); 7835- } 7836- } 7837- 7838- /** 7839- * RIPEMD160 HMac 7840- */ 7841- public static class RIPEMD160 7842- extends JCEMac 7843- { 7844- public RIPEMD160() 7845- { 7846- super(new HMac(new RIPEMD160Digest())); 7847- } 7848- } 7849- 7850- /** 7851- * Tiger HMac 7852- */ 7853- public static class Tiger 7854- extends JCEMac 7855- { 7856- public Tiger() 7857- { 7858- super(new HMac(new TigerDigest())); 7859- } 7860- } 7861- 7862+ // BEGIN android-removed 7863+ // /** 7864+ // * SHA-512 HMac 7865+ // */ 7866+ // public static class OldSHA512 7867+ // extends JCEMac 7868+ // { 7869+ // public OldSHA512() 7870+ // { 7871+ // super(new OldHMac(new SHA512Digest())); 7872+ // } 7873+ // } 7874 // 7875- // PKCS12 states that the same algorithm should be used 7876- // for the key generation as is used in the HMAC, so that 7877- // is what we do here. 7878+ // /** 7879+ // * RIPEMD128 HMac 7880+ // */ 7881+ // public static class RIPEMD128 7882+ // extends JCEMac 7883+ // { 7884+ // public RIPEMD128() 7885+ // { 7886+ // super(new HMac(new RIPEMD128Digest())); 7887+ // } 7888+ // } 7889 // 7890- 7891- /** 7892- * PBEWithHmacRIPEMD160 7893- */ 7894- public static class PBEWithRIPEMD160 7895- extends JCEMac 7896- { 7897- public PBEWithRIPEMD160() 7898- { 7899- super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 7900- } 7901- } 7902+ // /** 7903+ // * RIPEMD160 HMac 7904+ // */ 7905+ // public static class RIPEMD160 7906+ // extends JCEMac 7907+ // { 7908+ // public RIPEMD160() 7909+ // { 7910+ // super(new HMac(new RIPEMD160Digest())); 7911+ // } 7912+ // } 7913+ // 7914+ // /** 7915+ // * Tiger HMac 7916+ // */ 7917+ // public static class Tiger 7918+ // extends JCEMac 7919+ // { 7920+ // public Tiger() 7921+ // { 7922+ // super(new HMac(new TigerDigest())); 7923+ // } 7924+ // } 7925+ // 7926+ // // 7927+ // // PKCS12 states that the same algorithm should be used 7928+ // // for the key generation as is used in the HMAC, so that 7929+ // // is what we do here. 7930+ // // 7931+ // 7932+ // /** 7933+ // * PBEWithHmacRIPEMD160 7934+ // */ 7935+ // public static class PBEWithRIPEMD160 7936+ // extends JCEMac 7937+ // { 7938+ // public PBEWithRIPEMD160() 7939+ // { 7940+ // super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); 7941+ // } 7942+ // } 7943+ // END android-removed 7944 7945 /** 7946 * PBEWithHmacSHA 7947@@ -403,19 +433,23 @@ 7948 { 7949 public PBEWithSHA() 7950 { 7951- super(new HMac(new SHA1Digest()), PKCS12, SHA1, 160); 7952+ // BEGIN android-changed 7953+ super(new HMac(AndroidDigestFactory.getSHA1()), PKCS12, SHA1, 160); 7954+ // END android-changed 7955 } 7956 } 7957 7958- /** 7959- * PBEWithHmacTiger 7960- */ 7961- public static class PBEWithTiger 7962- extends JCEMac 7963- { 7964- public PBEWithTiger() 7965- { 7966- super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 7967- } 7968- } 7969+ // BEGIN android-removed 7970+ // /** 7971+ // * PBEWithHmacTiger 7972+ // */ 7973+ // public static class PBEWithTiger 7974+ // extends JCEMac 7975+ // { 7976+ // public PBEWithTiger() 7977+ // { 7978+ // super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); 7979+ // } 7980+ // } 7981+ // END android-removed 7982 } 7983diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 7984--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2013-02-10 00:37:58.000000000 +0000 7985+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2012-09-17 23:04:47.000000000 +0000 7986@@ -252,29 +252,31 @@ 7987 } 7988 } 7989 7990- /** 7991- * PBEWithMD2AndDES 7992- */ 7993- static public class PBEWithMD2AndDES 7994- extends DESPBEKeyFactory 7995- { 7996- public PBEWithMD2AndDES() 7997- { 7998- super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 7999- } 8000- } 8001- 8002- /** 8003- * PBEWithMD2AndRC2 8004- */ 8005- static public class PBEWithMD2AndRC2 8006- extends PBEKeyFactory 8007- { 8008- public PBEWithMD2AndRC2() 8009- { 8010- super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 8011- } 8012- } 8013+ // BEGIN android-removed 8014+ // /** 8015+ // * PBEWithMD2AndDES 8016+ // */ 8017+ // static public class PBEWithMD2AndDES 8018+ // extends DESPBEKeyFactory 8019+ // { 8020+ // public PBEWithMD2AndDES() 8021+ // { 8022+ // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 8023+ // } 8024+ // } 8025+ // 8026+ // /** 8027+ // * PBEWithMD2AndRC2 8028+ // */ 8029+ // static public class PBEWithMD2AndRC2 8030+ // extends PBEKeyFactory 8031+ // { 8032+ // public PBEWithMD2AndRC2() 8033+ // { 8034+ // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 8035+ // } 8036+ // } 8037+ // END android-removed 8038 8039 /** 8040 * PBEWithMD5AndDES 8041@@ -408,17 +410,19 @@ 8042 } 8043 } 8044 8045- /** 8046- * PBEWithHmacRIPEMD160 8047- */ 8048- public static class PBEWithRIPEMD160 8049- extends PBEKeyFactory 8050- { 8051- public PBEWithRIPEMD160() 8052- { 8053- super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0); 8054- } 8055- } 8056+ // BEGIN android-removed 8057+ // /** 8058+ // * PBEWithHmacRIPEMD160 8059+ // */ 8060+ // public static class PBEWithRIPEMD160 8061+ // extends PBEKeyFactory 8062+ // { 8063+ // public PBEWithRIPEMD160() 8064+ // { 8065+ // super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0); 8066+ // } 8067+ // } 8068+ // END android-removed 8069 8070 /** 8071 * PBEWithHmacSHA 8072@@ -432,17 +436,19 @@ 8073 } 8074 } 8075 8076- /** 8077- * PBEWithHmacTiger 8078- */ 8079- public static class PBEWithTiger 8080- extends PBEKeyFactory 8081- { 8082- public PBEWithTiger() 8083- { 8084- super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0); 8085- } 8086- } 8087+ // BEGIN android-removed 8088+ // /** 8089+ // * PBEWithHmacTiger 8090+ // */ 8091+ // public static class PBEWithTiger 8092+ // extends PBEKeyFactory 8093+ // { 8094+ // public PBEWithTiger() 8095+ // { 8096+ // super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0); 8097+ // } 8098+ // } 8099+ // END android-removed 8100 8101 /** 8102 * PBEWithSHA1And128BitAES-BC 8103@@ -551,4 +557,56 @@ 8104 super("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 256, 128); 8105 } 8106 } 8107+ // BEGIN android-added 8108+ static public class PBKDF2WithHmacSHA1 8109+ extends JCESecretKeyFactory 8110+ { 8111+ public PBKDF2WithHmacSHA1() 8112+ { 8113+ super("PBKDF2WithHmacSHA1", PKCSObjectIdentifiers.id_PBKDF2); 8114+ } 8115+ 8116+ protected SecretKey engineGenerateSecret( 8117+ KeySpec keySpec) 8118+ throws InvalidKeySpecException 8119+ { 8120+ if (keySpec instanceof PBEKeySpec) 8121+ { 8122+ PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; 8123+ 8124+ if (pbeSpec.getSalt() == null) 8125+ { 8126+ throw new InvalidKeySpecException("missing required salt"); 8127+ } 8128+ 8129+ if (pbeSpec.getIterationCount() <= 0) 8130+ { 8131+ throw new InvalidKeySpecException("positive iteration count required: " 8132+ + pbeSpec.getIterationCount()); 8133+ } 8134+ 8135+ if (pbeSpec.getKeyLength() <= 0) 8136+ { 8137+ throw new InvalidKeySpecException("positive key length required: " 8138+ + pbeSpec.getKeyLength()); 8139+ } 8140+ 8141+ if (pbeSpec.getPassword().length == 0) 8142+ { 8143+ throw new IllegalArgumentException("password empty"); 8144+ } 8145+ 8146+ int scheme = PKCS5S2; 8147+ int digest = SHA1; 8148+ int keySize = pbeSpec.getKeyLength(); 8149+ int ivSize = -1; 8150+ CipherParameters param = Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); 8151+ 8152+ return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); 8153+ } 8154+ 8155+ throw new InvalidKeySpecException("Invalid KeySpec"); 8156+ } 8157+ } 8158+ // END android-added 8159 } 8160diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEStreamCipher.java 8161--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java 2013-02-10 00:37:58.000000000 +0000 8162+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JCEStreamCipher.java 2013-01-29 02:13:59.000000000 +0000 8163@@ -23,8 +23,10 @@ 8164 import javax.crypto.ShortBufferException; 8165 import javax.crypto.spec.IvParameterSpec; 8166 import javax.crypto.spec.PBEParameterSpec; 8167-import javax.crypto.spec.RC2ParameterSpec; 8168-import javax.crypto.spec.RC5ParameterSpec; 8169+// BEGIN android-removed 8170+// import javax.crypto.spec.RC2ParameterSpec; 8171+// import javax.crypto.spec.RC5ParameterSpec; 8172+// END android-removed 8173 import javax.crypto.spec.SecretKeySpec; 8174 8175 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 8176@@ -33,12 +35,16 @@ 8177 import org.bouncycastle.crypto.DataLengthException; 8178 import org.bouncycastle.crypto.StreamBlockCipher; 8179 import org.bouncycastle.crypto.StreamCipher; 8180-import org.bouncycastle.crypto.engines.BlowfishEngine; 8181-import org.bouncycastle.crypto.engines.DESEngine; 8182-import org.bouncycastle.crypto.engines.DESedeEngine; 8183+// BEGIN android-removed 8184+// import org.bouncycastle.crypto.engines.BlowfishEngine; 8185+// import org.bouncycastle.crypto.engines.DESEngine; 8186+// import org.bouncycastle.crypto.engines.DESedeEngine; 8187+// END android-removed 8188 import org.bouncycastle.crypto.engines.RC4Engine; 8189-import org.bouncycastle.crypto.engines.SkipjackEngine; 8190-import org.bouncycastle.crypto.engines.TwofishEngine; 8191+// BEGIN android-removed 8192+// import org.bouncycastle.crypto.engines.SkipjackEngine; 8193+// import org.bouncycastle.crypto.engines.TwofishEngine; 8194+// END android-removed 8195 import org.bouncycastle.crypto.modes.CFBBlockCipher; 8196 import org.bouncycastle.crypto.modes.OFBBlockCipher; 8197 import org.bouncycastle.crypto.params.KeyParameter; 8198@@ -55,8 +61,10 @@ 8199 // 8200 private Class[] availableSpecs = 8201 { 8202- RC2ParameterSpec.class, 8203- RC5ParameterSpec.class, 8204+ // BEGIN android-removed 8205+ // RC2ParameterSpec.class, 8206+ // RC5ParameterSpec.class, 8207+ // END android-removed 8208 IvParameterSpec.class, 8209 PBEParameterSpec.class 8210 }; 8211@@ -491,125 +499,127 @@ 8212 * The ciphers that inherit from us. 8213 */ 8214 8215- /** 8216- * DES 8217- */ 8218- static public class DES_CFB8 8219- extends JCEStreamCipher 8220- { 8221- public DES_CFB8() 8222- { 8223- super(new CFBBlockCipher(new DESEngine(), 8), 64); 8224- } 8225- } 8226- 8227- /** 8228- * DESede 8229- */ 8230- static public class DESede_CFB8 8231- extends JCEStreamCipher 8232- { 8233- public DESede_CFB8() 8234- { 8235- super(new CFBBlockCipher(new DESedeEngine(), 8), 64); 8236- } 8237- } 8238- 8239- /** 8240- * SKIPJACK 8241- */ 8242- static public class Skipjack_CFB8 8243- extends JCEStreamCipher 8244- { 8245- public Skipjack_CFB8() 8246- { 8247- super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); 8248- } 8249- } 8250- 8251- /** 8252- * Blowfish 8253- */ 8254- static public class Blowfish_CFB8 8255- extends JCEStreamCipher 8256- { 8257- public Blowfish_CFB8() 8258- { 8259- super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); 8260- } 8261- } 8262- 8263- /** 8264- * Twofish 8265- */ 8266- static public class Twofish_CFB8 8267- extends JCEStreamCipher 8268- { 8269- public Twofish_CFB8() 8270- { 8271- super(new CFBBlockCipher(new TwofishEngine(), 8), 128); 8272- } 8273- } 8274- 8275- /** 8276- * DES 8277- */ 8278- static public class DES_OFB8 8279- extends JCEStreamCipher 8280- { 8281- public DES_OFB8() 8282- { 8283- super(new OFBBlockCipher(new DESEngine(), 8), 64); 8284- } 8285- } 8286- 8287- /** 8288- * DESede 8289- */ 8290- static public class DESede_OFB8 8291- extends JCEStreamCipher 8292- { 8293- public DESede_OFB8() 8294- { 8295- super(new OFBBlockCipher(new DESedeEngine(), 8), 64); 8296- } 8297- } 8298- 8299- /** 8300- * SKIPJACK 8301- */ 8302- static public class Skipjack_OFB8 8303- extends JCEStreamCipher 8304- { 8305- public Skipjack_OFB8() 8306- { 8307- super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); 8308- } 8309- } 8310- 8311- /** 8312- * Blowfish 8313- */ 8314- static public class Blowfish_OFB8 8315- extends JCEStreamCipher 8316- { 8317- public Blowfish_OFB8() 8318- { 8319- super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); 8320- } 8321- } 8322- 8323- /** 8324- * Twofish 8325- */ 8326- static public class Twofish_OFB8 8327- extends JCEStreamCipher 8328- { 8329- public Twofish_OFB8() 8330- { 8331- super(new OFBBlockCipher(new TwofishEngine(), 8), 128); 8332- } 8333- } 8334+ // BEGIN android-removed 8335+ // /** 8336+ // * DES 8337+ // */ 8338+ // static public class DES_CFB8 8339+ // extends JCEStreamCipher 8340+ // { 8341+ // public DES_CFB8() 8342+ // { 8343+ // super(new CFBBlockCipher(new DESEngine(), 8), 64); 8344+ // } 8345+ // } 8346+ // 8347+ // /** 8348+ // * DESede 8349+ // */ 8350+ // static public class DESede_CFB8 8351+ // extends JCEStreamCipher 8352+ // { 8353+ // public DESede_CFB8() 8354+ // { 8355+ // super(new CFBBlockCipher(new DESedeEngine(), 8), 64); 8356+ // } 8357+ // } 8358+ // 8359+ // /** 8360+ // * SKIPJACK 8361+ // */ 8362+ // static public class Skipjack_CFB8 8363+ // extends JCEStreamCipher 8364+ // { 8365+ // public Skipjack_CFB8() 8366+ // { 8367+ // super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); 8368+ // } 8369+ // } 8370+ // 8371+ // /** 8372+ // * Blowfish 8373+ // */ 8374+ // static public class Blowfish_CFB8 8375+ // extends JCEStreamCipher 8376+ // { 8377+ // public Blowfish_CFB8() 8378+ // { 8379+ // super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); 8380+ // } 8381+ // } 8382+ // 8383+ // /** 8384+ // * Twofish 8385+ // */ 8386+ // static public class Twofish_CFB8 8387+ // extends JCEStreamCipher 8388+ // { 8389+ // public Twofish_CFB8() 8390+ // { 8391+ // super(new CFBBlockCipher(new TwofishEngine(), 8), 128); 8392+ // } 8393+ // } 8394+ // 8395+ // /** 8396+ // * DES 8397+ // */ 8398+ // static public class DES_OFB8 8399+ // extends JCEStreamCipher 8400+ // { 8401+ // public DES_OFB8() 8402+ // { 8403+ // super(new OFBBlockCipher(new DESEngine(), 8), 64); 8404+ // } 8405+ // } 8406+ // 8407+ // /** 8408+ // * DESede 8409+ // */ 8410+ // static public class DESede_OFB8 8411+ // extends JCEStreamCipher 8412+ // { 8413+ // public DESede_OFB8() 8414+ // { 8415+ // super(new OFBBlockCipher(new DESedeEngine(), 8), 64); 8416+ // } 8417+ // } 8418+ // 8419+ // /** 8420+ // * SKIPJACK 8421+ // */ 8422+ // static public class Skipjack_OFB8 8423+ // extends JCEStreamCipher 8424+ // { 8425+ // public Skipjack_OFB8() 8426+ // { 8427+ // super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); 8428+ // } 8429+ // } 8430+ // 8431+ // /** 8432+ // * Blowfish 8433+ // */ 8434+ // static public class Blowfish_OFB8 8435+ // extends JCEStreamCipher 8436+ // { 8437+ // public Blowfish_OFB8() 8438+ // { 8439+ // super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); 8440+ // } 8441+ // } 8442+ // 8443+ // /** 8444+ // * Twofish 8445+ // */ 8446+ // static public class Twofish_OFB8 8447+ // extends JCEStreamCipher 8448+ // { 8449+ // public Twofish_OFB8() 8450+ // { 8451+ // super(new OFBBlockCipher(new TwofishEngine(), 8), 128); 8452+ // } 8453+ // } 8454+ // END android-removed 8455 8456 /** 8457 * PBEWithSHAAnd128BitRC4 8458diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 8459--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2013-02-10 00:37:58.000000000 +0000 8460+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2012-09-17 23:04:47.000000000 +0000 8461@@ -17,7 +17,9 @@ 8462 import org.bouncycastle.asn1.DERSequence; 8463 import org.bouncycastle.asn1.pkcs.PBKDF2Params; 8464 import org.bouncycastle.asn1.pkcs.PKCS12PBEParams; 8465-import org.bouncycastle.jce.spec.IESParameterSpec; 8466+// BEGIN android-removed 8467+// import org.bouncycastle.jce.spec.IESParameterSpec; 8468+// END android-removed 8469 8470 public abstract class JDKAlgorithmParameters 8471 extends AlgorithmParametersSpi 8472@@ -208,109 +210,111 @@ 8473 } 8474 } 8475 8476- public static class IES 8477- extends JDKAlgorithmParameters 8478- { 8479- IESParameterSpec currentSpec; 8480- 8481- /** 8482- * in the absence of a standard way of doing it this will do for 8483- * now... 8484- */ 8485- protected byte[] engineGetEncoded() 8486- { 8487- try 8488- { 8489- ASN1EncodableVector v = new ASN1EncodableVector(); 8490- 8491- v.add(new DEROctetString(currentSpec.getDerivationV())); 8492- v.add(new DEROctetString(currentSpec.getEncodingV())); 8493- v.add(new DERInteger(currentSpec.getMacKeySize())); 8494- 8495- return new DERSequence(v).getEncoded(ASN1Encoding.DER); 8496- } 8497- catch (IOException e) 8498- { 8499- throw new RuntimeException("Error encoding IESParameters"); 8500- } 8501- } 8502- 8503- protected byte[] engineGetEncoded( 8504- String format) 8505- { 8506- if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 8507- { 8508- return engineGetEncoded(); 8509- } 8510- 8511- return null; 8512- } 8513- 8514- protected AlgorithmParameterSpec localEngineGetParameterSpec( 8515- Class paramSpec) 8516- throws InvalidParameterSpecException 8517- { 8518- if (paramSpec == IESParameterSpec.class) 8519- { 8520- return currentSpec; 8521- } 8522- 8523- throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); 8524- } 8525- 8526- protected void engineInit( 8527- AlgorithmParameterSpec paramSpec) 8528- throws InvalidParameterSpecException 8529- { 8530- if (!(paramSpec instanceof IESParameterSpec)) 8531- { 8532- throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object"); 8533- } 8534- 8535- this.currentSpec = (IESParameterSpec)paramSpec; 8536- } 8537- 8538- protected void engineInit( 8539- byte[] params) 8540- throws IOException 8541- { 8542- try 8543- { 8544- ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(params); 8545- 8546- this.currentSpec = new IESParameterSpec( 8547- ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 8548- ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 8549- ((DERInteger)s.getObjectAt(0)).getValue().intValue()); 8550- } 8551- catch (ClassCastException e) 8552- { 8553- throw new IOException("Not a valid IES Parameter encoding."); 8554- } 8555- catch (ArrayIndexOutOfBoundsException e) 8556- { 8557- throw new IOException("Not a valid IES Parameter encoding."); 8558- } 8559- } 8560- 8561- protected void engineInit( 8562- byte[] params, 8563- String format) 8564- throws IOException 8565- { 8566- if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 8567- { 8568- engineInit(params); 8569- } 8570- else 8571- { 8572- throw new IOException("Unknown parameter format " + format); 8573- } 8574- } 8575- 8576- protected String engineToString() 8577- { 8578- return "IES Parameters"; 8579- } 8580- } 8581+ // BEGIN android-removed 8582+ // public static class IES 8583+ // extends JDKAlgorithmParameters 8584+ // { 8585+ // IESParameterSpec currentSpec; 8586+ // 8587+ // /** 8588+ // * in the absence of a standard way of doing it this will do for 8589+ // * now... 8590+ // */ 8591+ // protected byte[] engineGetEncoded() 8592+ // { 8593+ // try 8594+ // { 8595+ // ASN1EncodableVector v = new ASN1EncodableVector(); 8596+ // 8597+ // v.add(new DEROctetString(currentSpec.getDerivationV())); 8598+ // v.add(new DEROctetString(currentSpec.getEncodingV())); 8599+ // v.add(new DERInteger(currentSpec.getMacKeySize())); 8600+ // 8601+ // return new DERSequence(v).getEncoded(ASN1Encoding.DER); 8602+ // } 8603+ // catch (IOException e) 8604+ // { 8605+ // throw new RuntimeException("Error encoding IESParameters"); 8606+ // } 8607+ // } 8608+ // 8609+ // protected byte[] engineGetEncoded( 8610+ // String format) 8611+ // { 8612+ // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 8613+ // { 8614+ // return engineGetEncoded(); 8615+ // } 8616+ // 8617+ // return null; 8618+ // } 8619+ // 8620+ // protected AlgorithmParameterSpec localEngineGetParameterSpec( 8621+ // Class paramSpec) 8622+ // throws InvalidParameterSpecException 8623+ // { 8624+ // if (paramSpec == IESParameterSpec.class) 8625+ // { 8626+ // return currentSpec; 8627+ // } 8628+ // 8629+ // throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); 8630+ // } 8631+ // 8632+ // protected void engineInit( 8633+ // AlgorithmParameterSpec paramSpec) 8634+ // throws InvalidParameterSpecException 8635+ // { 8636+ // if (!(paramSpec instanceof IESParameterSpec)) 8637+ // { 8638+ // throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object"); 8639+ // } 8640+ // 8641+ // this.currentSpec = (IESParameterSpec)paramSpec; 8642+ // } 8643+ // 8644+ // protected void engineInit( 8645+ // byte[] params) 8646+ // throws IOException 8647+ // { 8648+ // try 8649+ // { 8650+ // ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(params); 8651+ // 8652+ // this.currentSpec = new IESParameterSpec( 8653+ // ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 8654+ // ((ASN1OctetString)s.getObjectAt(0)).getOctets(), 8655+ // ((DERInteger)s.getObjectAt(0)).getValue().intValue()); 8656+ // } 8657+ // catch (ClassCastException e) 8658+ // { 8659+ // throw new IOException("Not a valid IES Parameter encoding."); 8660+ // } 8661+ // catch (ArrayIndexOutOfBoundsException e) 8662+ // { 8663+ // throw new IOException("Not a valid IES Parameter encoding."); 8664+ // } 8665+ // } 8666+ // 8667+ // protected void engineInit( 8668+ // byte[] params, 8669+ // String format) 8670+ // throws IOException 8671+ // { 8672+ // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) 8673+ // { 8674+ // engineInit(params); 8675+ // } 8676+ // else 8677+ // { 8678+ // throw new IOException("Unknown parameter format " + format); 8679+ // } 8680+ // } 8681+ // 8682+ // protected String engineToString() 8683+ // { 8684+ // return "IES Parameters"; 8685+ // } 8686+ // } 8687+ // END android-removed 8688 } 8689diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JDKKeyStore.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JDKKeyStore.java 8690--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JDKKeyStore.java 2013-02-10 00:37:58.000000000 +0000 8691+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JDKKeyStore.java 2012-09-17 23:04:47.000000000 +0000 8692@@ -39,7 +39,12 @@ 8693 import org.bouncycastle.crypto.CipherParameters; 8694 import org.bouncycastle.crypto.Digest; 8695 import org.bouncycastle.crypto.PBEParametersGenerator; 8696-import org.bouncycastle.crypto.digests.SHA1Digest; 8697+// BEGIN android-added 8698+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 8699+// END android-added 8700+// BEGIN android-removed 8701+// import org.bouncycastle.crypto.digests.SHA1Digest; 8702+// END android-removed 8703 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 8704 import org.bouncycastle.crypto.io.DigestInputStream; 8705 import org.bouncycastle.crypto.io.DigestOutputStream; 8706@@ -498,7 +503,13 @@ 8707 8708 if (entry == null) 8709 { 8710- throw new KeyStoreException("no such entry as " + alias); 8711+ // BEGIN android-removed 8712+ // Only throw if there is a problem removing, not if missing 8713+ // throw new KeyStoreException("no such entry as " + alias); 8714+ // END android-removed 8715+ // BEGIN android-added 8716+ return; 8717+ // END android-added 8718 } 8719 8720 table.remove(alias); 8721@@ -817,12 +828,16 @@ 8722 // 8723 // we only do an integrity check if the password is provided. 8724 // 8725- HMac hMac = new HMac(new SHA1Digest()); 8726+ // BEGIN android-changed 8727+ HMac hMac = new HMac(AndroidDigestFactory.getSHA1()); 8728+ // END android-changed 8729 if (password != null && password.length != 0) 8730 { 8731 byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password); 8732 8733- PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest()); 8734+ // BEGIN android-changed 8735+ PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 8736+ // END android-changed 8737 pbeGen.init(passKey, salt, iterationCount); 8738 8739 CipherParameters macParams; 8740@@ -884,9 +899,11 @@ 8741 dOut.write(salt); 8742 dOut.writeInt(iterationCount); 8743 8744- HMac hMac = new HMac(new SHA1Digest()); 8745+ // BEGIN android-changed 8746+ HMac hMac = new HMac(AndroidDigestFactory.getSHA1()); 8747 MacOutputStream mOut = new MacOutputStream(hMac); 8748- PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest()); 8749+ PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 8750+ // END android-changed 8751 byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password); 8752 8753 pbeGen.init(passKey, salt, iterationCount); 8754@@ -974,7 +991,9 @@ 8755 Cipher cipher = this.makePBECipher(cipherAlg, Cipher.DECRYPT_MODE, password, salt, iterationCount); 8756 CipherInputStream cIn = new CipherInputStream(dIn, cipher); 8757 8758- Digest dig = new SHA1Digest(); 8759+ // BEGIN android-changed 8760+ Digest dig = AndroidDigestFactory.getSHA1(); 8761+ // END android-changed 8762 DigestInputStream dgIn = new DigestInputStream(cIn, dig); 8763 8764 this.loadStore(dgIn); 8765@@ -1013,7 +1032,9 @@ 8766 cipher = this.makePBECipher(STORE_CIPHER, Cipher.ENCRYPT_MODE, password, salt, iterationCount); 8767 8768 CipherOutputStream cOut = new CipherOutputStream(dOut, cipher); 8769- DigestOutputStream dgOut = new DigestOutputStream(new SHA1Digest()); 8770+ // BEGIN android-changed 8771+ DigestOutputStream dgOut = new DigestOutputStream(AndroidDigestFactory.getSHA1()); 8772+ // END android-changed 8773 8774 this.saveStore(new TeeOutputStream(cOut, dgOut)); 8775 8776diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 8777--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2013-02-10 00:37:58.000000000 +0000 8778+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2012-09-17 23:04:47.000000000 +0000 8779@@ -1557,32 +1557,34 @@ 8780 } 8781 } 8782 8783- public static class BCPKCS12KeyStore3DES 8784- extends JDKPKCS12KeyStore 8785- { 8786- public BCPKCS12KeyStore3DES() 8787- { 8788- super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 8789- } 8790- } 8791- 8792- public static class DefPKCS12KeyStore 8793- extends JDKPKCS12KeyStore 8794- { 8795- public DefPKCS12KeyStore() 8796- { 8797- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 8798- } 8799- } 8800- 8801- public static class DefPKCS12KeyStore3DES 8802- extends JDKPKCS12KeyStore 8803- { 8804- public DefPKCS12KeyStore3DES() 8805- { 8806- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 8807- } 8808- } 8809+ // BEGIN android-removed 8810+ // public static class BCPKCS12KeyStore3DES 8811+ // extends JDKPKCS12KeyStore 8812+ // { 8813+ // public BCPKCS12KeyStore3DES() 8814+ // { 8815+ // super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 8816+ // } 8817+ // } 8818+ // 8819+ // public static class DefPKCS12KeyStore 8820+ // extends JDKPKCS12KeyStore 8821+ // { 8822+ // public DefPKCS12KeyStore() 8823+ // { 8824+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 8825+ // } 8826+ // } 8827+ // 8828+ // public static class DefPKCS12KeyStore3DES 8829+ // extends JDKPKCS12KeyStore 8830+ // { 8831+ // public DefPKCS12KeyStore3DES() 8832+ // { 8833+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 8834+ // } 8835+ // } 8836+ // END android-removed 8837 8838 private static class IgnoresCaseHashtable 8839 { 8840diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 8841--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2013-02-10 00:37:58.000000000 +0000 8842+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2012-09-17 23:04:47.000000000 +0000 8843@@ -1,5 +1,8 @@ 8844 package org.bouncycastle.jce.provider; 8845 8846+// BEGIN android-added 8847+import java.math.BigInteger; 8848+// END android-added 8849 import java.security.InvalidAlgorithmParameterException; 8850 import java.security.PublicKey; 8851 import java.security.cert.CertPath; 8852@@ -33,6 +36,9 @@ 8853 public class PKIXCertPathValidatorSpi 8854 extends CertPathValidatorSpi 8855 { 8856+ // BEGIN android-added 8857+ private final static CertBlacklist blacklist = new CertBlacklist(); 8858+ // END android-added 8859 8860 public CertPathValidatorResult engineValidate( 8861 CertPath certPath, 8862@@ -75,6 +81,22 @@ 8863 { 8864 throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); 8865 } 8866+ // BEGIN android-added 8867+ { 8868+ X509Certificate cert = (X509Certificate) certs.get(0); 8869+ 8870+ if (cert != null) { 8871+ BigInteger serial = cert.getSerialNumber(); 8872+ if (blacklist.isSerialNumberBlackListed(serial)) { 8873+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8874+ String message = "Certificate revocation of serial 0x" + serial.toString(16); 8875+ System.out.println(message); 8876+ AnnotatedException e = new AnnotatedException(message); 8877+ throw new CertPathValidatorException(e.getMessage(), e, certPath, 0); 8878+ } 8879+ } 8880+ } 8881+ // END android-added 8882 8883 // 8884 // (b) 8885@@ -251,6 +273,15 @@ 8886 8887 for (index = certs.size() - 1; index >= 0; index--) 8888 { 8889+ // BEGIN android-added 8890+ if (blacklist.isPublicKeyBlackListed(workingPublicKey)) { 8891+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8892+ String message = "Certificate revocation of public key " + workingPublicKey; 8893+ System.out.println(message); 8894+ AnnotatedException e = new AnnotatedException(message); 8895+ throw new CertPathValidatorException(e.getMessage(), e, certPath, index); 8896+ } 8897+ // END android-added 8898 // try 8899 // { 8900 // 8901diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/X509CertificateObject.java 8902--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-02-10 00:37:58.000000000 +0000 8903+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-16 18:17:43.000000000 +0000 8904@@ -57,6 +57,9 @@ 8905 import org.bouncycastle.asn1.x509.Extensions; 8906 import org.bouncycastle.asn1.x509.GeneralName; 8907 import org.bouncycastle.asn1.x509.KeyUsage; 8908+// BEGIN android-added 8909+import org.bouncycastle.asn1.x509.X509Name; 8910+// END android-added 8911 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 8912 import org.bouncycastle.jce.X509Principal; 8913 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 8914@@ -562,12 +565,20 @@ 8915 } 8916 } 8917 8918+ // BEGIN android-changed 8919+ private byte[] encoded; 8920+ // END android-changed 8921 public byte[] getEncoded() 8922 throws CertificateEncodingException 8923 { 8924 try 8925 { 8926- return c.getEncoded(ASN1Encoding.DER); 8927+ // BEGIN android-changed 8928+ if (encoded == null) { 8929+ encoded = c.getEncoded(ASN1Encoding.DER); 8930+ } 8931+ return encoded; 8932+ // END android-changed 8933 } 8934 catch (IOException e) 8935 { 8936@@ -858,7 +869,9 @@ 8937 list.add(genName.getEncoded()); 8938 break; 8939 case GeneralName.directoryName: 8940- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 8941+ // BEGIN android-changed 8942+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 8943+ // END android-changed 8944 break; 8945 case GeneralName.dNSName: 8946 case GeneralName.rfc822Name: 8947diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-148/org/bouncycastle/jce/provider/X509SignatureUtil.java 8948--- bcprov-jdk15on-148.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2013-02-10 00:37:58.000000000 +0000 8949+++ bcprov-jdk15on-148/org/bouncycastle/jce/provider/X509SignatureUtil.java 2012-09-17 23:04:47.000000000 +0000 8950@@ -14,7 +14,9 @@ 8951 import org.bouncycastle.asn1.ASN1Sequence; 8952 import org.bouncycastle.asn1.DERNull; 8953 import org.bouncycastle.asn1.DERObjectIdentifier; 8954-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8955+// BEGIN android-removed 8956+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8957+// END android-removed 8958 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8959 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8960 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8961@@ -66,12 +68,14 @@ 8962 8963 if (params != null && !derNull.equals(params)) 8964 { 8965- if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8966- { 8967- RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8968- 8969- return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 8970- } 8971+ // BEGIN android-removed 8972+ // if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8973+ // { 8974+ // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8975+ // 8976+ // return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 8977+ // } 8978+ // END android-removed 8979 if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 8980 { 8981 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 8982@@ -98,10 +102,12 @@ 8983 { 8984 return "SHA1"; 8985 } 8986- else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 8987- { 8988- return "SHA224"; 8989- } 8990+ // BEGIN android-removed 8991+ // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 8992+ // { 8993+ // return "SHA224"; 8994+ // } 8995+ // END android-removed 8996 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 8997 { 8998 return "SHA256"; 8999@@ -114,22 +120,24 @@ 9000 { 9001 return "SHA512"; 9002 } 9003- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 9004- { 9005- return "RIPEMD128"; 9006- } 9007- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 9008- { 9009- return "RIPEMD160"; 9010- } 9011- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 9012- { 9013- return "RIPEMD256"; 9014- } 9015- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 9016- { 9017- return "GOST3411"; 9018- } 9019+ // BEGIN android-removed 9020+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 9021+ // { 9022+ // return "RIPEMD128"; 9023+ // } 9024+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 9025+ // { 9026+ // return "RIPEMD160"; 9027+ // } 9028+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 9029+ // { 9030+ // return "RIPEMD256"; 9031+ // } 9032+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 9033+ // { 9034+ // return "GOST3411"; 9035+ // } 9036+ // END android-removed 9037 else 9038 { 9039 return digestAlgOID.getId(); 9040diff -Naur bcprov-jdk15on-148.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-148/org/bouncycastle/x509/X509Util.java 9041--- bcprov-jdk15on-148.orig/org/bouncycastle/x509/X509Util.java 2013-02-10 00:37:58.000000000 +0000 9042+++ bcprov-jdk15on-148/org/bouncycastle/x509/X509Util.java 2012-09-17 23:04:47.000000000 +0000 9043@@ -25,12 +25,16 @@ 9044 import org.bouncycastle.asn1.ASN1Integer; 9045 import org.bouncycastle.asn1.DERNull; 9046 import org.bouncycastle.asn1.DERObjectIdentifier; 9047-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 9048+// BEGIN android-removed 9049+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 9050+// END android-removed 9051 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 9052 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 9053 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 9054 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 9055-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 9056+// BEGIN android-removed 9057+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 9058+// END android-removed 9059 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 9060 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 9061 import org.bouncycastle.jce.X509Principal; 9062@@ -44,14 +48,18 @@ 9063 9064 static 9065 { 9066- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 9067- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 9068+ // BEGIN android-removed 9069+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 9070+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 9071+ // END android-removed 9072 algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); 9073 algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); 9074 algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); 9075 algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption); 9076- algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9077- algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9078+ // BEGIN android-removed 9079+ // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9080+ // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 9081+ // END android-removed 9082 algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); 9083 algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); 9084 algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); 9085@@ -59,45 +67,59 @@ 9086 algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); 9087 algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); 9088 algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9089- algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9090+ // BEGIN android-removed 9091+ // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9092+ // END android-removed 9093 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9094 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9095 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 9096- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9097- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9098- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9099- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9100- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9101- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9102+ // BEGIN android-removed 9103+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9104+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9105+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9106+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9107+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9108+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9109+ // END android-removed 9110 algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); 9111 algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); 9112- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 9113+ // BEGIN android-removed 9114+ // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 9115+ // END android-removed 9116 algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); 9117 algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); 9118 algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); 9119 algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); 9120 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 9121- algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 9122+ // BEGIN android-removed 9123+ // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 9124+ // END android-removed 9125 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 9126 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 9127 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 9128- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9129- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9130- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9131- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9132- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9133+ // BEGIN android-removed 9134+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9135+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9136+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9137+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9138+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9139+ // END android-removed 9140 9141 // 9142 // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 9143 // The parameters field SHALL be NULL for RSA based signature algorithms. 9144 // 9145 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); 9146- noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 9147+ // BEGIN android-removed 9148+ // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 9149+ // END android-removed 9150 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); 9151 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); 9152 noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); 9153 noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); 9154- noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 9155+ // BEGIN android-removed 9156+ // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 9157+ // END android-removed 9158 noParams.add(NISTObjectIdentifiers.dsa_with_sha256); 9159 noParams.add(NISTObjectIdentifiers.dsa_with_sha384); 9160 noParams.add(NISTObjectIdentifiers.dsa_with_sha512); 9161@@ -105,8 +127,10 @@ 9162 // 9163 // RFC 4491 9164 // 9165- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9166- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9167+ // BEGIN android-removed 9168+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9169+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9170+ // END android-removed 9171 9172 // 9173 // explicit params 9174@@ -114,8 +138,10 @@ 9175 AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); 9176 params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); 9177 9178- AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); 9179- params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 9180+ // BEGIN android-removed 9181+ // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); 9182+ // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 9183+ // END android-removed 9184 9185 AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); 9186 params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); 9187