1diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-150/org/bouncycastle/asn1/ASN1Null.java 2--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/ASN1Null.java 2013-12-03 20:18:20.000000000 +0000 3+++ bcprov-jdk15on-150/org/bouncycastle/asn1/ASN1Null.java 2013-01-31 02:26:40.000000000 +0000 4@@ -11,9 +11,11 @@ 5 /** 6 * @deprecated use DERNull.INSTANCE 7 */ 8- public ASN1Null() 9+ // BEGIN android-changed 10+ /*package*/ ASN1Null() 11 { 12 } 13+ // END android-changed 14 15 public static ASN1Null getInstance(Object o) 16 { 17diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERBoolean.java bcprov-jdk15on-150/org/bouncycastle/asn1/DERBoolean.java 18--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERBoolean.java 2013-12-03 20:18:20.000000000 +0000 19+++ bcprov-jdk15on-150/org/bouncycastle/asn1/DERBoolean.java 2013-12-12 00:35:05.000000000 +0000 20@@ -10,7 +10,9 @@ 21 private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; 22 private static final byte[] FALSE_VALUE = new byte[] { 0 }; 23 24- private byte[] value; 25+ // BEGIN android-changed 26+ final private byte[] value; 27+ // END android-changed 28 29 public static final ASN1Boolean FALSE = new ASN1Boolean(false); 30 public static final ASN1Boolean TRUE = new ASN1Boolean(true); 31@@ -55,6 +57,17 @@ 32 return (value != 0 ? TRUE : FALSE); 33 } 34 35+ // BEGIN android-added 36+ /** 37+ * return a DERBoolean from the passed in array. 38+ */ 39+ public static DERBoolean getInstance( 40+ byte[] octets) 41+ { 42+ return (octets[0] != 0) ? TRUE : FALSE; 43+ } 44+ 45+ // END android-added 46 /** 47 * return a Boolean from a tagged object. 48 * 49@@ -80,7 +93,9 @@ 50 } 51 } 52 53- DERBoolean( 54+ // BEGIN android-changed 55+ protected DERBoolean( 56+ // END android-changed 57 byte[] value) 58 { 59 if (value.length != 1) 60@@ -106,8 +121,10 @@ 61 * @deprecated use getInstance(boolean) method. 62 * @param value 63 */ 64- public DERBoolean( 65+ // BEGIN android-changed 66+ protected DERBoolean( 67 boolean value) 68+ // END android-changed 69 { 70 this.value = (value) ? TRUE_VALUE : FALSE_VALUE; 71 } 72diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-150/org/bouncycastle/asn1/DERNull.java 73--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERNull.java 2013-12-03 20:18:20.000000000 +0000 74+++ bcprov-jdk15on-150/org/bouncycastle/asn1/DERNull.java 2013-01-31 02:26:40.000000000 +0000 75@@ -15,7 +15,9 @@ 76 /** 77 * @deprecated use DERNull.INSTANCE 78 */ 79- public DERNull() 80+ // BEGIN android-changed 81+ protected DERNull() 82+ // END android-changed 83 { 84 } 85 86diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERObjectIdentifier.java bcprov-jdk15on-150/org/bouncycastle/asn1/DERObjectIdentifier.java 87--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERObjectIdentifier.java 2013-12-03 20:18:20.000000000 +0000 88+++ bcprov-jdk15on-150/org/bouncycastle/asn1/DERObjectIdentifier.java 2013-12-12 00:35:05.000000000 +0000 89@@ -162,7 +162,13 @@ 90 } 91 } 92 93- this.identifier = objId.toString(); 94+ // BEGIN android-changed 95+ /* 96+ * Intern the identifier so there aren't hundreds of duplicates 97+ * (in practice). 98+ */ 99+ this.identifier = objId.toString().intern(); 100+ // END android-changed 101 this.body = Arrays.clone(bytes); 102 } 103 104@@ -181,7 +187,13 @@ 105 throw new IllegalArgumentException("string " + identifier + " not an OID"); 106 } 107 108- this.identifier = identifier; 109+ // BEGIN android-changed 110+ /* 111+ * Intern the identifier so there aren't hundreds of duplicates 112+ * (in practice). 113+ */ 114+ this.identifier = identifier.intern(); 115+ // END android-changed 116 } 117 118 DERObjectIdentifier(DERObjectIdentifier oid, String branchID) 119diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-150/org/bouncycastle/asn1/DERPrintableString.java 120--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/DERPrintableString.java 2013-12-03 20:18:20.000000000 +0000 121+++ bcprov-jdk15on-150/org/bouncycastle/asn1/DERPrintableString.java 2013-01-31 02:26:40.000000000 +0000 122@@ -12,7 +12,9 @@ 123 extends ASN1Primitive 124 implements ASN1String 125 { 126- private byte[] string; 127+ // BEGIN android-changed 128+ private final byte[] string; 129+ // END android-changed 130 131 /** 132 * return a printable string from the passed in object. 133diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/StreamUtil.java bcprov-jdk15on-150/org/bouncycastle/asn1/StreamUtil.java 134--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/StreamUtil.java 2013-12-03 20:18:20.000000000 +0000 135+++ bcprov-jdk15on-150/org/bouncycastle/asn1/StreamUtil.java 2014-05-05 17:17:14.000000000 +0000 136@@ -8,7 +8,9 @@ 137 138 class StreamUtil 139 { 140- private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 141+ // BEGIN android-removed 142+ // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 143+ // END android-removed 144 145 /** 146 * Find out possible longest length... 147@@ -48,12 +50,15 @@ 148 } 149 } 150 151- if (MAX_MEMORY > Integer.MAX_VALUE) 152+ // BEGIN android-changed 153+ long maxMemory = Runtime.getRuntime().maxMemory(); 154+ if (maxMemory > Integer.MAX_VALUE) 155 { 156 return Integer.MAX_VALUE; 157 } 158 159- return (int)MAX_MEMORY; 160+ return (int) maxMemory; 161+ // END android-changed 162 } 163 164 static int calculateBodyLength( 165diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-150/org/bouncycastle/asn1/cms/ContentInfo.java 166--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2013-12-03 20:18:20.000000000 +0000 167+++ bcprov-jdk15on-150/org/bouncycastle/asn1/cms/ContentInfo.java 2013-12-12 00:35:05.000000000 +0000 168@@ -28,7 +28,9 @@ 169 */ 170 public class ContentInfo 171 extends ASN1Object 172- implements CMSObjectIdentifiers 173+ // BEGIN android-removed 174+ // implements CMSObjectIdentifiers 175+ // END android-removed 176 { 177 private ASN1ObjectIdentifier contentType; 178 private ASN1Encodable content; 179diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-150/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 180--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-12-03 20:18:20.000000000 +0000 181+++ bcprov-jdk15on-150/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-12-12 00:35:05.000000000 +0000 182@@ -13,10 +13,12 @@ 183 static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); 184 /** PKCS#1: 1.2.840.113549.1.1.1 */ 185 static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); 186- /** PKCS#1: 1.2.840.113549.1.1.2 */ 187- static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 188- /** PKCS#1: 1.2.840.113549.1.1.3 */ 189- static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 190+ // BEGIN android-removed 191+ // /** PKCS#1: 1.2.840.113549.1.1.2 */ 192+ // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 193+ // /** PKCS#1: 1.2.840.113549.1.1.3 */ 194+ // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 195+ // END android-removed 196 /** PKCS#1: 1.2.840.113549.1.1.4 */ 197 static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); 198 /** PKCS#1: 1.2.840.113549.1.1.5 */ 199@@ -96,15 +98,19 @@ 200 // md2 OBJECT IDENTIFIER ::= 201 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} 202 // 203- /** 1.2.840.113549.2.2 */ 204- static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 205+ // BEGIN android-removed 206+ // /** 1.2.840.113549.2.2 */ 207+ // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 208+ // END android-removed 209 210 // 211 // md4 OBJECT IDENTIFIER ::= 212 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} 213 // 214- /** 1.2.840.113549.2.4 */ 215- static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 216+ // BEGIN android-removed 217+ // /** 1.2.840.113549.2.4 */ 218+ // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 219+ // END android-removed 220 221 // 222 // md5 OBJECT IDENTIFIER ::= 223diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-150/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 224--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2013-12-03 20:18:20.000000000 +0000 225+++ bcprov-jdk15on-150/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2013-05-25 02:14:15.000000000 +0000 226@@ -14,7 +14,9 @@ 227 import org.bouncycastle.asn1.DERSequence; 228 import org.bouncycastle.asn1.DERTaggedObject; 229 import org.bouncycastle.crypto.Digest; 230-import org.bouncycastle.crypto.digests.SHA1Digest; 231+// BEGIN android-changed 232+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 233+// END android-changed 234 235 /** 236 * The AuthorityKeyIdentifier object. 237@@ -106,7 +108,9 @@ 238 public AuthorityKeyIdentifier( 239 SubjectPublicKeyInfo spki) 240 { 241- Digest digest = new SHA1Digest(); 242+ // BEGIN android-changed 243+ Digest digest = AndroidDigestFactory.getSHA1(); 244+ // END android-changed 245 byte[] resBuf = new byte[digest.getDigestSize()]; 246 247 byte[] bytes = spki.getPublicKeyData().getBytes(); 248@@ -124,7 +128,9 @@ 249 GeneralNames name, 250 BigInteger serialNumber) 251 { 252- Digest digest = new SHA1Digest(); 253+ // BEGIN android-changed 254+ Digest digest = AndroidDigestFactory.getSHA1(); 255+ // END android-changed 256 byte[] resBuf = new byte[digest.getDigestSize()]; 257 258 byte[] bytes = spki.getPublicKeyData().getBytes(); 259diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java bcprov-jdk15on-150/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 260--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 2013-12-03 20:18:20.000000000 +0000 261+++ bcprov-jdk15on-150/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java 2013-01-31 02:26:40.000000000 +0000 262@@ -6,7 +6,9 @@ 263 import org.bouncycastle.asn1.ASN1TaggedObject; 264 import org.bouncycastle.asn1.DEROctetString; 265 import org.bouncycastle.crypto.Digest; 266-import org.bouncycastle.crypto.digests.SHA1Digest; 267+// BEGIN android-changed 268+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 269+// END android-changed 270 271 /** 272 * The SubjectKeyIdentifier object. 273@@ -124,7 +126,9 @@ 274 275 private static byte[] getDigest(SubjectPublicKeyInfo spki) 276 { 277- Digest digest = new SHA1Digest(); 278+ // BEGIN android-changed 279+ Digest digest = AndroidDigestFactory.getSHA1(); 280+ // END android-changed 281 byte[] resBuf = new byte[digest.getDigestSize()]; 282 283 byte[] bytes = spki.getPublicKeyData().getBytes(); 284diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-150/org/bouncycastle/asn1/x509/X509Name.java 285--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/X509Name.java 2013-12-03 20:18:20.000000000 +0000 286+++ bcprov-jdk15on-150/org/bouncycastle/asn1/x509/X509Name.java 2013-12-12 00:35:05.000000000 +0000 287@@ -255,8 +255,10 @@ 288 */ 289 public static final Hashtable SymbolLookUp = DefaultLookUp; 290 291- private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility 292- private static final Boolean FALSE = new Boolean(false); 293+ // BEGIN android-changed 294+ private static final Boolean TRUE = Boolean.TRUE; 295+ private static final Boolean FALSE = Boolean.FALSE; 296+ // END android-changed 297 298 static 299 { 300@@ -446,7 +448,9 @@ 301 throw new IllegalArgumentException("cannot encode value"); 302 } 303 } 304- added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility 305+ // BEGIN android-changed 306+ added.addElement(Boolean.valueOf(i != 0)); 307+ // END android-changed 308 } 309 } 310 } 311diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-150/org/bouncycastle/asn1/x509/X509NameTokenizer.java 312--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-12-03 20:18:20.000000000 +0000 313+++ bcprov-jdk15on-150/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-05-25 02:14:15.000000000 +0000 314@@ -78,6 +78,17 @@ 315 } 316 else 317 { 318+ // BEGIN android-added 319+ // copied from a newer version of BouncyCastle 320+ if (c == '#' && buf.charAt(buf.length() - 1) == '=') 321+ { 322+ buf.append('\\'); 323+ } 324+ else if (c == '+' && separator != '+') 325+ { 326+ buf.append('\\'); 327+ } 328+ // END android-added 329 buf.append(c); 330 } 331 } 332diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java bcprov-jdk15on-150/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 333--- bcprov-jdk15on-150.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2013-12-03 20:18:20.000000000 +0000 334+++ bcprov-jdk15on-150/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2013-12-12 00:35:05.000000000 +0000 335@@ -6,7 +6,9 @@ 336 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 337 import org.bouncycastle.asn1.nist.NISTNamedCurves; 338 import org.bouncycastle.asn1.sec.SECNamedCurves; 339-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 340+// BEGIN android-removed 341+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 342+// END android-removed 343 344 /** 345 * A general class that reads all X9.62 style EC curve tables. 346@@ -30,10 +32,12 @@ 347 ecP = SECNamedCurves.getByName(name); 348 } 349 350- if (ecP == null) 351- { 352- ecP = TeleTrusTNamedCurves.getByName(name); 353- } 354+ // BEGIN android-removed 355+ // if (ecP == null) 356+ // { 357+ // ecP = TeleTrusTNamedCurves.getByName(name); 358+ // } 359+ // END android-removed 360 361 if (ecP == null) 362 { 363@@ -60,10 +64,12 @@ 364 ecP = SECNamedCurves.getByOID(oid); 365 } 366 367- if (ecP == null) 368- { 369- ecP = TeleTrusTNamedCurves.getByOID(oid); 370- } 371+ // BEGIN android-removed 372+ // if (ecP == null) 373+ // { 374+ // ecP = TeleTrusTNamedCurves.getByOID(oid); 375+ // } 376+ // END android-removed 377 378 // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup 379 380@@ -82,7 +88,9 @@ 381 addEnumeration(v, X962NamedCurves.getNames()); 382 addEnumeration(v, SECNamedCurves.getNames()); 383 addEnumeration(v, NISTNamedCurves.getNames()); 384- addEnumeration(v, TeleTrusTNamedCurves.getNames()); 385+ // BEGIN android-removed 386+ // addEnumeration(v, TeleTrusTNamedCurves.getNames()); 387+ // END android-removed 388 389 return v.elements(); 390 } 391diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 392--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000 393+++ bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-09-26 18:06:21.000000000 +0000 394@@ -0,0 +1,87 @@ 395+/* 396+ * Copyright (C) 2012 The Android Open Source Project 397+ * 398+ * Licensed under the Apache License, Version 2.0 (the "License"); 399+ * you may not use this file except in compliance with the License. 400+ * You may obtain a copy of the License at 401+ * 402+ * http://www.apache.org/licenses/LICENSE-2.0 403+ * 404+ * Unless required by applicable law or agreed to in writing, software 405+ * distributed under the License is distributed on an "AS IS" BASIS, 406+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 407+ * See the License for the specific language governing permissions and 408+ * limitations under the License. 409+ */ 410+ 411+package org.bouncycastle.crypto.digests; 412+ 413+import org.bouncycastle.crypto.Digest; 414+ 415+/** 416+ * Level of indirection to let us select OpenSSLDigest implementations 417+ * for libcore but fallback to BouncyCastle ones on the RI. 418+ */ 419+public final class AndroidDigestFactory { 420+ private static final String OpenSSLFactoryClassName 421+ = AndroidDigestFactory.class.getName() + "OpenSSL"; 422+ private static final String BouncyCastleFactoryClassName 423+ = AndroidDigestFactory.class.getName() + "BouncyCastle"; 424+ 425+ private static final AndroidDigestFactoryInterface FACTORY; 426+ static { 427+ Class factoryImplementationClass; 428+ try { 429+ factoryImplementationClass = Class.forName(OpenSSLFactoryClassName); 430+ // Double check for NativeCrypto in case we are running on RI for testing 431+ Class.forName("com.android.org.conscrypt.NativeCrypto"); 432+ } catch (ClassNotFoundException e1) { 433+ try { 434+ factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName); 435+ } catch (ClassNotFoundException e2) { 436+ AssertionError e = new AssertionError("Failed to load " 437+ + "AndroidDigestFactoryInterface " 438+ + "implementation. Looked for " 439+ + OpenSSLFactoryClassName + " and " 440+ + BouncyCastleFactoryClassName); 441+ e.initCause(e1); 442+ throw e; 443+ } 444+ } 445+ if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) { 446+ throw new AssertionError(factoryImplementationClass 447+ + "does not implement AndroidDigestFactoryInterface"); 448+ } 449+ try { 450+ FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance(); 451+ } catch (InstantiationException e) { 452+ throw new AssertionError(e); 453+ } catch (IllegalAccessException e) { 454+ throw new AssertionError(e); 455+ } 456+ } 457+ 458+ public static Digest getMD5() { 459+ return FACTORY.getMD5(); 460+ } 461+ 462+ public static Digest getSHA1() { 463+ return FACTORY.getSHA1(); 464+ } 465+ 466+ public static Digest getSHA224() { 467+ return FACTORY.getSHA224(); 468+ } 469+ 470+ public static Digest getSHA256() { 471+ return FACTORY.getSHA256(); 472+ } 473+ 474+ public static Digest getSHA384() { 475+ return FACTORY.getSHA384(); 476+ } 477+ 478+ public static Digest getSHA512() { 479+ return FACTORY.getSHA512(); 480+ } 481+} 482diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 483--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000 484+++ bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-09-26 18:06:21.000000000 +0000 485@@ -0,0 +1,40 @@ 486+/* 487+ * Copyright (C) 2012 The Android Open Source Project 488+ * 489+ * Licensed under the Apache License, Version 2.0 (the "License"); 490+ * you may not use this file except in compliance with the License. 491+ * You may obtain a copy of the License at 492+ * 493+ * http://www.apache.org/licenses/LICENSE-2.0 494+ * 495+ * Unless required by applicable law or agreed to in writing, software 496+ * distributed under the License is distributed on an "AS IS" BASIS, 497+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 498+ * See the License for the specific language governing permissions and 499+ * limitations under the License. 500+ */ 501+ 502+package org.bouncycastle.crypto.digests; 503+ 504+import org.bouncycastle.crypto.Digest; 505+ 506+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface { 507+ public Digest getMD5() { 508+ return new MD5Digest(); 509+ } 510+ public Digest getSHA1() { 511+ return new SHA1Digest(); 512+ } 513+ public Digest getSHA224() { 514+ return new SHA224Digest(); 515+ } 516+ public Digest getSHA256() { 517+ return new SHA256Digest(); 518+ } 519+ public Digest getSHA384() { 520+ return new SHA384Digest(); 521+ } 522+ public Digest getSHA512() { 523+ return new SHA512Digest(); 524+ } 525+} 526diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 527--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000 528+++ bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-09-26 18:06:21.000000000 +0000 529@@ -0,0 +1,28 @@ 530+/* 531+ * Copyright (C) 2012 The Android Open Source Project 532+ * 533+ * Licensed under the Apache License, Version 2.0 (the "License"); 534+ * you may not use this file except in compliance with the License. 535+ * You may obtain a copy of the License at 536+ * 537+ * http://www.apache.org/licenses/LICENSE-2.0 538+ * 539+ * Unless required by applicable law or agreed to in writing, software 540+ * distributed under the License is distributed on an "AS IS" BASIS, 541+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 542+ * See the License for the specific language governing permissions and 543+ * limitations under the License. 544+ */ 545+ 546+package org.bouncycastle.crypto.digests; 547+ 548+import org.bouncycastle.crypto.Digest; 549+ 550+interface AndroidDigestFactoryInterface { 551+ public Digest getMD5(); 552+ public Digest getSHA1(); 553+ public Digest getSHA224(); 554+ public Digest getSHA256(); 555+ public Digest getSHA384(); 556+ public Digest getSHA512(); 557+} 558diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 559--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000 560+++ bcprov-jdk15on-150/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-09-26 18:06:21.000000000 +0000 561@@ -0,0 +1,40 @@ 562+/* 563+ * Copyright (C) 2012 The Android Open Source Project 564+ * 565+ * Licensed under the Apache License, Version 2.0 (the "License"); 566+ * you may not use this file except in compliance with the License. 567+ * You may obtain a copy of the License at 568+ * 569+ * http://www.apache.org/licenses/LICENSE-2.0 570+ * 571+ * Unless required by applicable law or agreed to in writing, software 572+ * distributed under the License is distributed on an "AS IS" BASIS, 573+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 574+ * See the License for the specific language governing permissions and 575+ * limitations under the License. 576+ */ 577+ 578+package org.bouncycastle.crypto.digests; 579+ 580+import org.bouncycastle.crypto.Digest; 581+ 582+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface { 583+ public Digest getMD5() { 584+ return new OpenSSLDigest.MD5(); 585+ } 586+ public Digest getSHA1() { 587+ return new OpenSSLDigest.SHA1(); 588+ } 589+ public Digest getSHA224() { 590+ return new OpenSSLDigest.SHA224(); 591+ } 592+ public Digest getSHA256() { 593+ return new OpenSSLDigest.SHA256(); 594+ } 595+ public Digest getSHA384() { 596+ return new OpenSSLDigest.SHA384(); 597+ } 598+ public Digest getSHA512() { 599+ return new OpenSSLDigest.SHA512(); 600+ } 601+} 602diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-150/org/bouncycastle/crypto/digests/OpenSSLDigest.java 603--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 604+++ bcprov-jdk15on-150/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2014-02-27 18:09:19.000000000 +0000 605@@ -0,0 +1,97 @@ 606+/* 607+ * Copyright (C) 2008 The Android Open Source Project 608+ * 609+ * Licensed under the Apache License, Version 2.0 (the "License"); 610+ * you may not use this file except in compliance with the License. 611+ * You may obtain a copy of the License at 612+ * 613+ * http://www.apache.org/licenses/LICENSE-2.0 614+ * 615+ * Unless required by applicable law or agreed to in writing, software 616+ * distributed under the License is distributed on an "AS IS" BASIS, 617+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 618+ * See the License for the specific language governing permissions and 619+ * limitations under the License. 620+ */ 621+ 622+package org.bouncycastle.crypto.digests; 623+ 624+import org.bouncycastle.crypto.ExtendedDigest; 625+import org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi; 626+import java.security.DigestException; 627+import java.security.MessageDigest; 628+ 629+/** 630+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This 631+ * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it. 632+ */ 633+public class OpenSSLDigest implements ExtendedDigest { 634+ private final MessageDigest delegate; 635+ 636+ private final int byteSize; 637+ 638+ public OpenSSLDigest(String algorithm, int byteSize) { 639+ try { 640+ delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL"); 641+ this.byteSize = byteSize; 642+ } catch (Exception e) { 643+ throw new RuntimeException(e); 644+ } 645+ } 646+ 647+ public String getAlgorithmName() { 648+ return delegate.getAlgorithm(); 649+ } 650+ 651+ public int getDigestSize() { 652+ return delegate.getDigestLength(); 653+ } 654+ 655+ public int getByteLength() { 656+ return byteSize; 657+ } 658+ 659+ public void reset() { 660+ delegate.reset(); 661+ } 662+ 663+ public void update(byte in) { 664+ delegate.update(in); 665+ } 666+ 667+ public void update(byte[] in, int inOff, int len) { 668+ delegate.update(in, inOff, len); 669+ } 670+ 671+ public int doFinal(byte[] out, int outOff) { 672+ try { 673+ return delegate.digest(out, outOff, out.length - outOff); 674+ } catch (DigestException e) { 675+ throw new RuntimeException(e); 676+ } 677+ } 678+ 679+ public static class MD5 extends OpenSSLDigest { 680+ public MD5() { super("MD5", 64); } 681+ } 682+ 683+ public static class SHA1 extends OpenSSLDigest { 684+ public SHA1() { super("SHA-1", 64); } 685+ } 686+ 687+ public static class SHA224 extends OpenSSLDigest { 688+ public SHA224() { super("SHA-224", 64); } 689+ } 690+ 691+ public static class SHA256 extends OpenSSLDigest { 692+ public SHA256() { super("SHA-256", 64); } 693+ } 694+ 695+ public static class SHA384 extends OpenSSLDigest { 696+ public SHA384() { super("SHA-384", 128); } 697+ } 698+ 699+ public static class SHA512 extends OpenSSLDigest { 700+ public SHA512() { super("SHA-512", 128); } 701+ } 702+} 703diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-150/org/bouncycastle/crypto/encodings/OAEPEncoding.java 704--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-12-03 20:18:20.000000000 +0000 705+++ bcprov-jdk15on-150/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-05-25 02:14:15.000000000 +0000 706@@ -6,7 +6,9 @@ 707 import org.bouncycastle.crypto.CipherParameters; 708 import org.bouncycastle.crypto.Digest; 709 import org.bouncycastle.crypto.InvalidCipherTextException; 710-import org.bouncycastle.crypto.digests.SHA1Digest; 711+// BEGIN android-changed 712+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 713+// END android-changed 714 import org.bouncycastle.crypto.params.ParametersWithRandom; 715 716 /** 717@@ -25,7 +27,9 @@ 718 public OAEPEncoding( 719 AsymmetricBlockCipher cipher) 720 { 721- this(cipher, new SHA1Digest(), null); 722+ // BEGIN android-changed 723+ this(cipher, AndroidDigestFactory.getSHA1(), null); 724+ // END android-changed 725 } 726 727 public OAEPEncoding( 728diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-150/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 729--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2013-12-03 20:18:20.000000000 +0000 730+++ bcprov-jdk15on-150/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2013-01-31 02:26:40.000000000 +0000 731@@ -216,6 +216,12 @@ 732 throw new InvalidCipherTextException("unknown block type"); 733 } 734 } 735+ // BEGIN android-added 736+ if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) 737+ { 738+ throw new InvalidCipherTextException("invalid block type " + type); 739+ } 740+ // END android-added 741 742 if (useStrictLength && block.length != engine.getOutputBlockSize()) 743 { 744diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-150/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 745--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2013-12-03 20:18:20.000000000 +0000 746+++ bcprov-jdk15on-150/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2012-09-17 23:04:47.000000000 +0000 747@@ -6,7 +6,9 @@ 748 import org.bouncycastle.crypto.Digest; 749 import org.bouncycastle.crypto.InvalidCipherTextException; 750 import org.bouncycastle.crypto.Wrapper; 751-import org.bouncycastle.crypto.digests.SHA1Digest; 752+// BEGIN android-changed 753+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 754+// END android-changed 755 import org.bouncycastle.crypto.modes.CBCBlockCipher; 756 import org.bouncycastle.crypto.params.KeyParameter; 757 import org.bouncycastle.crypto.params.ParametersWithIV; 758@@ -52,7 +54,9 @@ 759 // 760 // checksum digest 761 // 762- Digest sha1 = new SHA1Digest(); 763+ // BEGIN android-changed 764+ Digest sha1 = AndroidDigestFactory.getSHA1(); 765+ // END android-changed 766 byte[] digest = new byte[20]; 767 768 /** 769diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-150/org/bouncycastle/crypto/generators/DHParametersHelper.java 770--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2013-12-03 20:18:20.000000000 +0000 771+++ bcprov-jdk15on-150/org/bouncycastle/crypto/generators/DHParametersHelper.java 2012-09-17 23:04:47.000000000 +0000 772@@ -3,10 +3,17 @@ 773 import java.math.BigInteger; 774 import java.security.SecureRandom; 775 776+// BEGIN android-added 777+import java.util.logging.Logger; 778+// END android-added 779 import org.bouncycastle.util.BigIntegers; 780 781 class DHParametersHelper 782 { 783+ // BEGIN android-added 784+ private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); 785+ // END android-added 786+ 787 private static final BigInteger ONE = BigInteger.valueOf(1); 788 private static final BigInteger TWO = BigInteger.valueOf(2); 789 790@@ -17,11 +24,19 @@ 791 */ 792 static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) 793 { 794+ // BEGIN android-added 795+ logger.info("Generating safe primes. This may take a long time."); 796+ long start = System.currentTimeMillis(); 797+ int tries = 0; 798+ // END android-added 799 BigInteger p, q; 800 int qLength = size - 1; 801 802 for (;;) 803 { 804+ // BEGIN android-added 805+ tries++; 806+ // END android-added 807 q = new BigInteger(qLength, 2, random); 808 809 // p <- 2q + 1 810@@ -32,6 +47,11 @@ 811 break; 812 } 813 } 814+ // BEGIN android-added 815+ long end = System.currentTimeMillis(); 816+ long duration = end - start; 817+ logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); 818+ // END android-added 819 820 return new BigInteger[] { p, q }; 821 } 822diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-150/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 823--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2013-12-03 20:18:20.000000000 +0000 824+++ bcprov-jdk15on-150/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2013-12-12 00:35:05.000000000 +0000 825@@ -4,7 +4,9 @@ 826 import java.security.SecureRandom; 827 828 import org.bouncycastle.crypto.Digest; 829-import org.bouncycastle.crypto.digests.SHA1Digest; 830+// BEGIN android-changed 831+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 832+// END android-changed 833 import org.bouncycastle.crypto.params.DSAParameterGenerationParameters; 834 import org.bouncycastle.crypto.params.DSAParameters; 835 import org.bouncycastle.crypto.params.DSAValidationParameters; 836@@ -31,7 +33,9 @@ 837 838 public DSAParametersGenerator() 839 { 840- this(new SHA1Digest()); 841+ // BEGIN android-changed 842+ this(AndroidDigestFactory.getSHA1()); 843+ // END android-changed 844 } 845 846 public DSAParametersGenerator(Digest digest) 847@@ -122,7 +126,9 @@ 848 int n = (L - 1) / 160; 849 byte[] w = new byte[L / 8]; 850 851- if (!(digest instanceof SHA1Digest)) 852+ // BEGIN android-changed 853+ if (!(digest.getAlgorithmName().equals("SHA-1"))) 854+ // END android-changed 855 { 856 throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters"); 857 } 858diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-150/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 859--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2013-12-03 20:18:20.000000000 +0000 860+++ bcprov-jdk15on-150/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000 861@@ -3,7 +3,9 @@ 862 import org.bouncycastle.crypto.CipherParameters; 863 import org.bouncycastle.crypto.Digest; 864 import org.bouncycastle.crypto.PBEParametersGenerator; 865-import org.bouncycastle.crypto.digests.MD5Digest; 866+// BEGIN android-changed 867+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 868+// END android-changed 869 import org.bouncycastle.crypto.params.KeyParameter; 870 import org.bouncycastle.crypto.params.ParametersWithIV; 871 872@@ -17,7 +19,9 @@ 873 public class OpenSSLPBEParametersGenerator 874 extends PBEParametersGenerator 875 { 876- private Digest digest = new MD5Digest(); 877+ // BEGIN android-changed 878+ private Digest digest = AndroidDigestFactory.getMD5(); 879+ // END android-changed 880 881 /** 882 * Construct a OpenSSL Parameters generator. 883diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-150/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 884--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-12-03 20:18:20.000000000 +0000 885+++ bcprov-jdk15on-150/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-12-12 00:35:05.000000000 +0000 886@@ -4,7 +4,9 @@ 887 import org.bouncycastle.crypto.Digest; 888 import org.bouncycastle.crypto.Mac; 889 import org.bouncycastle.crypto.PBEParametersGenerator; 890-import org.bouncycastle.crypto.digests.SHA1Digest; 891+// BEGIN android-changed 892+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 893+// END android-changed 894 import org.bouncycastle.crypto.macs.HMac; 895 import org.bouncycastle.crypto.params.KeyParameter; 896 import org.bouncycastle.crypto.params.ParametersWithIV; 897@@ -28,7 +30,9 @@ 898 */ 899 public PKCS5S2ParametersGenerator() 900 { 901- this(new SHA1Digest()); 902+ // BEGIN android-changed 903+ this(AndroidDigestFactory.getSHA1()); 904+ // END android-changed 905 } 906 907 public PKCS5S2ParametersGenerator(Digest digest) 908diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-150/org/bouncycastle/crypto/macs/HMac.java 909--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/macs/HMac.java 2013-12-03 20:18:20.000000000 +0000 910+++ bcprov-jdk15on-150/org/bouncycastle/crypto/macs/HMac.java 2013-09-26 18:06:21.000000000 +0000 911@@ -36,14 +36,18 @@ 912 { 913 blockLengths = new Hashtable(); 914 915- blockLengths.put("GOST3411", Integers.valueOf(32)); 916- 917- blockLengths.put("MD2", Integers.valueOf(16)); 918- blockLengths.put("MD4", Integers.valueOf(64)); 919+ // BEGIN android-removed 920+ // blockLengths.put("GOST3411", Integers.valueOf(32)); 921+ // 922+ // blockLengths.put("MD2", Integers.valueOf(16)); 923+ // blockLengths.put("MD4", Integers.valueOf(64)); 924+ // END android-removed 925 blockLengths.put("MD5", Integers.valueOf(64)); 926 927- blockLengths.put("RIPEMD128", Integers.valueOf(64)); 928- blockLengths.put("RIPEMD160", Integers.valueOf(64)); 929+ // BEGIN android-removed 930+ // blockLengths.put("RIPEMD128", Integers.valueOf(64)); 931+ // blockLengths.put("RIPEMD160", Integers.valueOf(64)); 932+ // END android-removed 933 934 blockLengths.put("SHA-1", Integers.valueOf(64)); 935 blockLengths.put("SHA-224", Integers.valueOf(64)); 936@@ -51,8 +55,10 @@ 937 blockLengths.put("SHA-384", Integers.valueOf(128)); 938 blockLengths.put("SHA-512", Integers.valueOf(128)); 939 940- blockLengths.put("Tiger", Integers.valueOf(64)); 941- blockLengths.put("Whirlpool", Integers.valueOf(64)); 942+ // BEGIN android-removed 943+ // blockLengths.put("Tiger", Integers.valueOf(64)); 944+ // blockLengths.put("Whirlpool", Integers.valueOf(64)); 945+ // END android-removed 946 } 947 948 private static int getByteLength( 949diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-150/org/bouncycastle/crypto/signers/RSADigestSigner.java 950--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2013-12-03 20:18:20.000000000 +0000 951+++ bcprov-jdk15on-150/org/bouncycastle/crypto/signers/RSADigestSigner.java 2013-12-12 00:35:05.000000000 +0000 952@@ -39,9 +39,11 @@ 953 */ 954 static 955 { 956- oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 957- oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 958- oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 959+ // BEGIN android-removed 960+ // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 961+ // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 962+ // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 963+ // END android-removed 964 965 oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); 966 oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 967@@ -49,8 +51,10 @@ 968 oidMap.put("SHA-384", NISTObjectIdentifiers.id_sha384); 969 oidMap.put("SHA-512", NISTObjectIdentifiers.id_sha512); 970 971- oidMap.put("MD2", PKCSObjectIdentifiers.md2); 972- oidMap.put("MD4", PKCSObjectIdentifiers.md4); 973+ // BEGIN android-removed 974+ // oidMap.put("MD2", PKCSObjectIdentifiers.md2); 975+ // oidMap.put("MD4", PKCSObjectIdentifiers.md4); 976+ // END android-removed 977 oidMap.put("MD5", PKCSObjectIdentifiers.md5); 978 } 979 980diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-150/org/bouncycastle/crypto/util/PrivateKeyFactory.java 981--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2013-12-03 20:18:20.000000000 +0000 982+++ bcprov-jdk15on-150/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2013-12-12 00:35:05.000000000 +0000 983@@ -10,7 +10,9 @@ 984 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 985 import org.bouncycastle.asn1.ASN1Primitive; 986 import org.bouncycastle.asn1.ASN1Sequence; 987-import org.bouncycastle.asn1.oiw.ElGamalParameter; 988+// BEGIN android-removed 989+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 990+// END android-removed 991 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 992 import org.bouncycastle.asn1.pkcs.DHParameter; 993 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 994@@ -30,8 +32,10 @@ 995 import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; 996 import org.bouncycastle.crypto.params.ECDomainParameters; 997 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 998-import org.bouncycastle.crypto.params.ElGamalParameters; 999-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1000+// BEGIN android-removed 1001+// import org.bouncycastle.crypto.params.ElGamalParameters; 1002+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1003+// END android-removed 1004 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; 1005 1006 /** 1007@@ -97,14 +101,16 @@ 1008 1009 return new DHPrivateKeyParameters(derX.getValue(), dhParams); 1010 } 1011- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1012- { 1013- ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1014- ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1015- 1016- return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1017- params.getP(), params.getG())); 1018- } 1019+ // BEGIN android-removed 1020+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1021+ // { 1022+ // ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1023+ // ASN1Integer = (ASN1Integer)keyInfo.parsePrivateKey(); 1024+ // 1025+ // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1026+ // params.getP(), params.getG())); 1027+ // } 1028+ // END android-removed 1029 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) 1030 { 1031 ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1032diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-150/org/bouncycastle/crypto/util/PublicKeyFactory.java 1033--- bcprov-jdk15on-150.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2013-12-03 20:18:20.000000000 +0000 1034+++ bcprov-jdk15on-150/org/bouncycastle/crypto/util/PublicKeyFactory.java 2013-12-12 00:35:05.000000000 +0000 1035@@ -12,7 +12,9 @@ 1036 import org.bouncycastle.asn1.ASN1Primitive; 1037 import org.bouncycastle.asn1.ASN1Sequence; 1038 import org.bouncycastle.asn1.DEROctetString; 1039-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1040+// BEGIN android-removed 1041+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1042+// END android-removed 1043 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1044 import org.bouncycastle.asn1.pkcs.DHParameter; 1045 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1046@@ -37,8 +39,10 @@ 1047 import org.bouncycastle.crypto.params.DSAPublicKeyParameters; 1048 import org.bouncycastle.crypto.params.ECDomainParameters; 1049 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 1050-import org.bouncycastle.crypto.params.ElGamalParameters; 1051-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1052+// BEGIN android-removed 1053+// import org.bouncycastle.crypto.params.ElGamalParameters; 1054+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1055+// END android-removed 1056 import org.bouncycastle.crypto.params.RSAKeyParameters; 1057 1058 /** 1059@@ -132,14 +136,16 @@ 1060 1061 return new DHPublicKeyParameters(derY.getValue(), dhParams); 1062 } 1063- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1064- { 1065- ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1066- ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1067- 1068- return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1069- params.getP(), params.getG())); 1070- } 1071+ // BEGIN android-removed 1072+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1073+ // { 1074+ // ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters()); 1075+ // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1076+ // 1077+ // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1078+ // params.getP(), params.getG())); 1079+ // } 1080+ // END android-removed 1081 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) 1082 || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) 1083 { 1084diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/DH.java 1085--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2013-12-03 20:18:20.000000000 +0000 1086+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2014-05-08 00:26:23.000000000 +0000 1087@@ -1,7 +1,14 @@ 1088 package org.bouncycastle.jcajce.provider.asymmetric; 1089 1090+// BEGIN android-added 1091+import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1092+import org.bouncycastle.jcajce.provider.asymmetric.dh.KeyFactorySpi; 1093+// END android-added 1094 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1095 import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; 1096+// BEGIN android-added 1097+import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter; 1098+// END android-added 1099 1100 public class DH 1101 { 1102@@ -24,6 +31,10 @@ 1103 1104 provider.addAlgorithm("KeyFactory.DH", PREFIX + "KeyFactorySpi"); 1105 provider.addAlgorithm("Alg.Alias.KeyFactory.DIFFIEHELLMAN", "DH"); 1106+ // BEGIN android-added 1107+ AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); 1108+ registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", keyFact); 1109+ // END android-added 1110 1111 provider.addAlgorithm("AlgorithmParameters.DH", PREFIX + "AlgorithmParametersSpi"); 1112 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.DIFFIEHELLMAN", "DH"); 1113@@ -32,10 +43,12 @@ 1114 1115 provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); 1116 1117- provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1118- provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1119- provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1120- provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1121+ // BEGIN android-removed 1122+ // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1123+ // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1124+ // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1125+ // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1126+ // END android-removed 1127 } 1128 } 1129 } 1130diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 1131--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2013-12-03 20:18:20.000000000 +0000 1132+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2013-12-16 16:39:58.000000000 +0000 1133@@ -27,40 +27,53 @@ 1134 provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); 1135 provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); 1136 1137- provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); 1138+ // BEGIN android-changed 1139+ provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); 1140+ // END android-changed 1141 provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); 1142 1143 provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); 1144 1145- provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1146- provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1147- provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1148- provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1149- provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1150- provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1151+ // BEGIN android-removed 1152+ // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1153+ // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1154+ // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1155+ // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1156+ // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1157+ // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1158+ // END android-removed 1159 1160 addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1161 addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1162- addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1163- addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1164+ // BEGIN android-removed 1165+ // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1166+ // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1167+ // END android-removed 1168+ 1169+ // BEGIN android-added 1170+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); 1171+ // END android-added 1172+ // BEGIN android-changed 1173+ provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); 1174+ provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA"); 1175+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); 1176+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); 1177+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); 1178+ provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); 1179+ provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); 1180+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); 1181+ provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); 1182 1183- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); 1184- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); 1185- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); 1186- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); 1187- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); 1188- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); 1189- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); 1190- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); 1191- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); 1192- 1193- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1194+ provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); 1195+ // END android-changed 1196 1197 AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); 1198 1199 for (int i = 0; i != DSAUtil.dsaOids.length; i++) 1200 { 1201- provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA"); 1202+ // BEGIN android-changed 1203+ provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); 1204+ // END android-changed 1205 1206 registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); 1207 registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); 1208diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/EC.java 1209--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2013-12-03 20:18:20.000000000 +0000 1210+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2013-12-12 00:35:05.000000000 +0000 1211@@ -1,7 +1,9 @@ 1212 package org.bouncycastle.jcajce.provider.asymmetric; 1213 1214-import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1215-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1216+// BEGIN android-removed 1217+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1218+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1219+// END android-removed 1220 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 1221 import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; 1222 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1223@@ -21,39 +23,49 @@ 1224 public void configure(ConfigurableProvider provider) 1225 { 1226 provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); 1227- provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1228- provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1229- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1230- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1231+ // BEGIN android-removed 1232+ // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1233+ // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1234+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1235+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1236+ // END android-removed 1237 1238 registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); 1239 // TODO Should this be an alias for ECDH? 1240 registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); 1241- registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1242- 1243- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1244- // TODO Should this be an alias for ECDH? 1245- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1246- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1247+ // BEGIN android-removed 1248+ // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1249+ // END android-removed 1250+ 1251+ // BEGIN android-removed 1252+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1253+ // // TODO Should this be an alias for ECDH? 1254+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1255+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1256+ // END android-removed 1257 1258 provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); 1259- provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1260- provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1261- provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1262- provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1263+ // BEGIN android-removed 1264+ // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1265+ // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1266+ // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1267+ // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1268+ // END android-removed 1269 1270 provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); 1271- provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1272- provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1273- provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1274- provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1275- provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1276- 1277- provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1278- provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1279- provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1280- provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1281- provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1282+ // BEGIN android-removed 1283+ // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1284+ // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1285+ // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1286+ // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1287+ // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1288+ // 1289+ // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1290+ // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1291+ // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1292+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1293+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1294+ // END android-removed 1295 1296 provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); 1297 provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); 1298@@ -65,32 +77,36 @@ 1299 provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); 1300 provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); 1301 provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); 1302- provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1303- 1304- provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1305- provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1306- provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1307- provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1308- provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1309- provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1310+ // BEGIN android-removed 1311+ // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1312+ // 1313+ // provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1314+ // provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1315+ // provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1316+ // provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1317+ // provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1318+ // provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1319+ // END android-removed 1320 1321 addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1322 addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); 1323 addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); 1324 addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); 1325- addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1326- 1327- provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1328- provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1329- provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1330- provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1331- provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1332- 1333- addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1334- addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1335- addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1336- addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1337- addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1338+ // BEGIN android-removed 1339+ // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1340+ // 1341+ // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1342+ // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1343+ // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1344+ // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1345+ // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1346+ // 1347+ // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1348+ // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1349+ // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1350+ // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1351+ // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1352+ // END android-removed 1353 } 1354 } 1355 } 1356diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 1357--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2013-12-03 20:18:20.000000000 +0000 1358+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2013-09-26 18:06:21.000000000 +0000 1359@@ -3,7 +3,9 @@ 1360 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1361 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1362 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1363-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1364+// BEGIN android-removed 1365+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1366+// END android-removed 1367 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 1368 import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; 1369 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1370@@ -24,41 +26,49 @@ 1371 public void configure(ConfigurableProvider provider) 1372 { 1373 provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); 1374- provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1375- 1376- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1377- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1378- 1379- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1380- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1381- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1382- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1383- 1384- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1385- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1386- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1387- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1388- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1389- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1390- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1391- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1392+ // BEGIN android-removed 1393+ // provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1394+ // 1395+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1396+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1397+ // 1398+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1399+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1400+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1401+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1402+ // 1403+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1404+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1405+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1406+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1407+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1408+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1409+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1410+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1411+ // END android-removed 1412 1413 provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); 1414- provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding"); 1415- provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1416- provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1417- provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1418- provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1419- provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1420- provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1421- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1422- provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1423+ // BEGIN android-changed 1424+ provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); 1425+ // END android-changed 1426+ // BEGIN android-removed 1427+ // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1428+ // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1429+ // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1430+ // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1431+ // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1432+ // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1433+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1434+ // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1435+ // END android-removed 1436 1437 provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); 1438 provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); 1439- provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1440- provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1441- provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1442+ // BEGIN android-removed 1443+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1444+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1445+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1446+ // END android-removed 1447 1448 provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); 1449 provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); 1450@@ -68,73 +78,81 @@ 1451 registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); 1452 registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); 1453 registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); 1454- registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1455- 1456- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1457- registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1458- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1459- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1460- 1461- 1462- provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1463- provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1464- provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1465- 1466- provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1467- provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1468- provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1469- provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1470- 1471- provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1472- provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1473- 1474- provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1475- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1476- provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1477- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1478- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1479- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1480- provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1481- 1482- 1483- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1484- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1485- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1486- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1487- provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHRSAANDMGF1", "SHA224withRSA/PSS"); 1488- provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHRSAANDMGF1", "SHA256withRSA/PSS"); 1489- provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHRSAANDMGF1", "SHA384withRSA/PSS"); 1490- provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHRSAANDMGF1", "SHA512withRSA/PSS"); 1491- 1492- if (provider.hasAlgorithm("MessageDigest", "MD2")) 1493- { 1494- addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1495- } 1496- 1497- if (provider.hasAlgorithm("MessageDigest", "MD4")) 1498- { 1499- addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1500- } 1501+ // BEGIN android-removed 1502+ // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1503+ // 1504+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1505+ // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1506+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1507+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1508+ // 1509+ // 1510+ // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1511+ // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1512+ // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1513+ // 1514+ // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1515+ // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1516+ // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1517+ // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1518+ // 1519+ // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1520+ // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1521+ // 1522+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1523+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1524+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1525+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1526+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1527+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1528+ // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1529+ // 1530+ // 1531+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1532+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1533+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1534+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1535+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHRSAANDMGF1", "SHA224withRSA/PSS"); 1536+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHRSAANDMGF1", "SHA256withRSA/PSS"); 1537+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHRSAANDMGF1", "SHA384withRSA/PSS"); 1538+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHRSAANDMGF1", "SHA512withRSA/PSS"); 1539+ // 1540+ // if (provider.hasAlgorithm("MessageDigest", "MD2")) 1541+ // { 1542+ // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1543+ // } 1544+ // 1545+ // if (provider.hasAlgorithm("MessageDigest", "MD4")) 1546+ // { 1547+ // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1548+ // } 1549+ // END android-removed 1550 1551 if (provider.hasAlgorithm("MessageDigest", "MD5")) 1552 { 1553 addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); 1554- provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1555- provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1556+ // BEGIN android-removed 1557+ // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1558+ // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1559+ // END android-removed 1560 } 1561 1562 if (provider.hasAlgorithm("MessageDigest", "SHA1")) 1563 { 1564- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1565- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1566- provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1567- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1568- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1569+ // BEGIN android-removed 1570+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1571+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1572+ // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1573+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1574+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1575+ // END android-removed 1576 1577 addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); 1578 1579- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1580- provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1581+ // BEGIN android-removed 1582+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1583+ // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1584+ // END android-removed 1585 provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1586 provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1587 } 1588@@ -144,25 +162,27 @@ 1589 addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); 1590 addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); 1591 1592- if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1593- { 1594- addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1595- addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1596- } 1597- 1598- if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1599- { 1600- addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1601- addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1602- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1603- provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1604- } 1605- 1606- if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1607- { 1608- addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1609- addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1610- } 1611+ // BEGIN android-removed 1612+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1613+ // { 1614+ // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1615+ // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1616+ // } 1617+ // 1618+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1619+ // { 1620+ // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1621+ // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1622+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1623+ // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1624+ // } 1625+ // 1626+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1627+ // { 1628+ // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1629+ // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1630+ // } 1631+ // END android-removed 1632 } 1633 1634 private void addDigestSignature( 1635diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/X509.java 1636--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2013-12-03 20:18:20.000000000 +0000 1637+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-09-17 23:04:47.000000000 +0000 1638@@ -18,8 +18,10 @@ 1639 1640 public void configure(ConfigurableProvider provider) 1641 { 1642- provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1643- provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1644+ // BEGIN android-removed 1645+ // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1646+ // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1647+ // END android-removed 1648 1649 // 1650 // certificate factories. 1651diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 1652--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-12-03 20:18:20.000000000 +0000 1653+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-12-12 00:35:05.000000000 +0000 1654@@ -23,13 +23,20 @@ 1655 import org.bouncycastle.crypto.DSA; 1656 import org.bouncycastle.crypto.Digest; 1657 import org.bouncycastle.crypto.digests.NullDigest; 1658-import org.bouncycastle.crypto.digests.SHA1Digest; 1659-import org.bouncycastle.crypto.digests.SHA224Digest; 1660-import org.bouncycastle.crypto.digests.SHA256Digest; 1661-import org.bouncycastle.crypto.digests.SHA384Digest; 1662-import org.bouncycastle.crypto.digests.SHA512Digest; 1663+// BEGIN android-added 1664+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1665+// END android-added 1666+// BEGIN android-removed 1667+// import org.bouncycastle.crypto.digests.SHA1Digest; 1668+// import org.bouncycastle.crypto.digests.SHA224Digest; 1669+// import org.bouncycastle.crypto.digests.SHA256Digest; 1670+// import org.bouncycastle.crypto.digests.SHA384Digest; 1671+// import org.bouncycastle.crypto.digests.SHA512Digest; 1672+// END android-removed 1673 import org.bouncycastle.crypto.params.ParametersWithRandom; 1674-import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1675+// BEGIN android-removed 1676+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1677+// END android-removed 1678 1679 public class DSASigner 1680 extends SignatureSpi 1681@@ -217,90 +224,102 @@ 1682 { 1683 public stdDSA() 1684 { 1685- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1686+ // BEGIN android-changed 1687+ super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); 1688+ // END android-changed 1689 } 1690 } 1691 1692- static public class detDSA 1693- extends DSASigner 1694- { 1695- public detDSA() 1696- { 1697- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 1698- } 1699- } 1700+ // BEGIN android-removed 1701+ // static public class detDSA 1702+ // extends DSASigner 1703+ // { 1704+ // public detDSA() 1705+ // { 1706+ // super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 1707+ // } 1708+ // } 1709+ // END android-removed 1710 1711 static public class dsa224 1712 extends DSASigner 1713 { 1714 public dsa224() 1715 { 1716- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1717+ // BEGIN android-changed 1718+ super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); 1719+ // END android-changed 1720 } 1721 } 1722 1723- static public class detDSA224 1724- extends DSASigner 1725- { 1726- public detDSA224() 1727- { 1728- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 1729- } 1730- } 1731+ // BEGIN android-removed 1732+ // static public class detDSA224 1733+ // extends DSASigner 1734+ // { 1735+ // public detDSA224() 1736+ // { 1737+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 1738+ // } 1739+ // } 1740+ // END android-removed 1741 1742 static public class dsa256 1743 extends DSASigner 1744 { 1745 public dsa256() 1746 { 1747- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1748+ // BEGIN android-changed 1749+ super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); 1750+ // END android-changed 1751 } 1752 } 1753 1754- static public class detDSA256 1755- extends DSASigner 1756- { 1757- public detDSA256() 1758- { 1759- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 1760- } 1761- } 1762- 1763- static public class dsa384 1764- extends DSASigner 1765- { 1766- public dsa384() 1767- { 1768- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1769- } 1770- } 1771- 1772- static public class detDSA384 1773- extends DSASigner 1774- { 1775- public detDSA384() 1776- { 1777- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 1778- } 1779- } 1780- 1781- static public class dsa512 1782- extends DSASigner 1783- { 1784- public dsa512() 1785- { 1786- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1787- } 1788- } 1789- 1790- static public class detDSA512 1791- extends DSASigner 1792- { 1793- public detDSA512() 1794- { 1795- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 1796- } 1797- } 1798+ // BEGIN android-removed 1799+ // static public class detDSA256 1800+ // extends DSASigner 1801+ // { 1802+ // public detDSA256() 1803+ // { 1804+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 1805+ // } 1806+ // } 1807+ // 1808+ // static public class dsa384 1809+ // extends DSASigner 1810+ // { 1811+ // public dsa384() 1812+ // { 1813+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1814+ // } 1815+ // } 1816+ // 1817+ // static public class detDSA384 1818+ // extends DSASigner 1819+ // { 1820+ // public detDSA384() 1821+ // { 1822+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 1823+ // } 1824+ // } 1825+ // 1826+ // static public class dsa512 1827+ // extends DSASigner 1828+ // { 1829+ // public dsa512() 1830+ // { 1831+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1832+ // } 1833+ // } 1834+ // 1835+ // static public class detDSA512 1836+ // extends DSASigner 1837+ // { 1838+ // public detDSA512() 1839+ // { 1840+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 1841+ // } 1842+ // } 1843+ // END android-removed 1844 1845 static public class noneDSA 1846 extends DSASigner 1847diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 1848--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2013-12-03 20:18:20.000000000 +0000 1849+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2013-12-12 00:35:05.000000000 +0000 1850@@ -23,21 +23,27 @@ 1851 import org.bouncycastle.crypto.CipherParameters; 1852 import org.bouncycastle.crypto.DerivationFunction; 1853 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; 1854-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 1855-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 1856-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 1857-import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 1858+// BEGIN android-removed 1859+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 1860+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 1861+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 1862+// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 1863+// END android-removed 1864 import org.bouncycastle.crypto.digests.SHA1Digest; 1865 import org.bouncycastle.crypto.params.ECDomainParameters; 1866 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 1867 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 1868-import org.bouncycastle.crypto.params.MQVPrivateParameters; 1869-import org.bouncycastle.crypto.params.MQVPublicParameters; 1870+// BEGIN android-removed 1871+// import org.bouncycastle.crypto.params.MQVPrivateParameters; 1872+// import org.bouncycastle.crypto.params.MQVPublicParameters; 1873+// END android-removed 1874 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 1875 import org.bouncycastle.jce.interfaces.ECPrivateKey; 1876 import org.bouncycastle.jce.interfaces.ECPublicKey; 1877-import org.bouncycastle.jce.interfaces.MQVPrivateKey; 1878-import org.bouncycastle.jce.interfaces.MQVPublicKey; 1879+// BEGIN android-removed 1880+// import org.bouncycastle.jce.interfaces.MQVPrivateKey; 1881+// import org.bouncycastle.jce.interfaces.MQVPublicKey; 1882+// END android-removed 1883 import org.bouncycastle.util.Integers; 1884 1885 /** 1886@@ -71,7 +77,9 @@ 1887 private BigInteger result; 1888 private ECDomainParameters parameters; 1889 private BasicAgreement agreement; 1890- private DerivationFunction kdf; 1891+ // BEGIN android-removed 1892+ // private DerivationFunction kdf; 1893+ // END android-removed 1894 1895 private byte[] bigIntToBytes( 1896 BigInteger r) 1897@@ -86,7 +94,9 @@ 1898 { 1899 this.kaAlgorithm = kaAlgorithm; 1900 this.agreement = agreement; 1901- this.kdf = kdf; 1902+ // BEGIN android-removed 1903+ // this.kdf = kdf; 1904+ // END android-removed 1905 } 1906 1907 protected Key engineDoPhase( 1908@@ -105,25 +115,27 @@ 1909 } 1910 1911 CipherParameters pubKey; 1912- if (agreement instanceof ECMQVBasicAgreement) 1913- { 1914- if (!(key instanceof MQVPublicKey)) 1915- { 1916- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 1917- + getSimpleName(MQVPublicKey.class) + " for doPhase"); 1918- } 1919- 1920- MQVPublicKey mqvPubKey = (MQVPublicKey)key; 1921- ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 1922- ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 1923- ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 1924- ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 1925- 1926- pubKey = new MQVPublicParameters(staticKey, ephemKey); 1927- 1928- // TODO Validate that all the keys are using the same parameters? 1929- } 1930- else 1931+ // BEGIN android-removed 1932+ // if (agreement instanceof ECMQVBasicAgreement) 1933+ // { 1934+ // if (!(key instanceof MQVPublicKey)) 1935+ // { 1936+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 1937+ // + getSimpleName(MQVPublicKey.class) + " for doPhase"); 1938+ // } 1939+ // 1940+ // MQVPublicKey mqvPubKey = (MQVPublicKey)key; 1941+ // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 1942+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 1943+ // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 1944+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 1945+ // 1946+ // pubKey = new MQVPublicParameters(staticKey, ephemKey); 1947+ // 1948+ // // TODO Validate that all the keys are using the same parameters? 1949+ // } 1950+ // else 1951+ // END android-removed 1952 { 1953 if (!(key instanceof PublicKey)) 1954 { 1955@@ -144,11 +156,13 @@ 1956 protected byte[] engineGenerateSecret() 1957 throws IllegalStateException 1958 { 1959- if (kdf != null) 1960- { 1961- throw new UnsupportedOperationException( 1962- "KDF can only be used when algorithm is known"); 1963- } 1964+ // BEGIN android-removed 1965+ // if (kdf != null) 1966+ // { 1967+ // throw new UnsupportedOperationException( 1968+ // "KDF can only be used when algorithm is known"); 1969+ // } 1970+ // END android-removed 1971 1972 return bigIntToBytes(result); 1973 } 1974@@ -176,23 +190,25 @@ 1975 { 1976 byte[] secret = bigIntToBytes(result); 1977 1978- if (kdf != null) 1979- { 1980- if (!algorithms.containsKey(algorithm)) 1981- { 1982- throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 1983- } 1984- 1985- int keySize = ((Integer)algorithms.get(algorithm)).intValue(); 1986- 1987- DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(algorithm), keySize, secret); 1988- 1989- byte[] keyBytes = new byte[keySize / 8]; 1990- kdf.init(params); 1991- kdf.generateBytes(keyBytes, 0, keyBytes.length); 1992- secret = keyBytes; 1993- } 1994- else 1995+ // BEGIN android-removed 1996+ // if (kdf != null) 1997+ // { 1998+ // if (!algorithms.containsKey(algorithm)) 1999+ // { 2000+ // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2001+ // } 2002+ // 2003+ // int keySize = ((Integer)algorithms.get(algorithm)).intValue(); 2004+ // 2005+ // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(algorithm), keySize, secret); 2006+ // 2007+ // byte[] keyBytes = new byte[keySize / 8]; 2008+ // kdf.init(params); 2009+ // kdf.generateBytes(keyBytes, 0, keyBytes.length); 2010+ // secret = keyBytes; 2011+ // } 2012+ // else 2013+ // END android-removed 2014 { 2015 // TODO Should we be ensuring the key is the right length? 2016 } 2017@@ -206,6 +222,12 @@ 2018 SecureRandom random) 2019 throws InvalidKeyException, InvalidAlgorithmParameterException 2020 { 2021+ // BEGIN android-added 2022+ if (params != null) 2023+ { 2024+ throw new InvalidAlgorithmParameterException("No algorithm parameters supported"); 2025+ } 2026+ // END android-added 2027 initFromKey(key); 2028 } 2029 2030@@ -220,35 +242,37 @@ 2031 private void initFromKey(Key key) 2032 throws InvalidKeyException 2033 { 2034- if (agreement instanceof ECMQVBasicAgreement) 2035- { 2036- if (!(key instanceof MQVPrivateKey)) 2037- { 2038- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2039- + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2040- } 2041- 2042- MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2043- ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2044- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2045- ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2046- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2047- 2048- ECPublicKeyParameters ephemPubKey = null; 2049- if (mqvPrivKey.getEphemeralPublicKey() != null) 2050- { 2051- ephemPubKey = (ECPublicKeyParameters) 2052- ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2053- } 2054- 2055- MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2056- this.parameters = staticPrivKey.getParameters(); 2057- 2058- // TODO Validate that all the keys are using the same parameters? 2059- 2060- agreement.init(localParams); 2061- } 2062- else 2063+ // BEGIN android-removed 2064+ // if (agreement instanceof ECMQVBasicAgreement) 2065+ // { 2066+ // if (!(key instanceof MQVPrivateKey)) 2067+ // { 2068+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2069+ // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2070+ // } 2071+ // 2072+ // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2073+ // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2074+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2075+ // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2076+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2077+ // 2078+ // ECPublicKeyParameters ephemPubKey = null; 2079+ // if (mqvPrivKey.getEphemeralPublicKey() != null) 2080+ // { 2081+ // ephemPubKey = (ECPublicKeyParameters) 2082+ // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2083+ // } 2084+ // 2085+ // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2086+ // this.parameters = staticPrivKey.getParameters(); 2087+ // 2088+ // // TODO Validate that all the keys are using the same parameters? 2089+ // 2090+ // agreement.init(localParams); 2091+ // } 2092+ // else 2093+ // END android-removed 2094 { 2095 if (!(key instanceof PrivateKey)) 2096 { 2097@@ -279,39 +303,41 @@ 2098 } 2099 } 2100 2101- public static class DHC 2102- extends KeyAgreementSpi 2103- { 2104- public DHC() 2105- { 2106- super("ECDHC", new ECDHCBasicAgreement(), null); 2107- } 2108- } 2109- 2110- public static class MQV 2111- extends KeyAgreementSpi 2112- { 2113- public MQV() 2114- { 2115- super("ECMQV", new ECMQVBasicAgreement(), null); 2116- } 2117- } 2118- 2119- public static class DHwithSHA1KDF 2120- extends KeyAgreementSpi 2121- { 2122- public DHwithSHA1KDF() 2123- { 2124- super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2125- } 2126- } 2127- 2128- public static class MQVwithSHA1KDF 2129- extends KeyAgreementSpi 2130- { 2131- public MQVwithSHA1KDF() 2132- { 2133- super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2134- } 2135- } 2136+ // BEGIN android-removed 2137+ // public static class DHC 2138+ // extends KeyAgreementSpi 2139+ // { 2140+ // public DHC() 2141+ // { 2142+ // super("ECDHC", new ECDHCBasicAgreement(), null); 2143+ // } 2144+ // } 2145+ // 2146+ // public static class MQV 2147+ // extends KeyAgreementSpi 2148+ // { 2149+ // public MQV() 2150+ // { 2151+ // super("ECMQV", new ECMQVBasicAgreement(), null); 2152+ // } 2153+ // } 2154+ // 2155+ // public static class DHwithSHA1KDF 2156+ // extends KeyAgreementSpi 2157+ // { 2158+ // public DHwithSHA1KDF() 2159+ // { 2160+ // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2161+ // } 2162+ // } 2163+ // 2164+ // public static class MQVwithSHA1KDF 2165+ // extends KeyAgreementSpi 2166+ // { 2167+ // public MQVwithSHA1KDF() 2168+ // { 2169+ // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2170+ // } 2171+ // } 2172+ // END android-removed 2173 } 2174diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2175--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-12-03 20:18:20.000000000 +0000 2176+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-05-25 02:14:15.000000000 +0000 2177@@ -201,14 +201,16 @@ 2178 } 2179 } 2180 2181- public static class ECGOST3410 2182- extends KeyFactorySpi 2183- { 2184- public ECGOST3410() 2185- { 2186- super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2187- } 2188- } 2189+ // BEGIN android-removed 2190+ // public static class ECGOST3410 2191+ // extends KeyFactorySpi 2192+ // { 2193+ // public ECGOST3410() 2194+ // { 2195+ // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2196+ // } 2197+ // } 2198+ // END android-removed 2199 2200 public static class ECDH 2201 extends KeyFactorySpi 2202diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2203--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2013-12-03 20:18:20.000000000 +0000 2204+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2013-12-12 00:35:05.000000000 +0000 2205@@ -84,7 +84,13 @@ 2206 SecureRandom random) 2207 { 2208 this.strength = strength; 2209+ // BEGIN android-added 2210+ if (random != null) { 2211+ // END android-added 2212 this.random = random; 2213+ // BEGIN android-added 2214+ } 2215+ // END android-added 2216 ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); 2217 2218 if (ecParams != null) 2219@@ -109,6 +115,11 @@ 2220 SecureRandom random) 2221 throws InvalidAlgorithmParameterException 2222 { 2223+ // BEGIN android-added 2224+ if (random == null) { 2225+ random = this.random; 2226+ } 2227+ // END android-added 2228 if (params instanceof ECParameterSpec) 2229 { 2230 ECParameterSpec p = (ECParameterSpec)params; 2231diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2232--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2013-12-03 20:18:20.000000000 +0000 2233+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2013-12-12 00:35:05.000000000 +0000 2234@@ -16,16 +16,23 @@ 2235 import org.bouncycastle.crypto.DSA; 2236 import org.bouncycastle.crypto.Digest; 2237 import org.bouncycastle.crypto.digests.NullDigest; 2238-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2239-import org.bouncycastle.crypto.digests.SHA1Digest; 2240-import org.bouncycastle.crypto.digests.SHA224Digest; 2241-import org.bouncycastle.crypto.digests.SHA256Digest; 2242-import org.bouncycastle.crypto.digests.SHA384Digest; 2243-import org.bouncycastle.crypto.digests.SHA512Digest; 2244+// BEGIN android-added 2245+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2246+// END android-added 2247+// BEGIN android-removed 2248+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2249+// import org.bouncycastle.crypto.digests.SHA1Digest; 2250+// import org.bouncycastle.crypto.digests.SHA224Digest; 2251+// import org.bouncycastle.crypto.digests.SHA256Digest; 2252+// import org.bouncycastle.crypto.digests.SHA384Digest; 2253+// import org.bouncycastle.crypto.digests.SHA512Digest; 2254+// END android-removed 2255 import org.bouncycastle.crypto.params.ParametersWithRandom; 2256 import org.bouncycastle.crypto.signers.ECDSASigner; 2257-import org.bouncycastle.crypto.signers.ECNRSigner; 2258-import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2259+// BEGIN android-removed 2260+// import org.bouncycastle.crypto.signers.ECNRSigner; 2261+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2262+// END android-removed 2263 import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; 2264 import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; 2265 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 2266@@ -70,18 +77,22 @@ 2267 { 2268 public ecDSA() 2269 { 2270- super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); 2271+ // BEGIN android-changed 2272+ super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); 2273+ // END android-changed 2274 } 2275 } 2276 2277- static public class ecDetDSA 2278- extends SignatureSpi 2279- { 2280- public ecDetDSA() 2281- { 2282- super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2283- } 2284- } 2285+ // BEGIN android-removed 2286+ // static public class ecDetDSA 2287+ // extends SignatureSpi 2288+ // { 2289+ // public ecDetDSA() 2290+ // { 2291+ // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2292+ // } 2293+ // } 2294+ // END android-removed 2295 2296 static public class ecDSAnone 2297 extends SignatureSpi 2298@@ -97,171 +108,187 @@ 2299 { 2300 public ecDSA224() 2301 { 2302- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2303+ // BEGIN android-changed 2304+ super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); 2305+ // END android-changed 2306 } 2307 } 2308 2309- static public class ecDetDSA224 2310- extends SignatureSpi 2311- { 2312- public ecDetDSA224() 2313- { 2314- super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2315- } 2316- } 2317+ // BEGIN android-removed 2318+ // static public class ecDetDSA224 2319+ // extends SignatureSpi 2320+ // { 2321+ // public ecDetDSA224() 2322+ // { 2323+ // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2324+ // } 2325+ // } 2326+ // END android-removed 2327 2328 static public class ecDSA256 2329 extends SignatureSpi 2330 { 2331 public ecDSA256() 2332 { 2333- super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); 2334+ // BEGIN android-changed 2335+ super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); 2336+ // END android-changed 2337 } 2338 } 2339 2340- static public class ecDetDSA256 2341- extends SignatureSpi 2342- { 2343- public ecDetDSA256() 2344- { 2345- super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2346- } 2347- } 2348+ // BEGIN android-removed 2349+ // static public class ecDetDSA256 2350+ // extends SignatureSpi 2351+ // { 2352+ // public ecDetDSA256() 2353+ // { 2354+ // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2355+ // } 2356+ // } 2357+ // END android-removed 2358 2359 static public class ecDSA384 2360 extends SignatureSpi 2361 { 2362 public ecDSA384() 2363 { 2364- super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); 2365+ // BEGIN android-changed 2366+ super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); 2367+ // END android-changed 2368 } 2369 } 2370 2371- static public class ecDetDSA384 2372- extends SignatureSpi 2373- { 2374- public ecDetDSA384() 2375- { 2376- super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2377- } 2378- } 2379+ // BEGIN android-removed 2380+ // static public class ecDetDSA384 2381+ // extends SignatureSpi 2382+ // { 2383+ // public ecDetDSA384() 2384+ // { 2385+ // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2386+ // } 2387+ // } 2388+ // END android-removed 2389 2390 static public class ecDSA512 2391 extends SignatureSpi 2392 { 2393 public ecDSA512() 2394 { 2395- super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); 2396- } 2397- } 2398- 2399- static public class ecDetDSA512 2400- extends SignatureSpi 2401- { 2402- public ecDetDSA512() 2403- { 2404- super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2405- } 2406- } 2407- 2408- static public class ecDSARipeMD160 2409- extends SignatureSpi 2410- { 2411- public ecDSARipeMD160() 2412- { 2413- super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2414- } 2415- } 2416- 2417- static public class ecNR 2418- extends SignatureSpi 2419- { 2420- public ecNR() 2421- { 2422- super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2423- } 2424- } 2425- 2426- static public class ecNR224 2427- extends SignatureSpi 2428- { 2429- public ecNR224() 2430- { 2431- super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2432- } 2433- } 2434- 2435- static public class ecNR256 2436- extends SignatureSpi 2437- { 2438- public ecNR256() 2439- { 2440- super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2441- } 2442- } 2443- 2444- static public class ecNR384 2445- extends SignatureSpi 2446- { 2447- public ecNR384() 2448- { 2449- super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2450- } 2451- } 2452- 2453- static public class ecNR512 2454- extends SignatureSpi 2455- { 2456- public ecNR512() 2457- { 2458- super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2459- } 2460- } 2461- 2462- static public class ecCVCDSA 2463- extends SignatureSpi 2464- { 2465- public ecCVCDSA() 2466- { 2467- super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2468- } 2469- } 2470- 2471- static public class ecCVCDSA224 2472- extends SignatureSpi 2473- { 2474- public ecCVCDSA224() 2475- { 2476- super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2477- } 2478- } 2479- 2480- static public class ecCVCDSA256 2481- extends SignatureSpi 2482- { 2483- public ecCVCDSA256() 2484- { 2485- super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2486- } 2487- } 2488- 2489- static public class ecCVCDSA384 2490- extends SignatureSpi 2491- { 2492- public ecCVCDSA384() 2493- { 2494- super(new SHA384Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2495- } 2496- } 2497- 2498- static public class ecCVCDSA512 2499- extends SignatureSpi 2500- { 2501- public ecCVCDSA512() 2502- { 2503- super(new SHA512Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2504- } 2505- } 2506+ // BEGIN android-changed 2507+ super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); 2508+ // END android-changed 2509+ } 2510+ } 2511+ 2512+ // BEGIN android-removed 2513+ // static public class ecDetDSA512 2514+ // extends SignatureSpi 2515+ // { 2516+ // public ecDetDSA512() 2517+ // { 2518+ // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2519+ // } 2520+ // } 2521+ // 2522+ // static public class ecDSARipeMD160 2523+ // extends SignatureSpi 2524+ // { 2525+ // public ecDSARipeMD160() 2526+ // { 2527+ // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2528+ // } 2529+ // } 2530+ // 2531+ // static public class ecNR 2532+ // extends SignatureSpi 2533+ // { 2534+ // public ecNR() 2535+ // { 2536+ // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2537+ // } 2538+ // } 2539+ // 2540+ // static public class ecNR224 2541+ // extends SignatureSpi 2542+ // { 2543+ // public ecNR224() 2544+ // { 2545+ // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2546+ // } 2547+ // } 2548+ // 2549+ // static public class ecNR256 2550+ // extends SignatureSpi 2551+ // { 2552+ // public ecNR256() 2553+ // { 2554+ // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2555+ // } 2556+ // } 2557+ // 2558+ // static public class ecNR384 2559+ // extends SignatureSpi 2560+ // { 2561+ // public ecNR384() 2562+ // { 2563+ // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2564+ // } 2565+ // } 2566+ // 2567+ // static public class ecNR512 2568+ // extends SignatureSpi 2569+ // { 2570+ // public ecNR512() 2571+ // { 2572+ // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2573+ // } 2574+ // } 2575+ // 2576+ // static public class ecCVCDSA 2577+ // extends SignatureSpi 2578+ // { 2579+ // public ecCVCDSA() 2580+ // { 2581+ // super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2582+ // } 2583+ // } 2584+ // 2585+ // static public class ecCVCDSA224 2586+ // extends SignatureSpi 2587+ // { 2588+ // public ecCVCDSA224() 2589+ // { 2590+ // super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2591+ // } 2592+ // } 2593+ // 2594+ // static public class ecCVCDSA256 2595+ // extends SignatureSpi 2596+ // { 2597+ // public ecCVCDSA256() 2598+ // { 2599+ // super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2600+ // } 2601+ // } 2602+ // 2603+ // static public class ecCVCDSA384 2604+ // extends SignatureSpi 2605+ // { 2606+ // public ecCVCDSA384() 2607+ // { 2608+ // super(new SHA384Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2609+ // } 2610+ // } 2611+ // 2612+ // static public class ecCVCDSA512 2613+ // extends SignatureSpi 2614+ // { 2615+ // public ecCVCDSA512() 2616+ // { 2617+ // super(new SHA512Digest(), new ECDSASigner(), new CVCDSAEncoder()); 2618+ // } 2619+ // } 2620+ // END android-removed 2621 2622 private static class StdDSAEncoder 2623 implements DSAEncoder 2624@@ -355,4 +382,4 @@ 2625 return sig; 2626 } 2627 } 2628-} 2629\ No newline at end of file 2630+} 2631diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2632--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2013-12-03 20:18:20.000000000 +0000 2633+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2013-09-26 18:06:21.000000000 +0000 2634@@ -26,7 +26,9 @@ 2635 import org.bouncycastle.crypto.CipherParameters; 2636 import org.bouncycastle.crypto.Digest; 2637 import org.bouncycastle.crypto.InvalidCipherTextException; 2638-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2639+// BEGIN android-removed 2640+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2641+// END android-removed 2642 import org.bouncycastle.crypto.encodings.OAEPEncoding; 2643 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 2644 import org.bouncycastle.crypto.engines.RSABlindedEngine; 2645@@ -197,10 +199,12 @@ 2646 { 2647 cipher = new PKCS1Encoding(new RSABlindedEngine()); 2648 } 2649- else if (pad.equals("ISO9796-1PADDING")) 2650- { 2651- cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2652- } 2653+ // BEGIN android-removed 2654+ // else if (pad.equals("ISO9796-1PADDING")) 2655+ // { 2656+ // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2657+ // } 2658+ // END android-removed 2659 else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) 2660 { 2661 initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); 2662@@ -539,48 +543,50 @@ 2663 } 2664 } 2665 2666- static public class PKCS1v1_5Padding 2667- extends CipherSpi 2668- { 2669- public PKCS1v1_5Padding() 2670- { 2671- super(new PKCS1Encoding(new RSABlindedEngine())); 2672- } 2673- } 2674- 2675- static public class PKCS1v1_5Padding_PrivateOnly 2676- extends CipherSpi 2677- { 2678- public PKCS1v1_5Padding_PrivateOnly() 2679- { 2680- super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 2681- } 2682- } 2683- 2684- static public class PKCS1v1_5Padding_PublicOnly 2685- extends CipherSpi 2686- { 2687- public PKCS1v1_5Padding_PublicOnly() 2688- { 2689- super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 2690- } 2691- } 2692- 2693- static public class OAEPPadding 2694- extends CipherSpi 2695- { 2696- public OAEPPadding() 2697- { 2698- super(OAEPParameterSpec.DEFAULT); 2699- } 2700- } 2701- 2702- static public class ISO9796d1Padding 2703- extends CipherSpi 2704- { 2705- public ISO9796d1Padding() 2706- { 2707- super(new ISO9796d1Encoding(new RSABlindedEngine())); 2708- } 2709- } 2710+ // BEGIN android-removed 2711+ // static public class PKCS1v1_5Padding 2712+ // extends CipherSpi 2713+ // { 2714+ // public PKCS1v1_5Padding() 2715+ // { 2716+ // super(new PKCS1Encoding(new RSABlindedEngine())); 2717+ // } 2718+ // } 2719+ // 2720+ // static public class PKCS1v1_5Padding_PrivateOnly 2721+ // extends CipherSpi 2722+ // { 2723+ // public PKCS1v1_5Padding_PrivateOnly() 2724+ // { 2725+ // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 2726+ // } 2727+ // } 2728+ // 2729+ // static public class PKCS1v1_5Padding_PublicOnly 2730+ // extends CipherSpi 2731+ // { 2732+ // public PKCS1v1_5Padding_PublicOnly() 2733+ // { 2734+ // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 2735+ // } 2736+ // } 2737+ // 2738+ // static public class OAEPPadding 2739+ // extends CipherSpi 2740+ // { 2741+ // public OAEPPadding() 2742+ // { 2743+ // super(OAEPParameterSpec.DEFAULT); 2744+ // } 2745+ // } 2746+ // 2747+ // static public class ISO9796d1Padding 2748+ // extends CipherSpi 2749+ // { 2750+ // public ISO9796d1Padding() 2751+ // { 2752+ // super(new ISO9796d1Encoding(new RSABlindedEngine())); 2753+ // } 2754+ // } 2755+ // END android-removed 2756 } 2757diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2758--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2013-12-03 20:18:20.000000000 +0000 2759+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2013-09-26 18:06:21.000000000 +0000 2760@@ -17,24 +17,31 @@ 2761 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 2762 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 2763 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 2764-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 2765+// BEGIN android-removed 2766+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 2767+// END android-removed 2768 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 2769 import org.bouncycastle.asn1.x509.DigestInfo; 2770 import org.bouncycastle.crypto.AsymmetricBlockCipher; 2771 import org.bouncycastle.crypto.CipherParameters; 2772 import org.bouncycastle.crypto.Digest; 2773-import org.bouncycastle.crypto.digests.MD2Digest; 2774-import org.bouncycastle.crypto.digests.MD4Digest; 2775-import org.bouncycastle.crypto.digests.MD5Digest; 2776-import org.bouncycastle.crypto.digests.NullDigest; 2777-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 2778-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2779-import org.bouncycastle.crypto.digests.RIPEMD256Digest; 2780-import org.bouncycastle.crypto.digests.SHA1Digest; 2781-import org.bouncycastle.crypto.digests.SHA224Digest; 2782-import org.bouncycastle.crypto.digests.SHA256Digest; 2783-import org.bouncycastle.crypto.digests.SHA384Digest; 2784-import org.bouncycastle.crypto.digests.SHA512Digest; 2785+// BEGIN android-removed 2786+// import org.bouncycastle.crypto.digests.MD2Digest; 2787+// import org.bouncycastle.crypto.digests.MD4Digest; 2788+// import org.bouncycastle.crypto.digests.MD5Digest; 2789+// import org.bouncycastle.crypto.digests.NullDigest; 2790+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 2791+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2792+// import org.bouncycastle.crypto.digests.RIPEMD256Digest; 2793+// import org.bouncycastle.crypto.digests.SHA1Digest; 2794+// import org.bouncycastle.crypto.digests.SHA224Digest; 2795+// import org.bouncycastle.crypto.digests.SHA256Digest; 2796+// import org.bouncycastle.crypto.digests.SHA384Digest; 2797+// import org.bouncycastle.crypto.digests.SHA512Digest; 2798+// END android-removed 2799+// BEGIN android-added 2800+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2801+// END android-added 2802 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 2803 import org.bouncycastle.crypto.engines.RSABlindedEngine; 2804 2805@@ -261,7 +268,9 @@ 2806 { 2807 public SHA1() 2808 { 2809- super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2810+ // BEGIN android-changed 2811+ super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); 2812+ // END android-changed 2813 } 2814 } 2815 2816@@ -270,7 +279,9 @@ 2817 { 2818 public SHA224() 2819 { 2820- super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2821+ // BEGIN android-changed 2822+ super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); 2823+ // END android-changed 2824 } 2825 } 2826 2827@@ -279,7 +290,9 @@ 2828 { 2829 public SHA256() 2830 { 2831- super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2832+ // BEGIN android-changed 2833+ super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); 2834+ // END android-changed 2835 } 2836 } 2837 2838@@ -288,7 +301,9 @@ 2839 { 2840 public SHA384() 2841 { 2842- super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2843+ // BEGIN android-changed 2844+ super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); 2845+ // END android-changed 2846 } 2847 } 2848 2849@@ -297,70 +312,78 @@ 2850 { 2851 public SHA512() 2852 { 2853- super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2854+ // BEGIN android-changed 2855+ super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); 2856+ // END android-changed 2857 } 2858 } 2859 2860- static public class MD2 2861- extends DigestSignatureSpi 2862- { 2863- public MD2() 2864- { 2865- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2866- } 2867- } 2868- 2869- static public class MD4 2870- extends DigestSignatureSpi 2871- { 2872- public MD4() 2873- { 2874- super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2875- } 2876- } 2877+ // BEGIN android-removed 2878+ // static public class MD2 2879+ // extends DigestSignatureSpi 2880+ // { 2881+ // public MD2() 2882+ // { 2883+ // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2884+ // } 2885+ // } 2886+ // 2887+ // static public class MD4 2888+ // extends DigestSignatureSpi 2889+ // { 2890+ // public MD4() 2891+ // { 2892+ // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2893+ // } 2894+ // } 2895+ // END android-removed 2896 2897 static public class MD5 2898 extends DigestSignatureSpi 2899 { 2900 public MD5() 2901 { 2902- super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2903- } 2904- } 2905- 2906- static public class RIPEMD160 2907- extends DigestSignatureSpi 2908- { 2909- public RIPEMD160() 2910- { 2911- super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2912+ // BEGIN android-changed 2913+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); 2914+ // END android-changed 2915 } 2916 } 2917 2918- static public class RIPEMD128 2919- extends DigestSignatureSpi 2920- { 2921- public RIPEMD128() 2922- { 2923- super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2924- } 2925- } 2926- 2927- static public class RIPEMD256 2928- extends DigestSignatureSpi 2929- { 2930- public RIPEMD256() 2931- { 2932- super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2933- } 2934- } 2935- 2936- static public class noneRSA 2937- extends DigestSignatureSpi 2938- { 2939- public noneRSA() 2940- { 2941- super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 2942- } 2943- } 2944+ // BEGIN android-removed 2945+ // static public class RIPEMD160 2946+ // extends DigestSignatureSpi 2947+ // { 2948+ // public RIPEMD160() 2949+ // { 2950+ // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2951+ // } 2952+ // } 2953+ // 2954+ // static public class RIPEMD128 2955+ // extends DigestSignatureSpi 2956+ // { 2957+ // public RIPEMD128() 2958+ // { 2959+ // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2960+ // } 2961+ // } 2962+ // 2963+ // static public class RIPEMD256 2964+ // extends DigestSignatureSpi 2965+ // { 2966+ // public RIPEMD256() 2967+ // { 2968+ // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 2969+ // } 2970+ // } 2971+ // 2972+ // static public class noneRSA 2973+ // extends DigestSignatureSpi 2974+ // { 2975+ // public noneRSA() 2976+ // { 2977+ // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 2978+ // } 2979+ // } 2980+ // END android-removed 2981 } 2982diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2983--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2013-12-03 20:18:20.000000000 +0000 2984+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2012-09-17 23:04:47.000000000 +0000 2985@@ -18,8 +18,10 @@ 2986 import javax.crypto.NoSuchPaddingException; 2987 import javax.crypto.spec.IvParameterSpec; 2988 import javax.crypto.spec.PBEParameterSpec; 2989-import javax.crypto.spec.RC2ParameterSpec; 2990-import javax.crypto.spec.RC5ParameterSpec; 2991+// BEGIN android-removed 2992+// import javax.crypto.spec.RC2ParameterSpec; 2993+// import javax.crypto.spec.RC5ParameterSpec; 2994+// END android-removed 2995 import javax.crypto.spec.SecretKeySpec; 2996 2997 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 2998@@ -37,8 +39,10 @@ 2999 { 3000 IvParameterSpec.class, 3001 PBEParameterSpec.class, 3002- RC2ParameterSpec.class, 3003- RC5ParameterSpec.class 3004+ // BEGIN android-removed 3005+ // RC2ParameterSpec.class, 3006+ // RC5ParameterSpec.class 3007+ // END android-removed 3008 }; 3009 3010 3011diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 3012--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2013-12-03 20:18:20.000000000 +0000 3013+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2013-05-25 02:14:15.000000000 +0000 3014@@ -5,11 +5,15 @@ 3015 import java.security.PublicKey; 3016 3017 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 3018-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3019+// BEGIN android-removed 3020+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3021+// END android-removed 3022 import org.bouncycastle.asn1.nist.NISTNamedCurves; 3023 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3024 import org.bouncycastle.asn1.sec.SECNamedCurves; 3025-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3026+// BEGIN android-removed 3027+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3028+// END android-removed 3029 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 3030 import org.bouncycastle.asn1.x9.X962NamedCurves; 3031 import org.bouncycastle.asn1.x9.X9ECParameters; 3032@@ -225,14 +229,16 @@ 3033 { 3034 oid = NISTNamedCurves.getOID(name); 3035 } 3036- if (oid == null) 3037- { 3038- oid = TeleTrusTNamedCurves.getOID(name); 3039- } 3040- if (oid == null) 3041- { 3042- oid = ECGOST3410NamedCurves.getOID(name); 3043- } 3044+ // BEGIN android-removed 3045+ // if (oid == null) 3046+ // { 3047+ // oid = TeleTrusTNamedCurves.getOID(name); 3048+ // } 3049+ // if (oid == null) 3050+ // { 3051+ // oid = ECGOST3410NamedCurves.getOID(name); 3052+ // } 3053+ // END android-removed 3054 } 3055 3056 return oid; 3057@@ -250,10 +256,12 @@ 3058 { 3059 params = NISTNamedCurves.getByOID(oid); 3060 } 3061- if (params == null) 3062- { 3063- params = TeleTrusTNamedCurves.getByOID(oid); 3064- } 3065+ // BEGIN android-removed 3066+ // if (params == null) 3067+ // { 3068+ // params = TeleTrusTNamedCurves.getByOID(oid); 3069+ // } 3070+ // END android-removed 3071 } 3072 3073 return params; 3074@@ -271,14 +279,16 @@ 3075 { 3076 name = NISTNamedCurves.getName(oid); 3077 } 3078- if (name == null) 3079- { 3080- name = TeleTrusTNamedCurves.getName(oid); 3081- } 3082- if (name == null) 3083- { 3084- name = ECGOST3410NamedCurves.getName(oid); 3085- } 3086+ // BEGIN android-removed 3087+ // if (name == null) 3088+ // { 3089+ // name = TeleTrusTNamedCurves.getName(oid); 3090+ // } 3091+ // if (name == null) 3092+ // { 3093+ // name = ECGOST3410NamedCurves.getName(oid); 3094+ // } 3095+ // END android-removed 3096 } 3097 3098 return name; 3099diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 3100--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2013-12-03 20:18:20.000000000 +0000 3101+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2013-02-21 00:01:31.000000000 +0000 3102@@ -36,7 +36,9 @@ 3103 import org.bouncycastle.asn1.pkcs.SignedData; 3104 import org.bouncycastle.jce.provider.BouncyCastleProvider; 3105 import org.bouncycastle.util.io.pem.PemObject; 3106-import org.bouncycastle.util.io.pem.PemWriter; 3107+// BEGIN android-removed 3108+// import org.bouncycastle.util.io.pem.PemWriter; 3109+// END android-removed 3110 3111 /** 3112 * CertPath implementation for X.509 certificates. 3113@@ -51,7 +53,9 @@ 3114 { 3115 List encodings = new ArrayList(); 3116 encodings.add("PkiPath"); 3117- encodings.add("PEM"); 3118+ // BEGIN android-removed 3119+ // encodings.add("PEM"); 3120+ // END android-removed 3121 encodings.add("PKCS7"); 3122 certPathEncodings = Collections.unmodifiableList(encodings); 3123 } 3124@@ -298,27 +302,29 @@ 3125 return toDEREncoded(new ContentInfo( 3126 PKCSObjectIdentifiers.signedData, sd)); 3127 } 3128- else if (encoding.equalsIgnoreCase("PEM")) 3129- { 3130- ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3131- PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3132- 3133- try 3134- { 3135- for (int i = 0; i != certificates.size(); i++) 3136- { 3137- pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3138- } 3139- 3140- pWrt.close(); 3141- } 3142- catch (Exception e) 3143- { 3144- throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3145- } 3146- 3147- return bOut.toByteArray(); 3148- } 3149+ // BEGIN android-removed 3150+ // else if (encoding.equalsIgnoreCase("PEM")) 3151+ // { 3152+ // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3153+ // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3154+ // 3155+ // try 3156+ // { 3157+ // for (int i = 0; i != certificates.size(); i++) 3158+ // { 3159+ // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3160+ // } 3161+ // 3162+ // pWrt.close(); 3163+ // } 3164+ // catch (Exception e) 3165+ // { 3166+ // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3167+ // } 3168+ // 3169+ // return bOut.toByteArray(); 3170+ // } 3171+ // END android-removed 3172 else 3173 { 3174 throw new CertificateEncodingException("unsupported encoding: " + encoding); 3175diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 3176--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2013-12-03 20:18:20.000000000 +0000 3177+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2013-05-25 02:14:15.000000000 +0000 3178@@ -57,6 +57,9 @@ 3179 import org.bouncycastle.asn1.x509.Extensions; 3180 import org.bouncycastle.asn1.x509.GeneralName; 3181 import org.bouncycastle.asn1.x509.KeyUsage; 3182+// BEGIN android-added 3183+import org.bouncycastle.asn1.x509.X509Name; 3184+// END android-added 3185 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 3186 import org.bouncycastle.jce.X509Principal; 3187 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 3188@@ -564,12 +567,20 @@ 3189 } 3190 } 3191 3192+ // BEGIN android-changed 3193+ private byte[] encoded; 3194+ // END android-changed 3195 public byte[] getEncoded() 3196 throws CertificateEncodingException 3197 { 3198 try 3199 { 3200- return c.getEncoded(ASN1Encoding.DER); 3201+ // BEGIN android-changed 3202+ if (encoded == null) { 3203+ encoded = c.getEncoded(ASN1Encoding.DER); 3204+ } 3205+ return encoded; 3206+ // END android-changed 3207 } 3208 catch (IOException e) 3209 { 3210@@ -860,7 +871,9 @@ 3211 list.add(genName.getEncoded()); 3212 break; 3213 case GeneralName.directoryName: 3214- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 3215+ // BEGIN android-changed 3216+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 3217+ // END android-changed 3218 break; 3219 case GeneralName.dNSName: 3220 case GeneralName.rfc822Name: 3221diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 3222--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2013-12-03 20:18:20.000000000 +0000 3223+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2013-05-25 02:14:15.000000000 +0000 3224@@ -14,12 +14,16 @@ 3225 import org.bouncycastle.asn1.ASN1Sequence; 3226 import org.bouncycastle.asn1.DERNull; 3227 import org.bouncycastle.asn1.DERObjectIdentifier; 3228-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3229+// BEGIN android-removed 3230+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3231+// END android-removed 3232 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3233 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3234 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3235 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 3236-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3237+// BEGIN android-removed 3238+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3239+// END android-removed 3240 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3241 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 3242 3243@@ -114,22 +118,24 @@ 3244 { 3245 return "SHA512"; 3246 } 3247- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3248- { 3249- return "RIPEMD128"; 3250- } 3251- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3252- { 3253- return "RIPEMD160"; 3254- } 3255- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3256- { 3257- return "RIPEMD256"; 3258- } 3259- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3260- { 3261- return "GOST3411"; 3262- } 3263+ // BEGIN android-removed 3264+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3265+ // { 3266+ // return "RIPEMD128"; 3267+ // } 3268+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3269+ // { 3270+ // return "RIPEMD160"; 3271+ // } 3272+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3273+ // { 3274+ // return "RIPEMD256"; 3275+ // } 3276+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3277+ // { 3278+ // return "GOST3411"; 3279+ // } 3280+ // END android-removed 3281 else 3282 { 3283 return digestAlgOID.getId(); 3284diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/digest/SHA256.java 3285--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java 2013-12-03 20:18:20.000000000 +0000 3286+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/digest/SHA256.java 2013-05-25 02:14:15.000000000 +0000 3287@@ -45,17 +45,19 @@ 3288 } 3289 } 3290 3291- /** 3292- * PBEWithHmacSHA 3293- */ 3294- public static class PBEWithMacKeyFactory 3295- extends PBESecretKeyFactory 3296- { 3297- public PBEWithMacKeyFactory() 3298- { 3299- super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3300- } 3301- } 3302+ // BEGIN android-removed 3303+ // /** 3304+ // * PBEWithHmacSHA 3305+ // */ 3306+ // public static class PBEWithMacKeyFactory 3307+ // extends PBESecretKeyFactory 3308+ // { 3309+ // public PBEWithMacKeyFactory() 3310+ // { 3311+ // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3312+ // } 3313+ // } 3314+ // END android-removed 3315 3316 /** 3317 * HMACSHA256 3318@@ -84,9 +86,11 @@ 3319 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256"); 3320 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); 3321 3322- provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3323- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3324- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3325+ // BEGIN android-removed 3326+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3327+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3328+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3329+ // END android-removed 3330 3331 addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3332 addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256); 3333diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/digest/SHA384.java 3334--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java 2013-12-03 20:18:20.000000000 +0000 3335+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/digest/SHA384.java 2013-05-25 02:14:15.000000000 +0000 3336@@ -5,7 +5,9 @@ 3337 import org.bouncycastle.crypto.CipherKeyGenerator; 3338 import org.bouncycastle.crypto.digests.SHA384Digest; 3339 import org.bouncycastle.crypto.macs.HMac; 3340-import org.bouncycastle.crypto.macs.OldHMac; 3341+// BEGIN android-removed 3342+// import org.bouncycastle.crypto.macs.OldHMac; 3343+// END android-removed 3344 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3345 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3346 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3347@@ -57,14 +59,16 @@ 3348 } 3349 } 3350 3351- public static class OldSHA384 3352- extends BaseMac 3353- { 3354- public OldSHA384() 3355- { 3356- super(new OldHMac(new SHA384Digest())); 3357- } 3358- } 3359+ // BEGIN android-removed 3360+ // public static class OldSHA384 3361+ // extends BaseMac 3362+ // { 3363+ // public OldSHA384() 3364+ // { 3365+ // super(new OldHMac(new SHA384Digest())); 3366+ // } 3367+ // } 3368+ // END android-removed 3369 3370 public static class Mappings 3371 extends DigestAlgorithmProvider 3372@@ -80,7 +84,9 @@ 3373 provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest"); 3374 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384"); 3375 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384"); 3376- provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3377+ // BEGIN android-removed 3378+ // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3379+ // END android-removed 3380 3381 addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3382 addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384); 3383diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/digest/SHA512.java 3384--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java 2013-12-03 20:18:20.000000000 +0000 3385+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/digest/SHA512.java 2013-05-25 02:14:15.000000000 +0000 3386@@ -4,9 +4,13 @@ 3387 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3388 import org.bouncycastle.crypto.CipherKeyGenerator; 3389 import org.bouncycastle.crypto.digests.SHA512Digest; 3390-import org.bouncycastle.crypto.digests.SHA512tDigest; 3391+// BEGIN android-removed 3392+// import org.bouncycastle.crypto.digests.SHA512tDigest; 3393+// END android-removed 3394 import org.bouncycastle.crypto.macs.HMac; 3395-import org.bouncycastle.crypto.macs.OldHMac; 3396+// BEGIN android-removed 3397+// import org.bouncycastle.crypto.macs.OldHMac; 3398+// END android-removed 3399 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3400 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3401 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3402@@ -37,42 +41,44 @@ 3403 } 3404 } 3405 3406- static public class DigestT 3407- extends BCMessageDigest 3408- implements Cloneable 3409- { 3410- public DigestT(int bitLength) 3411- { 3412- super(new SHA512tDigest(bitLength)); 3413- } 3414- 3415- public Object clone() 3416- throws CloneNotSupportedException 3417- { 3418- DigestT d = (DigestT)super.clone(); 3419- d.digest = new SHA512tDigest((SHA512tDigest)digest); 3420- 3421- return d; 3422- } 3423- } 3424- 3425- static public class DigestT224 3426- extends DigestT 3427- { 3428- public DigestT224() 3429- { 3430- super(224); 3431- } 3432- } 3433- 3434- static public class DigestT256 3435- extends DigestT 3436- { 3437- public DigestT256() 3438- { 3439- super(256); 3440- } 3441- } 3442+ // BEGIN android-removed 3443+ // static public class DigestT 3444+ // extends BCMessageDigest 3445+ // implements Cloneable 3446+ // { 3447+ // public DigestT(int bitLength) 3448+ // { 3449+ // super(new SHA512tDigest(bitLength)); 3450+ // } 3451+ // 3452+ // public Object clone() 3453+ // throws CloneNotSupportedException 3454+ // { 3455+ // DigestT d = (DigestT)super.clone(); 3456+ // d.digest = new SHA512tDigest((SHA512tDigest)digest); 3457+ // 3458+ // return d; 3459+ // } 3460+ // } 3461+ // 3462+ // static public class DigestT224 3463+ // extends DigestT 3464+ // { 3465+ // public DigestT224() 3466+ // { 3467+ // super(224); 3468+ // } 3469+ // } 3470+ // 3471+ // static public class DigestT256 3472+ // extends DigestT 3473+ // { 3474+ // public DigestT256() 3475+ // { 3476+ // super(256); 3477+ // } 3478+ // } 3479+ // END android-removed 3480 3481 public static class HashMac 3482 extends BaseMac 3483@@ -83,35 +89,37 @@ 3484 } 3485 } 3486 3487- public static class HashMacT224 3488- extends BaseMac 3489- { 3490- public HashMacT224() 3491- { 3492- super(new HMac(new SHA512tDigest(224))); 3493- } 3494- } 3495- 3496- public static class HashMacT256 3497- extends BaseMac 3498- { 3499- public HashMacT256() 3500- { 3501- super(new HMac(new SHA512tDigest(256))); 3502- } 3503- } 3504- 3505- /** 3506- * SHA-512 HMac 3507- */ 3508- public static class OldSHA512 3509- extends BaseMac 3510- { 3511- public OldSHA512() 3512- { 3513- super(new OldHMac(new SHA512Digest())); 3514- } 3515- } 3516+ // BEGIN android-removed 3517+ // public static class HashMacT224 3518+ // extends BaseMac 3519+ // { 3520+ // public HashMacT224() 3521+ // { 3522+ // super(new HMac(new SHA512tDigest(224))); 3523+ // } 3524+ // } 3525+ // 3526+ // public static class HashMacT256 3527+ // extends BaseMac 3528+ // { 3529+ // public HashMacT256() 3530+ // { 3531+ // super(new HMac(new SHA512tDigest(256))); 3532+ // } 3533+ // } 3534+ // 3535+ // /** 3536+ // * SHA-512 HMac 3537+ // */ 3538+ // public static class OldSHA512 3539+ // extends BaseMac 3540+ // { 3541+ // public OldSHA512() 3542+ // { 3543+ // super(new OldHMac(new SHA512Digest())); 3544+ // } 3545+ // } 3546+ // END android-removed 3547 3548 /** 3549 * HMACSHA512 3550@@ -125,23 +133,25 @@ 3551 } 3552 } 3553 3554- public static class KeyGeneratorT224 3555- extends BaseKeyGenerator 3556- { 3557- public KeyGeneratorT224() 3558- { 3559- super("HMACSHA512/224", 224, new CipherKeyGenerator()); 3560- } 3561- } 3562- 3563- public static class KeyGeneratorT256 3564- extends BaseKeyGenerator 3565- { 3566- public KeyGeneratorT256() 3567- { 3568- super("HMACSHA512/256", 256, new CipherKeyGenerator()); 3569- } 3570- } 3571+ // BEGIN android-removed 3572+ // public static class KeyGeneratorT224 3573+ // extends BaseKeyGenerator 3574+ // { 3575+ // public KeyGeneratorT224() 3576+ // { 3577+ // super("HMACSHA512/224", 224, new CipherKeyGenerator()); 3578+ // } 3579+ // } 3580+ // 3581+ // public static class KeyGeneratorT256 3582+ // extends BaseKeyGenerator 3583+ // { 3584+ // public KeyGeneratorT256() 3585+ // { 3586+ // super("HMACSHA512/256", 256, new CipherKeyGenerator()); 3587+ // } 3588+ // } 3589+ // END android-removed 3590 3591 public static class Mappings 3592 extends DigestAlgorithmProvider 3593@@ -158,21 +168,25 @@ 3594 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512"); 3595 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); 3596 3597- provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 3598- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 3599- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 3600- 3601- provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 3602- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 3603- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 3604- 3605- provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 3606+ // BEGIN android-removed 3607+ // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 3608+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 3609+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 3610+ // 3611+ // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 3612+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 3613+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 3614+ // 3615+ // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 3616+ // END android-removed 3617 3618 addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3619 addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); 3620 3621- addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 3622- addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 3623+ // BEGIN android-removed 3624+ // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 3625+ // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 3626+ // END android-removed 3627 } 3628 } 3629 3630diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/keystore/BC.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/keystore/BC.java 3631--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/keystore/BC.java 2013-12-03 20:18:20.000000000 +0000 3632+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/keystore/BC.java 2013-05-25 02:14:15.000000000 +0000 3633@@ -17,7 +17,9 @@ 3634 public void configure(ConfigurableProvider provider) 3635 { 3636 provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std"); 3637- provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 3638+ // BEGIN android-removed 3639+ // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 3640+ // END android-removed 3641 provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore"); 3642 provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle"); 3643 provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); 3644diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 3645--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2013-12-03 20:18:20.000000000 +0000 3646+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2013-05-25 02:14:15.000000000 +0000 3647@@ -17,14 +17,16 @@ 3648 public void configure(ConfigurableProvider provider) 3649 { 3650 provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3651- provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3652- provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3653- 3654- provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3655- provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 3656- 3657- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3658- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 3659+ // BEGIN android-removed 3660+ // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3661+ // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3662+ // 3663+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3664+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 3665+ // 3666+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3667+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 3668+ // END android-removed 3669 } 3670 } 3671 } 3672diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 3673--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2013-12-03 20:18:20.000000000 +0000 3674+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2013-12-12 00:35:05.000000000 +0000 3675@@ -61,8 +61,10 @@ 3676 import org.bouncycastle.asn1.DEROutputStream; 3677 import org.bouncycastle.asn1.DERSequence; 3678 import org.bouncycastle.asn1.DERSet; 3679-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3680-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 3681+// BEGIN android-removed 3682+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3683+// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 3684+// END android-removed 3685 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3686 import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; 3687 import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; 3688@@ -86,7 +88,9 @@ 3689 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 3690 import org.bouncycastle.jcajce.provider.config.PKCS12StoreParameter; 3691 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; 3692-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 3693+// BEGIN android-removed 3694+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 3695+// END android-removed 3696 import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; 3697 import org.bouncycastle.jce.interfaces.BCKeyStore; 3698 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 3699@@ -736,13 +740,15 @@ 3700 { 3701 cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets())); 3702 } 3703- else 3704- { 3705- // TODO: at the moment it's just GOST, but... 3706- GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 3707- 3708- cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 3709- } 3710+ // BEGIN android-removed 3711+ // else 3712+ // { 3713+ // // TODO: at the moment it's just GOST, but... 3714+ // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 3715+ // 3716+ // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 3717+ // } 3718+ // END android-removed 3719 return cipher; 3720 } 3721 3722@@ -1659,32 +1665,34 @@ 3723 } 3724 } 3725 3726- public static class BCPKCS12KeyStore3DES 3727- extends PKCS12KeyStoreSpi 3728- { 3729- public BCPKCS12KeyStore3DES() 3730- { 3731- super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 3732- } 3733- } 3734- 3735- public static class DefPKCS12KeyStore 3736- extends PKCS12KeyStoreSpi 3737- { 3738- public DefPKCS12KeyStore() 3739- { 3740- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 3741- } 3742- } 3743- 3744- public static class DefPKCS12KeyStore3DES 3745- extends PKCS12KeyStoreSpi 3746- { 3747- public DefPKCS12KeyStore3DES() 3748- { 3749- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 3750- } 3751- } 3752+ // BEGIN android-removed 3753+ // public static class BCPKCS12KeyStore3DES 3754+ // extends PKCS12KeyStoreSpi 3755+ // { 3756+ // public BCPKCS12KeyStore3DES() 3757+ // { 3758+ // super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 3759+ // } 3760+ // } 3761+ // 3762+ // public static class DefPKCS12KeyStore 3763+ // extends PKCS12KeyStoreSpi 3764+ // { 3765+ // public DefPKCS12KeyStore() 3766+ // { 3767+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 3768+ // } 3769+ // } 3770+ // 3771+ // public static class DefPKCS12KeyStore3DES 3772+ // extends PKCS12KeyStoreSpi 3773+ // { 3774+ // public DefPKCS12KeyStore3DES() 3775+ // { 3776+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 3777+ // } 3778+ // } 3779+ // END android-removed 3780 3781 private static class IgnoresCaseHashtable 3782 { 3783@@ -1757,7 +1765,9 @@ 3784 keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192)); 3785 keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256)); 3786 3787- keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 3788+ // BEGIN android-removed 3789+ // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 3790+ // END android-removed 3791 3792 KEY_SIZES = Collections.unmodifiableMap(keySizes); 3793 } 3794diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/AES.java 3795--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2013-12-03 20:18:20.000000000 +0000 3796+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/AES.java 2013-12-12 00:35:05.000000000 +0000 3797@@ -3,13 +3,17 @@ 3798 import java.io.IOException; 3799 import java.lang.reflect.Constructor; 3800 import java.lang.reflect.Method; 3801-import java.security.AlgorithmParameters; 3802-import java.security.InvalidAlgorithmParameterException; 3803+// BEGIN android-removed 3804+// import java.security.AlgorithmParameters; 3805+// import java.security.InvalidAlgorithmParameterException; 3806+// END android-removed 3807 import java.security.SecureRandom; 3808 import java.security.spec.AlgorithmParameterSpec; 3809 import java.security.spec.InvalidParameterSpecException; 3810 3811-import javax.crypto.spec.IvParameterSpec; 3812+// BEGIN android-removed 3813+// import javax.crypto.spec.IvParameterSpec; 3814+// END android-removed 3815 3816 import org.bouncycastle.asn1.bc.BCObjectIdentifiers; 3817 import org.bouncycastle.asn1.cms.GCMParameters; 3818@@ -19,25 +23,33 @@ 3819 import org.bouncycastle.crypto.CipherKeyGenerator; 3820 import org.bouncycastle.crypto.engines.AESFastEngine; 3821 import org.bouncycastle.crypto.engines.AESWrapEngine; 3822-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3823-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 3824-import org.bouncycastle.crypto.macs.CMac; 3825-import org.bouncycastle.crypto.macs.GMac; 3826+// BEGIN android-removed 3827+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 3828+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 3829+// import org.bouncycastle.crypto.macs.CMac; 3830+// import org.bouncycastle.crypto.macs.GMac; 3831+// END android-removed 3832 import org.bouncycastle.crypto.modes.CBCBlockCipher; 3833 import org.bouncycastle.crypto.modes.CFBBlockCipher; 3834 import org.bouncycastle.crypto.modes.GCMBlockCipher; 3835 import org.bouncycastle.crypto.modes.OFBBlockCipher; 3836 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3837-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3838+// BEGIN android-removed 3839+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 3840+// END android-removed 3841 import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 3842 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 3843 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3844-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3845+// BEGIN android-removed 3846+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3847+// END android-removed 3848 import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 3849 import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 3850 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 3851 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 3852-import org.bouncycastle.jce.provider.BouncyCastleProvider; 3853+// BEGIN android-removed 3854+// import org.bouncycastle.jce.provider.BouncyCastleProvider; 3855+// END android-removed 3856 import org.bouncycastle.util.Integers; 3857 3858 public final class AES 3859@@ -99,41 +111,43 @@ 3860 } 3861 } 3862 3863- public static class AESCMAC 3864- extends BaseMac 3865- { 3866- public AESCMAC() 3867- { 3868- super(new CMac(new AESFastEngine())); 3869- } 3870- } 3871- 3872- public static class AESGMAC 3873- extends BaseMac 3874- { 3875- public AESGMAC() 3876- { 3877- super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 3878- } 3879- } 3880- 3881- public static class Poly1305 3882- extends BaseMac 3883- { 3884- public Poly1305() 3885- { 3886- super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 3887- } 3888- } 3889- 3890- public static class Poly1305KeyGen 3891- extends BaseKeyGenerator 3892- { 3893- public Poly1305KeyGen() 3894- { 3895- super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 3896- } 3897- } 3898+ // BEGIN android-removed 3899+ // public static class AESCMAC 3900+ // extends BaseMac 3901+ // { 3902+ // public AESCMAC() 3903+ // { 3904+ // super(new CMac(new AESFastEngine())); 3905+ // } 3906+ // } 3907+ // 3908+ // public static class AESGMAC 3909+ // extends BaseMac 3910+ // { 3911+ // public AESGMAC() 3912+ // { 3913+ // super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 3914+ // } 3915+ // } 3916+ // 3917+ // public static class Poly1305 3918+ // extends BaseMac 3919+ // { 3920+ // public Poly1305() 3921+ // { 3922+ // super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 3923+ // } 3924+ // } 3925+ // 3926+ // public static class Poly1305KeyGen 3927+ // extends BaseKeyGenerator 3928+ // { 3929+ // public Poly1305KeyGen() 3930+ // { 3931+ // super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 3932+ // } 3933+ // } 3934+ // END android-removed 3935 3936 static public class Wrap 3937 extends BaseWrapCipher 3938@@ -143,15 +157,17 @@ 3939 super(new AESWrapEngine()); 3940 } 3941 } 3942- 3943- public static class RFC3211Wrap 3944- extends BaseWrapCipher 3945- { 3946- public RFC3211Wrap() 3947- { 3948- super(new RFC3211WrapEngine(new AESFastEngine()), 16); 3949- } 3950- } 3951+ 3952+ // BEGIN android-removed 3953+ // public static class RFC3211Wrap 3954+ // extends BaseWrapCipher 3955+ // { 3956+ // public RFC3211Wrap() 3957+ // { 3958+ // super(new RFC3211WrapEngine(new AESFastEngine()), 16); 3959+ // } 3960+ // } 3961+ // END android-removed 3962 3963 3964 /** 3965@@ -180,32 +196,34 @@ 3966 } 3967 } 3968 3969- public static class KeyGen128 3970- extends KeyGen 3971- { 3972- public KeyGen128() 3973- { 3974- super(128); 3975- } 3976- } 3977- 3978- public static class KeyGen192 3979- extends KeyGen 3980- { 3981- public KeyGen192() 3982- { 3983- super(192); 3984- } 3985- } 3986- 3987- public static class KeyGen256 3988- extends KeyGen 3989- { 3990- public KeyGen256() 3991- { 3992- super(256); 3993- } 3994- } 3995+ // BEGIN android-removed 3996+ // public static class KeyGen128 3997+ // extends KeyGen 3998+ // { 3999+ // public KeyGen128() 4000+ // { 4001+ // super(128); 4002+ // } 4003+ // } 4004+ // 4005+ // public static class KeyGen192 4006+ // extends KeyGen 4007+ // { 4008+ // public KeyGen192() 4009+ // { 4010+ // super(192); 4011+ // } 4012+ // } 4013+ // 4014+ // public static class KeyGen256 4015+ // extends KeyGen 4016+ // { 4017+ // public KeyGen256() 4018+ // { 4019+ // super(256); 4020+ // } 4021+ // } 4022+ // END android-removed 4023 4024 /** 4025 * PBEWithSHA1And128BitAES-BC 4026@@ -315,43 +333,45 @@ 4027 } 4028 } 4029 4030- public static class AlgParamGen 4031- extends BaseAlgorithmParameterGenerator 4032- { 4033- protected void engineInit( 4034- AlgorithmParameterSpec genParamSpec, 4035- SecureRandom random) 4036- throws InvalidAlgorithmParameterException 4037- { 4038- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4039- } 4040- 4041- protected AlgorithmParameters engineGenerateParameters() 4042- { 4043- byte[] iv = new byte[16]; 4044- 4045- if (random == null) 4046- { 4047- random = new SecureRandom(); 4048- } 4049- 4050- random.nextBytes(iv); 4051- 4052- AlgorithmParameters params; 4053- 4054- try 4055- { 4056- params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); 4057- params.init(new IvParameterSpec(iv)); 4058- } 4059- catch (Exception e) 4060- { 4061- throw new RuntimeException(e.getMessage()); 4062- } 4063- 4064- return params; 4065- } 4066- } 4067+ // BEGIN android-removed 4068+ // public static class AlgParamGen 4069+ // extends BaseAlgorithmParameterGenerator 4070+ // { 4071+ // protected void engineInit( 4072+ // AlgorithmParameterSpec genParamSpec, 4073+ // SecureRandom random) 4074+ // throws InvalidAlgorithmParameterException 4075+ // { 4076+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4077+ // } 4078+ // 4079+ // protected AlgorithmParameters engineGenerateParameters() 4080+ // { 4081+ // byte[] iv = new byte[16]; 4082+ // 4083+ // if (random == null) 4084+ // { 4085+ // random = new SecureRandom(); 4086+ // } 4087+ // 4088+ // random.nextBytes(iv); 4089+ // 4090+ // AlgorithmParameters params; 4091+ // 4092+ // try 4093+ // { 4094+ // params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); 4095+ // params.init(new IvParameterSpec(iv)); 4096+ // } 4097+ // catch (Exception e) 4098+ // { 4099+ // throw new RuntimeException(e.getMessage()); 4100+ // } 4101+ // 4102+ // return params; 4103+ // } 4104+ // } 4105+ // END android-removed 4106 4107 public static class AlgParams 4108 extends IvAlgorithmParameters 4109@@ -484,35 +504,41 @@ 4110 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4111 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4112 4113- provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 4114- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 4115- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 4116- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 4117- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 4118- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 4119- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 4120+ // BEGIN android-removed 4121+ // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 4122+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 4123+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 4124+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 4125+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 4126+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 4127+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 4128+ // END android-removed 4129 4130 provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); 4131 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); 4132 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); 4133 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); 4134- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 4135- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 4136- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 4137- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 4138- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 4139- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 4140- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 4141- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 4142- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 4143- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 4144- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 4145- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 4146+ // BEGIN android-removed 4147+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 4148+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 4149+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 4150+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 4151+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 4152+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 4153+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 4154+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 4155+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 4156+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 4157+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 4158+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 4159+ // END android-removed 4160 provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); 4161 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); 4162 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); 4163 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); 4164- provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 4165+ // BEGIN android-removed 4166+ // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 4167+ // END android-removed 4168 4169 provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM"); 4170 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4171@@ -520,27 +546,29 @@ 4172 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4173 4174 provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); 4175- provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 4176- provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 4177- provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 4178- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 4179- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 4180- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 4181- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 4182- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 4183- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 4184- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 4185- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 4186- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 4187- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 4188- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 4189- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 4190- provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 4191- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 4192- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 4193- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 4194- 4195- provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 4196+ // BEGIN android-removed 4197+ // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 4198+ // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 4199+ // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 4200+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 4201+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 4202+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 4203+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 4204+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 4205+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 4206+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 4207+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 4208+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 4209+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 4210+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 4211+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 4212+ // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 4213+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 4214+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 4215+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 4216+ // 4217+ // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 4218+ // END android-removed 4219 4220 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC"); 4221 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC"); 4222@@ -619,8 +647,10 @@ 4223 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); 4224 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); 4225 4226- addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 4227- addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 4228+ // BEGIN android-removed 4229+ // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 4230+ // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 4231+ // END android-removed 4232 } 4233 } 4234 4235diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 4236--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-12-03 20:18:20.000000000 +0000 4237+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-05-25 02:14:15.000000000 +0000 4238@@ -29,7 +29,9 @@ 4239 { 4240 public KeyGen() 4241 { 4242- super("RC4", 128, new CipherKeyGenerator()); 4243+ // BEGIN android-changed 4244+ super("ARC4", 128, new CipherKeyGenerator()); 4245+ // END android-changed 4246 } 4247 } 4248 4249diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 4250--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2013-12-03 20:18:20.000000000 +0000 4251+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-09-17 23:04:47.000000000 +0000 4252@@ -64,7 +64,9 @@ 4253 { 4254 4255 provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); 4256- provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 4257+ // BEGIN android-removed 4258+ // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 4259+ // END android-removed 4260 provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); 4261 provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); 4262 provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); 4263diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/DES.java 4264--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2013-12-03 20:18:20.000000000 +0000 4265+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/DES.java 2013-05-25 02:14:15.000000000 +0000 4266@@ -19,12 +19,16 @@ 4267 import org.bouncycastle.crypto.CipherParameters; 4268 import org.bouncycastle.crypto.KeyGenerationParameters; 4269 import org.bouncycastle.crypto.engines.DESEngine; 4270-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4271+// BEGIN android-removed 4272+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4273+// END android-removed 4274 import org.bouncycastle.crypto.generators.DESKeyGenerator; 4275 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 4276-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4277-import org.bouncycastle.crypto.macs.CMac; 4278-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 4279+// BEGIN android-removed 4280+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4281+// import org.bouncycastle.crypto.macs.CMac; 4282+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 4283+// END android-removed 4284 import org.bouncycastle.crypto.modes.CBCBlockCipher; 4285 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 4286 import org.bouncycastle.crypto.params.DESParameters; 4287@@ -66,17 +70,19 @@ 4288 } 4289 } 4290 4291- /** 4292- * DES CFB8 4293- */ 4294- public static class DESCFB8 4295- extends BaseMac 4296- { 4297- public DESCFB8() 4298- { 4299- super(new CFBBlockCipherMac(new DESEngine())); 4300- } 4301- } 4302+ // BEGIN android-removed 4303+ // /** 4304+ // * DES CFB8 4305+ // */ 4306+ // public static class DESCFB8 4307+ // extends BaseMac 4308+ // { 4309+ // public DESCFB8() 4310+ // { 4311+ // super(new CFBBlockCipherMac(new DESEngine())); 4312+ // } 4313+ // } 4314+ // END android-removed 4315 4316 /** 4317 * DES64 4318@@ -111,47 +117,49 @@ 4319 } 4320 } 4321 4322- static public class CMAC 4323- extends BaseMac 4324- { 4325- public CMAC() 4326- { 4327- super(new CMac(new DESEngine())); 4328- } 4329- } 4330- 4331- /** 4332- * DES9797Alg3with7816-4Padding 4333- */ 4334- public static class DES9797Alg3with7816d4 4335- extends BaseMac 4336- { 4337- public DES9797Alg3with7816d4() 4338- { 4339- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 4340- } 4341- } 4342- 4343- /** 4344- * DES9797Alg3 4345- */ 4346- public static class DES9797Alg3 4347- extends BaseMac 4348- { 4349- public DES9797Alg3() 4350- { 4351- super(new ISO9797Alg3Mac(new DESEngine())); 4352- } 4353- } 4354- 4355- public static class RFC3211 4356- extends BaseWrapCipher 4357- { 4358- public RFC3211() 4359- { 4360- super(new RFC3211WrapEngine(new DESEngine()), 8); 4361- } 4362- } 4363+ // BEGIN android-removed 4364+ // static public class CMAC 4365+ // extends BaseMac 4366+ // { 4367+ // public CMAC() 4368+ // { 4369+ // super(new CMac(new DESEngine())); 4370+ // } 4371+ // } 4372+ // 4373+ // /** 4374+ // * DES9797Alg3with7816-4Padding 4375+ // */ 4376+ // public static class DES9797Alg3with7816d4 4377+ // extends BaseMac 4378+ // { 4379+ // public DES9797Alg3with7816d4() 4380+ // { 4381+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 4382+ // } 4383+ // } 4384+ // 4385+ // /** 4386+ // * DES9797Alg3 4387+ // */ 4388+ // public static class DES9797Alg3 4389+ // extends BaseMac 4390+ // { 4391+ // public DES9797Alg3() 4392+ // { 4393+ // super(new ISO9797Alg3Mac(new DESEngine())); 4394+ // } 4395+ // } 4396+ // 4397+ // public static class RFC3211 4398+ // extends BaseWrapCipher 4399+ // { 4400+ // public RFC3211() 4401+ // { 4402+ // super(new RFC3211WrapEngine(new DESEngine()), 8); 4403+ // } 4404+ // } 4405+ // END android-removed 4406 4407 public static class AlgParamGen 4408 extends BaseAlgorithmParameterGenerator 4409@@ -351,17 +359,19 @@ 4410 } 4411 } 4412 4413- /** 4414- * PBEWithMD2AndDES 4415- */ 4416- static public class PBEWithMD2KeyFactory 4417- extends DESPBEKeyFactory 4418- { 4419- public PBEWithMD2KeyFactory() 4420- { 4421- super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 4422- } 4423- } 4424+ // BEGIN android-removed 4425+ // /** 4426+ // * PBEWithMD2AndDES 4427+ // */ 4428+ // static public class PBEWithMD2KeyFactory 4429+ // extends DESPBEKeyFactory 4430+ // { 4431+ // public PBEWithMD2KeyFactory() 4432+ // { 4433+ // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 4434+ // } 4435+ // } 4436+ // END android-removed 4437 4438 /** 4439 * PBEWithMD5AndDES 4440@@ -387,17 +397,19 @@ 4441 } 4442 } 4443 4444- /** 4445- * PBEWithMD2AndDES 4446- */ 4447- static public class PBEWithMD2 4448- extends BaseBlockCipher 4449- { 4450- public PBEWithMD2() 4451- { 4452- super(new CBCBlockCipher(new DESEngine())); 4453- } 4454- } 4455+ // BEGIN android-removed 4456+ // /** 4457+ // * PBEWithMD2AndDES 4458+ // */ 4459+ // static public class PBEWithMD2 4460+ // extends BaseBlockCipher 4461+ // { 4462+ // public PBEWithMD2() 4463+ // { 4464+ // super(new CBCBlockCipher(new DESEngine())); 4465+ // } 4466+ // } 4467+ // END android-removed 4468 4469 /** 4470 * PBEWithMD5AndDES 4471@@ -437,61 +449,75 @@ 4472 { 4473 4474 provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); 4475- provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 4476- 4477- addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 4478- 4479- provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 4480+ // BEGIN android-removed 4481+ // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 4482+ // 4483+ // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 4484+ // 4485+ // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 4486+ // END android-removed 4487 4488 provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); 4489 4490 provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); 4491 4492- provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 4493- provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 4494- provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 4495- 4496- provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 4497- provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 4498- 4499- provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 4500- provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 4501- 4502- provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 4503- provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4504- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4505- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4506- 4507- provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 4508- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 4509- 4510- provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 4511- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 4512- provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 4513- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 4514+ // BEGIN android-removed 4515+ // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 4516+ // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 4517+ // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 4518+ // 4519+ // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 4520+ // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 4521+ // 4522+ // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 4523+ // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 4524+ // 4525+ // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 4526+ // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4527+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4528+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 4529+ // 4530+ // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 4531+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 4532+ // 4533+ // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 4534+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 4535+ // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 4536+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 4537+ // END android-removed 4538 4539 provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); 4540 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); 4541 4542- provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 4543- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 4544- 4545- provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 4546+ // BEGIN android-removed 4547+ // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 4548+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 4549+ // 4550+ // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 4551+ // END android-removed 4552 provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5"); 4553 provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1"); 4554 4555- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 4556+ // BEGIN android-removed 4557+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 4558+ // END android-removed 4559 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 4560 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 4561 4562- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 4563+ // BEGIN android-removed 4564+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 4565+ // END android-removed 4566 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory"); 4567 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory"); 4568 4569- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 4570+ // BEGIN android-removed 4571+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 4572+ // END android-removed 4573 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); 4574 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); 4575- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 4576+ // BEGIN android-removed 4577+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 4578+ // END android-removed 4579 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 4580 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 4581 } 4582diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/DESede.java 4583--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2013-12-03 20:18:20.000000000 +0000 4584+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2013-05-25 02:14:15.000000000 +0000 4585@@ -1,30 +1,42 @@ 4586 package org.bouncycastle.jcajce.provider.symmetric; 4587 4588-import java.security.AlgorithmParameters; 4589-import java.security.InvalidAlgorithmParameterException; 4590+// BEGIN android-removed 4591+// import java.security.AlgorithmParameters; 4592+// import java.security.InvalidAlgorithmParameterException; 4593+// END android-removed 4594 import java.security.SecureRandom; 4595-import java.security.spec.AlgorithmParameterSpec; 4596+// BEGIN android-removed 4597+// import java.security.spec.AlgorithmParameterSpec; 4598+// END android-removed 4599 import java.security.spec.InvalidKeySpecException; 4600 import java.security.spec.KeySpec; 4601 4602 import javax.crypto.SecretKey; 4603 import javax.crypto.spec.DESedeKeySpec; 4604-import javax.crypto.spec.IvParameterSpec; 4605+// BEGIN android-removed 4606+// import javax.crypto.spec.IvParameterSpec; 4607+// END android-removed 4608 import javax.crypto.spec.SecretKeySpec; 4609 4610 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 4611 import org.bouncycastle.crypto.KeyGenerationParameters; 4612 import org.bouncycastle.crypto.engines.DESedeEngine; 4613 import org.bouncycastle.crypto.engines.DESedeWrapEngine; 4614-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4615+// BEGIN android-removed 4616+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4617+// END android-removed 4618 import org.bouncycastle.crypto.generators.DESedeKeyGenerator; 4619 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 4620-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4621-import org.bouncycastle.crypto.macs.CMac; 4622+// BEGIN android-removed 4623+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4624+// import org.bouncycastle.crypto.macs.CMac; 4625+// END android-removed 4626 import org.bouncycastle.crypto.modes.CBCBlockCipher; 4627 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 4628 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 4629-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4630+// BEGIN android-removed 4631+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4632+// END android-removed 4633 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 4634 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 4635 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4636@@ -57,17 +69,19 @@ 4637 } 4638 } 4639 4640- /** 4641- * DESede CFB8 4642- */ 4643- public static class DESedeCFB8 4644- extends BaseMac 4645- { 4646- public DESedeCFB8() 4647- { 4648- super(new CFBBlockCipherMac(new DESedeEngine())); 4649- } 4650- } 4651+ // BEGIN android-removed 4652+ // /** 4653+ // * DESede CFB8 4654+ // */ 4655+ // public static class DESedeCFB8 4656+ // extends BaseMac 4657+ // { 4658+ // public DESedeCFB8() 4659+ // { 4660+ // super(new CFBBlockCipherMac(new DESedeEngine())); 4661+ // } 4662+ // } 4663+ // END android-removed 4664 4665 /** 4666 * DESede64 4667@@ -102,15 +116,17 @@ 4668 } 4669 } 4670 4671- static public class CMAC 4672- extends BaseMac 4673- { 4674- public CMAC() 4675- { 4676- super(new CMac(new DESedeEngine())); 4677- } 4678- } 4679- 4680+ // BEGIN android-removed 4681+ // static public class CMAC 4682+ // extends BaseMac 4683+ // { 4684+ // public CMAC() 4685+ // { 4686+ // super(new CMac(new DESedeEngine())); 4687+ // } 4688+ // } 4689+ // END android-removed 4690+ 4691 public static class Wrap 4692 extends BaseWrapCipher 4693 { 4694@@ -119,15 +135,17 @@ 4695 super(new DESedeWrapEngine()); 4696 } 4697 } 4698- 4699- public static class RFC3211 4700- extends BaseWrapCipher 4701- { 4702- public RFC3211() 4703- { 4704- super(new RFC3211WrapEngine(new DESedeEngine()), 8); 4705- } 4706- } 4707+ 4708+ // BEGIN android-removed 4709+ // public static class RFC3211 4710+ // extends BaseWrapCipher 4711+ // { 4712+ // public RFC3211() 4713+ // { 4714+ // super(new RFC3211WrapEngine(new DESedeEngine()), 8); 4715+ // } 4716+ // } 4717+ // END android-removed 4718 4719 /** 4720 * DESede - the default for this is to generate a key in 4721@@ -241,43 +259,45 @@ 4722 } 4723 } 4724 4725- public static class AlgParamGen 4726- extends BaseAlgorithmParameterGenerator 4727- { 4728- protected void engineInit( 4729- AlgorithmParameterSpec genParamSpec, 4730- SecureRandom random) 4731- throws InvalidAlgorithmParameterException 4732- { 4733- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 4734- } 4735- 4736- protected AlgorithmParameters engineGenerateParameters() 4737- { 4738- byte[] iv = new byte[8]; 4739- 4740- if (random == null) 4741- { 4742- random = new SecureRandom(); 4743- } 4744- 4745- random.nextBytes(iv); 4746- 4747- AlgorithmParameters params; 4748- 4749- try 4750- { 4751- params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 4752- params.init(new IvParameterSpec(iv)); 4753- } 4754- catch (Exception e) 4755- { 4756- throw new RuntimeException(e.getMessage()); 4757- } 4758- 4759- return params; 4760- } 4761- } 4762+ // BEGIN android-removed 4763+ // public static class AlgParamGen 4764+ // extends BaseAlgorithmParameterGenerator 4765+ // { 4766+ // protected void engineInit( 4767+ // AlgorithmParameterSpec genParamSpec, 4768+ // SecureRandom random) 4769+ // throws InvalidAlgorithmParameterException 4770+ // { 4771+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 4772+ // } 4773+ // 4774+ // protected AlgorithmParameters engineGenerateParameters() 4775+ // { 4776+ // byte[] iv = new byte[8]; 4777+ // 4778+ // if (random == null) 4779+ // { 4780+ // random = new SecureRandom(); 4781+ // } 4782+ // 4783+ // random.nextBytes(iv); 4784+ // 4785+ // AlgorithmParameters params; 4786+ // 4787+ // try 4788+ // { 4789+ // params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); 4790+ // params.init(new IvParameterSpec(iv)); 4791+ // } 4792+ // catch (Exception e) 4793+ // { 4794+ // throw new RuntimeException(e.getMessage()); 4795+ // } 4796+ // 4797+ // return params; 4798+ // } 4799+ // } 4800+ // END android-removed 4801 4802 static public class KeyFactory 4803 extends BaseSecretKeyFactory 4804@@ -361,25 +381,37 @@ 4805 public void configure(ConfigurableProvider provider) 4806 { 4807 provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); 4808- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 4809+ // BEGIN android-removed 4810+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 4811+ // END android-removed 4812 provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); 4813- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap"); 4814- provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 4815+ // BEGIN android-changed 4816+ provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); 4817+ // END android-changed 4818+ // BEGIN android-removed 4819+ // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 4820+ // END android-removed 4821 4822 provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE"); 4823 provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP"); 4824 provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); 4825 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE"); 4826- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 4827+ // BEGIN android-removed 4828+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 4829+ // END android-removed 4830 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); 4831 4832 if (provider.hasAlgorithm("MessageDigest", "SHA-1")) 4833 { 4834 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); 4835- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 4836- provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 4837+ // BEGIN android-removed 4838+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 4839+ // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 4840+ // END android-removed 4841 provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); 4842- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 4843+ // BEGIN android-removed 4844+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 4845+ // END android-removed 4846 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 4847 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 4848 provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 4849@@ -388,31 +420,37 @@ 4850 } 4851 4852 provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); 4853- provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 4854- provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 4855+ // BEGIN android-removed 4856+ // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 4857+ // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 4858+ // END android-removed 4859 4860 provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); 4861 4862- provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 4863- provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 4864- provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 4865- 4866- provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 4867- provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 4868- 4869- provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 4870- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 4871- 4872- provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 4873- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4874- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4875- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4876+ // BEGIN android-removed 4877+ // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 4878+ // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 4879+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 4880+ // 4881+ // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 4882+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 4883+ // 4884+ // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 4885+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 4886+ // 4887+ // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 4888+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4889+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4890+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 4891+ // END android-removed 4892 4893 provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); 4894 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4895 4896- provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 4897- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4898+ // BEGIN android-removed 4899+ // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 4900+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 4901+ // END android-removed 4902 4903 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory"); 4904 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory"); 4905diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/RC2.java 4906--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2013-12-03 20:18:20.000000000 +0000 4907+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2013-05-25 02:14:15.000000000 +0000 4908@@ -12,24 +12,34 @@ 4909 4910 import org.bouncycastle.asn1.ASN1Primitive; 4911 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 4912-import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 4913-import org.bouncycastle.crypto.CipherKeyGenerator; 4914+// BEGIN android-removed 4915+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 4916+// import org.bouncycastle.crypto.CipherKeyGenerator; 4917+// END android-removed 4918 import org.bouncycastle.crypto.engines.RC2Engine; 4919-import org.bouncycastle.crypto.engines.RC2WrapEngine; 4920-import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 4921-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4922+// BEGIN android-removed 4923+// import org.bouncycastle.crypto.engines.RC2WrapEngine; 4924+// import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 4925+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 4926+// END android-removed 4927 import org.bouncycastle.crypto.modes.CBCBlockCipher; 4928 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 4929-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4930-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 4931+// BEGIN android-removed 4932+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4933+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 4934+// END android-removed 4935 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 4936-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 4937-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4938-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 4939+// BEGIN android-removed 4940+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 4941+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4942+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 4943+// END android-removed 4944 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 4945 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; 4946 import org.bouncycastle.jce.provider.BouncyCastleProvider; 4947-import org.bouncycastle.util.Arrays; 4948+// BEGIN android-removed 4949+// import org.bouncycastle.util.Arrays; 4950+// END android-removed 4951 4952 public final class RC2 4953 { 4954@@ -37,59 +47,61 @@ 4955 { 4956 } 4957 4958- /** 4959- * RC2 4960- */ 4961- static public class ECB 4962- extends BaseBlockCipher 4963- { 4964- public ECB() 4965- { 4966- super(new RC2Engine()); 4967- } 4968- } 4969- 4970- /** 4971- * RC2CBC 4972- */ 4973- static public class CBC 4974- extends BaseBlockCipher 4975- { 4976- public CBC() 4977- { 4978- super(new CBCBlockCipher(new RC2Engine()), 64); 4979- } 4980- } 4981- 4982- public static class Wrap 4983- extends BaseWrapCipher 4984- { 4985- public Wrap() 4986- { 4987- super(new RC2WrapEngine()); 4988- } 4989- } 4990- 4991- /** 4992- * RC2 4993- */ 4994- public static class CBCMAC 4995- extends BaseMac 4996- { 4997- public CBCMAC() 4998- { 4999- super(new CBCBlockCipherMac(new RC2Engine())); 5000- } 5001- } 5002- 5003- public static class CFB8MAC 5004- extends BaseMac 5005- { 5006- public CFB8MAC() 5007- { 5008- super(new CFBBlockCipherMac(new RC2Engine())); 5009- } 5010- } 5011+ // BEGIN android-removed 5012+ // /** 5013+ // * RC2 5014+ // */ 5015+ // static public class ECB 5016+ // extends BaseBlockCipher 5017+ // { 5018+ // public ECB() 5019+ // { 5020+ // super(new RC2Engine()); 5021+ // } 5022+ // } 5023+ // 5024+ // /** 5025+ // * RC2CBC 5026+ // */ 5027+ // static public class CBC 5028+ // extends BaseBlockCipher 5029+ // { 5030+ // public CBC() 5031+ // { 5032+ // super(new CBCBlockCipher(new RC2Engine()), 64); 5033+ // } 5034+ // } 5035+ // 5036+ // public static class Wrap 5037+ // extends BaseWrapCipher 5038+ // { 5039+ // public Wrap() 5040+ // { 5041+ // super(new RC2WrapEngine()); 5042+ // } 5043+ // } 5044+ // 5045+ // /** 5046+ // * RC2 5047+ // */ 5048+ // public static class CBCMAC 5049+ // extends BaseMac 5050+ // { 5051+ // public CBCMAC() 5052+ // { 5053+ // super(new CBCBlockCipherMac(new RC2Engine())); 5054+ // } 5055+ // } 5056+ // 5057+ // public static class CFB8MAC 5058+ // extends BaseMac 5059+ // { 5060+ // public CFB8MAC() 5061+ // { 5062+ // super(new CFBBlockCipherMac(new RC2Engine())); 5063+ // } 5064+ // } 5065+ // END android-removed 5066 5067 /** 5068 * PBEWithSHA1AndRC2 5069@@ -175,17 +187,19 @@ 5070 } 5071 } 5072 5073- /** 5074- * PBEWithMD2AndRC2 5075- */ 5076- static public class PBEWithMD2KeyFactory 5077- extends PBESecretKeyFactory 5078- { 5079- public PBEWithMD2KeyFactory() 5080- { 5081- super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 5082- } 5083- } 5084+ // BEGIN android-removed 5085+ // /** 5086+ // * PBEWithMD2AndRC2 5087+ // */ 5088+ // static public class PBEWithMD2KeyFactory 5089+ // extends PBESecretKeyFactory 5090+ // { 5091+ // public PBEWithMD2KeyFactory() 5092+ // { 5093+ // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 5094+ // } 5095+ // } 5096+ // END android-removed 5097 5098 /** 5099 * PBEWithMD5AndRC2 5100@@ -199,247 +213,249 @@ 5101 } 5102 } 5103 5104- public static class AlgParamGen 5105- extends BaseAlgorithmParameterGenerator 5106- { 5107- RC2ParameterSpec spec = null; 5108- 5109- protected void engineInit( 5110- AlgorithmParameterSpec genParamSpec, 5111- SecureRandom random) 5112- throws InvalidAlgorithmParameterException 5113- { 5114- if (genParamSpec instanceof RC2ParameterSpec) 5115- { 5116- spec = (RC2ParameterSpec)genParamSpec; 5117- return; 5118- } 5119- 5120- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 5121- } 5122- 5123- protected AlgorithmParameters engineGenerateParameters() 5124- { 5125- AlgorithmParameters params; 5126- 5127- if (spec == null) 5128- { 5129- byte[] iv = new byte[8]; 5130- 5131- if (random == null) 5132- { 5133- random = new SecureRandom(); 5134- } 5135- 5136- random.nextBytes(iv); 5137- 5138- try 5139- { 5140- params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); 5141- params.init(new IvParameterSpec(iv)); 5142- } 5143- catch (Exception e) 5144- { 5145- throw new RuntimeException(e.getMessage()); 5146- } 5147- } 5148- else 5149- { 5150- try 5151- { 5152- params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); 5153- params.init(spec); 5154- } 5155- catch (Exception e) 5156- { 5157- throw new RuntimeException(e.getMessage()); 5158- } 5159- } 5160- 5161- return params; 5162- } 5163- } 5164- 5165- public static class KeyGenerator 5166- extends BaseKeyGenerator 5167- { 5168- public KeyGenerator() 5169- { 5170- super("RC2", 128, new CipherKeyGenerator()); 5171- } 5172- } 5173- 5174- public static class AlgParams 5175- extends BaseAlgorithmParameters 5176- { 5177- private static final short[] table = { 5178- 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 5179- 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 5180- 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 5181- 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 5182- 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 5183- 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 5184- 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 5185- 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 5186- 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 5187- 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 5188- 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 5189- 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 5190- 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 5191- 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 5192- 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 5193- 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 5194- }; 5195- 5196- private static final short[] ekb = { 5197- 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 5198- 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 5199- 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 5200- 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 5201- 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 5202- 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 5203- 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 5204- 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 5205- 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 5206- 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 5207- 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 5208- 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 5209- 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 5210- 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 5211- 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 5212- 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 5213- }; 5214- 5215- private byte[] iv; 5216- private int parameterVersion = 58; 5217- 5218- protected byte[] engineGetEncoded() 5219- { 5220- return Arrays.clone(iv); 5221- } 5222- 5223- protected byte[] engineGetEncoded( 5224- String format) 5225- throws IOException 5226- { 5227- if (this.isASN1FormatString(format)) 5228- { 5229- if (parameterVersion == -1) 5230- { 5231- return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 5232- } 5233- else 5234- { 5235- return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 5236- } 5237- } 5238- 5239- if (format.equals("RAW")) 5240- { 5241- return engineGetEncoded(); 5242- } 5243- 5244- return null; 5245- } 5246- 5247- protected AlgorithmParameterSpec localEngineGetParameterSpec( 5248- Class paramSpec) 5249- throws InvalidParameterSpecException 5250- { 5251- if (paramSpec == RC2ParameterSpec.class) 5252- { 5253- if (parameterVersion != -1) 5254- { 5255- if (parameterVersion < 256) 5256- { 5257- return new RC2ParameterSpec(ekb[parameterVersion], iv); 5258- } 5259- else 5260- { 5261- return new RC2ParameterSpec(parameterVersion, iv); 5262- } 5263- } 5264- } 5265- 5266- if (paramSpec == IvParameterSpec.class) 5267- { 5268- return new IvParameterSpec(iv); 5269- } 5270- 5271- throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 5272- } 5273- 5274- protected void engineInit( 5275- AlgorithmParameterSpec paramSpec) 5276- throws InvalidParameterSpecException 5277- { 5278- if (paramSpec instanceof IvParameterSpec) 5279- { 5280- this.iv = ((IvParameterSpec)paramSpec).getIV(); 5281- } 5282- else if (paramSpec instanceof RC2ParameterSpec) 5283- { 5284- int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 5285- if (effKeyBits != -1) 5286- { 5287- if (effKeyBits < 256) 5288- { 5289- parameterVersion = table[effKeyBits]; 5290- } 5291- else 5292- { 5293- parameterVersion = effKeyBits; 5294- } 5295- } 5296- 5297- this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 5298- } 5299- else 5300- { 5301- throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 5302- } 5303- } 5304- 5305- protected void engineInit( 5306- byte[] params) 5307- throws IOException 5308- { 5309- this.iv = Arrays.clone(params); 5310- } 5311- 5312- protected void engineInit( 5313- byte[] params, 5314- String format) 5315- throws IOException 5316- { 5317- if (this.isASN1FormatString(format)) 5318- { 5319- RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 5320- 5321- if (p.getRC2ParameterVersion() != null) 5322- { 5323- parameterVersion = p.getRC2ParameterVersion().intValue(); 5324- } 5325- 5326- iv = p.getIV(); 5327- 5328- return; 5329- } 5330- 5331- if (format.equals("RAW")) 5332- { 5333- engineInit(params); 5334- return; 5335- } 5336- 5337- throw new IOException("Unknown parameters format in IV parameters object"); 5338- } 5339- 5340- protected String engineToString() 5341- { 5342- return "RC2 Parameters"; 5343- } 5344- } 5345+ // BEGIN android-removed 5346+ // public static class AlgParamGen 5347+ // extends BaseAlgorithmParameterGenerator 5348+ // { 5349+ // RC2ParameterSpec spec = null; 5350+ // 5351+ // protected void engineInit( 5352+ // AlgorithmParameterSpec genParamSpec, 5353+ // SecureRandom random) 5354+ // throws InvalidAlgorithmParameterException 5355+ // { 5356+ // if (genParamSpec instanceof RC2ParameterSpec) 5357+ // { 5358+ // spec = (RC2ParameterSpec)genParamSpec; 5359+ // return; 5360+ // } 5361+ // 5362+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 5363+ // } 5364+ // 5365+ // protected AlgorithmParameters engineGenerateParameters() 5366+ // { 5367+ // AlgorithmParameters params; 5368+ // 5369+ // if (spec == null) 5370+ // { 5371+ // byte[] iv = new byte[8]; 5372+ // 5373+ // if (random == null) 5374+ // { 5375+ // random = new SecureRandom(); 5376+ // } 5377+ // 5378+ // random.nextBytes(iv); 5379+ // 5380+ // try 5381+ // { 5382+ // params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); 5383+ // params.init(new IvParameterSpec(iv)); 5384+ // } 5385+ // catch (Exception e) 5386+ // { 5387+ // throw new RuntimeException(e.getMessage()); 5388+ // } 5389+ // } 5390+ // else 5391+ // { 5392+ // try 5393+ // { 5394+ // params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); 5395+ // params.init(spec); 5396+ // } 5397+ // catch (Exception e) 5398+ // { 5399+ // throw new RuntimeException(e.getMessage()); 5400+ // } 5401+ // } 5402+ // 5403+ // return params; 5404+ // } 5405+ // } 5406+ // 5407+ // public static class KeyGenerator 5408+ // extends BaseKeyGenerator 5409+ // { 5410+ // public KeyGenerator() 5411+ // { 5412+ // super("RC2", 128, new CipherKeyGenerator()); 5413+ // } 5414+ // } 5415+ // 5416+ // public static class AlgParams 5417+ // extends BaseAlgorithmParameters 5418+ // { 5419+ // private static final short[] table = { 5420+ // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 5421+ // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 5422+ // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 5423+ // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 5424+ // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 5425+ // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 5426+ // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 5427+ // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 5428+ // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 5429+ // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 5430+ // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 5431+ // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 5432+ // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 5433+ // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 5434+ // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 5435+ // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 5436+ // }; 5437+ // 5438+ // private static final short[] ekb = { 5439+ // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 5440+ // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 5441+ // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 5442+ // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 5443+ // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 5444+ // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 5445+ // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 5446+ // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 5447+ // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 5448+ // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 5449+ // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 5450+ // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 5451+ // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 5452+ // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 5453+ // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 5454+ // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 5455+ // }; 5456+ // 5457+ // private byte[] iv; 5458+ // private int parameterVersion = 58; 5459+ // 5460+ // protected byte[] engineGetEncoded() 5461+ // { 5462+ // return Arrays.clone(iv); 5463+ // } 5464+ // 5465+ // protected byte[] engineGetEncoded( 5466+ // String format) 5467+ // throws IOException 5468+ // { 5469+ // if (this.isASN1FormatString(format)) 5470+ // { 5471+ // if (parameterVersion == -1) 5472+ // { 5473+ // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 5474+ // } 5475+ // else 5476+ // { 5477+ // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 5478+ // } 5479+ // } 5480+ // 5481+ // if (format.equals("RAW")) 5482+ // { 5483+ // return engineGetEncoded(); 5484+ // } 5485+ // 5486+ // return null; 5487+ // } 5488+ // 5489+ // protected AlgorithmParameterSpec localEngineGetParameterSpec( 5490+ // Class paramSpec) 5491+ // throws InvalidParameterSpecException 5492+ // { 5493+ // if (paramSpec == RC2ParameterSpec.class) 5494+ // { 5495+ // if (parameterVersion != -1) 5496+ // { 5497+ // if (parameterVersion < 256) 5498+ // { 5499+ // return new RC2ParameterSpec(ekb[parameterVersion], iv); 5500+ // } 5501+ // else 5502+ // { 5503+ // return new RC2ParameterSpec(parameterVersion, iv); 5504+ // } 5505+ // } 5506+ // } 5507+ // 5508+ // if (paramSpec == IvParameterSpec.class) 5509+ // { 5510+ // return new IvParameterSpec(iv); 5511+ // } 5512+ // 5513+ // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 5514+ // } 5515+ // 5516+ // protected void engineInit( 5517+ // AlgorithmParameterSpec paramSpec) 5518+ // throws InvalidParameterSpecException 5519+ // { 5520+ // if (paramSpec instanceof IvParameterSpec) 5521+ // { 5522+ // this.iv = ((IvParameterSpec)paramSpec).getIV(); 5523+ // } 5524+ // else if (paramSpec instanceof RC2ParameterSpec) 5525+ // { 5526+ // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 5527+ // if (effKeyBits != -1) 5528+ // { 5529+ // if (effKeyBits < 256) 5530+ // { 5531+ // parameterVersion = table[effKeyBits]; 5532+ // } 5533+ // else 5534+ // { 5535+ // parameterVersion = effKeyBits; 5536+ // } 5537+ // } 5538+ // 5539+ // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 5540+ // } 5541+ // else 5542+ // { 5543+ // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 5544+ // } 5545+ // } 5546+ // 5547+ // protected void engineInit( 5548+ // byte[] params) 5549+ // throws IOException 5550+ // { 5551+ // this.iv = Arrays.clone(params); 5552+ // } 5553+ // 5554+ // protected void engineInit( 5555+ // byte[] params, 5556+ // String format) 5557+ // throws IOException 5558+ // { 5559+ // if (this.isASN1FormatString(format)) 5560+ // { 5561+ // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 5562+ // 5563+ // if (p.getRC2ParameterVersion() != null) 5564+ // { 5565+ // parameterVersion = p.getRC2ParameterVersion().intValue(); 5566+ // } 5567+ // 5568+ // iv = p.getIV(); 5569+ // 5570+ // return; 5571+ // } 5572+ // 5573+ // if (format.equals("RAW")) 5574+ // { 5575+ // engineInit(params); 5576+ // return; 5577+ // } 5578+ // 5579+ // throw new IOException("Unknown parameters format in IV parameters object"); 5580+ // } 5581+ // 5582+ // protected String engineToString() 5583+ // { 5584+ // return "RC2 Parameters"; 5585+ // } 5586+ // } 5587+ // END android-removed 5588 5589 public static class Mappings 5590 extends AlgorithmProvider 5591@@ -453,32 +469,36 @@ 5592 public void configure(ConfigurableProvider provider) 5593 { 5594 5595- provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 5596- provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 5597- 5598- provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 5599- provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 5600- 5601- provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 5602- provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 5603- 5604- provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 5605- provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 5606- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 5607- provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 5608- 5609- provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 5610- provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 5611- provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 5612- provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 5613- 5614- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 5615+ // BEGIN android-removed 5616+ // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 5617+ // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 5618+ // 5619+ // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 5620+ // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 5621+ // 5622+ // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 5623+ // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 5624+ // 5625+ // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 5626+ // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 5627+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 5628+ // provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 5629+ // 5630+ // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 5631+ // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 5632+ // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 5633+ // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 5634+ // 5635+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 5636+ // END android-removed 5637 5638 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); 5639 5640 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); 5641 5642- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 5643+ // BEGIN android-removed 5644+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 5645+ // END android-removed 5646 5647 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 5648 5649@@ -486,14 +506,18 @@ 5650 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC"); 5651 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC"); 5652 5653- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 5654+ // BEGIN android-removed 5655+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 5656+ // END android-removed 5657 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory"); 5658 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory"); 5659 5660 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory"); 5661 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory"); 5662 5663- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 5664+ // BEGIN android-removed 5665+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 5666+ // END android-removed 5667 5668 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 5669 5670diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 5671--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2013-12-03 20:18:20.000000000 +0000 5672+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2013-12-12 00:35:05.000000000 +0000 5673@@ -6,29 +6,31 @@ 5674 abstract class SymmetricAlgorithmProvider 5675 extends AlgorithmProvider 5676 { 5677- protected void addGMacAlgorithm( 5678- ConfigurableProvider provider, 5679- String algorithm, 5680- String algorithmClassName, 5681- String keyGeneratorClassName) 5682- { 5683- provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 5684- provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 5685- 5686- provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 5687- provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 5688- } 5689- 5690- protected void addPoly1305Algorithm(ConfigurableProvider provider, 5691- String algorithm, 5692- String algorithmClassName, 5693- String keyGeneratorClassName) 5694- { 5695- provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 5696- provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 5697- 5698- provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 5699- provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 5700- } 5701+ // BEGIN android-removed 5702+ // protected void addGMacAlgorithm( 5703+ // ConfigurableProvider provider, 5704+ // String algorithm, 5705+ // String algorithmClassName, 5706+ // String keyGeneratorClassName) 5707+ // { 5708+ // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 5709+ // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 5710+ // 5711+ // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 5712+ // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 5713+ // } 5714+ // 5715+ // protected void addPoly1305Algorithm(ConfigurableProvider provider, 5716+ // String algorithm, 5717+ // String algorithmClassName, 5718+ // String keyGeneratorClassName) 5719+ // { 5720+ // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 5721+ // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 5722+ // 5723+ // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 5724+ // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 5725+ // } 5726+ // END android-removed 5727 5728 } 5729diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 5730--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2013-12-03 20:18:20.000000000 +0000 5731+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2013-12-12 00:35:05.000000000 +0000 5732@@ -1,18 +1,26 @@ 5733 package org.bouncycastle.jcajce.provider.symmetric; 5734 5735-import org.bouncycastle.crypto.BlockCipher; 5736-import org.bouncycastle.crypto.CipherKeyGenerator; 5737+// BEGIN android-removed 5738+// import org.bouncycastle.crypto.BlockCipher; 5739+// import org.bouncycastle.crypto.CipherKeyGenerator; 5740+// END android-removed 5741 import org.bouncycastle.crypto.engines.TwofishEngine; 5742-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 5743-import org.bouncycastle.crypto.macs.GMac; 5744+// BEGIN android-removed 5745+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 5746+// import org.bouncycastle.crypto.macs.GMac; 5747+// END android-removed 5748 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5749-import org.bouncycastle.crypto.modes.GCMBlockCipher; 5750+// BEGIN android-removed 5751+// import org.bouncycastle.crypto.modes.GCMBlockCipher; 5752+// END android-removed 5753 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 5754 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 5755-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5756-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5757-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 5758-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 5759+// BEGIN android-removed 5760+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5761+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5762+// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 5763+// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 5764+// END android-removed 5765 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 5766 5767 public final class Twofish 5768@@ -21,56 +29,58 @@ 5769 { 5770 } 5771 5772- public static class ECB 5773- extends BaseBlockCipher 5774- { 5775- public ECB() 5776- { 5777- super(new BlockCipherProvider() 5778- { 5779- public BlockCipher get() 5780- { 5781- return new TwofishEngine(); 5782- } 5783- }); 5784- } 5785- } 5786- 5787- public static class KeyGen 5788- extends BaseKeyGenerator 5789- { 5790- public KeyGen() 5791- { 5792- super("Twofish", 256, new CipherKeyGenerator()); 5793- } 5794- } 5795- 5796- public static class GMAC 5797- extends BaseMac 5798- { 5799- public GMAC() 5800- { 5801- super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 5802- } 5803- } 5804- 5805- public static class Poly1305 5806- extends BaseMac 5807- { 5808- public Poly1305() 5809- { 5810- super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 5811- } 5812- } 5813- 5814- public static class Poly1305KeyGen 5815- extends BaseKeyGenerator 5816- { 5817- public Poly1305KeyGen() 5818- { 5819- super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 5820- } 5821- } 5822+ // BEGIN android-removed 5823+ // public static class ECB 5824+ // extends BaseBlockCipher 5825+ // { 5826+ // public ECB() 5827+ // { 5828+ // super(new BlockCipherProvider() 5829+ // { 5830+ // public BlockCipher get() 5831+ // { 5832+ // return new TwofishEngine(); 5833+ // } 5834+ // }); 5835+ // } 5836+ // } 5837+ // 5838+ // public static class KeyGen 5839+ // extends BaseKeyGenerator 5840+ // { 5841+ // public KeyGen() 5842+ // { 5843+ // super("Twofish", 256, new CipherKeyGenerator()); 5844+ // } 5845+ // } 5846+ // 5847+ // public static class GMAC 5848+ // extends BaseMac 5849+ // { 5850+ // public GMAC() 5851+ // { 5852+ // super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 5853+ // } 5854+ // } 5855+ // 5856+ // public static class Poly1305 5857+ // extends BaseMac 5858+ // { 5859+ // public Poly1305() 5860+ // { 5861+ // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 5862+ // } 5863+ // } 5864+ // 5865+ // public static class Poly1305KeyGen 5866+ // extends BaseKeyGenerator 5867+ // { 5868+ // public Poly1305KeyGen() 5869+ // { 5870+ // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 5871+ // } 5872+ // } 5873+ // END android-removed 5874 5875 /** 5876 * PBEWithSHAAndTwofish-CBC 5877@@ -96,14 +106,16 @@ 5878 } 5879 } 5880 5881- public static class AlgParams 5882- extends IvAlgorithmParameters 5883- { 5884- protected String engineToString() 5885- { 5886- return "Twofish IV"; 5887- } 5888- } 5889+ // BEGIN android-removed 5890+ // public static class AlgParams 5891+ // extends IvAlgorithmParameters 5892+ // { 5893+ // protected String engineToString() 5894+ // { 5895+ // return "Twofish IV"; 5896+ // } 5897+ // } 5898+ // END android-removed 5899 5900 public static class Mappings 5901 extends SymmetricAlgorithmProvider 5902@@ -116,17 +128,21 @@ 5903 5904 public void configure(ConfigurableProvider provider) 5905 { 5906- provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 5907- provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 5908- provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 5909+ // BEGIN android-removed 5910+ // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 5911+ // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 5912+ // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 5913+ // END android-removed 5914 5915 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 5916 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 5917 provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA"); 5918 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory"); 5919 5920- addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 5921- addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 5922+ // BEGIN android-removed 5923+ // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 5924+ // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 5925+ // END android-removed 5926 } 5927 } 5928 } 5929diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 5930--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2013-12-03 20:18:20.000000000 +0000 5931+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2013-12-13 23:56:53.000000000 +0000 5932@@ -19,8 +19,10 @@ 5933 import javax.crypto.ShortBufferException; 5934 import javax.crypto.spec.IvParameterSpec; 5935 import javax.crypto.spec.PBEParameterSpec; 5936-import javax.crypto.spec.RC2ParameterSpec; 5937-import javax.crypto.spec.RC5ParameterSpec; 5938+// BEGIN android-removed 5939+// import javax.crypto.spec.RC2ParameterSpec; 5940+// import javax.crypto.spec.RC5ParameterSpec; 5941+// END android-removed 5942 5943 import org.bouncycastle.asn1.cms.GCMParameters; 5944 import org.bouncycastle.crypto.BlockCipher; 5945@@ -34,14 +36,20 @@ 5946 import org.bouncycastle.crypto.modes.CCMBlockCipher; 5947 import org.bouncycastle.crypto.modes.CFBBlockCipher; 5948 import org.bouncycastle.crypto.modes.CTSBlockCipher; 5949-import org.bouncycastle.crypto.modes.EAXBlockCipher; 5950-import org.bouncycastle.crypto.modes.GCFBBlockCipher; 5951+// BEGIN android-removed 5952+// import org.bouncycastle.crypto.modes.EAXBlockCipher; 5953+// import org.bouncycastle.crypto.modes.GCFBBlockCipher; 5954+// END android-removed 5955 import org.bouncycastle.crypto.modes.GCMBlockCipher; 5956-import org.bouncycastle.crypto.modes.GOFBBlockCipher; 5957-import org.bouncycastle.crypto.modes.OCBBlockCipher; 5958+// BEGIN android-removed 5959+// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 5960+// import org.bouncycastle.crypto.modes.OCBBlockCipher; 5961+// END android-removed 5962 import org.bouncycastle.crypto.modes.OFBBlockCipher; 5963-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 5964-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 5965+// BEGIN android-removed 5966+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 5967+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 5968+// END android-removed 5969 import org.bouncycastle.crypto.modes.SICBlockCipher; 5970 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 5971 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 5972@@ -54,11 +62,15 @@ 5973 import org.bouncycastle.crypto.params.KeyParameter; 5974 import org.bouncycastle.crypto.params.ParametersWithIV; 5975 import org.bouncycastle.crypto.params.ParametersWithRandom; 5976-import org.bouncycastle.crypto.params.ParametersWithSBox; 5977+// BEGIN android-removed 5978+// import org.bouncycastle.crypto.params.ParametersWithSBox; 5979+// END android-removed 5980 import org.bouncycastle.crypto.params.RC2Parameters; 5981-import org.bouncycastle.crypto.params.RC5Parameters; 5982-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 5983-import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 5984+// BEGIN android-removed 5985+// import org.bouncycastle.crypto.params.RC5Parameters; 5986+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 5987+// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 5988+// END android-removed 5989 import org.bouncycastle.jce.provider.BouncyCastleProvider; 5990 import org.bouncycastle.util.Strings; 5991 5992@@ -73,11 +85,15 @@ 5993 // 5994 private Class[] availableSpecs = 5995 { 5996- RC2ParameterSpec.class, 5997- RC5ParameterSpec.class, 5998+ // BEGIN android-removed 5999+ // RC2ParameterSpec.class, 6000+ // RC5ParameterSpec.class, 6001+ // END android-removed 6002 IvParameterSpec.class, 6003 PBEParameterSpec.class, 6004- GOST28147ParameterSpec.class, 6005+ // BEGIN android-removed 6006+ // GOST28147ParameterSpec.class, 6007+ // END android-removed 6008 gcmSpecClass 6009 }; 6010 6011@@ -162,6 +178,11 @@ 6012 6013 protected byte[] engineGetIV() 6014 { 6015+ // BEGIN android-added 6016+ if (aeadParams != null) { 6017+ return aeadParams.getNonce(); 6018+ } 6019+ // END android-added 6020 return (ivParam != null) ? ivParam.getIV() : null; 6021 } 6022 6023@@ -278,48 +299,52 @@ 6024 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 6025 } 6026 } 6027- else if (modeName.startsWith("PGP")) 6028- { 6029- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6030- 6031- ivLength = baseEngine.getBlockSize(); 6032- cipher = new BufferedGenericBlockCipher( 6033- new PGPCFBBlockCipher(baseEngine, inlineIV)); 6034- } 6035- else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6036- { 6037- ivLength = 0; 6038- cipher = new BufferedGenericBlockCipher( 6039- new OpenPGPCFBBlockCipher(baseEngine)); 6040- } 6041- else if (modeName.startsWith("SIC")) 6042- { 6043- ivLength = baseEngine.getBlockSize(); 6044- if (ivLength < 16) 6045- { 6046- throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6047- } 6048- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6049- new SICBlockCipher(baseEngine))); 6050- } 6051+ // BEGIN android-removed 6052+ // else if (modeName.startsWith("PGP")) 6053+ // { 6054+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6055+ // 6056+ // ivLength = baseEngine.getBlockSize(); 6057+ // cipher = new BufferedGenericBlockCipher( 6058+ // new PGPCFBBlockCipher(baseEngine, inlineIV)); 6059+ // } 6060+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6061+ // { 6062+ // ivLength = 0; 6063+ // cipher = new BufferedGenericBlockCipher( 6064+ // new OpenPGPCFBBlockCipher(baseEngine)); 6065+ // } 6066+ // else if (modeName.startsWith("SIC")) 6067+ // { 6068+ // ivLength = baseEngine.getBlockSize(); 6069+ // if (ivLength < 16) 6070+ // { 6071+ // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6072+ // } 6073+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6074+ // new SICBlockCipher(baseEngine))); 6075+ // } 6076+ // END android-removed 6077 else if (modeName.startsWith("CTR")) 6078 { 6079 ivLength = baseEngine.getBlockSize(); 6080 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6081 new SICBlockCipher(baseEngine))); 6082 } 6083- else if (modeName.startsWith("GOFB")) 6084- { 6085- ivLength = baseEngine.getBlockSize(); 6086- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6087- new GOFBBlockCipher(baseEngine))); 6088- } 6089- else if (modeName.startsWith("GCFB")) 6090- { 6091- ivLength = baseEngine.getBlockSize(); 6092- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6093- new GCFBBlockCipher(baseEngine))); 6094- } 6095+ // BEGIN android-removed 6096+ // else if (modeName.startsWith("GOFB")) 6097+ // { 6098+ // ivLength = baseEngine.getBlockSize(); 6099+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6100+ // new GOFBBlockCipher(baseEngine))); 6101+ // } 6102+ // else if (modeName.startsWith("GCFB")) 6103+ // { 6104+ // ivLength = baseEngine.getBlockSize(); 6105+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6106+ // new GCFBBlockCipher(baseEngine))); 6107+ // } 6108+ // END android-removed 6109 else if (modeName.startsWith("CTS")) 6110 { 6111 ivLength = baseEngine.getBlockSize(); 6112@@ -330,24 +355,26 @@ 6113 ivLength = 13; // CCM nonce 7..13 bytes 6114 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 6115 } 6116- else if (modeName.startsWith("OCB")) 6117- { 6118- if (engineProvider != null) 6119- { 6120- // Nonce restricted to max 120 bits over 128 bit block cipher since draft-irtf-cfrg-ocb-03 6121- ivLength = 15; 6122- cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 6123- } 6124- else 6125- { 6126- throw new NoSuchAlgorithmException("can't support mode " + mode); 6127- } 6128- } 6129- else if (modeName.startsWith("EAX")) 6130- { 6131- ivLength = baseEngine.getBlockSize(); 6132- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6133- } 6134+ // BEGIN android-removed 6135+ // else if (modeName.startsWith("OCB")) 6136+ // { 6137+ // if (engineProvider != null) 6138+ // { 6139+ // // Nonce restricted to max 120 bits over 128 bit block cipher since draft-irtf-cfrg-ocb-03 6140+ // ivLength = 15; 6141+ // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 6142+ // } 6143+ // else 6144+ // { 6145+ // throw new NoSuchAlgorithmException("can't support mode " + mode); 6146+ // } 6147+ // } 6148+ // else if (modeName.startsWith("EAX")) 6149+ // { 6150+ // ivLength = baseEngine.getBlockSize(); 6151+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6152+ // } 6153+ // END android-removed 6154 else if (modeName.startsWith("GCM")) 6155 { 6156 ivLength = baseEngine.getBlockSize(); 6157@@ -470,18 +497,20 @@ 6158 6159 param = new ParametersWithIV(param, iv.getIV()); 6160 } 6161- else if (params instanceof GOST28147ParameterSpec) 6162- { 6163- // need to pick up IV and SBox. 6164- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6165- 6166- param = new ParametersWithSBox(param, gost28147Param.getSbox()); 6167- 6168- if (gost28147Param.getIV() != null && ivLength != 0) 6169- { 6170- param = new ParametersWithIV(param, gost28147Param.getIV()); 6171- } 6172- } 6173+ // BEGIN android-removed 6174+ // else if (params instanceof GOST28147ParameterSpec) 6175+ // { 6176+ // // need to pick up IV and SBox. 6177+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6178+ // 6179+ // param = new ParametersWithSBox(param, gost28147Param.getSbox()); 6180+ // 6181+ // if (gost28147Param.getIV() != null && ivLength != 0) 6182+ // { 6183+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 6184+ // } 6185+ // } 6186+ // END android-removed 6187 } 6188 else if (params instanceof PBEParameterSpec) 6189 { 6190@@ -513,12 +542,14 @@ 6191 throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long."); 6192 } 6193 6194- if (key instanceof RepeatedSecretKeySpec) 6195- { 6196- param = new ParametersWithIV(null, p.getIV()); 6197- ivParam = (ParametersWithIV)param; 6198- } 6199- else 6200+ // BEGIN android-removed 6201+ // if (key instanceof RepeatedSecretKeySpec) 6202+ // { 6203+ // param = new ParametersWithIV(null, p.getIV()); 6204+ // ivParam = (ParametersWithIV)param; 6205+ // } 6206+ // else 6207+ // END android-removed 6208 { 6209 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), p.getIV()); 6210 ivParam = (ParametersWithIV)param; 6211@@ -534,63 +565,65 @@ 6212 param = new KeyParameter(key.getEncoded()); 6213 } 6214 } 6215- else if (params instanceof GOST28147ParameterSpec) 6216- { 6217- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6218- 6219- param = new ParametersWithSBox( 6220- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 6221- 6222- if (gost28147Param.getIV() != null && ivLength != 0) 6223- { 6224- param = new ParametersWithIV(param, gost28147Param.getIV()); 6225- ivParam = (ParametersWithIV)param; 6226- } 6227- } 6228- else if (params instanceof RC2ParameterSpec) 6229- { 6230- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 6231- 6232- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 6233- 6234- if (rc2Param.getIV() != null && ivLength != 0) 6235- { 6236- param = new ParametersWithIV(param, rc2Param.getIV()); 6237- ivParam = (ParametersWithIV)param; 6238- } 6239- } 6240- else if (params instanceof RC5ParameterSpec) 6241- { 6242- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 6243- 6244- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 6245- if (baseEngine.getAlgorithmName().startsWith("RC5")) 6246- { 6247- if (baseEngine.getAlgorithmName().equals("RC5-32")) 6248- { 6249- if (rc5Param.getWordSize() != 32) 6250- { 6251- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 6252- } 6253- } 6254- else if (baseEngine.getAlgorithmName().equals("RC5-64")) 6255- { 6256- if (rc5Param.getWordSize() != 64) 6257- { 6258- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 6259- } 6260- } 6261- } 6262- else 6263- { 6264- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 6265- } 6266- if ((rc5Param.getIV() != null) && (ivLength != 0)) 6267- { 6268- param = new ParametersWithIV(param, rc5Param.getIV()); 6269- ivParam = (ParametersWithIV)param; 6270- } 6271- } 6272+ // BEGIN android-removed 6273+ // else if (params instanceof GOST28147ParameterSpec) 6274+ // { 6275+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6276+ // 6277+ // param = new ParametersWithSBox( 6278+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 6279+ // 6280+ // if (gost28147Param.getIV() != null && ivLength != 0) 6281+ // { 6282+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 6283+ // ivParam = (ParametersWithIV)param; 6284+ // } 6285+ // } 6286+ // else if (params instanceof RC2ParameterSpec) 6287+ // { 6288+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 6289+ // 6290+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 6291+ // 6292+ // if (rc2Param.getIV() != null && ivLength != 0) 6293+ // { 6294+ // param = new ParametersWithIV(param, rc2Param.getIV()); 6295+ // ivParam = (ParametersWithIV)param; 6296+ // } 6297+ // } 6298+ // else if (params instanceof RC5ParameterSpec) 6299+ // { 6300+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 6301+ // 6302+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 6303+ // if (baseEngine.getAlgorithmName().startsWith("RC5")) 6304+ // { 6305+ // if (baseEngine.getAlgorithmName().equals("RC5-32")) 6306+ // { 6307+ // if (rc5Param.getWordSize() != 32) 6308+ // { 6309+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 6310+ // } 6311+ // } 6312+ // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 6313+ // { 6314+ // if (rc5Param.getWordSize() != 64) 6315+ // { 6316+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 6317+ // } 6318+ // } 6319+ // } 6320+ // else 6321+ // { 6322+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 6323+ // } 6324+ // if ((rc5Param.getIV() != null) && (ivLength != 0)) 6325+ // { 6326+ // param = new ParametersWithIV(param, rc5Param.getIV()); 6327+ // ivParam = (ParametersWithIV)param; 6328+ // } 6329+ // } 6330+ // END android-removed 6331 else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) 6332 { 6333 if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) 6334@@ -603,11 +636,13 @@ 6335 Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]); 6336 Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]); 6337 6338- if (key instanceof RepeatedSecretKeySpec) 6339- { 6340- param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 6341- } 6342- else 6343+ // BEGIN android-removed 6344+ // if (key instanceof RepeatedSecretKeySpec) 6345+ // { 6346+ // param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 6347+ // } 6348+ // else 6349+ // END android-removed 6350 { 6351 param = aeadParams = new AEADParameters(new KeyParameter(key.getEncoded()), ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 6352 } 6353@@ -867,7 +902,9 @@ 6354 private boolean isAEADModeName( 6355 String modeName) 6356 { 6357- return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName); 6358+ // BEGIN android-changed 6359+ return "CCM".equals(modeName) || "GCM".equals(modeName); 6360+ // END android-changed 6361 } 6362 6363 /* 6364diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 6365--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-12-03 20:18:20.000000000 +0000 6366+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-12-12 00:35:05.000000000 +0000 6367@@ -16,8 +16,10 @@ 6368 import org.bouncycastle.crypto.Mac; 6369 import org.bouncycastle.crypto.params.KeyParameter; 6370 import org.bouncycastle.crypto.params.ParametersWithIV; 6371-import org.bouncycastle.crypto.params.SkeinParameters; 6372-import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 6373+// BEGIN android-removed 6374+// import org.bouncycastle.crypto.params.SkeinParameters; 6375+// import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 6376+// END android-removed 6377 6378 public class BaseMac 6379 extends MacSpi implements PBE 6380@@ -79,10 +81,12 @@ 6381 { 6382 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV()); 6383 } 6384- else if (params instanceof SkeinParameterSpec) 6385- { 6386- param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 6387- } 6388+ // BEGIN android-removed 6389+ // else if (params instanceof SkeinParameterSpec) 6390+ // { 6391+ // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 6392+ // } 6393+ // END android-removed 6394 else if (params == null) 6395 { 6396 param = new KeyParameter(key.getEncoded()); 6397diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 6398--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2013-12-03 20:18:20.000000000 +0000 6399+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2013-12-12 00:35:05.000000000 +0000 6400@@ -14,8 +14,10 @@ 6401 import javax.crypto.ShortBufferException; 6402 import javax.crypto.spec.IvParameterSpec; 6403 import javax.crypto.spec.PBEParameterSpec; 6404-import javax.crypto.spec.RC2ParameterSpec; 6405-import javax.crypto.spec.RC5ParameterSpec; 6406+// BEGIN android-removed 6407+// import javax.crypto.spec.RC2ParameterSpec; 6408+// import javax.crypto.spec.RC5ParameterSpec; 6409+// END android-removed 6410 6411 import org.bouncycastle.crypto.BlockCipher; 6412 import org.bouncycastle.crypto.CipherParameters; 6413@@ -35,8 +37,10 @@ 6414 // 6415 private Class[] availableSpecs = 6416 { 6417- RC2ParameterSpec.class, 6418- RC5ParameterSpec.class, 6419+ // BEGIN android-removed 6420+ // RC2ParameterSpec.class, 6421+ // RC5ParameterSpec.class, 6422+ // END android-removed 6423 IvParameterSpec.class, 6424 PBEParameterSpec.class 6425 }; 6426diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 6427--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2013-12-03 20:18:20.000000000 +0000 6428+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2013-01-31 02:26:40.000000000 +0000 6429@@ -22,8 +22,10 @@ 6430 import javax.crypto.ShortBufferException; 6431 import javax.crypto.spec.IvParameterSpec; 6432 import javax.crypto.spec.PBEParameterSpec; 6433-import javax.crypto.spec.RC2ParameterSpec; 6434-import javax.crypto.spec.RC5ParameterSpec; 6435+// BEGIN android-removed 6436+// import javax.crypto.spec.RC2ParameterSpec; 6437+// import javax.crypto.spec.RC5ParameterSpec; 6438+// END android-removed 6439 import javax.crypto.spec.SecretKeySpec; 6440 6441 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 6442@@ -45,8 +47,10 @@ 6443 { 6444 IvParameterSpec.class, 6445 PBEParameterSpec.class, 6446- RC2ParameterSpec.class, 6447- RC5ParameterSpec.class 6448+ // BEGIN android-removed 6449+ // RC2ParameterSpec.class, 6450+ // RC5ParameterSpec.class 6451+ // END android-removed 6452 }; 6453 6454 protected int pbeType = PKCS12; 6455@@ -258,6 +262,8 @@ 6456 return null; 6457 } 6458 6459+ // BEGIN android-changed 6460+ // added ShortBufferException to throws statement 6461 protected int engineDoFinal( 6462 byte[] input, 6463 int inputOffset, 6464@@ -268,6 +274,7 @@ 6465 { 6466 return 0; 6467 } 6468+ // END android-changed 6469 6470 protected byte[] engineWrap( 6471 Key key) 6472diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 6473--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-12-03 20:18:20.000000000 +0000 6474+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-12-12 00:35:05.000000000 +0000 6475@@ -7,13 +7,18 @@ 6476 6477 import org.bouncycastle.crypto.CipherParameters; 6478 import org.bouncycastle.crypto.PBEParametersGenerator; 6479-import org.bouncycastle.crypto.digests.GOST3411Digest; 6480-import org.bouncycastle.crypto.digests.MD2Digest; 6481-import org.bouncycastle.crypto.digests.MD5Digest; 6482-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 6483-import org.bouncycastle.crypto.digests.SHA1Digest; 6484-import org.bouncycastle.crypto.digests.SHA256Digest; 6485-import org.bouncycastle.crypto.digests.TigerDigest; 6486+// BEGIN android-removed 6487+// import org.bouncycastle.crypto.digests.GOST3411Digest; 6488+// import org.bouncycastle.crypto.digests.MD2Digest; 6489+// import org.bouncycastle.crypto.digests.MD5Digest; 6490+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 6491+// import org.bouncycastle.crypto.digests.SHA1Digest; 6492+// import org.bouncycastle.crypto.digests.SHA256Digest; 6493+// import org.bouncycastle.crypto.digests.TigerDigest; 6494+// END android-removed 6495+// BEGIN android-added 6496+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 6497+// END android-added 6498 import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; 6499 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 6500 import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; 6501@@ -29,11 +34,15 @@ 6502 // 6503 static final int MD5 = 0; 6504 static final int SHA1 = 1; 6505- static final int RIPEMD160 = 2; 6506- static final int TIGER = 3; 6507+ // BEGIN android-removed 6508+ // static final int RIPEMD160 = 2; 6509+ // static final int TIGER = 3; 6510+ // END android-removed 6511 static final int SHA256 = 4; 6512- static final int MD2 = 5; 6513- static final int GOST3411 = 6; 6514+ // BEGIN android-removed 6515+ // static final int MD2 = 5; 6516+ // static final int GOST3411 = 6; 6517+ // END android-removed 6518 6519 static final int PKCS5S1 = 0; 6520 static final int PKCS5S2 = 1; 6521@@ -57,14 +66,20 @@ 6522 { 6523 switch (hash) 6524 { 6525- case MD2: 6526- generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 6527- break; 6528+ // BEGIN android-removed 6529+ // case MD2: 6530+ // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 6531+ // break; 6532+ // END android-removed 6533 case MD5: 6534- generator = new PKCS5S1ParametersGenerator(new MD5Digest()); 6535+ // BEGIN android-changed 6536+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); 6537+ // END android-changed 6538 break; 6539 case SHA1: 6540- generator = new PKCS5S1ParametersGenerator(new SHA1Digest()); 6541+ // BEGIN android-changed 6542+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); 6543+ // END android-changed 6544 break; 6545 default: 6546 throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); 6547@@ -74,27 +89,39 @@ 6548 { 6549 switch (hash) 6550 { 6551- case MD2: 6552- generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 6553- break; 6554+ // BEGIN android-removed 6555+ // case MD2: 6556+ // generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 6557+ // break; 6558+ // END android-removed 6559 case MD5: 6560- generator = new PKCS5S2ParametersGenerator(new MD5Digest()); 6561+ // BEGIN android-changed 6562+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5()); 6563+ // END android-changed 6564 break; 6565 case SHA1: 6566- generator = new PKCS5S2ParametersGenerator(new SHA1Digest()); 6567- break; 6568- case RIPEMD160: 6569- generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 6570- break; 6571- case TIGER: 6572- generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 6573- break; 6574+ // BEGIN android-changed 6575+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1()); 6576+ // END android-changed 6577+ break; 6578+ // BEGIN android-removed 6579+ // case RIPEMD160: 6580+ // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 6581+ // break; 6582+ // case TIGER: 6583+ // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 6584+ // break; 6585+ // END android-removed 6586 case SHA256: 6587- generator = new PKCS5S2ParametersGenerator(new SHA256Digest()); 6588- break; 6589- case GOST3411: 6590- generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 6591- break; 6592+ // BEGIN android-changed 6593+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); 6594+ // END android-changed 6595+ break; 6596+ // BEGIN android-removed 6597+ // case GOST3411: 6598+ // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 6599+ // break; 6600+ // END android-removed 6601 default: 6602 throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption."); 6603 } 6604@@ -103,27 +130,39 @@ 6605 { 6606 switch (hash) 6607 { 6608- case MD2: 6609- generator = new PKCS12ParametersGenerator(new MD2Digest()); 6610- break; 6611+ // BEGIN android-removed 6612+ // case MD2: 6613+ // generator = new PKCS12ParametersGenerator(new MD2Digest()); 6614+ // break; 6615+ // END android-removed 6616 case MD5: 6617- generator = new PKCS12ParametersGenerator(new MD5Digest()); 6618+ // BEGIN android-changed 6619+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); 6620+ // END android-changed 6621 break; 6622 case SHA1: 6623- generator = new PKCS12ParametersGenerator(new SHA1Digest()); 6624- break; 6625- case RIPEMD160: 6626- generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 6627- break; 6628- case TIGER: 6629- generator = new PKCS12ParametersGenerator(new TigerDigest()); 6630- break; 6631+ // BEGIN android-changed 6632+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 6633+ // END android-changed 6634+ break; 6635+ // BEGIN android-removed 6636+ // case RIPEMD160: 6637+ // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 6638+ // break; 6639+ // case TIGER: 6640+ // generator = new PKCS12ParametersGenerator(new TigerDigest()); 6641+ // break; 6642+ // END android-removed 6643 case SHA256: 6644- generator = new PKCS12ParametersGenerator(new SHA256Digest()); 6645- break; 6646- case GOST3411: 6647- generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 6648- break; 6649+ // BEGIN android-changed 6650+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); 6651+ // END android-changed 6652+ break; 6653+ // BEGIN android-removed 6654+ // case GOST3411: 6655+ // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 6656+ // break; 6657+ // END android-removed 6658 default: 6659 throw new IllegalStateException("unknown digest scheme for PBE encryption."); 6660 } 6661diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/util/DigestFactory.java 6662--- bcprov-jdk15on-150.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-12-03 20:18:20.000000000 +0000 6663+++ bcprov-jdk15on-150/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-09-26 18:06:21.000000000 +0000 6664@@ -10,12 +10,17 @@ 6665 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 6666 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 6667 import org.bouncycastle.crypto.Digest; 6668-import org.bouncycastle.crypto.digests.MD5Digest; 6669-import org.bouncycastle.crypto.digests.SHA1Digest; 6670-import org.bouncycastle.crypto.digests.SHA224Digest; 6671-import org.bouncycastle.crypto.digests.SHA256Digest; 6672-import org.bouncycastle.crypto.digests.SHA384Digest; 6673-import org.bouncycastle.crypto.digests.SHA512Digest; 6674+// BEGIN android-removed 6675+// import org.bouncycastle.crypto.digests.MD5Digest; 6676+// import org.bouncycastle.crypto.digests.SHA1Digest; 6677+// import org.bouncycastle.crypto.digests.SHA224Digest; 6678+// import org.bouncycastle.crypto.digests.SHA256Digest; 6679+// import org.bouncycastle.crypto.digests.SHA384Digest; 6680+// import org.bouncycastle.crypto.digests.SHA512Digest; 6681+// END android-removed 6682+// BEGIN android-added 6683+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 6684+// END android-added 6685 import org.bouncycastle.util.Strings; 6686 6687 public class DigestFactory 6688@@ -85,27 +90,39 @@ 6689 6690 if (sha1.contains(digestName)) 6691 { 6692- return new SHA1Digest(); 6693+ // BEGIN android-changed 6694+ return AndroidDigestFactory.getSHA1(); 6695+ // END android-changed 6696 } 6697 if (md5.contains(digestName)) 6698 { 6699- return new MD5Digest(); 6700+ // BEGIN android-changed 6701+ return AndroidDigestFactory.getMD5(); 6702+ // END android-changed 6703 } 6704 if (sha224.contains(digestName)) 6705 { 6706- return new SHA224Digest(); 6707+ // BEGIN android-changed 6708+ return AndroidDigestFactory.getSHA224(); 6709+ // END android-changed 6710 } 6711 if (sha256.contains(digestName)) 6712 { 6713- return new SHA256Digest(); 6714+ // BEGIN android-changed 6715+ return AndroidDigestFactory.getSHA256(); 6716+ // END android-changed 6717 } 6718 if (sha384.contains(digestName)) 6719 { 6720- return new SHA384Digest(); 6721+ // BEGIN android-changed 6722+ return AndroidDigestFactory.getSHA384(); 6723+ // END android-changed 6724 } 6725 if (sha512.contains(digestName)) 6726 { 6727- return new SHA512Digest(); 6728+ // BEGIN android-changed 6729+ return AndroidDigestFactory.getSHA512(); 6730+ // END android-changed 6731 } 6732 6733 return null; 6734diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-150/org/bouncycastle/jce/PKCS10CertificationRequest.java 6735--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2013-12-03 20:18:20.000000000 +0000 6736+++ bcprov-jdk15on-150/org/bouncycastle/jce/PKCS10CertificationRequest.java 2013-09-26 18:06:21.000000000 +0000 6737@@ -30,14 +30,18 @@ 6738 import org.bouncycastle.asn1.DERBitString; 6739 import org.bouncycastle.asn1.DERNull; 6740 import org.bouncycastle.asn1.DERObjectIdentifier; 6741-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 6742+// BEGIN android-removed 6743+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 6744+// END android-removed 6745 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 6746 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 6747 import org.bouncycastle.asn1.pkcs.CertificationRequest; 6748 import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; 6749 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 6750 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 6751-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 6752+// BEGIN android-removed 6753+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 6754+// END android-removed 6755 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 6756 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 6757 import org.bouncycastle.asn1.x509.X509Name; 6758@@ -81,8 +85,11 @@ 6759 6760 static 6761 { 6762- algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6763- algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6764+ // BEGIN android-removed 6765+ // Dropping MD2 6766+ // algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6767+ // algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 6768+ // END android-removed 6769 algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 6770 algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 6771 algorithms.put("RSAWITHMD5", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 6772@@ -102,12 +109,14 @@ 6773 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6774 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 6775 algorithms.put("RSAWITHSHA1", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 6776- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6777- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6778- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6779- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6780- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6781- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6782+ // BEGIN android-removed 6783+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6784+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 6785+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6786+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 6787+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6788+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 6789+ // END android-removed 6790 algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3")); 6791 algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3")); 6792 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 6793@@ -120,11 +129,13 @@ 6794 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 6795 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 6796 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 6797- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6798- algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6799- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6800- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6801- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6802+ // BEGIN android-removed 6803+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6804+ // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6805+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6806+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6807+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6808+ // END android-removed 6809 6810 // 6811 // reverse mappings 6812@@ -134,11 +145,16 @@ 6813 oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); 6814 oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); 6815 oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); 6816- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 6817- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 6818+ // BEGIN android-removed 6819+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 6820+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 6821+ // END android-removed 6822 6823 oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); 6824- oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 6825+ // BEGIN android-removed 6826+ // Dropping MD2 6827+ // oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 6828+ // END android-removed 6829 oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); 6830 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); 6831 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 6832@@ -172,8 +188,10 @@ 6833 // 6834 // RFC 4491 6835 // 6836- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6837- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6838+ // BEGIN android-removed 6839+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 6840+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 6841+ // END android-removed 6842 // 6843 // explicit params 6844 // 6845@@ -616,22 +634,24 @@ 6846 { 6847 return "SHA512"; 6848 } 6849- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 6850- { 6851- return "RIPEMD128"; 6852- } 6853- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 6854- { 6855- return "RIPEMD160"; 6856- } 6857- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 6858- { 6859- return "RIPEMD256"; 6860- } 6861- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 6862- { 6863- return "GOST3411"; 6864- } 6865+ // BEGIN android-removed 6866+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 6867+ // { 6868+ // return "RIPEMD128"; 6869+ // } 6870+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 6871+ // { 6872+ // return "RIPEMD160"; 6873+ // } 6874+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 6875+ // { 6876+ // return "RIPEMD256"; 6877+ // } 6878+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 6879+ // { 6880+ // return "GOST3411"; 6881+ // } 6882+ // END android-removed 6883 else 6884 { 6885 return digestAlgOID.getId(); 6886diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/BouncyCastleProvider.java 6887--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2013-12-03 20:18:20.000000000 +0000 6888+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2013-12-12 00:35:05.000000000 +0000 6889@@ -64,15 +64,22 @@ 6890 6891 private static final String[] SYMMETRIC_MACS = 6892 { 6893- "SipHash" 6894+ // BEGIN android-removed 6895+ // "SipHash" 6896+ // END android-removed 6897 }; 6898 6899 private static final String[] SYMMETRIC_CIPHERS = 6900 { 6901- "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 6902- "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 6903- "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 6904- "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 6905+ // BEGIN android-removed 6906+ // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 6907+ // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 6908+ // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 6909+ // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 6910+ // END android-removed 6911+ // BEGIN android-added 6912+ "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish", 6913+ // END android-added 6914 }; 6915 6916 /* 6917@@ -84,12 +91,22 @@ 6918 // later ones configure it. 6919 private static final String[] ASYMMETRIC_GENERIC = 6920 { 6921- "X509", "IES" 6922+ // BEGIN android-removed 6923+ // "X509", "IES" 6924+ // END android-removed 6925+ // BEGIN android-added 6926+ "X509" 6927+ // END android-added 6928 }; 6929 6930 private static final String[] ASYMMETRIC_CIPHERS = 6931 { 6932- "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 6933+ // BEGIN android-removed 6934+ // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 6935+ // END android-removed 6936+ // BEGIN android-added 6937+ "DSA", "DH", "EC", "RSA", 6938+ // END android-added 6939 }; 6940 6941 /* 6942@@ -98,7 +115,12 @@ 6943 private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; 6944 private static final String[] DIGESTS = 6945 { 6946- "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 6947+ // BEGIN android-removed 6948+ // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 6949+ // END android-removed 6950+ // BEGIN android-added 6951+ "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", 6952+ // END android-added 6953 }; 6954 6955 /* 6956@@ -145,48 +167,52 @@ 6957 6958 loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES); 6959 6960- // 6961- // X509Store 6962- // 6963- put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 6964- put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 6965- put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 6966- put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 6967- 6968- put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 6969- put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 6970- put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 6971- put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 6972- 6973- // 6974- // X509StreamParser 6975- // 6976- put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 6977- put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 6978- put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 6979- put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 6980- 6981- // 6982- // cipher engines 6983- // 6984- put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 6985- 6986- put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 6987- 6988- 6989- put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 6990- 6991- // Certification Path API 6992- put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 6993- put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 6994- put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 6995- put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 6996+ // BEGIN android-removed 6997+ // // 6998+ // // X509Store 6999+ // // 7000+ // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 7001+ // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 7002+ // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 7003+ // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 7004+ // 7005+ // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 7006+ // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 7007+ // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 7008+ // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 7009+ // 7010+ // // 7011+ // // X509StreamParser 7012+ // // 7013+ // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 7014+ // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 7015+ // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 7016+ // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 7017+ // 7018+ // // 7019+ // // cipher engines 7020+ // // 7021+ // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 7022+ // 7023+ // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 7024+ // 7025+ // 7026+ // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 7027+ // 7028+ // // Certification Path API 7029+ // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 7030+ // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 7031+ // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7032+ // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7033+ // END android-removed 7034 put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7035 put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7036 put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); 7037- put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 7038- put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 7039- put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 7040+ // BEGIN android-removed 7041+ // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 7042+ // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 7043+ // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 7044+ // END android-removed 7045 } 7046 7047 private void loadAlgorithms(String packageName, String[] names) 7048diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/CertBlacklist.java 7049--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 7050+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/CertBlacklist.java 2013-12-10 21:31:49.000000000 +0000 7051@@ -0,0 +1,228 @@ 7052+/* 7053+ * Copyright (C) 2012 The Android Open Source Project 7054+ * 7055+ * Licensed under the Apache License, Version 2.0 (the "License"); 7056+ * you may not use this file except in compliance with the License. 7057+ * You may obtain a copy of the License at 7058+ * 7059+ * http://www.apache.org/licenses/LICENSE-2.0 7060+ * 7061+ * Unless required by applicable law or agreed to in writing, software 7062+ * distributed under the License is distributed on an "AS IS" BASIS, 7063+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 7064+ * See the License for the specific language governing permissions and 7065+ * limitations under the License. 7066+ */ 7067+ 7068+package org.bouncycastle.jce.provider; 7069+ 7070+import java.io.Closeable; 7071+import java.io.ByteArrayOutputStream; 7072+import java.io.FileNotFoundException; 7073+import java.io.IOException; 7074+import java.io.RandomAccessFile; 7075+import java.math.BigInteger; 7076+import java.security.PublicKey; 7077+import java.util.Arrays; 7078+import java.util.Collections; 7079+import java.util.HashSet; 7080+import java.util.Set; 7081+import java.util.logging.Level; 7082+import java.util.logging.Logger; 7083+import org.bouncycastle.crypto.Digest; 7084+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7085+import org.bouncycastle.util.encoders.Hex; 7086+ 7087+public class CertBlacklist { 7088+ private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName()); 7089+ 7090+ // public for testing 7091+ public final Set<BigInteger> serialBlacklist; 7092+ public final Set<byte[]> pubkeyBlacklist; 7093+ 7094+ public CertBlacklist() { 7095+ String androidData = System.getenv("ANDROID_DATA"); 7096+ String blacklistRoot = androidData + "/misc/keychain/"; 7097+ String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt"; 7098+ String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt"; 7099+ 7100+ pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath); 7101+ serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath); 7102+ } 7103+ 7104+ /** Test only interface, not for public use */ 7105+ public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) { 7106+ pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath); 7107+ serialBlacklist = readSerialBlackList(serialBlacklistPath); 7108+ } 7109+ 7110+ private static boolean isHex(String value) { 7111+ try { 7112+ new BigInteger(value, 16); 7113+ return true; 7114+ } catch (NumberFormatException e) { 7115+ logger.log(Level.WARNING, "Could not parse hex value " + value, e); 7116+ return false; 7117+ } 7118+ } 7119+ 7120+ private static boolean isPubkeyHash(String value) { 7121+ if (value.length() != 40) { 7122+ logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length()); 7123+ return false; 7124+ } 7125+ return isHex(value); 7126+ } 7127+ 7128+ private static String readBlacklist(String path) { 7129+ try { 7130+ return readFileAsString(path); 7131+ } catch (FileNotFoundException ignored) { 7132+ } catch (IOException e) { 7133+ logger.log(Level.WARNING, "Could not read blacklist", e); 7134+ } 7135+ return ""; 7136+ } 7137+ 7138+ // From IoUtils.readFileAsString 7139+ private static String readFileAsString(String path) throws IOException { 7140+ return readFileAsBytes(path).toString("UTF-8"); 7141+ } 7142+ 7143+ // Based on IoUtils.readFileAsBytes 7144+ private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException { 7145+ RandomAccessFile f = null; 7146+ try { 7147+ f = new RandomAccessFile(path, "r"); 7148+ ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length()); 7149+ byte[] buffer = new byte[8192]; 7150+ while (true) { 7151+ int byteCount = f.read(buffer); 7152+ if (byteCount == -1) { 7153+ return bytes; 7154+ } 7155+ bytes.write(buffer, 0, byteCount); 7156+ } 7157+ } finally { 7158+ closeQuietly(f); 7159+ } 7160+ } 7161+ 7162+ // Base on IoUtils.closeQuietly 7163+ private static void closeQuietly(Closeable closeable) { 7164+ if (closeable != null) { 7165+ try { 7166+ closeable.close(); 7167+ } catch (RuntimeException rethrown) { 7168+ throw rethrown; 7169+ } catch (Exception ignored) { 7170+ } 7171+ } 7172+ } 7173+ 7174+ private static final Set<BigInteger> readSerialBlackList(String path) { 7175+ 7176+ // start out with a base set of known bad values 7177+ Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList( 7178+ // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup 7179+ // Not a real certificate. For testing only. 7180+ new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16), 7181+ new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16), 7182+ new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16), 7183+ new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16), 7184+ new BigInteger("9239d5348f40d1695a745470e1f23f43", 16), 7185+ new BigInteger("e9028b9578e415dc1a710a2b88154447", 16), 7186+ new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16), 7187+ new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16), 7188+ new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), 7189+ new BigInteger("3e75ced46b693021218830ae86a82a71", 16), 7190+ new BigInteger("864", 16), 7191+ new BigInteger("827", 16), 7192+ new BigInteger("31da7", 16) 7193+ )); 7194+ 7195+ // attempt to augment it with values taken from gservices 7196+ String serialBlacklist = readBlacklist(path); 7197+ if (!serialBlacklist.equals("")) { 7198+ for(String value : serialBlacklist.split(",")) { 7199+ try { 7200+ bl.add(new BigInteger(value, 16)); 7201+ } catch (NumberFormatException e) { 7202+ logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e); 7203+ } 7204+ } 7205+ } 7206+ 7207+ // whether that succeeds or fails, send it on its merry way 7208+ return Collections.unmodifiableSet(bl); 7209+ } 7210+ 7211+ private static final Set<byte[]> readPublicKeyBlackList(String path) { 7212+ 7213+ // start out with a base set of known bad values 7214+ Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList( 7215+ // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 7216+ // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl 7217+ "410f36363258f30b347d12ce4863e433437806a8".getBytes(), 7218+ // Subject: CN=DigiNotar Cyber CA 7219+ // Issuer: CN=GTE CyberTrust Global Root 7220+ "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(), 7221+ // Subject: CN=DigiNotar Services 1024 CA 7222+ // Issuer: CN=Entrust.net 7223+ "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(), 7224+ // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 7225+ // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 7226+ "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(), 7227+ // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven 7228+ // Issuer: CN=Staat der Nederlanden Overheid CA 7229+ "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(), 7230+ // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479 7231+ // Subject: O=Digicert Sdn. Bhd. 7232+ // Issuer: CN=GTE CyberTrust Global Root 7233+ "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(), 7234+ // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org 7235+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 7236+ "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), 7237+ // Subject: CN=*.EGO.GOV.TR 93 7238+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 7239+ "783333c9687df63377efceddd82efa9101913e8e".getBytes(), 7240+ // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL 7241+ // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification 7242+ "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes() 7243+ )); 7244+ 7245+ // attempt to augment it with values taken from gservices 7246+ String pubkeyBlacklist = readBlacklist(path); 7247+ if (!pubkeyBlacklist.equals("")) { 7248+ for (String value : pubkeyBlacklist.split(",")) { 7249+ value = value.trim(); 7250+ if (isPubkeyHash(value)) { 7251+ bl.add(value.getBytes()); 7252+ } else { 7253+ logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value); 7254+ } 7255+ } 7256+ } 7257+ 7258+ return bl; 7259+ } 7260+ 7261+ public boolean isPublicKeyBlackListed(PublicKey publicKey) { 7262+ byte[] encoded = publicKey.getEncoded(); 7263+ Digest digest = AndroidDigestFactory.getSHA1(); 7264+ digest.update(encoded, 0, encoded.length); 7265+ byte[] out = new byte[digest.getDigestSize()]; 7266+ digest.doFinal(out, 0); 7267+ for (byte[] blacklisted : pubkeyBlacklist) { 7268+ if (Arrays.equals(blacklisted, Hex.encode(out))) { 7269+ return true; 7270+ } 7271+ } 7272+ return false; 7273+ } 7274+ 7275+ public boolean isSerialNumberBlackListed(BigInteger serial) { 7276+ return serialBlacklist.contains(serial); 7277+ } 7278+ 7279+} 7280diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 7281--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2013-12-03 20:18:20.000000000 +0000 7282+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2013-12-12 00:35:05.000000000 +0000 7283@@ -61,18 +61,24 @@ 7284 import org.bouncycastle.asn1.x509.PolicyInformation; 7285 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 7286 import org.bouncycastle.asn1.x509.X509Extension; 7287-import org.bouncycastle.jce.X509LDAPCertStoreParameters; 7288+// BEGIN android-removed 7289+// import org.bouncycastle.jce.X509LDAPCertStoreParameters; 7290+// END android-removed 7291 import org.bouncycastle.jce.exception.ExtCertPathValidatorException; 7292 import org.bouncycastle.util.Integers; 7293 import org.bouncycastle.util.Selector; 7294 import org.bouncycastle.util.StoreException; 7295 import org.bouncycastle.x509.ExtendedPKIXBuilderParameters; 7296 import org.bouncycastle.x509.ExtendedPKIXParameters; 7297-import org.bouncycastle.x509.X509AttributeCertStoreSelector; 7298+// BEGIN android-removed 7299+// import org.bouncycastle.x509.X509AttributeCertStoreSelector; 7300+// END android-removed 7301 import org.bouncycastle.x509.X509AttributeCertificate; 7302 import org.bouncycastle.x509.X509CRLStoreSelector; 7303 import org.bouncycastle.x509.X509CertStoreSelector; 7304-import org.bouncycastle.x509.X509Store; 7305+// BEGIN android-removed 7306+// import org.bouncycastle.x509.X509Store; 7307+// END android-removed 7308 7309 public class CertPathValidatorUtilities 7310 { 7311@@ -656,38 +662,40 @@ 7312 { 7313 try 7314 { 7315- if (location.startsWith("ldap://")) 7316- { 7317- // ldap://directory.d-trust.net/CN=D-TRUST 7318- // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE 7319- // skip "ldap://" 7320- location = location.substring(7); 7321- // after first / baseDN starts 7322- String base = null; 7323- String url = null; 7324- if (location.indexOf("/") != -1) 7325- { 7326- base = location.substring(location.indexOf("/")); 7327- // URL 7328- url = "ldap://" 7329- + location.substring(0, location.indexOf("/")); 7330- } 7331- else 7332- { 7333- url = "ldap://" + location; 7334- } 7335- // use all purpose parameters 7336- X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( 7337- url, base).build(); 7338- pkixParams.addAdditionalStore(X509Store.getInstance( 7339- "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7340- pkixParams.addAdditionalStore(X509Store.getInstance( 7341- "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7342- pkixParams.addAdditionalStore(X509Store.getInstance( 7343- "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7344- pkixParams.addAdditionalStore(X509Store.getInstance( 7345- "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7346- } 7347+ // BEGIN android-removed 7348+ // if (location.startsWith("ldap://")) 7349+ // { 7350+ // // ldap://directory.d-trust.net/CN=D-TRUST 7351+ // // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE 7352+ // // skip "ldap://" 7353+ // location = location.substring(7); 7354+ // // after first / baseDN starts 7355+ // String base = null; 7356+ // String url = null; 7357+ // if (location.indexOf("/") != -1) 7358+ // { 7359+ // base = location.substring(location.indexOf("/")); 7360+ // // URL 7361+ // url = "ldap://" 7362+ // + location.substring(0, location.indexOf("/")); 7363+ // } 7364+ // else 7365+ // { 7366+ // url = "ldap://" + location; 7367+ // } 7368+ // // use all purpose parameters 7369+ // X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( 7370+ // url, base).build(); 7371+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7372+ // "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7373+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7374+ // "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7375+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7376+ // "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7377+ // pkixParams.addAdditionalStore(X509Store.getInstance( 7378+ // "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); 7379+ // } 7380+ // END android-removed 7381 } 7382 catch (Exception e) 7383 { 7384@@ -720,20 +728,22 @@ 7385 { 7386 Object obj = iter.next(); 7387 7388- if (obj instanceof X509Store) 7389- { 7390- X509Store certStore = (X509Store)obj; 7391- try 7392- { 7393- certs.addAll(certStore.getMatches(certSelect)); 7394- } 7395- catch (StoreException e) 7396- { 7397- throw new AnnotatedException( 7398- "Problem while picking certificates from X.509 store.", e); 7399- } 7400- } 7401- else 7402+ // BEGIN android-removed 7403+ // if (obj instanceof X509Store) 7404+ // { 7405+ // X509Store certStore = (X509Store)obj; 7406+ // try 7407+ // { 7408+ // certs.addAll(certStore.getMatches(certSelect)); 7409+ // } 7410+ // catch (StoreException e) 7411+ // { 7412+ // throw new AnnotatedException( 7413+ // "Problem while picking certificates from X.509 store.", e); 7414+ // } 7415+ // } 7416+ // else 7417+ // END android-removed 7418 { 7419 CertStore certStore = (CertStore)obj; 7420 7421@@ -752,33 +762,35 @@ 7422 return certs; 7423 } 7424 7425- protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, 7426- List certStores) 7427- throws AnnotatedException 7428- { 7429- Set certs = new HashSet(); 7430- Iterator iter = certStores.iterator(); 7431- 7432- while (iter.hasNext()) 7433- { 7434- Object obj = iter.next(); 7435- 7436- if (obj instanceof X509Store) 7437- { 7438- X509Store certStore = (X509Store)obj; 7439- try 7440- { 7441- certs.addAll(certStore.getMatches(certSelect)); 7442- } 7443- catch (StoreException e) 7444- { 7445- throw new AnnotatedException( 7446- "Problem while picking certificates from X.509 store.", e); 7447- } 7448- } 7449- } 7450- return certs; 7451- } 7452+ // BEGIN android-removed 7453+ // protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, 7454+ // List certStores) 7455+ // throws AnnotatedException 7456+ // { 7457+ // Set certs = new HashSet(); 7458+ // Iterator iter = certStores.iterator(); 7459+ // 7460+ // while (iter.hasNext()) 7461+ // { 7462+ // Object obj = iter.next(); 7463+ // 7464+ // if (obj instanceof X509Store) 7465+ // { 7466+ // X509Store certStore = (X509Store)obj; 7467+ // try 7468+ // { 7469+ // certs.addAll(certStore.getMatches(certSelect)); 7470+ // } 7471+ // catch (StoreException e) 7472+ // { 7473+ // throw new AnnotatedException( 7474+ // "Problem while picking certificates from X.509 store.", e); 7475+ // } 7476+ // } 7477+ // } 7478+ // return certs; 7479+ // } 7480+ // END android-removed 7481 7482 protected static void addAdditionalStoresFromCRLDistributionPoint( 7483 CRLDistPoint crldp, ExtendedPKIXParameters pkixParams) 7484diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/JCEECPrivateKey.java 7485--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2013-12-03 20:18:20.000000000 +0000 7486+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2013-12-12 00:35:05.000000000 +0000 7487@@ -20,8 +20,10 @@ 7488 import org.bouncycastle.asn1.DERInteger; 7489 import org.bouncycastle.asn1.DERNull; 7490 import org.bouncycastle.asn1.DERObjectIdentifier; 7491-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7492-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7493+// BEGIN android-removed 7494+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7495+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7496+// END android-removed 7497 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 7498 import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; 7499 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7500@@ -203,21 +205,23 @@ 7501 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 7502 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 7503 7504- if (ecP == null) // GOST Curve 7505- { 7506- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 7507- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 7508- 7509- ecSpec = new ECNamedCurveSpec( 7510- ECGOST3410NamedCurves.getName(oid), 7511- ellipticCurve, 7512- new ECPoint( 7513- gParam.getG().getAffineXCoord().toBigInteger(), 7514- gParam.getG().getAffineYCoord().toBigInteger()), 7515- gParam.getN(), 7516- gParam.getH()); 7517- } 7518- else 7519+ // BEGIN android-removed 7520+ // if (ecP == null) // GOST Curve 7521+ // { 7522+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 7523+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 7524+ // 7525+ // ecSpec = new ECNamedCurveSpec( 7526+ // ECGOST3410NamedCurves.getName(oid), 7527+ // ellipticCurve, 7528+ // new ECPoint( 7529+ // gParam.getG().getAffineXCoord().toBigInteger(), 7530+ // gParam.getG().getAffineYCoord().toBigInteger()), 7531+ // gParam.getN(), 7532+ // gParam.getH()); 7533+ // } 7534+ // else 7535+ // END android-removed 7536 { 7537 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 7538 7539@@ -331,11 +335,13 @@ 7540 7541 try 7542 { 7543- if (algorithm.equals("ECGOST3410")) 7544- { 7545- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7546- } 7547- else 7548+ // BEGIN android-removed 7549+ // if (algorithm.equals("ECGOST3410")) 7550+ // { 7551+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7552+ // } 7553+ // else 7554+ // END android-removed 7555 { 7556 7557 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 7558diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/JCEECPublicKey.java 7559--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2013-12-03 20:18:20.000000000 +0000 7560+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/JCEECPublicKey.java 2013-12-12 00:35:05.000000000 +0000 7561@@ -18,9 +18,11 @@ 7562 import org.bouncycastle.asn1.DERBitString; 7563 import org.bouncycastle.asn1.DERNull; 7564 import org.bouncycastle.asn1.DEROctetString; 7565-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7566-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7567-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 7568+// BEGIN android-removed 7569+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7570+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 7571+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 7572+// END android-removed 7573 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7574 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 7575 import org.bouncycastle.asn1.x9.X962Parameters; 7576@@ -33,9 +35,13 @@ 7577 import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; 7578 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 7579 import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; 7580-import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 7581+// BEGIN android-removed 7582+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 7583+// END android-removed 7584 import org.bouncycastle.jce.interfaces.ECPointEncoder; 7585-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 7586+// BEGIN android-removed 7587+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 7588+// END android-removed 7589 import org.bouncycastle.jce.spec.ECNamedCurveSpec; 7590 import org.bouncycastle.math.ec.ECCurve; 7591 7592@@ -46,7 +52,9 @@ 7593 private org.bouncycastle.math.ec.ECPoint q; 7594 private ECParameterSpec ecSpec; 7595 private boolean withCompression; 7596- private GOST3410PublicKeyAlgParameters gostParams; 7597+ // BEGIN android-removed 7598+ // private GOST3410PublicKeyAlgParameters gostParams; 7599+ // END android-removed 7600 7601 public JCEECPublicKey( 7602 String algorithm, 7603@@ -56,7 +64,9 @@ 7604 this.q = key.q; 7605 this.ecSpec = key.ecSpec; 7606 this.withCompression = key.withCompression; 7607- this.gostParams = key.gostParams; 7608+ // BEGIN android-removed 7609+ // this.gostParams = key.gostParams; 7610+ // END android-removed 7611 } 7612 7613 public JCEECPublicKey( 7614@@ -179,54 +189,55 @@ 7615 7616 private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) 7617 { 7618- if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 7619- { 7620- DERBitString bits = info.getPublicKeyData(); 7621- ASN1OctetString key; 7622- this.algorithm = "ECGOST3410"; 7623- 7624- try 7625- { 7626- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 7627- } 7628- catch (IOException ex) 7629- { 7630- throw new IllegalArgumentException("error recovering public key"); 7631- } 7632- 7633- byte[] keyEnc = key.getOctets(); 7634- byte[] x = new byte[32]; 7635- byte[] y = new byte[32]; 7636- 7637- for (int i = 0; i != x.length; i++) 7638- { 7639- x[i] = keyEnc[32 - 1 - i]; 7640- } 7641- 7642- for (int i = 0; i != y.length; i++) 7643- { 7644- y[i] = keyEnc[64 - 1 - i]; 7645- } 7646- 7647- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 7648- 7649- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 7650- 7651- ECCurve curve = spec.getCurve(); 7652- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 7653- 7654- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 7655- 7656- ecSpec = new ECNamedCurveSpec( 7657- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 7658- ellipticCurve, 7659- new ECPoint( 7660- spec.getG().getAffineXCoord().toBigInteger(), 7661- spec.getG().getAffineYCoord().toBigInteger()), 7662- spec.getN(), spec.getH()); 7663- 7664- } 7665- else 7666+ // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 7667+ // { 7668+ // DERBitString bits = info.getPublicKeyData(); 7669+ // ASN1OctetString key; 7670+ // this.algorithm = "ECGOST3410"; 7671+ // 7672+ // try 7673+ // { 7674+ // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 7675+ // } 7676+ // catch (IOException ex) 7677+ // { 7678+ // throw new IllegalArgumentException("error recovering public key"); 7679+ // } 7680+ // 7681+ // byte[] keyEnc = key.getOctets(); 7682+ // byte[] x = new byte[32]; 7683+ // byte[] y = new byte[32]; 7684+ // 7685+ // for (int i = 0; i != x.length; i++) 7686+ // { 7687+ // x[i] = keyEnc[32 - 1 - i]; 7688+ // } 7689+ // 7690+ // for (int i = 0; i != y.length; i++) 7691+ // { 7692+ // y[i] = keyEnc[64 - 1 - i]; 7693+ // } 7694+ // 7695+ // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 7696+ // 7697+ // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 7698+ // 7699+ // ECCurve curve = spec.getCurve(); 7700+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 7701+ // 7702+ // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 7703+ // 7704+ // ecSpec = new ECNamedCurveSpec( 7705+ // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 7706+ // ellipticCurve, 7707+ // new ECPoint( 7708+ // spec.getG().getAffineXCoord().toBigInteger(), 7709+ // spec.getG().getAffineYCoord().toBigInteger()), 7710+ // spec.getN(), spec.getH()); 7711+ // 7712+ // } 7713+ // else 7714+ // END android-removed 7715 { 7716 X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); 7717 ECCurve curve; 7718@@ -315,52 +326,54 @@ 7719 ASN1Encodable params; 7720 SubjectPublicKeyInfo info; 7721 7722- if (algorithm.equals("ECGOST3410")) 7723- { 7724- if (gostParams != null) 7725- { 7726- params = gostParams; 7727- } 7728- else 7729- { 7730- if (ecSpec instanceof ECNamedCurveSpec) 7731- { 7732- params = new GOST3410PublicKeyAlgParameters( 7733- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 7734- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 7735- } 7736- else 7737- { // strictly speaking this may not be applicable... 7738- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 7739- 7740- X9ECParameters ecP = new X9ECParameters( 7741- curve, 7742- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 7743- ecSpec.getOrder(), 7744- BigInteger.valueOf(ecSpec.getCofactor()), 7745- ecSpec.getCurve().getSeed()); 7746- 7747- params = new X962Parameters(ecP); 7748- } 7749- } 7750- 7751- BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 7752- BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 7753- byte[] encKey = new byte[64]; 7754- 7755- extractBytes(encKey, 0, bX); 7756- extractBytes(encKey, 32, bY); 7757- 7758- try 7759- { 7760- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 7761- } 7762- catch (IOException e) 7763- { 7764- return null; 7765- } 7766- } 7767- else 7768+ // BEGIN android-removed 7769+ // if (algorithm.equals("ECGOST3410")) 7770+ // { 7771+ // if (gostParams != null) 7772+ // { 7773+ // params = gostParams; 7774+ // } 7775+ // else 7776+ // { 7777+ // if (ecSpec instanceof ECNamedCurveSpec) 7778+ // { 7779+ // params = new GOST3410PublicKeyAlgParameters( 7780+ // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 7781+ // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 7782+ // } 7783+ // else 7784+ // { // strictly speaking this may not be applicable... 7785+ // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 7786+ // 7787+ // X9ECParameters ecP = new X9ECParameters( 7788+ // curve, 7789+ // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 7790+ // ecSpec.getOrder(), 7791+ // BigInteger.valueOf(ecSpec.getCofactor()), 7792+ // ecSpec.getCurve().getSeed()); 7793+ // 7794+ // params = new X962Parameters(ecP); 7795+ // } 7796+ // } 7797+ // 7798+ // BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 7799+ // BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 7800+ // byte[] encKey = new byte[64]; 7801+ // 7802+ // extractBytes(encKey, 0, bX); 7803+ // extractBytes(encKey, 32, bY); 7804+ // 7805+ // try 7806+ // { 7807+ // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 7808+ // } 7809+ // catch (IOException e) 7810+ // { 7811+ // return null; 7812+ // } 7813+ // } 7814+ // else 7815+ // END android-removed 7816 { 7817 if (ecSpec instanceof ECNamedCurveSpec) 7818 { 7819diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/JCEStreamCipher.java 7820--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java 2013-12-03 20:18:20.000000000 +0000 7821+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/JCEStreamCipher.java 2013-05-25 02:14:15.000000000 +0000 7822@@ -23,8 +23,10 @@ 7823 import javax.crypto.ShortBufferException; 7824 import javax.crypto.spec.IvParameterSpec; 7825 import javax.crypto.spec.PBEParameterSpec; 7826-import javax.crypto.spec.RC2ParameterSpec; 7827-import javax.crypto.spec.RC5ParameterSpec; 7828+// BEGIN android-removed 7829+// import javax.crypto.spec.RC2ParameterSpec; 7830+// import javax.crypto.spec.RC5ParameterSpec; 7831+// END android-removed 7832 import javax.crypto.spec.SecretKeySpec; 7833 7834 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 7835@@ -33,12 +35,16 @@ 7836 import org.bouncycastle.crypto.DataLengthException; 7837 import org.bouncycastle.crypto.StreamBlockCipher; 7838 import org.bouncycastle.crypto.StreamCipher; 7839-import org.bouncycastle.crypto.engines.BlowfishEngine; 7840-import org.bouncycastle.crypto.engines.DESEngine; 7841-import org.bouncycastle.crypto.engines.DESedeEngine; 7842+// BEGIN android-removed 7843+// import org.bouncycastle.crypto.engines.BlowfishEngine; 7844+// import org.bouncycastle.crypto.engines.DESEngine; 7845+// import org.bouncycastle.crypto.engines.DESedeEngine; 7846+// END android-removed 7847 import org.bouncycastle.crypto.engines.RC4Engine; 7848-import org.bouncycastle.crypto.engines.SkipjackEngine; 7849-import org.bouncycastle.crypto.engines.TwofishEngine; 7850+// BEGIN android-removed 7851+// import org.bouncycastle.crypto.engines.SkipjackEngine; 7852+// import org.bouncycastle.crypto.engines.TwofishEngine; 7853+// END android-removed 7854 import org.bouncycastle.crypto.modes.CFBBlockCipher; 7855 import org.bouncycastle.crypto.modes.OFBBlockCipher; 7856 import org.bouncycastle.crypto.params.KeyParameter; 7857@@ -55,8 +61,10 @@ 7858 // 7859 private Class[] availableSpecs = 7860 { 7861- RC2ParameterSpec.class, 7862- RC5ParameterSpec.class, 7863+ // BEGIN android-removed 7864+ // RC2ParameterSpec.class, 7865+ // RC5ParameterSpec.class, 7866+ // END android-removed 7867 IvParameterSpec.class, 7868 PBEParameterSpec.class 7869 }; 7870@@ -491,123 +499,125 @@ 7871 * The ciphers that inherit from us. 7872 */ 7873 7874- /** 7875- * DES 7876- */ 7877- static public class DES_CFB8 7878- extends JCEStreamCipher 7879- { 7880- public DES_CFB8() 7881- { 7882- super(new CFBBlockCipher(new DESEngine(), 8), 64); 7883- } 7884- } 7885- 7886- /** 7887- * DESede 7888- */ 7889- static public class DESede_CFB8 7890- extends JCEStreamCipher 7891- { 7892- public DESede_CFB8() 7893- { 7894- super(new CFBBlockCipher(new DESedeEngine(), 8), 64); 7895- } 7896- } 7897- 7898- /** 7899- * SKIPJACK 7900- */ 7901- static public class Skipjack_CFB8 7902- extends JCEStreamCipher 7903- { 7904- public Skipjack_CFB8() 7905- { 7906- super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); 7907- } 7908- } 7909- 7910- /** 7911- * Blowfish 7912- */ 7913- static public class Blowfish_CFB8 7914- extends JCEStreamCipher 7915- { 7916- public Blowfish_CFB8() 7917- { 7918- super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); 7919- } 7920- } 7921- 7922- /** 7923- * Twofish 7924- */ 7925- static public class Twofish_CFB8 7926- extends JCEStreamCipher 7927- { 7928- public Twofish_CFB8() 7929- { 7930- super(new CFBBlockCipher(new TwofishEngine(), 8), 128); 7931- } 7932- } 7933- 7934- /** 7935- * DES 7936- */ 7937- static public class DES_OFB8 7938- extends JCEStreamCipher 7939- { 7940- public DES_OFB8() 7941- { 7942- super(new OFBBlockCipher(new DESEngine(), 8), 64); 7943- } 7944- } 7945- 7946- /** 7947- * DESede 7948- */ 7949- static public class DESede_OFB8 7950- extends JCEStreamCipher 7951- { 7952- public DESede_OFB8() 7953- { 7954- super(new OFBBlockCipher(new DESedeEngine(), 8), 64); 7955- } 7956- } 7957- 7958- /** 7959- * SKIPJACK 7960- */ 7961- static public class Skipjack_OFB8 7962- extends JCEStreamCipher 7963- { 7964- public Skipjack_OFB8() 7965- { 7966- super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); 7967- } 7968- } 7969- 7970- /** 7971- * Blowfish 7972- */ 7973- static public class Blowfish_OFB8 7974- extends JCEStreamCipher 7975- { 7976- public Blowfish_OFB8() 7977- { 7978- super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); 7979- } 7980- } 7981- 7982- /** 7983- * Twofish 7984- */ 7985- static public class Twofish_OFB8 7986- extends JCEStreamCipher 7987- { 7988- public Twofish_OFB8() 7989- { 7990- super(new OFBBlockCipher(new TwofishEngine(), 8), 128); 7991- } 7992- } 7993+ // BEGIN android-removed 7994+ // /** 7995+ // * DES 7996+ // */ 7997+ // static public class DES_CFB8 7998+ // extends JCEStreamCipher 7999+ // { 8000+ // public DES_CFB8() 8001+ // { 8002+ // super(new CFBBlockCipher(new DESEngine(), 8), 64); 8003+ // } 8004+ // } 8005+ // 8006+ // /** 8007+ // * DESede 8008+ // */ 8009+ // static public class DESede_CFB8 8010+ // extends JCEStreamCipher 8011+ // { 8012+ // public DESede_CFB8() 8013+ // { 8014+ // super(new CFBBlockCipher(new DESedeEngine(), 8), 64); 8015+ // } 8016+ // } 8017+ // 8018+ // /** 8019+ // * SKIPJACK 8020+ // */ 8021+ // static public class Skipjack_CFB8 8022+ // extends JCEStreamCipher 8023+ // { 8024+ // public Skipjack_CFB8() 8025+ // { 8026+ // super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); 8027+ // } 8028+ // } 8029+ // 8030+ // /** 8031+ // * Blowfish 8032+ // */ 8033+ // static public class Blowfish_CFB8 8034+ // extends JCEStreamCipher 8035+ // { 8036+ // public Blowfish_CFB8() 8037+ // { 8038+ // super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); 8039+ // } 8040+ // } 8041+ // 8042+ // /** 8043+ // * Twofish 8044+ // */ 8045+ // static public class Twofish_CFB8 8046+ // extends JCEStreamCipher 8047+ // { 8048+ // public Twofish_CFB8() 8049+ // { 8050+ // super(new CFBBlockCipher(new TwofishEngine(), 8), 128); 8051+ // } 8052+ // } 8053+ // 8054+ // /** 8055+ // * DES 8056+ // */ 8057+ // static public class DES_OFB8 8058+ // extends JCEStreamCipher 8059+ // { 8060+ // public DES_OFB8() 8061+ // { 8062+ // super(new OFBBlockCipher(new DESEngine(), 8), 64); 8063+ // } 8064+ // } 8065+ // 8066+ // /** 8067+ // * DESede 8068+ // */ 8069+ // static public class DESede_OFB8 8070+ // extends JCEStreamCipher 8071+ // { 8072+ // public DESede_OFB8() 8073+ // { 8074+ // super(new OFBBlockCipher(new DESedeEngine(), 8), 64); 8075+ // } 8076+ // } 8077+ // 8078+ // /** 8079+ // * SKIPJACK 8080+ // */ 8081+ // static public class Skipjack_OFB8 8082+ // extends JCEStreamCipher 8083+ // { 8084+ // public Skipjack_OFB8() 8085+ // { 8086+ // super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); 8087+ // } 8088+ // } 8089+ // 8090+ // /** 8091+ // * Blowfish 8092+ // */ 8093+ // static public class Blowfish_OFB8 8094+ // extends JCEStreamCipher 8095+ // { 8096+ // public Blowfish_OFB8() 8097+ // { 8098+ // super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); 8099+ // } 8100+ // } 8101+ // 8102+ // /** 8103+ // * Twofish 8104+ // */ 8105+ // static public class Twofish_OFB8 8106+ // extends JCEStreamCipher 8107+ // { 8108+ // public Twofish_OFB8() 8109+ // { 8110+ // super(new OFBBlockCipher(new TwofishEngine(), 8), 128); 8111+ // } 8112+ // } 8113+ // END android-removed 8114 } 8115diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/PKIXCRLUtil.java 8116--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2013-12-03 20:18:20.000000000 +0000 8117+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2013-12-12 00:35:05.000000000 +0000 8118@@ -15,7 +15,9 @@ 8119 import org.bouncycastle.util.StoreException; 8120 import org.bouncycastle.x509.ExtendedPKIXParameters; 8121 import org.bouncycastle.x509.X509CRLStoreSelector; 8122-import org.bouncycastle.x509.X509Store; 8123+// BEGIN android-removed 8124+// import org.bouncycastle.x509.X509Store; 8125+// END android-removed 8126 8127 public class PKIXCRLUtil 8128 { 8129@@ -114,22 +116,24 @@ 8130 { 8131 Object obj = iter.next(); 8132 8133- if (obj instanceof X509Store) 8134- { 8135- X509Store store = (X509Store)obj; 8136- 8137- try 8138- { 8139- crls.addAll(store.getMatches(crlSelect)); 8140- foundValidStore = true; 8141- } 8142- catch (StoreException e) 8143- { 8144- lastException = new AnnotatedException( 8145- "Exception searching in X.509 CRL store.", e); 8146- } 8147- } 8148- else 8149+ // BEGIN android-removed 8150+ // if (obj instanceof X509Store) 8151+ // { 8152+ // X509Store store = (X509Store)obj; 8153+ // 8154+ // try 8155+ // { 8156+ // crls.addAll(store.getMatches(crlSelect)); 8157+ // foundValidStore = true; 8158+ // } 8159+ // catch (StoreException e) 8160+ // { 8161+ // lastException = new AnnotatedException( 8162+ // "Exception searching in X.509 CRL store.", e); 8163+ // } 8164+ // } 8165+ // else 8166+ // END android-removed 8167 { 8168 CertStore store = (CertStore)obj; 8169 8170diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 8171--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2013-12-03 20:18:20.000000000 +0000 8172+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2012-09-17 23:04:47.000000000 +0000 8173@@ -1,5 +1,8 @@ 8174 package org.bouncycastle.jce.provider; 8175 8176+// BEGIN android-added 8177+import java.math.BigInteger; 8178+// END android-added 8179 import java.security.InvalidAlgorithmParameterException; 8180 import java.security.PublicKey; 8181 import java.security.cert.CertPath; 8182@@ -33,6 +36,11 @@ 8183 public class PKIXCertPathValidatorSpi 8184 extends CertPathValidatorSpi 8185 { 8186+ // BEGIN android-added 8187+ private static class NoPreloadHolder { 8188+ private final static CertBlacklist blacklist = new CertBlacklist(); 8189+ } 8190+ // END android-added 8191 8192 public CertPathValidatorResult engineValidate( 8193 CertPath certPath, 8194@@ -75,6 +83,22 @@ 8195 { 8196 throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); 8197 } 8198+ // BEGIN android-added 8199+ { 8200+ X509Certificate cert = (X509Certificate) certs.get(0); 8201+ 8202+ if (cert != null) { 8203+ BigInteger serial = cert.getSerialNumber(); 8204+ if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) { 8205+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8206+ String message = "Certificate revocation of serial 0x" + serial.toString(16); 8207+ System.out.println(message); 8208+ AnnotatedException e = new AnnotatedException(message); 8209+ throw new CertPathValidatorException(e.getMessage(), e, certPath, 0); 8210+ } 8211+ } 8212+ } 8213+ // END android-added 8214 8215 // 8216 // (b) 8217@@ -251,6 +275,15 @@ 8218 8219 for (index = certs.size() - 1; index >= 0; index--) 8220 { 8221+ // BEGIN android-added 8222+ if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { 8223+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8224+ String message = "Certificate revocation of public key " + workingPublicKey; 8225+ System.out.println(message); 8226+ AnnotatedException e = new AnnotatedException(message); 8227+ throw new CertPathValidatorException(e.getMessage(), e, certPath, index); 8228+ } 8229+ // END android-added 8230 // try 8231 // { 8232 // 8233diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/X509CertificateObject.java 8234--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-12-03 20:18:20.000000000 +0000 8235+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-31 02:26:40.000000000 +0000 8236@@ -57,6 +57,9 @@ 8237 import org.bouncycastle.asn1.x509.Extensions; 8238 import org.bouncycastle.asn1.x509.GeneralName; 8239 import org.bouncycastle.asn1.x509.KeyUsage; 8240+// BEGIN android-added 8241+import org.bouncycastle.asn1.x509.X509Name; 8242+// END android-added 8243 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 8244 import org.bouncycastle.jce.X509Principal; 8245 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 8246@@ -562,12 +565,20 @@ 8247 } 8248 } 8249 8250+ // BEGIN android-changed 8251+ private byte[] encoded; 8252+ // END android-changed 8253 public byte[] getEncoded() 8254 throws CertificateEncodingException 8255 { 8256 try 8257 { 8258- return c.getEncoded(ASN1Encoding.DER); 8259+ // BEGIN android-changed 8260+ if (encoded == null) { 8261+ encoded = c.getEncoded(ASN1Encoding.DER); 8262+ } 8263+ return encoded; 8264+ // END android-changed 8265 } 8266 catch (IOException e) 8267 { 8268@@ -858,7 +869,9 @@ 8269 list.add(genName.getEncoded()); 8270 break; 8271 case GeneralName.directoryName: 8272- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 8273+ // BEGIN android-changed 8274+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 8275+ // END android-changed 8276 break; 8277 case GeneralName.dNSName: 8278 case GeneralName.rfc822Name: 8279diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-150/org/bouncycastle/jce/provider/X509SignatureUtil.java 8280--- bcprov-jdk15on-150.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2013-12-03 20:18:20.000000000 +0000 8281+++ bcprov-jdk15on-150/org/bouncycastle/jce/provider/X509SignatureUtil.java 2013-09-26 18:06:21.000000000 +0000 8282@@ -14,7 +14,9 @@ 8283 import org.bouncycastle.asn1.ASN1Sequence; 8284 import org.bouncycastle.asn1.DERNull; 8285 import org.bouncycastle.asn1.DERObjectIdentifier; 8286-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8287+// BEGIN android-removed 8288+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8289+// END android-removed 8290 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8291 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8292 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8293@@ -66,12 +68,14 @@ 8294 8295 if (params != null && !derNull.equals(params)) 8296 { 8297- if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8298- { 8299- RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8300- 8301- return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 8302- } 8303+ // BEGIN android-removed 8304+ // if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8305+ // { 8306+ // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8307+ // 8308+ // return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 8309+ // } 8310+ // END android-removed 8311 if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 8312 { 8313 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 8314@@ -114,22 +118,24 @@ 8315 { 8316 return "SHA512"; 8317 } 8318- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8319- { 8320- return "RIPEMD128"; 8321- } 8322- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8323- { 8324- return "RIPEMD160"; 8325- } 8326- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8327- { 8328- return "RIPEMD256"; 8329- } 8330- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8331- { 8332- return "GOST3411"; 8333- } 8334+ // BEGIN android-removed 8335+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8336+ // { 8337+ // return "RIPEMD128"; 8338+ // } 8339+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8340+ // { 8341+ // return "RIPEMD160"; 8342+ // } 8343+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8344+ // { 8345+ // return "RIPEMD256"; 8346+ // } 8347+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8348+ // { 8349+ // return "GOST3411"; 8350+ // } 8351+ // END android-removed 8352 else 8353 { 8354 return digestAlgOID.getId(); 8355diff -Naur bcprov-jdk15on-150.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-150/org/bouncycastle/x509/X509Util.java 8356--- bcprov-jdk15on-150.orig/org/bouncycastle/x509/X509Util.java 2013-12-03 20:18:20.000000000 +0000 8357+++ bcprov-jdk15on-150/org/bouncycastle/x509/X509Util.java 2013-09-26 18:06:21.000000000 +0000 8358@@ -25,12 +25,16 @@ 8359 import org.bouncycastle.asn1.ASN1Integer; 8360 import org.bouncycastle.asn1.DERNull; 8361 import org.bouncycastle.asn1.DERObjectIdentifier; 8362-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8363+// BEGIN android-removed 8364+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8365+// END android-removed 8366 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8367 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8368 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8369 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 8370-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8371+// BEGIN android-removed 8372+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8373+// END android-removed 8374 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8375 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 8376 import org.bouncycastle.jce.X509Principal; 8377@@ -44,8 +48,10 @@ 8378 8379 static 8380 { 8381- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8382- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8383+ // BEGIN android-removed 8384+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8385+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8386+ // END android-removed 8387 algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); 8388 algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); 8389 algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); 8390@@ -63,12 +69,14 @@ 8391 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8392 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8393 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8394- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8395- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8396- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8397- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8398- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8399- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8400+ // BEGIN android-removed 8401+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8402+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8403+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8404+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8405+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8406+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8407+ // END android-removed 8408 algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); 8409 algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); 8410 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 8411@@ -81,11 +89,13 @@ 8412 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 8413 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 8414 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 8415- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8416- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8417- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8418- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8419- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8420+ // BEGIN android-removed 8421+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8422+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8423+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8424+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8425+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8426+ // END android-removed 8427 8428 // 8429 // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 8430@@ -105,8 +115,10 @@ 8431 // 8432 // RFC 4491 8433 // 8434- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8435- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8436+ // BEGIN android-removed 8437+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8438+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8439+ // END android-removed 8440 8441 // 8442 // explicit params 8443