1diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java 2015-03-01 12:03:02.000000000 +0000 3+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2014-07-28 19:51:54.000000000 +0000 4@@ -23,7 +23,9 @@ 5 private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; 6 private static final byte[] FALSE_VALUE = new byte[] { 0 }; 7 8- private byte[] value; 9+ // BEGIN android-changed 10+ final private byte[] value; 11+ // END android-changed 12 13 public static final ASN1Boolean FALSE = new ASN1Boolean(false); 14 public static final ASN1Boolean TRUE = new ASN1Boolean(true); 15@@ -79,6 +81,17 @@ 16 return (value != 0 ? TRUE : FALSE); 17 } 18 19+ // BEGIN android-added 20+ /** 21+ * return a ASN1Boolean from the passed in array. 22+ */ 23+ public static ASN1Boolean getInstance( 24+ byte[] octets) 25+ { 26+ return (octets[0] != 0) ? TRUE : FALSE; 27+ } 28+ 29+ // END android-added 30 /** 31 * return a Boolean from a tagged object. 32 * 33@@ -105,7 +118,9 @@ 34 } 35 } 36 37- ASN1Boolean( 38+ // BEGIN android-changed 39+ protected ASN1Boolean( 40+ // END android-changed 41 byte[] value) 42 { 43 if (value.length != 1) 44@@ -131,8 +146,10 @@ 45 * @deprecated use getInstance(boolean) method. 46 * @param value true or false. 47 */ 48- public ASN1Boolean( 49+ // BEGIN android-changed 50+ protected ASN1Boolean( 51 boolean value) 52+ // END android-changed 53 { 54 this.value = (value) ? TRUE_VALUE : FALSE_VALUE; 55 } 56diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 57--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java 2015-03-01 12:03:02.000000000 +0000 58+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 2014-07-28 19:51:54.000000000 +0000 59@@ -8,6 +8,12 @@ 60 public abstract class ASN1Null 61 extends ASN1Primitive 62 { 63+ // BEGIN android-added 64+ /*package*/ ASN1Null() 65+ { 66+ } 67+ 68+ // END android-added 69 /** 70 * Return an instance of ASN.1 NULL from the passed in object. 71 * <p> 72diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 73--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2015-03-01 12:03:02.000000000 +0000 74+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2014-07-28 19:51:54.000000000 +0000 75@@ -152,7 +152,13 @@ 76 } 77 } 78 79- this.identifier = objId.toString(); 80+ // BEGIN android-changed 81+ /* 82+ * Intern the identifier so there aren't hundreds of duplicates 83+ * (in practice). 84+ */ 85+ this.identifier = objId.toString().intern(); 86+ // END android-changed 87 this.body = Arrays.clone(bytes); 88 } 89 90@@ -173,7 +179,13 @@ 91 throw new IllegalArgumentException("string " + identifier + " not an OID"); 92 } 93 94- this.identifier = identifier; 95+ // BEGIN android-changed 96+ /* 97+ * Intern the identifier so there aren't hundreds of duplicates 98+ * (in practice). 99+ */ 100+ this.identifier = identifier.intern(); 101+ // END android-changed 102 } 103 104 /** 105diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 106--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java 2015-03-01 12:03:02.000000000 +0000 107+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 2013-01-31 02:26:40.000000000 +0000 108@@ -15,7 +15,9 @@ 109 /** 110 * @deprecated use DERNull.INSTANCE 111 */ 112- public DERNull() 113+ // BEGIN android-changed 114+ protected DERNull() 115+ // END android-changed 116 { 117 } 118 119diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 120--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java 2015-03-01 12:03:02.000000000 +0000 121+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 2014-07-28 19:51:54.000000000 +0000 122@@ -12,7 +12,9 @@ 123 extends ASN1Primitive 124 implements ASN1String 125 { 126- private byte[] string; 127+ // BEGIN android-changed 128+ private final byte[] string; 129+ // END android-changed 130 131 /** 132 * return a printable string from the passed in object. 133diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 134--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java 2015-03-01 12:03:02.000000000 +0000 135+++ bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 2014-05-05 17:17:14.000000000 +0000 136@@ -8,7 +8,9 @@ 137 138 class StreamUtil 139 { 140- private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 141+ // BEGIN android-removed 142+ // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 143+ // END android-removed 144 145 /** 146 * Find out possible longest length... 147@@ -48,12 +50,15 @@ 148 } 149 } 150 151- if (MAX_MEMORY > Integer.MAX_VALUE) 152+ // BEGIN android-changed 153+ long maxMemory = Runtime.getRuntime().maxMemory(); 154+ if (maxMemory > Integer.MAX_VALUE) 155 { 156 return Integer.MAX_VALUE; 157 } 158 159- return (int)MAX_MEMORY; 160+ return (int) maxMemory; 161+ // END android-changed 162 } 163 164 static int calculateBodyLength( 165diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 166--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2015-03-01 12:03:02.000000000 +0000 167+++ bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 2013-12-12 00:35:05.000000000 +0000 168@@ -28,7 +28,9 @@ 169 */ 170 public class ContentInfo 171 extends ASN1Object 172- implements CMSObjectIdentifiers 173+ // BEGIN android-removed 174+ // implements CMSObjectIdentifiers 175+ // END android-removed 176 { 177 private ASN1ObjectIdentifier contentType; 178 private ASN1Encodable content; 179diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 180--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2015-03-01 12:03:02.000000000 +0000 181+++ bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-12-12 00:35:05.000000000 +0000 182@@ -13,10 +13,12 @@ 183 static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); 184 /** PKCS#1: 1.2.840.113549.1.1.1 */ 185 static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); 186- /** PKCS#1: 1.2.840.113549.1.1.2 */ 187- static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 188- /** PKCS#1: 1.2.840.113549.1.1.3 */ 189- static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 190+ // BEGIN android-removed 191+ // /** PKCS#1: 1.2.840.113549.1.1.2 */ 192+ // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 193+ // /** PKCS#1: 1.2.840.113549.1.1.3 */ 194+ // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 195+ // END android-removed 196 /** PKCS#1: 1.2.840.113549.1.1.4 */ 197 static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); 198 /** PKCS#1: 1.2.840.113549.1.1.5 */ 199@@ -96,15 +98,19 @@ 200 // md2 OBJECT IDENTIFIER ::= 201 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} 202 // 203- /** 1.2.840.113549.2.2 */ 204- static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 205+ // BEGIN android-removed 206+ // /** 1.2.840.113549.2.2 */ 207+ // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 208+ // END android-removed 209 210 // 211 // md4 OBJECT IDENTIFIER ::= 212 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} 213 // 214- /** 1.2.840.113549.2.4 */ 215- static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 216+ // BEGIN android-removed 217+ // /** 1.2.840.113549.2.4 */ 218+ // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 219+ // END android-removed 220 221 // 222 // md5 OBJECT IDENTIFIER ::= 223diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 224--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2015-03-01 12:03:02.000000000 +0000 225+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2014-07-28 19:51:54.000000000 +0000 226@@ -14,7 +14,9 @@ 227 import org.bouncycastle.asn1.DERSequence; 228 import org.bouncycastle.asn1.DERTaggedObject; 229 import org.bouncycastle.crypto.Digest; 230-import org.bouncycastle.crypto.digests.SHA1Digest; 231+// BEGIN android-changed 232+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 233+// END android-changed 234 235 /** 236 * The AuthorityKeyIdentifier object. 237@@ -106,7 +108,9 @@ 238 public AuthorityKeyIdentifier( 239 SubjectPublicKeyInfo spki) 240 { 241- Digest digest = new SHA1Digest(); 242+ // BEGIN android-changed 243+ Digest digest = AndroidDigestFactory.getSHA1(); 244+ // END android-changed 245 byte[] resBuf = new byte[digest.getDigestSize()]; 246 247 byte[] bytes = spki.getPublicKeyData().getBytes(); 248@@ -125,7 +129,9 @@ 249 GeneralNames name, 250 BigInteger serialNumber) 251 { 252- Digest digest = new SHA1Digest(); 253+ // BEGIN android-changed 254+ Digest digest = AndroidDigestFactory.getSHA1(); 255+ // END android-changed 256 byte[] resBuf = new byte[digest.getDigestSize()]; 257 258 byte[] bytes = spki.getPublicKeyData().getBytes(); 259diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 260--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java 2015-03-01 12:03:02.000000000 +0000 261+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 2013-12-12 00:35:05.000000000 +0000 262@@ -255,8 +255,10 @@ 263 */ 264 public static final Hashtable SymbolLookUp = DefaultLookUp; 265 266- private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility 267- private static final Boolean FALSE = new Boolean(false); 268+ // BEGIN android-changed 269+ private static final Boolean TRUE = Boolean.TRUE; 270+ private static final Boolean FALSE = Boolean.FALSE; 271+ // END android-changed 272 273 static 274 { 275@@ -446,7 +448,9 @@ 276 throw new IllegalArgumentException("cannot encode value"); 277 } 278 } 279- added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility 280+ // BEGIN android-changed 281+ added.addElement(Boolean.valueOf(i != 0)); 282+ // END android-changed 283 } 284 } 285 } 286diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 287--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2015-03-01 12:03:02.000000000 +0000 288+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-05-25 02:14:15.000000000 +0000 289@@ -78,6 +78,17 @@ 290 } 291 else 292 { 293+ // BEGIN android-added 294+ // copied from a newer version of BouncyCastle 295+ if (c == '#' && buf.charAt(buf.length() - 1) == '=') 296+ { 297+ buf.append('\\'); 298+ } 299+ else if (c == '+' && separator != '+') 300+ { 301+ buf.append('\\'); 302+ } 303+ // END android-added 304 buf.append(c); 305 } 306 } 307diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 308--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2015-03-01 12:03:02.000000000 +0000 309+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2014-07-28 19:51:54.000000000 +0000 310@@ -6,7 +6,9 @@ 311 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 312 import org.bouncycastle.asn1.nist.NISTNamedCurves; 313 import org.bouncycastle.asn1.sec.SECNamedCurves; 314-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 315+// BEGIN android-removed 316+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 317+// END android-removed 318 319 /** 320 * A general class that reads all X9.62 style EC curve tables. 321@@ -30,10 +32,12 @@ 322 ecP = SECNamedCurves.getByName(name); 323 } 324 325- if (ecP == null) 326- { 327- ecP = TeleTrusTNamedCurves.getByName(name); 328- } 329+ // BEGIN android-removed 330+ // if (ecP == null) 331+ // { 332+ // ecP = TeleTrusTNamedCurves.getByName(name); 333+ // } 334+ // END android-removed 335 336 if (ecP == null) 337 { 338@@ -59,10 +63,12 @@ 339 oid = SECNamedCurves.getOID(name); 340 } 341 342- if (oid == null) 343- { 344- oid = TeleTrusTNamedCurves.getOID(name); 345- } 346+ // BEGIN android-removed 347+ // if (oid == null) 348+ // { 349+ // oid = TeleTrusTNamedCurves.getOID(name); 350+ // } 351+ // END android-removed 352 353 if (oid == null) 354 { 355@@ -89,10 +95,12 @@ 356 ecP = SECNamedCurves.getByOID(oid); 357 } 358 359- if (ecP == null) 360- { 361- ecP = TeleTrusTNamedCurves.getByOID(oid); 362- } 363+ // BEGIN android-removed 364+ // if (ecP == null) 365+ // { 366+ // ecP = TeleTrusTNamedCurves.getByOID(oid); 367+ // } 368+ // END android-removed 369 370 // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup 371 372@@ -111,7 +119,9 @@ 373 addEnumeration(v, X962NamedCurves.getNames()); 374 addEnumeration(v, SECNamedCurves.getNames()); 375 addEnumeration(v, NISTNamedCurves.getNames()); 376- addEnumeration(v, TeleTrusTNamedCurves.getNames()); 377+ // BEGIN android-removed 378+ // addEnumeration(v, TeleTrusTNamedCurves.getNames()); 379+ // END android-removed 380 381 return v.elements(); 382 } 383diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 384--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000 385+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-09-26 18:06:21.000000000 +0000 386@@ -0,0 +1,87 @@ 387+/* 388+ * Copyright (C) 2012 The Android Open Source Project 389+ * 390+ * Licensed under the Apache License, Version 2.0 (the "License"); 391+ * you may not use this file except in compliance with the License. 392+ * You may obtain a copy of the License at 393+ * 394+ * http://www.apache.org/licenses/LICENSE-2.0 395+ * 396+ * Unless required by applicable law or agreed to in writing, software 397+ * distributed under the License is distributed on an "AS IS" BASIS, 398+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 399+ * See the License for the specific language governing permissions and 400+ * limitations under the License. 401+ */ 402+ 403+package org.bouncycastle.crypto.digests; 404+ 405+import org.bouncycastle.crypto.Digest; 406+ 407+/** 408+ * Level of indirection to let us select OpenSSLDigest implementations 409+ * for libcore but fallback to BouncyCastle ones on the RI. 410+ */ 411+public final class AndroidDigestFactory { 412+ private static final String OpenSSLFactoryClassName 413+ = AndroidDigestFactory.class.getName() + "OpenSSL"; 414+ private static final String BouncyCastleFactoryClassName 415+ = AndroidDigestFactory.class.getName() + "BouncyCastle"; 416+ 417+ private static final AndroidDigestFactoryInterface FACTORY; 418+ static { 419+ Class factoryImplementationClass; 420+ try { 421+ factoryImplementationClass = Class.forName(OpenSSLFactoryClassName); 422+ // Double check for NativeCrypto in case we are running on RI for testing 423+ Class.forName("com.android.org.conscrypt.NativeCrypto"); 424+ } catch (ClassNotFoundException e1) { 425+ try { 426+ factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName); 427+ } catch (ClassNotFoundException e2) { 428+ AssertionError e = new AssertionError("Failed to load " 429+ + "AndroidDigestFactoryInterface " 430+ + "implementation. Looked for " 431+ + OpenSSLFactoryClassName + " and " 432+ + BouncyCastleFactoryClassName); 433+ e.initCause(e1); 434+ throw e; 435+ } 436+ } 437+ if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) { 438+ throw new AssertionError(factoryImplementationClass 439+ + "does not implement AndroidDigestFactoryInterface"); 440+ } 441+ try { 442+ FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance(); 443+ } catch (InstantiationException e) { 444+ throw new AssertionError(e); 445+ } catch (IllegalAccessException e) { 446+ throw new AssertionError(e); 447+ } 448+ } 449+ 450+ public static Digest getMD5() { 451+ return FACTORY.getMD5(); 452+ } 453+ 454+ public static Digest getSHA1() { 455+ return FACTORY.getSHA1(); 456+ } 457+ 458+ public static Digest getSHA224() { 459+ return FACTORY.getSHA224(); 460+ } 461+ 462+ public static Digest getSHA256() { 463+ return FACTORY.getSHA256(); 464+ } 465+ 466+ public static Digest getSHA384() { 467+ return FACTORY.getSHA384(); 468+ } 469+ 470+ public static Digest getSHA512() { 471+ return FACTORY.getSHA512(); 472+ } 473+} 474diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 475--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000 476+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-09-26 18:06:21.000000000 +0000 477@@ -0,0 +1,40 @@ 478+/* 479+ * Copyright (C) 2012 The Android Open Source Project 480+ * 481+ * Licensed under the Apache License, Version 2.0 (the "License"); 482+ * you may not use this file except in compliance with the License. 483+ * You may obtain a copy of the License at 484+ * 485+ * http://www.apache.org/licenses/LICENSE-2.0 486+ * 487+ * Unless required by applicable law or agreed to in writing, software 488+ * distributed under the License is distributed on an "AS IS" BASIS, 489+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 490+ * See the License for the specific language governing permissions and 491+ * limitations under the License. 492+ */ 493+ 494+package org.bouncycastle.crypto.digests; 495+ 496+import org.bouncycastle.crypto.Digest; 497+ 498+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface { 499+ public Digest getMD5() { 500+ return new MD5Digest(); 501+ } 502+ public Digest getSHA1() { 503+ return new SHA1Digest(); 504+ } 505+ public Digest getSHA224() { 506+ return new SHA224Digest(); 507+ } 508+ public Digest getSHA256() { 509+ return new SHA256Digest(); 510+ } 511+ public Digest getSHA384() { 512+ return new SHA384Digest(); 513+ } 514+ public Digest getSHA512() { 515+ return new SHA512Digest(); 516+ } 517+} 518diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 519--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000 520+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-09-26 18:06:21.000000000 +0000 521@@ -0,0 +1,28 @@ 522+/* 523+ * Copyright (C) 2012 The Android Open Source Project 524+ * 525+ * Licensed under the Apache License, Version 2.0 (the "License"); 526+ * you may not use this file except in compliance with the License. 527+ * You may obtain a copy of the License at 528+ * 529+ * http://www.apache.org/licenses/LICENSE-2.0 530+ * 531+ * Unless required by applicable law or agreed to in writing, software 532+ * distributed under the License is distributed on an "AS IS" BASIS, 533+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 534+ * See the License for the specific language governing permissions and 535+ * limitations under the License. 536+ */ 537+ 538+package org.bouncycastle.crypto.digests; 539+ 540+import org.bouncycastle.crypto.Digest; 541+ 542+interface AndroidDigestFactoryInterface { 543+ public Digest getMD5(); 544+ public Digest getSHA1(); 545+ public Digest getSHA224(); 546+ public Digest getSHA256(); 547+ public Digest getSHA384(); 548+ public Digest getSHA512(); 549+} 550diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 551--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000 552+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-09-26 18:06:21.000000000 +0000 553@@ -0,0 +1,40 @@ 554+/* 555+ * Copyright (C) 2012 The Android Open Source Project 556+ * 557+ * Licensed under the Apache License, Version 2.0 (the "License"); 558+ * you may not use this file except in compliance with the License. 559+ * You may obtain a copy of the License at 560+ * 561+ * http://www.apache.org/licenses/LICENSE-2.0 562+ * 563+ * Unless required by applicable law or agreed to in writing, software 564+ * distributed under the License is distributed on an "AS IS" BASIS, 565+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 566+ * See the License for the specific language governing permissions and 567+ * limitations under the License. 568+ */ 569+ 570+package org.bouncycastle.crypto.digests; 571+ 572+import org.bouncycastle.crypto.Digest; 573+ 574+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface { 575+ public Digest getMD5() { 576+ return new OpenSSLDigest.MD5(); 577+ } 578+ public Digest getSHA1() { 579+ return new OpenSSLDigest.SHA1(); 580+ } 581+ public Digest getSHA224() { 582+ return new OpenSSLDigest.SHA224(); 583+ } 584+ public Digest getSHA256() { 585+ return new OpenSSLDigest.SHA256(); 586+ } 587+ public Digest getSHA384() { 588+ return new OpenSSLDigest.SHA384(); 589+ } 590+ public Digest getSHA512() { 591+ return new OpenSSLDigest.SHA512(); 592+ } 593+} 594diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 595--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 596+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2014-02-27 18:09:19.000000000 +0000 597@@ -0,0 +1,97 @@ 598+/* 599+ * Copyright (C) 2008 The Android Open Source Project 600+ * 601+ * Licensed under the Apache License, Version 2.0 (the "License"); 602+ * you may not use this file except in compliance with the License. 603+ * You may obtain a copy of the License at 604+ * 605+ * http://www.apache.org/licenses/LICENSE-2.0 606+ * 607+ * Unless required by applicable law or agreed to in writing, software 608+ * distributed under the License is distributed on an "AS IS" BASIS, 609+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 610+ * See the License for the specific language governing permissions and 611+ * limitations under the License. 612+ */ 613+ 614+package org.bouncycastle.crypto.digests; 615+ 616+import org.bouncycastle.crypto.ExtendedDigest; 617+import org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi; 618+import java.security.DigestException; 619+import java.security.MessageDigest; 620+ 621+/** 622+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This 623+ * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it. 624+ */ 625+public class OpenSSLDigest implements ExtendedDigest { 626+ private final MessageDigest delegate; 627+ 628+ private final int byteSize; 629+ 630+ public OpenSSLDigest(String algorithm, int byteSize) { 631+ try { 632+ delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL"); 633+ this.byteSize = byteSize; 634+ } catch (Exception e) { 635+ throw new RuntimeException(e); 636+ } 637+ } 638+ 639+ public String getAlgorithmName() { 640+ return delegate.getAlgorithm(); 641+ } 642+ 643+ public int getDigestSize() { 644+ return delegate.getDigestLength(); 645+ } 646+ 647+ public int getByteLength() { 648+ return byteSize; 649+ } 650+ 651+ public void reset() { 652+ delegate.reset(); 653+ } 654+ 655+ public void update(byte in) { 656+ delegate.update(in); 657+ } 658+ 659+ public void update(byte[] in, int inOff, int len) { 660+ delegate.update(in, inOff, len); 661+ } 662+ 663+ public int doFinal(byte[] out, int outOff) { 664+ try { 665+ return delegate.digest(out, outOff, out.length - outOff); 666+ } catch (DigestException e) { 667+ throw new RuntimeException(e); 668+ } 669+ } 670+ 671+ public static class MD5 extends OpenSSLDigest { 672+ public MD5() { super("MD5", 64); } 673+ } 674+ 675+ public static class SHA1 extends OpenSSLDigest { 676+ public SHA1() { super("SHA-1", 64); } 677+ } 678+ 679+ public static class SHA224 extends OpenSSLDigest { 680+ public SHA224() { super("SHA-224", 64); } 681+ } 682+ 683+ public static class SHA256 extends OpenSSLDigest { 684+ public SHA256() { super("SHA-256", 64); } 685+ } 686+ 687+ public static class SHA384 extends OpenSSLDigest { 688+ public SHA384() { super("SHA-384", 128); } 689+ } 690+ 691+ public static class SHA512 extends OpenSSLDigest { 692+ public SHA512() { super("SHA-512", 128); } 693+ } 694+} 695diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 696--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2015-03-01 12:03:02.000000000 +0000 697+++ bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2014-07-28 19:51:54.000000000 +0000 698@@ -10,7 +10,9 @@ 699 import org.bouncycastle.asn1.x9.X9ECParametersHolder; 700 import org.bouncycastle.math.ec.ECCurve; 701 import org.bouncycastle.math.ec.ECPoint; 702-import org.bouncycastle.math.ec.custom.djb.Curve25519; 703+// BEGIN android-removed 704+// import org.bouncycastle.math.ec.custom.djb.Curve25519; 705+// END android-removed 706 import org.bouncycastle.math.ec.custom.sec.SecP192K1Curve; 707 import org.bouncycastle.math.ec.custom.sec.SecP192R1Curve; 708 import org.bouncycastle.math.ec.custom.sec.SecP224K1Curve; 709@@ -36,32 +38,34 @@ 710 return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create(); 711 } 712 713- /* 714- * curve25519 715- */ 716- static X9ECParametersHolder curve25519 = new X9ECParametersHolder() 717- { 718- protected X9ECParameters createParameters() 719- { 720- byte[] S = null; 721- ECCurve curve = configureCurve(new Curve25519()); 722- 723- /* 724- * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form 725- * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). 726- * 727- * The Curve25519 paper doesn't say which of the two possible y values the base 728- * point has. The choice here is guided by language in the Ed25519 paper. 729- * 730- * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 731- */ 732- ECPoint G = curve.decodePoint(Hex.decode("04" 733- + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" 734- + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); 735- 736- return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); 737- } 738- }; 739+ // BEGIN android-removed 740+ // /* 741+ // * curve25519 742+ // */ 743+ // static X9ECParametersHolder curve25519 = new X9ECParametersHolder() 744+ // { 745+ // protected X9ECParameters createParameters() 746+ // { 747+ // byte[] S = null; 748+ // ECCurve curve = configureCurve(new Curve25519()); 749+ // 750+ // /* 751+ // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form 752+ // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). 753+ // * 754+ // * The Curve25519 paper doesn't say which of the two possible y values the base 755+ // * point has. The choice here is guided by language in the Ed25519 paper. 756+ // * 757+ // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 758+ // */ 759+ // ECPoint G = curve.decodePoint(Hex.decode("04" 760+ // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" 761+ // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); 762+ // 763+ // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); 764+ // } 765+ // }; 766+ // END android-removed 767 768 /* 769 * secp192k1 770@@ -254,7 +258,9 @@ 771 772 static 773 { 774- defineCurve("curve25519", curve25519); 775+ // BEGIN android-removed 776+ // defineCurve("curve25519", curve25519); 777+ // END android-removed 778 779 defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1); 780 defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1); 781diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 782--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2015-03-01 12:03:02.000000000 +0000 783+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-05-25 02:14:15.000000000 +0000 784@@ -6,7 +6,9 @@ 785 import org.bouncycastle.crypto.CipherParameters; 786 import org.bouncycastle.crypto.Digest; 787 import org.bouncycastle.crypto.InvalidCipherTextException; 788-import org.bouncycastle.crypto.digests.SHA1Digest; 789+// BEGIN android-changed 790+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 791+// END android-changed 792 import org.bouncycastle.crypto.params.ParametersWithRandom; 793 794 /** 795@@ -25,7 +27,9 @@ 796 public OAEPEncoding( 797 AsymmetricBlockCipher cipher) 798 { 799- this(cipher, new SHA1Digest(), null); 800+ // BEGIN android-changed 801+ this(cipher, AndroidDigestFactory.getSHA1(), null); 802+ // END android-changed 803 } 804 805 public OAEPEncoding( 806diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 807--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-03-01 12:03:02.000000000 +0000 808+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-04-09 13:10:16.000000000 +0000 809@@ -378,6 +378,12 @@ 810 throw new InvalidCipherTextException("unknown block type"); 811 } 812 } 813+ // BEGIN android-added 814+ if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) 815+ { 816+ throw new InvalidCipherTextException("invalid block type " + type); 817+ } 818+ // END android-added 819 820 if (useStrictLength && block.length != engine.getOutputBlockSize()) 821 { 822diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 823--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2015-03-01 12:03:02.000000000 +0000 824+++ bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2014-07-28 19:51:54.000000000 +0000 825@@ -6,7 +6,9 @@ 826 import org.bouncycastle.crypto.Digest; 827 import org.bouncycastle.crypto.InvalidCipherTextException; 828 import org.bouncycastle.crypto.Wrapper; 829-import org.bouncycastle.crypto.digests.SHA1Digest; 830+// BEGIN android-changed 831+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 832+// END android-changed 833 import org.bouncycastle.crypto.modes.CBCBlockCipher; 834 import org.bouncycastle.crypto.params.KeyParameter; 835 import org.bouncycastle.crypto.params.ParametersWithIV; 836@@ -52,7 +54,9 @@ 837 // 838 // checksum digest 839 // 840- Digest sha1 = new SHA1Digest(); 841+ // BEGIN android-changed 842+ Digest sha1 = AndroidDigestFactory.getSHA1(); 843+ // END android-changed 844 byte[] digest = new byte[20]; 845 846 /** 847diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 848--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2015-03-01 12:03:02.000000000 +0000 849+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 2014-07-28 19:51:54.000000000 +0000 850@@ -3,11 +3,18 @@ 851 import java.math.BigInteger; 852 import java.security.SecureRandom; 853 854+// BEGIN android-added 855+import java.util.logging.Logger; 856+// END android-added 857 import org.bouncycastle.math.ec.WNafUtil; 858 import org.bouncycastle.util.BigIntegers; 859 860 class DHParametersHelper 861 { 862+ // BEGIN android-added 863+ private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); 864+ // END android-added 865+ 866 private static final BigInteger ONE = BigInteger.valueOf(1); 867 private static final BigInteger TWO = BigInteger.valueOf(2); 868 869@@ -18,12 +25,20 @@ 870 */ 871 static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) 872 { 873+ // BEGIN android-added 874+ logger.info("Generating safe primes. This may take a long time."); 875+ long start = System.currentTimeMillis(); 876+ int tries = 0; 877+ // END android-added 878 BigInteger p, q; 879 int qLength = size - 1; 880 int minWeight = size >>> 2; 881 882 for (;;) 883 { 884+ // BEGIN android-added 885+ tries++; 886+ // END android-added 887 q = new BigInteger(qLength, 2, random); 888 889 // p <- 2q + 1 890@@ -52,6 +67,11 @@ 891 892 break; 893 } 894+ // BEGIN android-added 895+ long end = System.currentTimeMillis(); 896+ long duration = end - start; 897+ logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); 898+ // END android-added 899 900 return new BigInteger[] { p, q }; 901 } 902diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 903--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 904+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2014-07-28 19:51:54.000000000 +0000 905@@ -4,7 +4,9 @@ 906 import java.security.SecureRandom; 907 908 import org.bouncycastle.crypto.Digest; 909-import org.bouncycastle.crypto.digests.SHA1Digest; 910+// BEGIN android-changed 911+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 912+// END android-changed 913 import org.bouncycastle.crypto.params.DSAParameterGenerationParameters; 914 import org.bouncycastle.crypto.params.DSAParameters; 915 import org.bouncycastle.crypto.params.DSAValidationParameters; 916@@ -31,7 +33,9 @@ 917 918 public DSAParametersGenerator() 919 { 920- this(new SHA1Digest()); 921+ // BEGIN android-changed 922+ this(AndroidDigestFactory.getSHA1()); 923+ // END android-changed 924 } 925 926 public DSAParametersGenerator(Digest digest) 927@@ -122,7 +126,9 @@ 928 int n = (L - 1) / 160; 929 byte[] w = new byte[L / 8]; 930 931- if (!(digest instanceof SHA1Digest)) 932+ // BEGIN android-changed 933+ if (!(digest.getAlgorithmName().equals("SHA-1"))) 934+ // END android-changed 935 { 936 throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters"); 937 } 938diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 939--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 940+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000 941@@ -3,7 +3,9 @@ 942 import org.bouncycastle.crypto.CipherParameters; 943 import org.bouncycastle.crypto.Digest; 944 import org.bouncycastle.crypto.PBEParametersGenerator; 945-import org.bouncycastle.crypto.digests.MD5Digest; 946+// BEGIN android-changed 947+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 948+// END android-changed 949 import org.bouncycastle.crypto.params.KeyParameter; 950 import org.bouncycastle.crypto.params.ParametersWithIV; 951 952@@ -17,7 +19,9 @@ 953 public class OpenSSLPBEParametersGenerator 954 extends PBEParametersGenerator 955 { 956- private Digest digest = new MD5Digest(); 957+ // BEGIN android-changed 958+ private Digest digest = AndroidDigestFactory.getMD5(); 959+ // END android-changed 960 961 /** 962 * Construct a OpenSSL Parameters generator. 963diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 964--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 965+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-12-12 00:35:05.000000000 +0000 966@@ -4,7 +4,9 @@ 967 import org.bouncycastle.crypto.Digest; 968 import org.bouncycastle.crypto.Mac; 969 import org.bouncycastle.crypto.PBEParametersGenerator; 970-import org.bouncycastle.crypto.digests.SHA1Digest; 971+// BEGIN android-changed 972+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 973+// END android-changed 974 import org.bouncycastle.crypto.macs.HMac; 975 import org.bouncycastle.crypto.params.KeyParameter; 976 import org.bouncycastle.crypto.params.ParametersWithIV; 977@@ -28,7 +30,9 @@ 978 */ 979 public PKCS5S2ParametersGenerator() 980 { 981- this(new SHA1Digest()); 982+ // BEGIN android-changed 983+ this(AndroidDigestFactory.getSHA1()); 984+ // END android-changed 985 } 986 987 public PKCS5S2ParametersGenerator(Digest digest) 988diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 989--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java 2015-03-01 12:03:02.000000000 +0000 990+++ bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 2013-09-26 18:06:21.000000000 +0000 991@@ -36,14 +36,18 @@ 992 { 993 blockLengths = new Hashtable(); 994 995- blockLengths.put("GOST3411", Integers.valueOf(32)); 996- 997- blockLengths.put("MD2", Integers.valueOf(16)); 998- blockLengths.put("MD4", Integers.valueOf(64)); 999+ // BEGIN android-removed 1000+ // blockLengths.put("GOST3411", Integers.valueOf(32)); 1001+ // 1002+ // blockLengths.put("MD2", Integers.valueOf(16)); 1003+ // blockLengths.put("MD4", Integers.valueOf(64)); 1004+ // END android-removed 1005 blockLengths.put("MD5", Integers.valueOf(64)); 1006 1007- blockLengths.put("RIPEMD128", Integers.valueOf(64)); 1008- blockLengths.put("RIPEMD160", Integers.valueOf(64)); 1009+ // BEGIN android-removed 1010+ // blockLengths.put("RIPEMD128", Integers.valueOf(64)); 1011+ // blockLengths.put("RIPEMD160", Integers.valueOf(64)); 1012+ // END android-removed 1013 1014 blockLengths.put("SHA-1", Integers.valueOf(64)); 1015 blockLengths.put("SHA-224", Integers.valueOf(64)); 1016@@ -51,8 +55,10 @@ 1017 blockLengths.put("SHA-384", Integers.valueOf(128)); 1018 blockLengths.put("SHA-512", Integers.valueOf(128)); 1019 1020- blockLengths.put("Tiger", Integers.valueOf(64)); 1021- blockLengths.put("Whirlpool", Integers.valueOf(64)); 1022+ // BEGIN android-removed 1023+ // blockLengths.put("Tiger", Integers.valueOf(64)); 1024+ // blockLengths.put("Whirlpool", Integers.valueOf(64)); 1025+ // END android-removed 1026 } 1027 1028 private static int getByteLength( 1029diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java 1030--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-03-01 12:03:02.000000000 +0000 1031+++ bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-04-09 13:10:16.000000000 +0000 1032@@ -24,6 +24,11 @@ 1033 implements AEADBlockCipher 1034 { 1035 private static final int BLOCK_SIZE = 16; 1036+ // BEGIN android-added 1037+ // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak 1038+ // plaintext and authentication key 1039+ private static final long MAX_INPUT_SIZE = 68719476704L; 1040+ // END android-added 1041 1042 // not final due to a compiler bug 1043 private BlockCipher cipher; 1044@@ -202,6 +207,14 @@ 1045 return totalData < macSize ? 0 : totalData - macSize; 1046 } 1047 1048+ // BEGIN android-added 1049+ /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */ 1050+ private long getTotalInputSizeAfterNewInput(int newInputLen) 1051+ { 1052+ return totalLength + newInputLen + bufOff; 1053+ } 1054+ // END android-added 1055+ 1056 public int getUpdateOutputSize(int len) 1057 { 1058 int totalData = len + bufOff; 1059@@ -218,6 +231,11 @@ 1060 1061 public void processAADByte(byte in) 1062 { 1063+ // BEGIN android-added 1064+ if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { 1065+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1066+ } 1067+ // END android-added 1068 atBlock[atBlockPos] = in; 1069 if (++atBlockPos == BLOCK_SIZE) 1070 { 1071@@ -230,6 +248,11 @@ 1072 1073 public void processAADBytes(byte[] in, int inOff, int len) 1074 { 1075+ // BEGIN android-added 1076+ if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { 1077+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1078+ } 1079+ // END android-added 1080 for (int i = 0; i < len; ++i) 1081 { 1082 atBlock[atBlockPos] = in[inOff + i]; 1083@@ -267,6 +290,11 @@ 1084 public int processByte(byte in, byte[] out, int outOff) 1085 throws DataLengthException 1086 { 1087+ // BEGIN android-added 1088+ if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { 1089+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1090+ } 1091+ // END android-added 1092 bufBlock[bufOff] = in; 1093 if (++bufOff == bufBlock.length) 1094 { 1095@@ -279,6 +307,11 @@ 1096 public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff) 1097 throws DataLengthException 1098 { 1099+ // BEGIN android-added 1100+ if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { 1101+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1102+ } 1103+ // END android-added 1104 if (in.length < (inOff + len)) 1105 { 1106 throw new DataLengthException("Input buffer too short"); 1107diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 1108--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-03-01 12:03:02.000000000 +0000 1109+++ bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-04-09 13:10:16.000000000 +0000 1110@@ -39,9 +39,11 @@ 1111 */ 1112 static 1113 { 1114- oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1115- oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1116- oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1117+ // BEGIN android-removed 1118+ // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1119+ // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1120+ // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1121+ // END android-removed 1122 1123 oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); 1124 oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 1125@@ -51,8 +53,10 @@ 1126 oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224); 1127 oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256); 1128 1129- oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1130- oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1131+ // BEGIN android-removed 1132+ // oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1133+ // oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1134+ // END android-removed 1135 oidMap.put("MD5", PKCSObjectIdentifiers.md5); 1136 } 1137 1138diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 1139--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2015-03-01 12:03:02.000000000 +0000 1140+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2014-07-28 19:51:54.000000000 +0000 1141@@ -9,7 +9,9 @@ 1142 import org.bouncycastle.asn1.ASN1Integer; 1143 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1144 import org.bouncycastle.asn1.ASN1Primitive; 1145-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1146+// BEGIN android-removed 1147+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1148+// END android-removed 1149 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1150 import org.bouncycastle.asn1.pkcs.DHParameter; 1151 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1152@@ -31,8 +33,10 @@ 1153 import org.bouncycastle.crypto.params.ECDomainParameters; 1154 import org.bouncycastle.crypto.params.ECNamedDomainParameters; 1155 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 1156-import org.bouncycastle.crypto.params.ElGamalParameters; 1157-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1158+// BEGIN android-removed 1159+// import org.bouncycastle.crypto.params.ElGamalParameters; 1160+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1161+// END android-removed 1162 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; 1163 1164 /** 1165@@ -98,14 +102,16 @@ 1166 1167 return new DHPrivateKeyParameters(derX.getValue(), dhParams); 1168 } 1169- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1170- { 1171- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1172- ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1173- 1174- return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1175- params.getP(), params.getG())); 1176- } 1177+ // BEGIN android-removed 1178+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1179+ // { 1180+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1181+ // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1182+ // 1183+ // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1184+ // params.getP(), params.getG())); 1185+ // } 1186+ // END android-removed 1187 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) 1188 { 1189 ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1190diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 1191--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2015-03-01 12:03:02.000000000 +0000 1192+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 2014-07-28 19:51:54.000000000 +0000 1193@@ -11,7 +11,9 @@ 1194 import org.bouncycastle.asn1.ASN1OctetString; 1195 import org.bouncycastle.asn1.ASN1Primitive; 1196 import org.bouncycastle.asn1.DEROctetString; 1197-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1198+// BEGIN android-removed 1199+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1200+// END android-removed 1201 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1202 import org.bouncycastle.asn1.pkcs.DHParameter; 1203 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1204@@ -38,8 +40,10 @@ 1205 import org.bouncycastle.crypto.params.ECDomainParameters; 1206 import org.bouncycastle.crypto.params.ECNamedDomainParameters; 1207 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 1208-import org.bouncycastle.crypto.params.ElGamalParameters; 1209-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1210+// BEGIN android-removed 1211+// import org.bouncycastle.crypto.params.ElGamalParameters; 1212+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1213+// END android-removed 1214 import org.bouncycastle.crypto.params.RSAKeyParameters; 1215 1216 /** 1217@@ -133,14 +137,16 @@ 1218 1219 return new DHPublicKeyParameters(derY.getValue(), dhParams); 1220 } 1221- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1222- { 1223- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1224- ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1225- 1226- return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1227- params.getP(), params.getG())); 1228- } 1229+ // BEGIN android-removed 1230+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1231+ // { 1232+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1233+ // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1234+ // 1235+ // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1236+ // params.getP(), params.getG())); 1237+ // } 1238+ // END android-removed 1239 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) 1240 || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) 1241 { 1242diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 1243--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2015-03-01 12:03:02.000000000 +0000 1244+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2014-07-28 19:51:54.000000000 +0000 1245@@ -35,10 +35,12 @@ 1246 1247 provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); 1248 1249- provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1250- provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1251- provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1252- provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1253+ // BEGIN android-removed 1254+ // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1255+ // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1256+ // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1257+ // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1258+ // END android-removed 1259 1260 registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi()); 1261 registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi()); 1262diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 1263--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-03-01 12:03:02.000000000 +0000 1264+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-06-01 19:10:55.000000000 +0000 1265@@ -27,40 +27,55 @@ 1266 provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); 1267 provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); 1268 1269- provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); 1270+ // BEGIN android-changed 1271+ provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); 1272+ // END android-changed 1273 provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); 1274 1275 provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); 1276 1277- provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1278- provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1279- provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1280- provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1281- provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1282- provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1283+ // BEGIN android-removed 1284+ // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1285+ // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1286+ // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1287+ // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1288+ // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1289+ // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1290+ // END android-removed 1291 1292 addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1293 addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1294- addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1295- addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1296- 1297- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); 1298- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); 1299- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); 1300- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); 1301- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); 1302- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); 1303- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); 1304- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); 1305- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); 1306- 1307- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1308+ // BEGIN android-removed 1309+ // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1310+ // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1311+ // END android-removed 1312+ 1313+ // BEGIN android-added 1314+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); 1315+ // END android-added 1316+ // BEGIN android-changed 1317+ provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); 1318+ provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA"); 1319+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); 1320+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); 1321+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); 1322+ provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); 1323+ provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); 1324+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); 1325+ provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); 1326+ // END android-changed 1327+ 1328+ // BEGIN android-removed 1329+ // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1330+ // END android-removed 1331 1332 AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); 1333 1334 for (int i = 0; i != DSAUtil.dsaOids.length; i++) 1335 { 1336- provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA"); 1337+ // BEGIN android-changed 1338+ provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); 1339+ // END android-changed 1340 1341 registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); 1342 registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); 1343diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 1344--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-03-01 12:03:02.000000000 +0000 1345+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-04-09 13:10:16.000000000 +0000 1346@@ -1,8 +1,10 @@ 1347 package org.bouncycastle.jcajce.provider.asymmetric; 1348 1349-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; 1350-import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1351-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1352+// BEGIN android-removed 1353+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; 1354+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1355+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1356+// END android-removed 1357 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 1358 import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; 1359 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1360@@ -22,45 +24,59 @@ 1361 public void configure(ConfigurableProvider provider) 1362 { 1363 provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); 1364- provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1365- provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1366- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1367- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1368- provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1369+ // BEGIN android-removed 1370+ // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1371+ // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1372+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1373+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1374+ // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1375+ // END android-removed 1376 1377 registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); 1378 // TODO Should this be an alias for ECDH? 1379 registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); 1380- registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1381- 1382- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1383+ // BEGIN android-removed 1384+ // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1385+ // 1386+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem 1387+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). 1388+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1389+ // END android-removed 1390 // TODO Should this be an alias for ECDH? 1391- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1392- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1393+ // BEGIN android-removed 1394+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem 1395+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). 1396+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1397+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1398+ // END android-removed 1399 1400 provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); 1401- provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1402- provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1403- provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1404- provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1405+ // BEGIN android-removed 1406+ // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1407+ // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1408+ // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1409+ // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1410+ // END android-removed 1411 1412 provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); 1413- provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1414- provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1415- provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1416- provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1417- provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1418- provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1419- 1420- provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1421- provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1422- provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1423- provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1424- provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1425- provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1426- provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1427- provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1428- provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1429+ // BEGIN android-removed 1430+ // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1431+ // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1432+ // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1433+ // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1434+ // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1435+ // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1436+ // 1437+ // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1438+ // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1439+ // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1440+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1441+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1442+ // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1443+ // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1444+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1445+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1446+ // END android-removed 1447 1448 provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); 1449 provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); 1450@@ -72,39 +88,43 @@ 1451 provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); 1452 provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); 1453 provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); 1454- provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1455- 1456- provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1457- provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1458- provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1459- provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1460- provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1461- provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1462+ // BEGIN android-removed 1463+ // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1464+ // 1465+ // provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1466+ // provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1467+ // provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1468+ // provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1469+ // provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1470+ // provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1471+ // END android-removed 1472 1473 addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1474 addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); 1475 addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); 1476 addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); 1477- addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1478- 1479- provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1480- provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1481- provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1482- provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1483- provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1484- 1485- addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1486- addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1487- addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1488- addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1489- addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1490- 1491- addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); 1492- addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); 1493- addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); 1494- addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); 1495- addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); 1496- addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); 1497+ // BEGIN android-removed 1498+ // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1499+ // 1500+ // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1501+ // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1502+ // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1503+ // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1504+ // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1505+ // 1506+ // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1507+ // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1508+ // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1509+ // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1510+ // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1511+ // 1512+ // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); 1513+ // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); 1514+ // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); 1515+ // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); 1516+ // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); 1517+ // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); 1518+ // END android-removed 1519 } 1520 } 1521 } 1522diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 1523--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-03-01 12:03:02.000000000 +0000 1524+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-04-09 13:10:16.000000000 +0000 1525@@ -3,7 +3,9 @@ 1526 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1527 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1528 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1529-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1530+// BEGIN android-removed 1531+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1532+// END android-removed 1533 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 1534 import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; 1535 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1536@@ -24,41 +26,49 @@ 1537 public void configure(ConfigurableProvider provider) 1538 { 1539 provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); 1540- provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1541- 1542- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1543- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1544- 1545- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1546- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1547- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1548- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1549- 1550- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1551- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1552- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1553- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1554- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1555- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1556- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1557- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1558+ // BEGIN android-removed 1559+ // provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1560+ // 1561+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1562+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1563+ // 1564+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1565+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1566+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1567+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1568+ // 1569+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1570+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1571+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1572+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1573+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1574+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1575+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1576+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1577+ // END android-removed 1578 1579 provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); 1580- provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding"); 1581- provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1582- provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1583- provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1584- provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1585- provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1586- provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1587- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1588- provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1589+ // BEGIN android-changed 1590+ provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); 1591+ // END android-changed 1592+ // BEGIN android-removed 1593+ // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1594+ // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1595+ // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1596+ // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1597+ // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1598+ // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1599+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1600+ // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1601+ // END android-removed 1602 1603 provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); 1604 provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); 1605- provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1606- provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1607- provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1608+ // BEGIN android-removed 1609+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1610+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1611+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1612+ // END android-removed 1613 1614 provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); 1615 provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); 1616@@ -68,79 +78,89 @@ 1617 registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); 1618 registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); 1619 registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); 1620- registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1621- 1622- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1623- registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1624- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1625- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1626- 1627- 1628- provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1629- provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1630- provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1631- 1632- provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1633- provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1634- provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1635- provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1636- provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1637- provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1638- provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1639- provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1640- 1641- provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1642- provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1643- 1644- provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1645- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1646- provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1647- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1648- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1649- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1650- provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1651- 1652- 1653- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1654- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1655- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1656- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1657- 1658- if (provider.hasAlgorithm("MessageDigest", "MD2")) 1659- { 1660- addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1661- } 1662- 1663- if (provider.hasAlgorithm("MessageDigest", "MD4")) 1664- { 1665- addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1666- } 1667+ // BEGIN android-removed 1668+ // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1669+ // 1670+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1671+ // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1672+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1673+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1674+ // 1675+ // 1676+ // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1677+ // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1678+ // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1679+ // 1680+ // provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1681+ // provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1682+ // provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1683+ // provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1684+ // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1685+ // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1686+ // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1687+ // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1688+ // 1689+ // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1690+ // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1691+ // 1692+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1693+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1694+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1695+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1696+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1697+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1698+ // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1699+ // 1700+ // 1701+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1702+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1703+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1704+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1705+ // 1706+ // if (provider.hasAlgorithm("MessageDigest", "MD2")) 1707+ // { 1708+ // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1709+ // } 1710+ // 1711+ // if (provider.hasAlgorithm("MessageDigest", "MD4")) 1712+ // { 1713+ // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1714+ // } 1715+ // END android-removed 1716 1717 if (provider.hasAlgorithm("MessageDigest", "MD5")) 1718 { 1719 addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); 1720- provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1721- provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1722+ // END android-removed 1723+ // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1724+ // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1725+ // END android-removed 1726 } 1727 1728 if (provider.hasAlgorithm("MessageDigest", "SHA1")) 1729 { 1730- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1731- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1732- provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1733- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1734- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1735+ // BEGIN android-removed 1736+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1737+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1738+ // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1739+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1740+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1741+ // END android-removed 1742 1743 addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); 1744 1745- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1746- provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1747+ // BEGIN android-removed 1748+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1749+ // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1750+ // END android-removed 1751 provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1752 provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1753 1754- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); 1755- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); 1756- provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); 1757+ // BEGIN android-removed 1758+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); 1759+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); 1760+ // provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); 1761+ // END android-removed 1762 } 1763 1764 addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); 1765@@ -148,52 +168,54 @@ 1766 addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); 1767 addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); 1768 1769- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); 1770- provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); 1771- provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); 1772- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); 1773- provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); 1774- provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); 1775- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); 1776- provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); 1777- provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); 1778- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); 1779- provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); 1780- provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); 1781- 1782- if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1783- { 1784- addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1785- addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1786- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1787- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1788- provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); 1789- } 1790- 1791- if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1792- { 1793- addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1794- addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1795- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1796- provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1797- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1798- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1799- provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); 1800- } 1801- 1802- if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1803- { 1804- addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1805- addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1806- } 1807- 1808- if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) 1809- { 1810- provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1811- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1812- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1813- provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); 1814- } 1815+ // BEGIN android-removed 1816+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); 1817+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); 1818+ // provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); 1819+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); 1820+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); 1821+ // provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); 1822+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); 1823+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); 1824+ // provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); 1825+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); 1826+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); 1827+ // provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); 1828+ // 1829+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1830+ // { 1831+ // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1832+ // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1833+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1834+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1835+ // provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); 1836+ // } 1837+ // 1838+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1839+ // { 1840+ // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1841+ // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1842+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1843+ // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1844+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1845+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1846+ // provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); 1847+ // } 1848+ // 1849+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1850+ // { 1851+ // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1852+ // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1853+ // } 1854+ // 1855+ // if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) 1856+ // { 1857+ // provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1858+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1859+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1860+ // provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); 1861+ // } 1862+ // END android-removed 1863 } 1864 1865 private void addDigestSignature( 1866diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 1867--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2015-03-01 12:03:02.000000000 +0000 1868+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-09-17 23:04:47.000000000 +0000 1869@@ -18,8 +18,10 @@ 1870 1871 public void configure(ConfigurableProvider provider) 1872 { 1873- provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1874- provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1875+ // BEGIN android-removed 1876+ // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1877+ // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1878+ // END android-removed 1879 1880 // 1881 // certificate factories. 1882diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 1883--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2015-03-01 12:03:02.000000000 +0000 1884+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-12-12 00:35:05.000000000 +0000 1885@@ -23,13 +23,20 @@ 1886 import org.bouncycastle.crypto.DSA; 1887 import org.bouncycastle.crypto.Digest; 1888 import org.bouncycastle.crypto.digests.NullDigest; 1889-import org.bouncycastle.crypto.digests.SHA1Digest; 1890-import org.bouncycastle.crypto.digests.SHA224Digest; 1891-import org.bouncycastle.crypto.digests.SHA256Digest; 1892-import org.bouncycastle.crypto.digests.SHA384Digest; 1893-import org.bouncycastle.crypto.digests.SHA512Digest; 1894+// BEGIN android-added 1895+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1896+// END android-added 1897+// BEGIN android-removed 1898+// import org.bouncycastle.crypto.digests.SHA1Digest; 1899+// import org.bouncycastle.crypto.digests.SHA224Digest; 1900+// import org.bouncycastle.crypto.digests.SHA256Digest; 1901+// import org.bouncycastle.crypto.digests.SHA384Digest; 1902+// import org.bouncycastle.crypto.digests.SHA512Digest; 1903+// END android-removed 1904 import org.bouncycastle.crypto.params.ParametersWithRandom; 1905-import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1906+// BEGIN android-removed 1907+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1908+// END android-removed 1909 1910 public class DSASigner 1911 extends SignatureSpi 1912@@ -217,90 +224,102 @@ 1913 { 1914 public stdDSA() 1915 { 1916- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1917+ // BEGIN android-changed 1918+ super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); 1919+ // END android-changed 1920 } 1921 } 1922 1923- static public class detDSA 1924- extends DSASigner 1925- { 1926- public detDSA() 1927- { 1928- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 1929- } 1930- } 1931+ // BEGIN android-removed 1932+ // static public class detDSA 1933+ // extends DSASigner 1934+ // { 1935+ // public detDSA() 1936+ // { 1937+ // super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 1938+ // } 1939+ // } 1940+ // END android-removed 1941 1942 static public class dsa224 1943 extends DSASigner 1944 { 1945 public dsa224() 1946 { 1947- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1948+ // BEGIN android-changed 1949+ super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); 1950+ // END android-changed 1951 } 1952 } 1953 1954- static public class detDSA224 1955- extends DSASigner 1956- { 1957- public detDSA224() 1958- { 1959- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 1960- } 1961- } 1962+ // BEGIN android-removed 1963+ // static public class detDSA224 1964+ // extends DSASigner 1965+ // { 1966+ // public detDSA224() 1967+ // { 1968+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 1969+ // } 1970+ // } 1971+ // END android-removed 1972 1973 static public class dsa256 1974 extends DSASigner 1975 { 1976 public dsa256() 1977 { 1978- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1979+ // BEGIN android-changed 1980+ super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); 1981+ // END android-changed 1982 } 1983 } 1984 1985- static public class detDSA256 1986- extends DSASigner 1987- { 1988- public detDSA256() 1989- { 1990- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 1991- } 1992- } 1993- 1994- static public class dsa384 1995- extends DSASigner 1996- { 1997- public dsa384() 1998- { 1999- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2000- } 2001- } 2002- 2003- static public class detDSA384 2004- extends DSASigner 2005- { 2006- public detDSA384() 2007- { 2008- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 2009- } 2010- } 2011- 2012- static public class dsa512 2013- extends DSASigner 2014- { 2015- public dsa512() 2016- { 2017- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2018- } 2019- } 2020- 2021- static public class detDSA512 2022- extends DSASigner 2023- { 2024- public detDSA512() 2025- { 2026- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 2027- } 2028- } 2029+ // BEGIN android-removed 2030+ // static public class detDSA256 2031+ // extends DSASigner 2032+ // { 2033+ // public detDSA256() 2034+ // { 2035+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 2036+ // } 2037+ // } 2038+ // 2039+ // static public class dsa384 2040+ // extends DSASigner 2041+ // { 2042+ // public dsa384() 2043+ // { 2044+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2045+ // } 2046+ // } 2047+ // 2048+ // static public class detDSA384 2049+ // extends DSASigner 2050+ // { 2051+ // public detDSA384() 2052+ // { 2053+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 2054+ // } 2055+ // } 2056+ // 2057+ // static public class dsa512 2058+ // extends DSASigner 2059+ // { 2060+ // public dsa512() 2061+ // { 2062+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2063+ // } 2064+ // } 2065+ // 2066+ // static public class detDSA512 2067+ // extends DSASigner 2068+ // { 2069+ // public detDSA512() 2070+ // { 2071+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 2072+ // } 2073+ // } 2074+ // END android-removed 2075 2076 static public class noneDSA 2077 extends DSASigner 2078diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2079--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-03-01 12:03:02.000000000 +0000 2080+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-06-01 19:10:55.000000000 +0000 2081@@ -23,6 +23,9 @@ 2082 public static final ASN1ObjectIdentifier[] dsaOids = 2083 { 2084 X9ObjectIdentifiers.id_dsa, 2085+ // BEGIN android-added 2086+ X9ObjectIdentifiers.id_dsa_with_sha1, 2087+ // END android-added 2088 OIWObjectIdentifiers.dsaWithSHA1 2089 }; 2090 2091diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2092--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2015-03-01 12:03:02.000000000 +0000 2093+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2014-07-28 19:51:54.000000000 +0000 2094@@ -24,22 +24,28 @@ 2095 import org.bouncycastle.crypto.CipherParameters; 2096 import org.bouncycastle.crypto.DerivationFunction; 2097 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; 2098-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2099-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2100-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2101-import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2102+// BEGIN android-removed 2103+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2104+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2105+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2106+// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2107+// END android-removed 2108 import org.bouncycastle.crypto.digests.SHA1Digest; 2109 import org.bouncycastle.crypto.params.DESParameters; 2110 import org.bouncycastle.crypto.params.ECDomainParameters; 2111 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 2112 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 2113-import org.bouncycastle.crypto.params.MQVPrivateParameters; 2114-import org.bouncycastle.crypto.params.MQVPublicParameters; 2115+// BEGIN android-removed 2116+// import org.bouncycastle.crypto.params.MQVPrivateParameters; 2117+// import org.bouncycastle.crypto.params.MQVPublicParameters; 2118+// END android-removed 2119 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 2120 import org.bouncycastle.jce.interfaces.ECPrivateKey; 2121 import org.bouncycastle.jce.interfaces.ECPublicKey; 2122-import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2123-import org.bouncycastle.jce.interfaces.MQVPublicKey; 2124+// BEGIN android-removed 2125+// import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2126+// import org.bouncycastle.jce.interfaces.MQVPublicKey; 2127+// END android-removed 2128 import org.bouncycastle.util.Integers; 2129 import org.bouncycastle.util.Strings; 2130 2131@@ -89,7 +95,9 @@ 2132 private BigInteger result; 2133 private ECDomainParameters parameters; 2134 private BasicAgreement agreement; 2135- private DerivationFunction kdf; 2136+ // BEGIN android-removed 2137+ // private DerivationFunction kdf; 2138+ // END android-removed 2139 2140 private byte[] bigIntToBytes( 2141 BigInteger r) 2142@@ -104,7 +112,9 @@ 2143 { 2144 this.kaAlgorithm = kaAlgorithm; 2145 this.agreement = agreement; 2146- this.kdf = kdf; 2147+ // BEGIN android-removed 2148+ // this.kdf = kdf; 2149+ // END android-removed 2150 } 2151 2152 protected Key engineDoPhase( 2153@@ -123,25 +133,27 @@ 2154 } 2155 2156 CipherParameters pubKey; 2157- if (agreement instanceof ECMQVBasicAgreement) 2158- { 2159- if (!(key instanceof MQVPublicKey)) 2160- { 2161- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2162- + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2163- } 2164- 2165- MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2166- ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2167- ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2168- ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2169- ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2170- 2171- pubKey = new MQVPublicParameters(staticKey, ephemKey); 2172- 2173- // TODO Validate that all the keys are using the same parameters? 2174- } 2175- else 2176+ // BEGIN android-removed 2177+ // if (agreement instanceof ECMQVBasicAgreement) 2178+ // { 2179+ // if (!(key instanceof MQVPublicKey)) 2180+ // { 2181+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2182+ // + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2183+ // } 2184+ // 2185+ // MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2186+ // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2187+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2188+ // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2189+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2190+ // 2191+ // pubKey = new MQVPublicParameters(staticKey, ephemKey); 2192+ // 2193+ // // TODO Validate that all the keys are using the same parameters? 2194+ // } 2195+ // else 2196+ // END android-removed 2197 { 2198 if (!(key instanceof PublicKey)) 2199 { 2200@@ -162,11 +174,13 @@ 2201 protected byte[] engineGenerateSecret() 2202 throws IllegalStateException 2203 { 2204- if (kdf != null) 2205- { 2206- throw new UnsupportedOperationException( 2207- "KDF can only be used when algorithm is known"); 2208- } 2209+ // BEGIN android-removed 2210+ // if (kdf != null) 2211+ // { 2212+ // throw new UnsupportedOperationException( 2213+ // "KDF can only be used when algorithm is known"); 2214+ // } 2215+ // END android-removed 2216 2217 return bigIntToBytes(result); 2218 } 2219@@ -201,23 +215,25 @@ 2220 oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId(); 2221 } 2222 2223- if (kdf != null) 2224- { 2225- if (!algorithms.containsKey(oidAlgorithm)) 2226- { 2227- throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2228- } 2229- 2230- int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); 2231- 2232- DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); 2233- 2234- byte[] keyBytes = new byte[keySize / 8]; 2235- kdf.init(params); 2236- kdf.generateBytes(keyBytes, 0, keyBytes.length); 2237- secret = keyBytes; 2238- } 2239- else 2240+ // BEGIN android-removed 2241+ // if (kdf != null) 2242+ // { 2243+ // if (!algorithms.containsKey(oidAlgorithm)) 2244+ // { 2245+ // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2246+ // } 2247+ // 2248+ // int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); 2249+ // 2250+ // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); 2251+ // 2252+ // byte[] keyBytes = new byte[keySize / 8]; 2253+ // kdf.init(params); 2254+ // kdf.generateBytes(keyBytes, 0, keyBytes.length); 2255+ // secret = keyBytes; 2256+ // } 2257+ // else 2258+ // END android-removed 2259 { 2260 if (algorithms.containsKey(oidAlgorithm)) 2261 { 2262@@ -264,35 +280,37 @@ 2263 private void initFromKey(Key key) 2264 throws InvalidKeyException 2265 { 2266- if (agreement instanceof ECMQVBasicAgreement) 2267- { 2268- if (!(key instanceof MQVPrivateKey)) 2269- { 2270- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2271- + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2272- } 2273- 2274- MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2275- ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2276- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2277- ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2278- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2279- 2280- ECPublicKeyParameters ephemPubKey = null; 2281- if (mqvPrivKey.getEphemeralPublicKey() != null) 2282- { 2283- ephemPubKey = (ECPublicKeyParameters) 2284- ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2285- } 2286- 2287- MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2288- this.parameters = staticPrivKey.getParameters(); 2289- 2290- // TODO Validate that all the keys are using the same parameters? 2291- 2292- agreement.init(localParams); 2293- } 2294- else 2295+ // BEGIN android-removed 2296+ // if (agreement instanceof ECMQVBasicAgreement) 2297+ // { 2298+ // if (!(key instanceof MQVPrivateKey)) 2299+ // { 2300+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2301+ // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2302+ // } 2303+ // 2304+ // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2305+ // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2306+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2307+ // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2308+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2309+ // 2310+ // ECPublicKeyParameters ephemPubKey = null; 2311+ // if (mqvPrivKey.getEphemeralPublicKey() != null) 2312+ // { 2313+ // ephemPubKey = (ECPublicKeyParameters) 2314+ // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2315+ // } 2316+ // 2317+ // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2318+ // this.parameters = staticPrivKey.getParameters(); 2319+ // 2320+ // // TODO Validate that all the keys are using the same parameters? 2321+ // 2322+ // agreement.init(localParams); 2323+ // } 2324+ // else 2325+ // END android-removed 2326 { 2327 if (!(key instanceof PrivateKey)) 2328 { 2329@@ -323,39 +341,41 @@ 2330 } 2331 } 2332 2333- public static class DHC 2334- extends KeyAgreementSpi 2335- { 2336- public DHC() 2337- { 2338- super("ECDHC", new ECDHCBasicAgreement(), null); 2339- } 2340- } 2341- 2342- public static class MQV 2343- extends KeyAgreementSpi 2344- { 2345- public MQV() 2346- { 2347- super("ECMQV", new ECMQVBasicAgreement(), null); 2348- } 2349- } 2350- 2351- public static class DHwithSHA1KDF 2352- extends KeyAgreementSpi 2353- { 2354- public DHwithSHA1KDF() 2355- { 2356- super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2357- } 2358- } 2359- 2360- public static class MQVwithSHA1KDF 2361- extends KeyAgreementSpi 2362- { 2363- public MQVwithSHA1KDF() 2364- { 2365- super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2366- } 2367- } 2368+ // BEGIN android-removed 2369+ // public static class DHC 2370+ // extends KeyAgreementSpi 2371+ // { 2372+ // public DHC() 2373+ // { 2374+ // super("ECDHC", new ECDHCBasicAgreement(), null); 2375+ // } 2376+ // } 2377+ // 2378+ // public static class MQV 2379+ // extends KeyAgreementSpi 2380+ // { 2381+ // public MQV() 2382+ // { 2383+ // super("ECMQV", new ECMQVBasicAgreement(), null); 2384+ // } 2385+ // } 2386+ // 2387+ // public static class DHwithSHA1KDF 2388+ // extends KeyAgreementSpi 2389+ // { 2390+ // public DHwithSHA1KDF() 2391+ // { 2392+ // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2393+ // } 2394+ // } 2395+ // 2396+ // public static class MQVwithSHA1KDF 2397+ // extends KeyAgreementSpi 2398+ // { 2399+ // public MQVwithSHA1KDF() 2400+ // { 2401+ // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2402+ // } 2403+ // } 2404+ // END android-removed 2405 } 2406diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2407--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2015-03-01 12:03:02.000000000 +0000 2408+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-05-25 02:14:15.000000000 +0000 2409@@ -201,14 +201,16 @@ 2410 } 2411 } 2412 2413- public static class ECGOST3410 2414- extends KeyFactorySpi 2415- { 2416- public ECGOST3410() 2417- { 2418- super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2419- } 2420- } 2421+ // BEGIN android-removed 2422+ // public static class ECGOST3410 2423+ // extends KeyFactorySpi 2424+ // { 2425+ // public ECGOST3410() 2426+ // { 2427+ // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2428+ // } 2429+ // } 2430+ // END android-removed 2431 2432 public static class ECDH 2433 extends KeyFactorySpi 2434diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2435--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-03-01 12:03:02.000000000 +0000 2436+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-05-12 17:22:22.000000000 +0000 2437@@ -42,7 +42,9 @@ 2438 ECKeyGenerationParameters param; 2439 ECKeyPairGenerator engine = new ECKeyPairGenerator(); 2440 Object ecParams = null; 2441- int strength = 239; 2442+ // BEGIN android-changed 2443+ int strength = 256; 2444+ // BEGIN android-changed 2445 int certainty = 50; 2446 SecureRandom random = new SecureRandom(); 2447 boolean initialised = false; 2448@@ -84,7 +86,13 @@ 2449 SecureRandom random) 2450 { 2451 this.strength = strength; 2452+ // BEGIN android-added 2453+ if (random != null) { 2454+ // END android-added 2455 this.random = random; 2456+ // BEGIN android-added 2457+ } 2458+ // END android-added 2459 2460 ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); 2461 if (ecParams == null) 2462@@ -107,6 +115,11 @@ 2463 SecureRandom random) 2464 throws InvalidAlgorithmParameterException 2465 { 2466+ // BEGIN android-added 2467+ if (random == null) { 2468+ random = this.random; 2469+ } 2470+ // END android-added 2471 if (params == null) 2472 { 2473 ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); 2474@@ -267,4 +280,4 @@ 2475 super("ECMQV", BouncyCastleProvider.CONFIGURATION); 2476 } 2477 } 2478-} 2479\ No newline at end of file 2480+} 2481diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2482--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2015-03-01 12:03:02.000000000 +0000 2483+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2014-07-28 19:51:54.000000000 +0000 2484@@ -16,16 +16,23 @@ 2485 import org.bouncycastle.crypto.DSA; 2486 import org.bouncycastle.crypto.Digest; 2487 import org.bouncycastle.crypto.digests.NullDigest; 2488-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2489-import org.bouncycastle.crypto.digests.SHA1Digest; 2490-import org.bouncycastle.crypto.digests.SHA224Digest; 2491-import org.bouncycastle.crypto.digests.SHA256Digest; 2492-import org.bouncycastle.crypto.digests.SHA384Digest; 2493-import org.bouncycastle.crypto.digests.SHA512Digest; 2494+// BEGIN android-added 2495+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2496+// END android-added 2497+// BEGIN android-removed 2498+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2499+// import org.bouncycastle.crypto.digests.SHA1Digest; 2500+// import org.bouncycastle.crypto.digests.SHA224Digest; 2501+// import org.bouncycastle.crypto.digests.SHA256Digest; 2502+// import org.bouncycastle.crypto.digests.SHA384Digest; 2503+// import org.bouncycastle.crypto.digests.SHA512Digest; 2504+// END android-removed 2505 import org.bouncycastle.crypto.params.ParametersWithRandom; 2506 import org.bouncycastle.crypto.signers.ECDSASigner; 2507-import org.bouncycastle.crypto.signers.ECNRSigner; 2508-import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2509+// BEGIN android-removed 2510+// import org.bouncycastle.crypto.signers.ECNRSigner; 2511+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2512+// END android-removed 2513 import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; 2514 import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; 2515 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 2516@@ -70,18 +77,22 @@ 2517 { 2518 public ecDSA() 2519 { 2520- super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); 2521+ // BEGIN android-changed 2522+ super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); 2523+ // END android-changed 2524 } 2525 } 2526 2527- static public class ecDetDSA 2528- extends SignatureSpi 2529- { 2530- public ecDetDSA() 2531- { 2532- super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2533- } 2534- } 2535+ // BEGIN android-removed 2536+ // static public class ecDetDSA 2537+ // extends SignatureSpi 2538+ // { 2539+ // public ecDetDSA() 2540+ // { 2541+ // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2542+ // } 2543+ // } 2544+ // END android-removed 2545 2546 static public class ecDSAnone 2547 extends SignatureSpi 2548@@ -97,180 +108,196 @@ 2549 { 2550 public ecDSA224() 2551 { 2552- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2553+ // BEGIN android-changed 2554+ super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); 2555+ // END android-changed 2556 } 2557 } 2558 2559- static public class ecDetDSA224 2560- extends SignatureSpi 2561- { 2562- public ecDetDSA224() 2563- { 2564- super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2565- } 2566- } 2567+ // BEGIN android-removed 2568+ // static public class ecDetDSA224 2569+ // extends SignatureSpi 2570+ // { 2571+ // public ecDetDSA224() 2572+ // { 2573+ // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2574+ // } 2575+ // } 2576+ // END android-removed 2577 2578 static public class ecDSA256 2579 extends SignatureSpi 2580 { 2581 public ecDSA256() 2582 { 2583- super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); 2584+ // BEGIN android-changed 2585+ super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); 2586+ // END android-changed 2587 } 2588 } 2589 2590- static public class ecDetDSA256 2591- extends SignatureSpi 2592- { 2593- public ecDetDSA256() 2594- { 2595- super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2596- } 2597- } 2598+ // BEGIN android-removed 2599+ // static public class ecDetDSA256 2600+ // extends SignatureSpi 2601+ // { 2602+ // public ecDetDSA256() 2603+ // { 2604+ // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2605+ // } 2606+ // } 2607+ // END android-removed 2608 2609 static public class ecDSA384 2610 extends SignatureSpi 2611 { 2612 public ecDSA384() 2613 { 2614- super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); 2615+ // BEGIN android-changed 2616+ super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); 2617+ // END android-changed 2618 } 2619 } 2620 2621- static public class ecDetDSA384 2622- extends SignatureSpi 2623- { 2624- public ecDetDSA384() 2625- { 2626- super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2627- } 2628- } 2629+ // BEGIN android-removed 2630+ // static public class ecDetDSA384 2631+ // extends SignatureSpi 2632+ // { 2633+ // public ecDetDSA384() 2634+ // { 2635+ // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2636+ // } 2637+ // } 2638+ // END android-removed 2639 2640 static public class ecDSA512 2641 extends SignatureSpi 2642 { 2643 public ecDSA512() 2644 { 2645- super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); 2646- } 2647- } 2648- 2649- static public class ecDetDSA512 2650- extends SignatureSpi 2651- { 2652- public ecDetDSA512() 2653- { 2654- super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2655- } 2656- } 2657- 2658- static public class ecDSARipeMD160 2659- extends SignatureSpi 2660- { 2661- public ecDSARipeMD160() 2662- { 2663- super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2664- } 2665- } 2666- 2667- static public class ecNR 2668- extends SignatureSpi 2669- { 2670- public ecNR() 2671- { 2672- super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2673- } 2674- } 2675- 2676- static public class ecNR224 2677- extends SignatureSpi 2678- { 2679- public ecNR224() 2680- { 2681- super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2682- } 2683- } 2684- 2685- static public class ecNR256 2686- extends SignatureSpi 2687- { 2688- public ecNR256() 2689- { 2690- super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2691- } 2692- } 2693- 2694- static public class ecNR384 2695- extends SignatureSpi 2696- { 2697- public ecNR384() 2698- { 2699- super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2700- } 2701- } 2702- 2703- static public class ecNR512 2704- extends SignatureSpi 2705- { 2706- public ecNR512() 2707- { 2708- super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2709- } 2710- } 2711- 2712- static public class ecCVCDSA 2713- extends SignatureSpi 2714- { 2715- public ecCVCDSA() 2716- { 2717- super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2718- } 2719- } 2720- 2721- static public class ecCVCDSA224 2722- extends SignatureSpi 2723- { 2724- public ecCVCDSA224() 2725- { 2726- super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2727- } 2728- } 2729- 2730- static public class ecCVCDSA256 2731- extends SignatureSpi 2732- { 2733- public ecCVCDSA256() 2734- { 2735- super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2736- } 2737- } 2738- 2739- static public class ecCVCDSA384 2740- extends SignatureSpi 2741- { 2742- public ecCVCDSA384() 2743- { 2744- super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2745- } 2746- } 2747- 2748- static public class ecCVCDSA512 2749- extends SignatureSpi 2750- { 2751- public ecCVCDSA512() 2752- { 2753- super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2754- } 2755- } 2756- 2757- static public class ecPlainDSARP160 2758- extends SignatureSpi 2759- { 2760- public ecPlainDSARP160() 2761- { 2762- super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2763- } 2764- } 2765+ // BEGIN android-changed 2766+ super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); 2767+ // END android-changed 2768+ } 2769+ } 2770+ 2771+ // BEGIN android-removed 2772+ // static public class ecDetDSA512 2773+ // extends SignatureSpi 2774+ // { 2775+ // public ecDetDSA512() 2776+ // { 2777+ // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2778+ // } 2779+ // } 2780+ // 2781+ // static public class ecDSARipeMD160 2782+ // extends SignatureSpi 2783+ // { 2784+ // public ecDSARipeMD160() 2785+ // { 2786+ // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2787+ // } 2788+ // } 2789+ // 2790+ // static public class ecNR 2791+ // extends SignatureSpi 2792+ // { 2793+ // public ecNR() 2794+ // { 2795+ // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2796+ // } 2797+ // } 2798+ // 2799+ // static public class ecNR224 2800+ // extends SignatureSpi 2801+ // { 2802+ // public ecNR224() 2803+ // { 2804+ // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2805+ // } 2806+ // } 2807+ // 2808+ // static public class ecNR256 2809+ // extends SignatureSpi 2810+ // { 2811+ // public ecNR256() 2812+ // { 2813+ // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2814+ // } 2815+ // } 2816+ // 2817+ // static public class ecNR384 2818+ // extends SignatureSpi 2819+ // { 2820+ // public ecNR384() 2821+ // { 2822+ // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2823+ // } 2824+ // } 2825+ // 2826+ // static public class ecNR512 2827+ // extends SignatureSpi 2828+ // { 2829+ // public ecNR512() 2830+ // { 2831+ // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2832+ // } 2833+ // } 2834+ // 2835+ // static public class ecCVCDSA 2836+ // extends SignatureSpi 2837+ // { 2838+ // public ecCVCDSA() 2839+ // { 2840+ // super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2841+ // } 2842+ // } 2843+ // 2844+ // static public class ecCVCDSA224 2845+ // extends SignatureSpi 2846+ // { 2847+ // public ecCVCDSA224() 2848+ // { 2849+ // super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2850+ // } 2851+ // } 2852+ // 2853+ // static public class ecCVCDSA256 2854+ // extends SignatureSpi 2855+ // { 2856+ // public ecCVCDSA256() 2857+ // { 2858+ // super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2859+ // } 2860+ // } 2861+ // 2862+ // static public class ecCVCDSA384 2863+ // extends SignatureSpi 2864+ // { 2865+ // public ecCVCDSA384() 2866+ // { 2867+ // super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2868+ // } 2869+ // } 2870+ // 2871+ // static public class ecCVCDSA512 2872+ // extends SignatureSpi 2873+ // { 2874+ // public ecCVCDSA512() 2875+ // { 2876+ // super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2877+ // } 2878+ // } 2879+ // 2880+ // static public class ecPlainDSARP160 2881+ // extends SignatureSpi 2882+ // { 2883+ // public ecPlainDSARP160() 2884+ // { 2885+ // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2886+ // } 2887+ // } 2888+ // END android-removed 2889 2890 private static class StdDSAEncoder 2891 implements DSAEncoder 2892@@ -302,66 +329,68 @@ 2893 } 2894 } 2895 2896- private static class PlainDSAEncoder 2897- implements DSAEncoder 2898- { 2899- public byte[] encode( 2900- BigInteger r, 2901- BigInteger s) 2902- throws IOException 2903- { 2904- byte[] first = makeUnsigned(r); 2905- byte[] second = makeUnsigned(s); 2906- byte[] res; 2907- 2908- if (first.length > second.length) 2909- { 2910- res = new byte[first.length * 2]; 2911- } 2912- else 2913- { 2914- res = new byte[second.length * 2]; 2915- } 2916- 2917- System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); 2918- System.arraycopy(second, 0, res, res.length - second.length, second.length); 2919- 2920- return res; 2921- } 2922- 2923- 2924- private byte[] makeUnsigned(BigInteger val) 2925- { 2926- byte[] res = val.toByteArray(); 2927- 2928- if (res[0] == 0) 2929- { 2930- byte[] tmp = new byte[res.length - 1]; 2931- 2932- System.arraycopy(res, 1, tmp, 0, tmp.length); 2933- 2934- return tmp; 2935- } 2936- 2937- return res; 2938- } 2939- 2940- public BigInteger[] decode( 2941- byte[] encoding) 2942- throws IOException 2943- { 2944- BigInteger[] sig = new BigInteger[2]; 2945- 2946- byte[] first = new byte[encoding.length / 2]; 2947- byte[] second = new byte[encoding.length / 2]; 2948- 2949- System.arraycopy(encoding, 0, first, 0, first.length); 2950- System.arraycopy(encoding, first.length, second, 0, second.length); 2951- 2952- sig[0] = new BigInteger(1, first); 2953- sig[1] = new BigInteger(1, second); 2954- 2955- return sig; 2956- } 2957- } 2958-} 2959\ No newline at end of file 2960+ // BEGIN android-removed 2961+ // private static class PlainDSAEncoder 2962+ // implements DSAEncoder 2963+ // { 2964+ // public byte[] encode( 2965+ // BigInteger r, 2966+ // BigInteger s) 2967+ // throws IOException 2968+ // { 2969+ // byte[] first = makeUnsigned(r); 2970+ // byte[] second = makeUnsigned(s); 2971+ // byte[] res; 2972+ // 2973+ // if (first.length > second.length) 2974+ // { 2975+ // res = new byte[first.length * 2]; 2976+ // } 2977+ // else 2978+ // { 2979+ // res = new byte[second.length * 2]; 2980+ // } 2981+ // 2982+ // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); 2983+ // System.arraycopy(second, 0, res, res.length - second.length, second.length); 2984+ // 2985+ // return res; 2986+ // } 2987+ // 2988+ // 2989+ // private byte[] makeUnsigned(BigInteger val) 2990+ // { 2991+ // byte[] res = val.toByteArray(); 2992+ // 2993+ // if (res[0] == 0) 2994+ // { 2995+ // byte[] tmp = new byte[res.length - 1]; 2996+ // 2997+ // System.arraycopy(res, 1, tmp, 0, tmp.length); 2998+ // 2999+ // return tmp; 3000+ // } 3001+ // 3002+ // return res; 3003+ // } 3004+ // 3005+ // public BigInteger[] decode( 3006+ // byte[] encoding) 3007+ // throws IOException 3008+ // { 3009+ // BigInteger[] sig = new BigInteger[2]; 3010+ // 3011+ // byte[] first = new byte[encoding.length / 2]; 3012+ // byte[] second = new byte[encoding.length / 2]; 3013+ // 3014+ // System.arraycopy(encoding, 0, first, 0, first.length); 3015+ // System.arraycopy(encoding, first.length, second, 0, second.length); 3016+ // 3017+ // sig[0] = new BigInteger(1, first); 3018+ // sig[1] = new BigInteger(1, second); 3019+ // 3020+ // return sig; 3021+ // } 3022+ // } 3023+ // END android-removed 3024+} 3025diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 3026--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-03-01 12:03:02.000000000 +0000 3027+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-04-09 13:10:16.000000000 +0000 3028@@ -26,7 +26,9 @@ 3029 import org.bouncycastle.crypto.CipherParameters; 3030 import org.bouncycastle.crypto.Digest; 3031 import org.bouncycastle.crypto.InvalidCipherTextException; 3032-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 3033+// BEGIN android-removed 3034+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 3035+// END android-removed 3036 import org.bouncycastle.crypto.encodings.OAEPEncoding; 3037 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 3038 import org.bouncycastle.crypto.engines.RSABlindedEngine; 3039@@ -201,10 +203,12 @@ 3040 { 3041 cipher = new PKCS1Encoding(new RSABlindedEngine()); 3042 } 3043- else if (pad.equals("ISO9796-1PADDING")) 3044- { 3045- cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 3046- } 3047+ // BEGIN android-removed 3048+ // else if (pad.equals("ISO9796-1PADDING")) 3049+ // { 3050+ // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 3051+ // } 3052+ // END android-removed 3053 else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) 3054 { 3055 initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); 3056@@ -543,48 +547,50 @@ 3057 } 3058 } 3059 3060- static public class PKCS1v1_5Padding 3061- extends CipherSpi 3062- { 3063- public PKCS1v1_5Padding() 3064- { 3065- super(new PKCS1Encoding(new RSABlindedEngine())); 3066- } 3067- } 3068- 3069- static public class PKCS1v1_5Padding_PrivateOnly 3070- extends CipherSpi 3071- { 3072- public PKCS1v1_5Padding_PrivateOnly() 3073- { 3074- super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 3075- } 3076- } 3077- 3078- static public class PKCS1v1_5Padding_PublicOnly 3079- extends CipherSpi 3080- { 3081- public PKCS1v1_5Padding_PublicOnly() 3082- { 3083- super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3084- } 3085- } 3086- 3087- static public class OAEPPadding 3088- extends CipherSpi 3089- { 3090- public OAEPPadding() 3091- { 3092- super(OAEPParameterSpec.DEFAULT); 3093- } 3094- } 3095- 3096- static public class ISO9796d1Padding 3097- extends CipherSpi 3098- { 3099- public ISO9796d1Padding() 3100- { 3101- super(new ISO9796d1Encoding(new RSABlindedEngine())); 3102- } 3103- } 3104+ // BEGIN android-removed 3105+ // static public class PKCS1v1_5Padding 3106+ // extends CipherSpi 3107+ // { 3108+ // public PKCS1v1_5Padding() 3109+ // { 3110+ // super(new PKCS1Encoding(new RSABlindedEngine())); 3111+ // } 3112+ // } 3113+ // 3114+ // static public class PKCS1v1_5Padding_PrivateOnly 3115+ // extends CipherSpi 3116+ // { 3117+ // public PKCS1v1_5Padding_PrivateOnly() 3118+ // { 3119+ // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 3120+ // } 3121+ // } 3122+ // 3123+ // static public class PKCS1v1_5Padding_PublicOnly 3124+ // extends CipherSpi 3125+ // { 3126+ // public PKCS1v1_5Padding_PublicOnly() 3127+ // { 3128+ // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3129+ // } 3130+ // } 3131+ // 3132+ // static public class OAEPPadding 3133+ // extends CipherSpi 3134+ // { 3135+ // public OAEPPadding() 3136+ // { 3137+ // super(OAEPParameterSpec.DEFAULT); 3138+ // } 3139+ // } 3140+ // 3141+ // static public class ISO9796d1Padding 3142+ // extends CipherSpi 3143+ // { 3144+ // public ISO9796d1Padding() 3145+ // { 3146+ // super(new ISO9796d1Encoding(new RSABlindedEngine())); 3147+ // } 3148+ // } 3149+ // END android-removed 3150 } 3151diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 3152--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-03-01 12:03:02.000000000 +0000 3153+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-04-09 13:10:16.000000000 +0000 3154@@ -17,24 +17,31 @@ 3155 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3156 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3157 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3158-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3159+// BEGIN android-removed 3160+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3161+// END android-removed 3162 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3163 import org.bouncycastle.asn1.x509.DigestInfo; 3164 import org.bouncycastle.crypto.AsymmetricBlockCipher; 3165 import org.bouncycastle.crypto.CipherParameters; 3166 import org.bouncycastle.crypto.Digest; 3167-import org.bouncycastle.crypto.digests.MD2Digest; 3168-import org.bouncycastle.crypto.digests.MD4Digest; 3169-import org.bouncycastle.crypto.digests.MD5Digest; 3170-import org.bouncycastle.crypto.digests.NullDigest; 3171-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3172-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3173-import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3174-import org.bouncycastle.crypto.digests.SHA1Digest; 3175-import org.bouncycastle.crypto.digests.SHA224Digest; 3176-import org.bouncycastle.crypto.digests.SHA256Digest; 3177-import org.bouncycastle.crypto.digests.SHA384Digest; 3178-import org.bouncycastle.crypto.digests.SHA512Digest; 3179+// BEGIN android-removed 3180+// import org.bouncycastle.crypto.digests.MD2Digest; 3181+// import org.bouncycastle.crypto.digests.MD4Digest; 3182+// import org.bouncycastle.crypto.digests.MD5Digest; 3183+// import org.bouncycastle.crypto.digests.NullDigest; 3184+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3185+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3186+// import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3187+// import org.bouncycastle.crypto.digests.SHA1Digest; 3188+// import org.bouncycastle.crypto.digests.SHA224Digest; 3189+// import org.bouncycastle.crypto.digests.SHA256Digest; 3190+// import org.bouncycastle.crypto.digests.SHA384Digest; 3191+// import org.bouncycastle.crypto.digests.SHA512Digest; 3192+// END android-removed 3193+// BEGIN android-added 3194+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 3195+// END android-added 3196 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 3197 import org.bouncycastle.crypto.engines.RSABlindedEngine; 3198 import org.bouncycastle.util.Arrays; 3199@@ -254,7 +261,9 @@ 3200 { 3201 public SHA1() 3202 { 3203- super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3204+ // BEGIN android-changed 3205+ super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); 3206+ // END android-changed 3207 } 3208 } 3209 3210@@ -263,7 +272,9 @@ 3211 { 3212 public SHA224() 3213 { 3214- super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3215+ // BEGIN android-changed 3216+ super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); 3217+ // END android-changed 3218 } 3219 } 3220 3221@@ -272,7 +283,9 @@ 3222 { 3223 public SHA256() 3224 { 3225- super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3226+ // BEGIN android-changed 3227+ super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); 3228+ // END android-changed 3229 } 3230 } 3231 3232@@ -281,7 +294,9 @@ 3233 { 3234 public SHA384() 3235 { 3236- super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3237+ // BEGIN android-changed 3238+ super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); 3239+ // END android-changed 3240 } 3241 } 3242 3243@@ -290,70 +305,78 @@ 3244 { 3245 public SHA512() 3246 { 3247- super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3248+ // BEGIN android-changed 3249+ super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); 3250+ // END android-changed 3251 } 3252 } 3253 3254- static public class MD2 3255- extends DigestSignatureSpi 3256- { 3257- public MD2() 3258- { 3259- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3260- } 3261- } 3262- 3263- static public class MD4 3264- extends DigestSignatureSpi 3265- { 3266- public MD4() 3267- { 3268- super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3269- } 3270- } 3271+ // BEGIN android-removed 3272+ // static public class MD2 3273+ // extends DigestSignatureSpi 3274+ // { 3275+ // public MD2() 3276+ // { 3277+ // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3278+ // } 3279+ // } 3280+ // 3281+ // static public class MD4 3282+ // extends DigestSignatureSpi 3283+ // { 3284+ // public MD4() 3285+ // { 3286+ // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3287+ // } 3288+ // } 3289+ // END android-removed 3290 3291 static public class MD5 3292 extends DigestSignatureSpi 3293 { 3294 public MD5() 3295 { 3296- super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3297- } 3298- } 3299- 3300- static public class RIPEMD160 3301- extends DigestSignatureSpi 3302- { 3303- public RIPEMD160() 3304- { 3305- super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3306+ // BEGIN android-changed 3307+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); 3308+ // END android-changed 3309 } 3310 } 3311 3312- static public class RIPEMD128 3313- extends DigestSignatureSpi 3314- { 3315- public RIPEMD128() 3316- { 3317- super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3318- } 3319- } 3320- 3321- static public class RIPEMD256 3322- extends DigestSignatureSpi 3323- { 3324- public RIPEMD256() 3325- { 3326- super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3327- } 3328- } 3329- 3330- static public class noneRSA 3331- extends DigestSignatureSpi 3332- { 3333- public noneRSA() 3334- { 3335- super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3336- } 3337- } 3338+ // BEGIN android-removed 3339+ // static public class RIPEMD160 3340+ // extends DigestSignatureSpi 3341+ // { 3342+ // public RIPEMD160() 3343+ // { 3344+ // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3345+ // } 3346+ // } 3347+ // 3348+ // static public class RIPEMD128 3349+ // extends DigestSignatureSpi 3350+ // { 3351+ // public RIPEMD128() 3352+ // { 3353+ // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3354+ // } 3355+ // } 3356+ // 3357+ // static public class RIPEMD256 3358+ // extends DigestSignatureSpi 3359+ // { 3360+ // public RIPEMD256() 3361+ // { 3362+ // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3363+ // } 3364+ // } 3365+ // 3366+ // static public class noneRSA 3367+ // extends DigestSignatureSpi 3368+ // { 3369+ // public noneRSA() 3370+ // { 3371+ // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3372+ // } 3373+ // } 3374+ // END android-removed 3375 } 3376diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 3377--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-03-01 12:03:02.000000000 +0000 3378+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-04-09 13:10:16.000000000 +0000 3379@@ -18,8 +18,10 @@ 3380 import javax.crypto.NoSuchPaddingException; 3381 import javax.crypto.spec.IvParameterSpec; 3382 import javax.crypto.spec.PBEParameterSpec; 3383-import javax.crypto.spec.RC2ParameterSpec; 3384-import javax.crypto.spec.RC5ParameterSpec; 3385+// BEGIN android-removed 3386+// import javax.crypto.spec.RC2ParameterSpec; 3387+// import javax.crypto.spec.RC5ParameterSpec; 3388+// END android-removed 3389 import javax.crypto.spec.SecretKeySpec; 3390 3391 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3392@@ -39,8 +41,10 @@ 3393 { 3394 IvParameterSpec.class, 3395 PBEParameterSpec.class, 3396- RC2ParameterSpec.class, 3397- RC5ParameterSpec.class 3398+ // BEGIN android-removed 3399+ // RC2ParameterSpec.class, 3400+ // RC5ParameterSpec.class 3401+ // END android-removed 3402 }; 3403 3404 private final JcaJceHelper helper = new BCJcaJceHelper(); 3405diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 3406--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-03-01 12:03:02.000000000 +0000 3407+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-04-09 13:10:16.000000000 +0000 3408@@ -6,11 +6,15 @@ 3409 import java.security.PublicKey; 3410 3411 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 3412-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3413+// BEGIN android-removed 3414+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3415+// END android-removed 3416 import org.bouncycastle.asn1.nist.NISTNamedCurves; 3417 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3418 import org.bouncycastle.asn1.sec.SECNamedCurves; 3419-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3420+// BEGIN android-removed 3421+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3422+// END android-removed 3423 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 3424 import org.bouncycastle.asn1.x9.X962NamedCurves; 3425 import org.bouncycastle.asn1.x9.X962Parameters; 3426@@ -247,14 +251,16 @@ 3427 { 3428 oid = NISTNamedCurves.getOID(name); 3429 } 3430- if (oid == null) 3431- { 3432- oid = TeleTrusTNamedCurves.getOID(name); 3433- } 3434- if (oid == null) 3435- { 3436- oid = ECGOST3410NamedCurves.getOID(name); 3437- } 3438+ // BEGIN android-removed 3439+ // if (oid == null) 3440+ // { 3441+ // oid = TeleTrusTNamedCurves.getOID(name); 3442+ // } 3443+ // if (oid == null) 3444+ // { 3445+ // oid = ECGOST3410NamedCurves.getOID(name); 3446+ // } 3447+ // END android-removed 3448 } 3449 3450 return oid; 3451@@ -276,10 +282,12 @@ 3452 { 3453 params = NISTNamedCurves.getByOID(oid); 3454 } 3455- if (params == null) 3456- { 3457- params = TeleTrusTNamedCurves.getByOID(oid); 3458- } 3459+ // BEGIN android-removed 3460+ // if (params == null) 3461+ // { 3462+ // params = TeleTrusTNamedCurves.getByOID(oid); 3463+ // } 3464+ // END android-removed 3465 } 3466 3467 return params; 3468@@ -297,14 +305,16 @@ 3469 { 3470 name = NISTNamedCurves.getName(oid); 3471 } 3472- if (name == null) 3473- { 3474- name = TeleTrusTNamedCurves.getName(oid); 3475- } 3476- if (name == null) 3477- { 3478- name = ECGOST3410NamedCurves.getName(oid); 3479- } 3480+ // BEGIN android-removed 3481+ // if (name == null) 3482+ // { 3483+ // name = TeleTrusTNamedCurves.getName(oid); 3484+ // } 3485+ // if (name == null) 3486+ // { 3487+ // name = ECGOST3410NamedCurves.getName(oid); 3488+ // } 3489+ // END android-removed 3490 } 3491 3492 return name; 3493diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 3494--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-03-01 12:03:02.000000000 +0000 3495+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-04-09 13:10:16.000000000 +0000 3496@@ -37,7 +37,9 @@ 3497 import org.bouncycastle.jcajce.util.BCJcaJceHelper; 3498 import org.bouncycastle.jcajce.util.JcaJceHelper; 3499 import org.bouncycastle.util.io.pem.PemObject; 3500-import org.bouncycastle.util.io.pem.PemWriter; 3501+// BEGIN android-removed 3502+// import org.bouncycastle.util.io.pem.PemWriter; 3503+// END android-removed 3504 3505 /** 3506 * CertPath implementation for X.509 certificates. 3507@@ -54,7 +56,9 @@ 3508 { 3509 List encodings = new ArrayList(); 3510 encodings.add("PkiPath"); 3511- encodings.add("PEM"); 3512+ // BEGIN android-removed 3513+ // encodings.add("PEM"); 3514+ // END android-removed 3515 encodings.add("PKCS7"); 3516 certPathEncodings = Collections.unmodifiableList(encodings); 3517 } 3518@@ -301,27 +305,29 @@ 3519 return toDEREncoded(new ContentInfo( 3520 PKCSObjectIdentifiers.signedData, sd)); 3521 } 3522- else if (encoding.equalsIgnoreCase("PEM")) 3523- { 3524- ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3525- PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3526- 3527- try 3528- { 3529- for (int i = 0; i != certificates.size(); i++) 3530- { 3531- pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3532- } 3533- 3534- pWrt.close(); 3535- } 3536- catch (Exception e) 3537- { 3538- throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3539- } 3540- 3541- return bOut.toByteArray(); 3542- } 3543+ // BEGIN android-removed 3544+ // else if (encoding.equalsIgnoreCase("PEM")) 3545+ // { 3546+ // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3547+ // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3548+ // 3549+ // try 3550+ // { 3551+ // for (int i = 0; i != certificates.size(); i++) 3552+ // { 3553+ // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3554+ // } 3555+ // 3556+ // pWrt.close(); 3557+ // } 3558+ // catch (Exception e) 3559+ // { 3560+ // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3561+ // } 3562+ // 3563+ // return bOut.toByteArray(); 3564+ // } 3565+ // END android-removed 3566 else 3567 { 3568 throw new CertificateEncodingException("unsupported encoding: " + encoding); 3569diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 3570--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000 3571+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-04-09 13:10:16.000000000 +0000 3572@@ -55,6 +55,9 @@ 3573 import org.bouncycastle.asn1.x509.Extensions; 3574 import org.bouncycastle.asn1.x509.GeneralName; 3575 import org.bouncycastle.asn1.x509.KeyUsage; 3576+// BEGIN android-added 3577+import org.bouncycastle.asn1.x509.X509Name; 3578+// END android-added 3579 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 3580 import org.bouncycastle.jce.X509Principal; 3581 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 3582@@ -534,12 +537,20 @@ 3583 } 3584 } 3585 3586+ // BEGIN android-changed 3587+ private byte[] encoded; 3588+ // END android-changed 3589 public byte[] getEncoded() 3590 throws CertificateEncodingException 3591 { 3592 try 3593 { 3594- return c.getEncoded(ASN1Encoding.DER); 3595+ // BEGIN android-changed 3596+ if (encoded == null) { 3597+ encoded = c.getEncoded(ASN1Encoding.DER); 3598+ } 3599+ return encoded; 3600+ // END android-changed 3601 } 3602 catch (IOException e) 3603 { 3604@@ -839,7 +850,9 @@ 3605 list.add(genName.getEncoded()); 3606 break; 3607 case GeneralName.directoryName: 3608- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 3609+ // BEGIN android-changed 3610+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 3611+ // END android-changed 3612 break; 3613 case GeneralName.dNSName: 3614 case GeneralName.rfc822Name: 3615diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 3616--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000 3617+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-04-09 13:10:16.000000000 +0000 3618@@ -16,12 +16,16 @@ 3619 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 3620 import org.bouncycastle.asn1.ASN1Sequence; 3621 import org.bouncycastle.asn1.DERNull; 3622-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3623+// BEGIN android-removed 3624+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3625+// END android-removed 3626 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3627 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3628 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3629 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 3630-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3631+// BEGIN android-removed 3632+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3633+// END android-removed 3634 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3635 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 3636 import org.bouncycastle.jce.provider.BouncyCastleProvider; 3637@@ -143,22 +147,24 @@ 3638 { 3639 return "SHA512"; 3640 } 3641- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3642- { 3643- return "RIPEMD128"; 3644- } 3645- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3646- { 3647- return "RIPEMD160"; 3648- } 3649- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3650- { 3651- return "RIPEMD256"; 3652- } 3653- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3654- { 3655- return "GOST3411"; 3656- } 3657+ // BEGIN android-removed 3658+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3659+ // { 3660+ // return "RIPEMD128"; 3661+ // } 3662+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3663+ // { 3664+ // return "RIPEMD160"; 3665+ // } 3666+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3667+ // { 3668+ // return "RIPEMD256"; 3669+ // } 3670+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3671+ // { 3672+ // return "GOST3411"; 3673+ // } 3674+ // END android-removed 3675 else 3676 { 3677 return digestAlgOID.getId(); 3678diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 3679--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java 2015-03-01 12:03:02.000000000 +0000 3680+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 2013-05-25 02:14:15.000000000 +0000 3681@@ -45,17 +45,19 @@ 3682 } 3683 } 3684 3685- /** 3686- * PBEWithHmacSHA 3687- */ 3688- public static class PBEWithMacKeyFactory 3689- extends PBESecretKeyFactory 3690- { 3691- public PBEWithMacKeyFactory() 3692- { 3693- super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3694- } 3695- } 3696+ // BEGIN android-removed 3697+ // /** 3698+ // * PBEWithHmacSHA 3699+ // */ 3700+ // public static class PBEWithMacKeyFactory 3701+ // extends PBESecretKeyFactory 3702+ // { 3703+ // public PBEWithMacKeyFactory() 3704+ // { 3705+ // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3706+ // } 3707+ // } 3708+ // END android-removed 3709 3710 /** 3711 * HMACSHA256 3712@@ -84,9 +86,11 @@ 3713 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256"); 3714 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); 3715 3716- provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3717- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3718- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3719+ // BEGIN android-removed 3720+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3721+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3722+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3723+ // END android-removed 3724 3725 addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3726 addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256); 3727diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 3728--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java 2015-03-01 12:03:02.000000000 +0000 3729+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 2013-05-25 02:14:15.000000000 +0000 3730@@ -5,7 +5,9 @@ 3731 import org.bouncycastle.crypto.CipherKeyGenerator; 3732 import org.bouncycastle.crypto.digests.SHA384Digest; 3733 import org.bouncycastle.crypto.macs.HMac; 3734-import org.bouncycastle.crypto.macs.OldHMac; 3735+// BEGIN android-removed 3736+// import org.bouncycastle.crypto.macs.OldHMac; 3737+// END android-removed 3738 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3739 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3740 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3741@@ -57,14 +59,16 @@ 3742 } 3743 } 3744 3745- public static class OldSHA384 3746- extends BaseMac 3747- { 3748- public OldSHA384() 3749- { 3750- super(new OldHMac(new SHA384Digest())); 3751- } 3752- } 3753+ // BEGIN android-removed 3754+ // public static class OldSHA384 3755+ // extends BaseMac 3756+ // { 3757+ // public OldSHA384() 3758+ // { 3759+ // super(new OldHMac(new SHA384Digest())); 3760+ // } 3761+ // } 3762+ // END android-removed 3763 3764 public static class Mappings 3765 extends DigestAlgorithmProvider 3766@@ -80,7 +84,9 @@ 3767 provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest"); 3768 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384"); 3769 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384"); 3770- provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3771+ // BEGIN android-removed 3772+ // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3773+ // END android-removed 3774 3775 addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3776 addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384); 3777diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 3778--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java 2015-03-01 12:03:02.000000000 +0000 3779+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 2013-05-25 02:14:15.000000000 +0000 3780@@ -4,9 +4,13 @@ 3781 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3782 import org.bouncycastle.crypto.CipherKeyGenerator; 3783 import org.bouncycastle.crypto.digests.SHA512Digest; 3784-import org.bouncycastle.crypto.digests.SHA512tDigest; 3785+// BEGIN android-removed 3786+// import org.bouncycastle.crypto.digests.SHA512tDigest; 3787+// END android-removed 3788 import org.bouncycastle.crypto.macs.HMac; 3789-import org.bouncycastle.crypto.macs.OldHMac; 3790+// BEGIN android-removed 3791+// import org.bouncycastle.crypto.macs.OldHMac; 3792+// END android-removed 3793 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3794 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3795 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3796@@ -37,42 +41,44 @@ 3797 } 3798 } 3799 3800- static public class DigestT 3801- extends BCMessageDigest 3802- implements Cloneable 3803- { 3804- public DigestT(int bitLength) 3805- { 3806- super(new SHA512tDigest(bitLength)); 3807- } 3808- 3809- public Object clone() 3810- throws CloneNotSupportedException 3811- { 3812- DigestT d = (DigestT)super.clone(); 3813- d.digest = new SHA512tDigest((SHA512tDigest)digest); 3814- 3815- return d; 3816- } 3817- } 3818- 3819- static public class DigestT224 3820- extends DigestT 3821- { 3822- public DigestT224() 3823- { 3824- super(224); 3825- } 3826- } 3827- 3828- static public class DigestT256 3829- extends DigestT 3830- { 3831- public DigestT256() 3832- { 3833- super(256); 3834- } 3835- } 3836+ // BEGIN android-removed 3837+ // static public class DigestT 3838+ // extends BCMessageDigest 3839+ // implements Cloneable 3840+ // { 3841+ // public DigestT(int bitLength) 3842+ // { 3843+ // super(new SHA512tDigest(bitLength)); 3844+ // } 3845+ // 3846+ // public Object clone() 3847+ // throws CloneNotSupportedException 3848+ // { 3849+ // DigestT d = (DigestT)super.clone(); 3850+ // d.digest = new SHA512tDigest((SHA512tDigest)digest); 3851+ // 3852+ // return d; 3853+ // } 3854+ // } 3855+ // 3856+ // static public class DigestT224 3857+ // extends DigestT 3858+ // { 3859+ // public DigestT224() 3860+ // { 3861+ // super(224); 3862+ // } 3863+ // } 3864+ // 3865+ // static public class DigestT256 3866+ // extends DigestT 3867+ // { 3868+ // public DigestT256() 3869+ // { 3870+ // super(256); 3871+ // } 3872+ // } 3873+ // END android-removed 3874 3875 public static class HashMac 3876 extends BaseMac 3877@@ -83,35 +89,37 @@ 3878 } 3879 } 3880 3881- public static class HashMacT224 3882- extends BaseMac 3883- { 3884- public HashMacT224() 3885- { 3886- super(new HMac(new SHA512tDigest(224))); 3887- } 3888- } 3889- 3890- public static class HashMacT256 3891- extends BaseMac 3892- { 3893- public HashMacT256() 3894- { 3895- super(new HMac(new SHA512tDigest(256))); 3896- } 3897- } 3898- 3899- /** 3900- * SHA-512 HMac 3901- */ 3902- public static class OldSHA512 3903- extends BaseMac 3904- { 3905- public OldSHA512() 3906- { 3907- super(new OldHMac(new SHA512Digest())); 3908- } 3909- } 3910+ // BEGIN android-removed 3911+ // public static class HashMacT224 3912+ // extends BaseMac 3913+ // { 3914+ // public HashMacT224() 3915+ // { 3916+ // super(new HMac(new SHA512tDigest(224))); 3917+ // } 3918+ // } 3919+ // 3920+ // public static class HashMacT256 3921+ // extends BaseMac 3922+ // { 3923+ // public HashMacT256() 3924+ // { 3925+ // super(new HMac(new SHA512tDigest(256))); 3926+ // } 3927+ // } 3928+ // 3929+ // /** 3930+ // * SHA-512 HMac 3931+ // */ 3932+ // public static class OldSHA512 3933+ // extends BaseMac 3934+ // { 3935+ // public OldSHA512() 3936+ // { 3937+ // super(new OldHMac(new SHA512Digest())); 3938+ // } 3939+ // } 3940+ // END android-removed 3941 3942 /** 3943 * HMACSHA512 3944@@ -125,23 +133,25 @@ 3945 } 3946 } 3947 3948- public static class KeyGeneratorT224 3949- extends BaseKeyGenerator 3950- { 3951- public KeyGeneratorT224() 3952- { 3953- super("HMACSHA512/224", 224, new CipherKeyGenerator()); 3954- } 3955- } 3956- 3957- public static class KeyGeneratorT256 3958- extends BaseKeyGenerator 3959- { 3960- public KeyGeneratorT256() 3961- { 3962- super("HMACSHA512/256", 256, new CipherKeyGenerator()); 3963- } 3964- } 3965+ // BEGIN android-removed 3966+ // public static class KeyGeneratorT224 3967+ // extends BaseKeyGenerator 3968+ // { 3969+ // public KeyGeneratorT224() 3970+ // { 3971+ // super("HMACSHA512/224", 224, new CipherKeyGenerator()); 3972+ // } 3973+ // } 3974+ // 3975+ // public static class KeyGeneratorT256 3976+ // extends BaseKeyGenerator 3977+ // { 3978+ // public KeyGeneratorT256() 3979+ // { 3980+ // super("HMACSHA512/256", 256, new CipherKeyGenerator()); 3981+ // } 3982+ // } 3983+ // END android-removed 3984 3985 public static class Mappings 3986 extends DigestAlgorithmProvider 3987@@ -158,21 +168,25 @@ 3988 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512"); 3989 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); 3990 3991- provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 3992- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 3993- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 3994- 3995- provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 3996- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 3997- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 3998- 3999- provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 4000+ // BEGIN android-removed 4001+ // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 4002+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 4003+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 4004+ // 4005+ // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 4006+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 4007+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 4008+ // 4009+ // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 4010+ // END android-removed 4011 4012 addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 4013 addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); 4014 4015- addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 4016- addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 4017+ // BEGIN android-removed 4018+ // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 4019+ // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 4020+ // END android-removed 4021 } 4022 } 4023 4024diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 4025--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java 2015-03-01 12:03:02.000000000 +0000 4026+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 2013-05-25 02:14:15.000000000 +0000 4027@@ -17,7 +17,9 @@ 4028 public void configure(ConfigurableProvider provider) 4029 { 4030 provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std"); 4031- provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 4032+ // BEGIN android-removed 4033+ // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 4034+ // END android-removed 4035 provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore"); 4036 provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle"); 4037 provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); 4038diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 4039--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2015-03-01 12:03:02.000000000 +0000 4040+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2013-05-25 02:14:15.000000000 +0000 4041@@ -17,14 +17,16 @@ 4042 public void configure(ConfigurableProvider provider) 4043 { 4044 provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4045- provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4046- provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4047- 4048- provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4049- provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 4050- 4051- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4052- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 4053+ // BEGIN android-removed 4054+ // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4055+ // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4056+ // 4057+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4058+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 4059+ // 4060+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4061+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 4062+ // END android-removed 4063 } 4064 } 4065 } 4066diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 4067--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-03-01 12:03:02.000000000 +0000 4068+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-04-09 13:10:16.000000000 +0000 4069@@ -62,8 +62,10 @@ 4070 import org.bouncycastle.asn1.DEROutputStream; 4071 import org.bouncycastle.asn1.DERSequence; 4072 import org.bouncycastle.asn1.DERSet; 4073-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 4074-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 4075+// BEGIN android-removed 4076+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 4077+// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 4078+// END android-removed 4079 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 4080 import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; 4081 import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; 4082@@ -89,7 +91,9 @@ 4083 import org.bouncycastle.crypto.digests.SHA1Digest; 4084 import org.bouncycastle.jcajce.PKCS12StoreParameter; 4085 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; 4086-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 4087+// BEGIN android-removed 4088+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 4089+// END android-removed 4090 import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; 4091 import org.bouncycastle.jcajce.util.BCJcaJceHelper; 4092 import org.bouncycastle.jcajce.util.JcaJceHelper; 4093@@ -753,13 +757,15 @@ 4094 { 4095 cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets())); 4096 } 4097- else 4098- { 4099- // TODO: at the moment it's just GOST, but... 4100- GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 4101- 4102- cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 4103- } 4104+ // BEGIN android-removed 4105+ // else 4106+ // { 4107+ // // TODO: at the moment it's just GOST, but... 4108+ // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 4109+ // 4110+ // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 4111+ // } 4112+ // END android-removed 4113 return cipher; 4114 } 4115 4116@@ -1680,33 +1686,34 @@ 4117 super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4118 } 4119 } 4120- 4121- public static class BCPKCS12KeyStore3DES 4122- extends PKCS12KeyStoreSpi 4123- { 4124- public BCPKCS12KeyStore3DES() 4125- { 4126- super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4127- } 4128- } 4129- 4130- public static class DefPKCS12KeyStore 4131- extends PKCS12KeyStoreSpi 4132- { 4133- public DefPKCS12KeyStore() 4134- { 4135- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4136- } 4137- } 4138- 4139- public static class DefPKCS12KeyStore3DES 4140- extends PKCS12KeyStoreSpi 4141- { 4142- public DefPKCS12KeyStore3DES() 4143- { 4144- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4145- } 4146- } 4147+ // BEGIN android-removed 4148+ // public static class BCPKCS12KeyStore3DES 4149+ // extends PKCS12KeyStoreSpi 4150+ // { 4151+ // public BCPKCS12KeyStore3DES() 4152+ // { 4153+ // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4154+ // } 4155+ // } 4156+ // 4157+ // public static class DefPKCS12KeyStore 4158+ // extends PKCS12KeyStoreSpi 4159+ // { 4160+ // public DefPKCS12KeyStore() 4161+ // { 4162+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4163+ // } 4164+ // } 4165+ // 4166+ // public static class DefPKCS12KeyStore3DES 4167+ // extends PKCS12KeyStoreSpi 4168+ // { 4169+ // public DefPKCS12KeyStore3DES() 4170+ // { 4171+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4172+ // } 4173+ // } 4174+ // END android-removed 4175 4176 private static class IgnoresCaseHashtable 4177 { 4178@@ -1779,7 +1786,9 @@ 4179 keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192)); 4180 keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256)); 4181 4182- keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 4183+ // BEGIN android-removed 4184+ // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 4185+ // END android-removed 4186 4187 KEY_SIZES = Collections.unmodifiableMap(keySizes); 4188 } 4189diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 4190--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-03-01 12:03:02.000000000 +0000 4191+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-07-22 00:42:46.000000000 +0000 4192@@ -3,16 +3,28 @@ 4193 import java.io.IOException; 4194 import java.lang.reflect.Constructor; 4195 import java.lang.reflect.Method; 4196-import java.security.AlgorithmParameters; 4197-import java.security.InvalidAlgorithmParameterException; 4198+// BEGIN android-added 4199+import java.security.NoSuchAlgorithmException; 4200+// END android-added 4201+// BEGIN android-removed 4202+// import java.security.AlgorithmParameters; 4203+// import java.security.InvalidAlgorithmParameterException; 4204+// END android-removed 4205 import java.security.SecureRandom; 4206 import java.security.spec.AlgorithmParameterSpec; 4207 import java.security.spec.InvalidParameterSpecException; 4208 4209-import javax.crypto.spec.IvParameterSpec; 4210- 4211+// BEGIN android-removed 4212+// import javax.crypto.spec.IvParameterSpec; 4213+// END android-removed 4214+ 4215+// BEGIN android-added 4216+import javax.crypto.NoSuchPaddingException; 4217+// END android-added 4218 import org.bouncycastle.asn1.bc.BCObjectIdentifiers; 4219-import org.bouncycastle.asn1.cms.CCMParameters; 4220+// BEGIN android-removed 4221+// import org.bouncycastle.asn1.cms.CCMParameters; 4222+// END android-removed 4223 import org.bouncycastle.asn1.cms.GCMParameters; 4224 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 4225 import org.bouncycastle.crypto.BlockCipher; 4226@@ -20,22 +32,30 @@ 4227 import org.bouncycastle.crypto.CipherKeyGenerator; 4228 import org.bouncycastle.crypto.engines.AESFastEngine; 4229 import org.bouncycastle.crypto.engines.AESWrapEngine; 4230-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4231-import org.bouncycastle.crypto.engines.RFC5649WrapEngine; 4232-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 4233-import org.bouncycastle.crypto.macs.CMac; 4234-import org.bouncycastle.crypto.macs.GMac; 4235+// BEGIN android-removed 4236+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4237+// import org.bouncycastle.crypto.engines.RFC5649WrapEngine; 4238+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 4239+// import org.bouncycastle.crypto.macs.CMac; 4240+// import org.bouncycastle.crypto.macs.GMac; 4241+// END android-removed 4242 import org.bouncycastle.crypto.modes.CBCBlockCipher; 4243-import org.bouncycastle.crypto.modes.CCMBlockCipher; 4244+// BEGIN android-removed 4245+// import org.bouncycastle.crypto.modes.CCMBlockCipher; 4246+// END android-removed 4247 import org.bouncycastle.crypto.modes.CFBBlockCipher; 4248 import org.bouncycastle.crypto.modes.GCMBlockCipher; 4249 import org.bouncycastle.crypto.modes.OFBBlockCipher; 4250 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 4251-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4252+// BEGIN android-removed 4253+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4254+// END android-removed 4255 import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 4256 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 4257 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 4258-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4259+// BEGIN android-removed 4260+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4261+// END android-removed 4262 import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 4263 import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 4264 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 4265@@ -98,53 +118,64 @@ 4266 public GCM() 4267 { 4268 super(new GCMBlockCipher(new AESFastEngine())); 4269+ // BEGIN android-added 4270+ try { 4271+ engineSetMode("GCM"); 4272+ engineSetPadding("NoPadding"); 4273+ } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { 4274+ // this should not be possible 4275+ throw new RuntimeException("Could not set mode or padding for GCM mode", e); 4276+ } 4277+ // END android-added 4278 } 4279 } 4280 4281- static public class CCM 4282- extends BaseBlockCipher 4283- { 4284- public CCM() 4285- { 4286- super(new CCMBlockCipher(new AESFastEngine())); 4287- } 4288- } 4289- 4290- public static class AESCMAC 4291- extends BaseMac 4292- { 4293- public AESCMAC() 4294- { 4295- super(new CMac(new AESFastEngine())); 4296- } 4297- } 4298- 4299- public static class AESGMAC 4300- extends BaseMac 4301- { 4302- public AESGMAC() 4303- { 4304- super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 4305- } 4306- } 4307- 4308- public static class Poly1305 4309- extends BaseMac 4310- { 4311- public Poly1305() 4312- { 4313- super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 4314- } 4315- } 4316- 4317- public static class Poly1305KeyGen 4318- extends BaseKeyGenerator 4319- { 4320- public Poly1305KeyGen() 4321- { 4322- super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 4323- } 4324- } 4325+ // BEGIN android-removed 4326+ // static public class CCM 4327+ // extends BaseBlockCipher 4328+ // { 4329+ // public CCM() 4330+ // { 4331+ // super(new CCMBlockCipher(new AESFastEngine())); 4332+ // } 4333+ // } 4334+ // 4335+ // public static class AESCMAC 4336+ // extends BaseMac 4337+ // { 4338+ // public AESCMAC() 4339+ // { 4340+ // super(new CMac(new AESFastEngine())); 4341+ // } 4342+ // } 4343+ // 4344+ // public static class AESGMAC 4345+ // extends BaseMac 4346+ // { 4347+ // public AESGMAC() 4348+ // { 4349+ // super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 4350+ // } 4351+ // } 4352+ // 4353+ // public static class Poly1305 4354+ // extends BaseMac 4355+ // { 4356+ // public Poly1305() 4357+ // { 4358+ // super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 4359+ // } 4360+ // } 4361+ // 4362+ // public static class Poly1305KeyGen 4363+ // extends BaseKeyGenerator 4364+ // { 4365+ // public Poly1305KeyGen() 4366+ // { 4367+ // super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 4368+ // } 4369+ // } 4370+ // END android-removed 4371 4372 static public class Wrap 4373 extends BaseWrapCipher 4374@@ -155,23 +186,25 @@ 4375 } 4376 } 4377 4378- public static class RFC3211Wrap 4379- extends BaseWrapCipher 4380- { 4381- public RFC3211Wrap() 4382- { 4383- super(new RFC3211WrapEngine(new AESFastEngine()), 16); 4384- } 4385- } 4386- 4387- public static class RFC5649Wrap 4388- extends BaseWrapCipher 4389- { 4390- public RFC5649Wrap() 4391- { 4392- super(new RFC5649WrapEngine(new AESFastEngine())); 4393- } 4394- } 4395+ // BEGIN android-removed 4396+ // public static class RFC3211Wrap 4397+ // extends BaseWrapCipher 4398+ // { 4399+ // public RFC3211Wrap() 4400+ // { 4401+ // super(new RFC3211WrapEngine(new AESFastEngine()), 16); 4402+ // } 4403+ // } 4404+ // 4405+ // public static class RFC5649Wrap 4406+ // extends BaseWrapCipher 4407+ // { 4408+ // public RFC5649Wrap() 4409+ // { 4410+ // super(new RFC5649WrapEngine(new AESFastEngine())); 4411+ // } 4412+ // } 4413+ // END android-removed 4414 4415 /** 4416 * PBEWithAES-CBC 4417@@ -190,7 +223,9 @@ 4418 { 4419 public KeyGen() 4420 { 4421- this(192); 4422+ // BEGIN android-changed 4423+ this(128); 4424+ // END android-changed 4425 } 4426 4427 public KeyGen(int keySize) 4428@@ -199,32 +234,34 @@ 4429 } 4430 } 4431 4432- public static class KeyGen128 4433- extends KeyGen 4434- { 4435- public KeyGen128() 4436- { 4437- super(128); 4438- } 4439- } 4440- 4441- public static class KeyGen192 4442- extends KeyGen 4443- { 4444- public KeyGen192() 4445- { 4446- super(192); 4447- } 4448- } 4449- 4450- public static class KeyGen256 4451- extends KeyGen 4452- { 4453- public KeyGen256() 4454- { 4455- super(256); 4456- } 4457- } 4458+ // BEGIN android-removed 4459+ // public static class KeyGen128 4460+ // extends KeyGen 4461+ // { 4462+ // public KeyGen128() 4463+ // { 4464+ // super(128); 4465+ // } 4466+ // } 4467+ // 4468+ // public static class KeyGen192 4469+ // extends KeyGen 4470+ // { 4471+ // public KeyGen192() 4472+ // { 4473+ // super(192); 4474+ // } 4475+ // } 4476+ // 4477+ // public static class KeyGen256 4478+ // extends KeyGen 4479+ // { 4480+ // public KeyGen256() 4481+ // { 4482+ // super(256); 4483+ // } 4484+ // } 4485+ // END android-removed 4486 4487 /** 4488 * PBEWithSHA1And128BitAES-BC 4489@@ -334,119 +371,121 @@ 4490 } 4491 } 4492 4493- public static class AlgParamGen 4494- extends BaseAlgorithmParameterGenerator 4495- { 4496- protected void engineInit( 4497- AlgorithmParameterSpec genParamSpec, 4498- SecureRandom random) 4499- throws InvalidAlgorithmParameterException 4500- { 4501- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4502- } 4503- 4504- protected AlgorithmParameters engineGenerateParameters() 4505- { 4506- byte[] iv = new byte[16]; 4507- 4508- if (random == null) 4509- { 4510- random = new SecureRandom(); 4511- } 4512- 4513- random.nextBytes(iv); 4514- 4515- AlgorithmParameters params; 4516- 4517- try 4518- { 4519- params = createParametersInstance("AES"); 4520- params.init(new IvParameterSpec(iv)); 4521- } 4522- catch (Exception e) 4523- { 4524- throw new RuntimeException(e.getMessage()); 4525- } 4526- 4527- return params; 4528- } 4529- } 4530- 4531- public static class AlgParamGenCCM 4532- extends BaseAlgorithmParameterGenerator 4533- { 4534- protected void engineInit( 4535- AlgorithmParameterSpec genParamSpec, 4536- SecureRandom random) 4537- throws InvalidAlgorithmParameterException 4538- { 4539- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4540- } 4541- 4542- protected AlgorithmParameters engineGenerateParameters() 4543- { 4544- byte[] iv = new byte[12]; 4545- 4546- if (random == null) 4547- { 4548- random = new SecureRandom(); 4549- } 4550- 4551- random.nextBytes(iv); 4552- 4553- AlgorithmParameters params; 4554- 4555- try 4556- { 4557- params = createParametersInstance("CCM"); 4558- params.init(new CCMParameters(iv, 12).getEncoded()); 4559- } 4560- catch (Exception e) 4561- { 4562- throw new RuntimeException(e.getMessage()); 4563- } 4564- 4565- return params; 4566- } 4567- } 4568- 4569- public static class AlgParamGenGCM 4570- extends BaseAlgorithmParameterGenerator 4571- { 4572- protected void engineInit( 4573- AlgorithmParameterSpec genParamSpec, 4574- SecureRandom random) 4575- throws InvalidAlgorithmParameterException 4576- { 4577- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4578- } 4579- 4580- protected AlgorithmParameters engineGenerateParameters() 4581- { 4582- byte[] nonce = new byte[12]; 4583- 4584- if (random == null) 4585- { 4586- random = new SecureRandom(); 4587- } 4588- 4589- random.nextBytes(nonce); 4590- 4591- AlgorithmParameters params; 4592- 4593- try 4594- { 4595- params = createParametersInstance("GCM"); 4596- params.init(new GCMParameters(nonce, 12).getEncoded()); 4597- } 4598- catch (Exception e) 4599- { 4600- throw new RuntimeException(e.getMessage()); 4601- } 4602- 4603- return params; 4604- } 4605- } 4606+ // BEGIN android-removed 4607+ // public static class AlgParamGen 4608+ // extends BaseAlgorithmParameterGenerator 4609+ // { 4610+ // protected void engineInit( 4611+ // AlgorithmParameterSpec genParamSpec, 4612+ // SecureRandom random) 4613+ // throws InvalidAlgorithmParameterException 4614+ // { 4615+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4616+ // } 4617+ // 4618+ // protected AlgorithmParameters engineGenerateParameters() 4619+ // { 4620+ // byte[] iv = new byte[16]; 4621+ // 4622+ // if (random == null) 4623+ // { 4624+ // random = new SecureRandom(); 4625+ // } 4626+ // 4627+ // random.nextBytes(iv); 4628+ // 4629+ // AlgorithmParameters params; 4630+ // 4631+ // try 4632+ // { 4633+ // params = createParametersInstance("AES"); 4634+ // params.init(new IvParameterSpec(iv)); 4635+ // } 4636+ // catch (Exception e) 4637+ // { 4638+ // throw new RuntimeException(e.getMessage()); 4639+ // } 4640+ // 4641+ // return params; 4642+ // } 4643+ // } 4644+ // 4645+ // public static class AlgParamGenCCM 4646+ // extends BaseAlgorithmParameterGenerator 4647+ // { 4648+ // protected void engineInit( 4649+ // AlgorithmParameterSpec genParamSpec, 4650+ // SecureRandom random) 4651+ // throws InvalidAlgorithmParameterException 4652+ // { 4653+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4654+ // } 4655+ // 4656+ // protected AlgorithmParameters engineGenerateParameters() 4657+ // { 4658+ // byte[] iv = new byte[12]; 4659+ // 4660+ // if (random == null) 4661+ // { 4662+ // random = new SecureRandom(); 4663+ // } 4664+ // 4665+ // random.nextBytes(iv); 4666+ // 4667+ // AlgorithmParameters params; 4668+ // 4669+ // try 4670+ // { 4671+ // params = createParametersInstance("CCM"); 4672+ // params.init(new CCMParameters(iv, 12).getEncoded()); 4673+ // } 4674+ // catch (Exception e) 4675+ // { 4676+ // throw new RuntimeException(e.getMessage()); 4677+ // } 4678+ // 4679+ // return params; 4680+ // } 4681+ // } 4682+ // 4683+ // public static class AlgParamGenGCM 4684+ // extends BaseAlgorithmParameterGenerator 4685+ // { 4686+ // protected void engineInit( 4687+ // AlgorithmParameterSpec genParamSpec, 4688+ // SecureRandom random) 4689+ // throws InvalidAlgorithmParameterException 4690+ // { 4691+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4692+ // } 4693+ // 4694+ // protected AlgorithmParameters engineGenerateParameters() 4695+ // { 4696+ // byte[] nonce = new byte[12]; 4697+ // 4698+ // if (random == null) 4699+ // { 4700+ // random = new SecureRandom(); 4701+ // } 4702+ // 4703+ // random.nextBytes(nonce); 4704+ // 4705+ // AlgorithmParameters params; 4706+ // 4707+ // try 4708+ // { 4709+ // params = createParametersInstance("GCM"); 4710+ // params.init(new GCMParameters(nonce, 12).getEncoded()); 4711+ // } 4712+ // catch (Exception e) 4713+ // { 4714+ // throw new RuntimeException(e.getMessage()); 4715+ // } 4716+ // 4717+ // return params; 4718+ // } 4719+ // } 4720+ // END android-removed 4721 4722 public static class AlgParams 4723 extends IvAlgorithmParameters 4724@@ -545,80 +584,82 @@ 4725 } 4726 } 4727 4728- public static class AlgParamsCCM 4729- extends BaseAlgorithmParameters 4730- { 4731- private CCMParameters ccmParams; 4732- 4733- protected void engineInit(AlgorithmParameterSpec paramSpec) 4734- throws InvalidParameterSpecException 4735- { 4736- throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); 4737- } 4738- 4739- protected void engineInit(byte[] params) 4740- throws IOException 4741- { 4742- ccmParams = CCMParameters.getInstance(params); 4743- } 4744- 4745- protected void engineInit(byte[] params, String format) 4746- throws IOException 4747- { 4748- if (!isASN1FormatString(format)) 4749- { 4750- throw new IOException("unknown format specified"); 4751- } 4752- 4753- ccmParams = CCMParameters.getInstance(params); 4754- } 4755- 4756- protected byte[] engineGetEncoded() 4757- throws IOException 4758- { 4759- return ccmParams.getEncoded(); 4760- } 4761- 4762- protected byte[] engineGetEncoded(String format) 4763- throws IOException 4764- { 4765- if (!isASN1FormatString(format)) 4766- { 4767- throw new IOException("unknown format specified"); 4768- } 4769- 4770- return ccmParams.getEncoded(); 4771- } 4772- 4773- protected String engineToString() 4774- { 4775- return "CCM"; 4776- } 4777- 4778- protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4779- throws InvalidParameterSpecException 4780- { 4781- if (gcmSpecClass != null) 4782- { 4783- try 4784- { 4785- Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); 4786- 4787- return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); 4788- } 4789- catch (NoSuchMethodException e) 4790- { 4791- throw new InvalidParameterSpecException("no constructor found!"); // should never happen 4792- } 4793- catch (Exception e) 4794- { 4795- throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen 4796- } 4797- } 4798- 4799- throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); 4800- } 4801- } 4802+ // BEGIN android-removed 4803+ // public static class AlgParamsCCM 4804+ // extends BaseAlgorithmParameters 4805+ // { 4806+ // private CCMParameters ccmParams; 4807+ // 4808+ // protected void engineInit(AlgorithmParameterSpec paramSpec) 4809+ // throws InvalidParameterSpecException 4810+ // { 4811+ // throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); 4812+ // } 4813+ // 4814+ // protected void engineInit(byte[] params) 4815+ // throws IOException 4816+ // { 4817+ // ccmParams = CCMParameters.getInstance(params); 4818+ // } 4819+ // 4820+ // protected void engineInit(byte[] params, String format) 4821+ // throws IOException 4822+ // { 4823+ // if (!isASN1FormatString(format)) 4824+ // { 4825+ // throw new IOException("unknown format specified"); 4826+ // } 4827+ // 4828+ // ccmParams = CCMParameters.getInstance(params); 4829+ // } 4830+ // 4831+ // protected byte[] engineGetEncoded() 4832+ // throws IOException 4833+ // { 4834+ // return ccmParams.getEncoded(); 4835+ // } 4836+ // 4837+ // protected byte[] engineGetEncoded(String format) 4838+ // throws IOException 4839+ // { 4840+ // if (!isASN1FormatString(format)) 4841+ // { 4842+ // throw new IOException("unknown format specified"); 4843+ // } 4844+ // 4845+ // return ccmParams.getEncoded(); 4846+ // } 4847+ // 4848+ // protected String engineToString() 4849+ // { 4850+ // return "CCM"; 4851+ // } 4852+ // 4853+ // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4854+ // throws InvalidParameterSpecException 4855+ // { 4856+ // if (gcmSpecClass != null) 4857+ // { 4858+ // try 4859+ // { 4860+ // Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); 4861+ // 4862+ // return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); 4863+ // } 4864+ // catch (NoSuchMethodException e) 4865+ // { 4866+ // throw new InvalidParameterSpecException("no constructor found!"); // should never happen 4867+ // } 4868+ // catch (Exception e) 4869+ // { 4870+ // throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen 4871+ // } 4872+ // } 4873+ // 4874+ // throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); 4875+ // } 4876+ // } 4877+ // END android-removed 4878 4879 public static class Mappings 4880 extends SymmetricAlgorithmProvider 4881@@ -652,92 +693,101 @@ 4882 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4883 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4884 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4885- 4886- provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); 4887- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4888- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4889- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4890- 4891- provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 4892- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 4893- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 4894- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 4895- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 4896- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 4897- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 4898+ // BEGIN android-removed 4899+ // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); 4900+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4901+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4902+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4903+ // 4904+ // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 4905+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 4906+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 4907+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 4908+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 4909+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 4910+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 4911+ // END android-removed 4912 4913 provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); 4914 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); 4915 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); 4916 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); 4917- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 4918- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 4919- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 4920- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 4921- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 4922- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 4923- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 4924- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 4925- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 4926- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 4927- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 4928- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 4929+ // BEGIN android-removed 4930+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 4931+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 4932+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 4933+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 4934+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 4935+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 4936+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 4937+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 4938+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 4939+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 4940+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 4941+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 4942+ // END android-removed 4943 provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); 4944 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); 4945 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); 4946 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); 4947 4948- provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 4949- provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); 4950- 4951- provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); 4952- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4953- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4954- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4955- 4956- provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); 4957- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4958- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4959- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4960- 4961- provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); 4962- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4963- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4964- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4965- 4966- provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM"); 4967- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4968- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4969- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4970+ // BEGIN android-removed 4971+ // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 4972+ // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); 4973+ // 4974+ // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); 4975+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4976+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4977+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4978+ // 4979+ // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); 4980+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4981+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4982+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4983+ // 4984+ // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); 4985+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4986+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4987+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4988+ // END android-removed 4989+ 4990+ // BEGIN android-changed 4991+ provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM"); 4992+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING"); 4993+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING"); 4994+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING"); 4995+ // END android-changed 4996 4997 provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); 4998- provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 4999- provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 5000- provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 5001- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 5002- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 5003- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 5004- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 5005- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 5006- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 5007- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 5008- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 5009- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 5010- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 5011- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 5012- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 5013- provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 5014- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 5015- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 5016- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 5017- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); 5018- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); 5019- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); 5020- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); 5021- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); 5022- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); 5023- 5024- provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 5025+ // BEGIN android-removed 5026+ // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 5027+ // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 5028+ // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 5029+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 5030+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 5031+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 5032+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 5033+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 5034+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 5035+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 5036+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 5037+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 5038+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 5039+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 5040+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 5041+ // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 5042+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 5043+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 5044+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 5045+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); 5046+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); 5047+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); 5048+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); 5049+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); 5050+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); 5051+ // 5052+ // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 5053+ // END android-removed 5054 5055 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC"); 5056 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC"); 5057@@ -816,8 +866,10 @@ 5058 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); 5059 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); 5060 5061- addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 5062- addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 5063+ // BEGIN android-removed 5064+ // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 5065+ // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 5066+ // END android-removed 5067 } 5068 } 5069 5070diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 5071--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2015-03-01 12:03:02.000000000 +0000 5072+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-05-25 02:14:15.000000000 +0000 5073@@ -29,7 +29,9 @@ 5074 { 5075 public KeyGen() 5076 { 5077- super("RC4", 128, new CipherKeyGenerator()); 5078+ // BEGIN android-changed 5079+ super("ARC4", 128, new CipherKeyGenerator()); 5080+ // END android-changed 5081 } 5082 } 5083 5084diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 5085--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2015-03-01 12:03:02.000000000 +0000 5086+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-09-17 23:04:47.000000000 +0000 5087@@ -64,7 +64,9 @@ 5088 { 5089 5090 provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); 5091- provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 5092+ // BEGIN android-removed 5093+ // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 5094+ // END android-removed 5095 provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); 5096 provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); 5097 provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); 5098diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 5099--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-03-01 12:03:02.000000000 +0000 5100+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-04-09 13:10:16.000000000 +0000 5101@@ -19,12 +19,16 @@ 5102 import org.bouncycastle.crypto.CipherParameters; 5103 import org.bouncycastle.crypto.KeyGenerationParameters; 5104 import org.bouncycastle.crypto.engines.DESEngine; 5105-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5106+// BEGIN android-removed 5107+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5108+// END android-removed 5109 import org.bouncycastle.crypto.generators.DESKeyGenerator; 5110 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5111-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5112-import org.bouncycastle.crypto.macs.CMac; 5113-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5114+// BEGIN android-removed 5115+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5116+// import org.bouncycastle.crypto.macs.CMac; 5117+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5118+// END android-removed 5119 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5120 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 5121 import org.bouncycastle.crypto.params.DESParameters; 5122@@ -65,17 +69,19 @@ 5123 } 5124 } 5125 5126- /** 5127- * DES CFB8 5128- */ 5129- public static class DESCFB8 5130- extends BaseMac 5131- { 5132- public DESCFB8() 5133- { 5134- super(new CFBBlockCipherMac(new DESEngine())); 5135- } 5136- } 5137+ // BEGIN android-removed 5138+ // /** 5139+ // * DES CFB8 5140+ // */ 5141+ // public static class DESCFB8 5142+ // extends BaseMac 5143+ // { 5144+ // public DESCFB8() 5145+ // { 5146+ // super(new CFBBlockCipherMac(new DESEngine())); 5147+ // } 5148+ // } 5149+ // END android-removed 5150 5151 /** 5152 * DES64 5153@@ -110,47 +116,49 @@ 5154 } 5155 } 5156 5157- static public class CMAC 5158- extends BaseMac 5159- { 5160- public CMAC() 5161- { 5162- super(new CMac(new DESEngine())); 5163- } 5164- } 5165- 5166- /** 5167- * DES9797Alg3with7816-4Padding 5168- */ 5169- public static class DES9797Alg3with7816d4 5170- extends BaseMac 5171- { 5172- public DES9797Alg3with7816d4() 5173- { 5174- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5175- } 5176- } 5177- 5178- /** 5179- * DES9797Alg3 5180- */ 5181- public static class DES9797Alg3 5182- extends BaseMac 5183- { 5184- public DES9797Alg3() 5185- { 5186- super(new ISO9797Alg3Mac(new DESEngine())); 5187- } 5188- } 5189- 5190- public static class RFC3211 5191- extends BaseWrapCipher 5192- { 5193- public RFC3211() 5194- { 5195- super(new RFC3211WrapEngine(new DESEngine()), 8); 5196- } 5197- } 5198+ // BEGIN android-removed 5199+ // static public class CMAC 5200+ // extends BaseMac 5201+ // { 5202+ // public CMAC() 5203+ // { 5204+ // super(new CMac(new DESEngine())); 5205+ // } 5206+ // } 5207+ // 5208+ // /** 5209+ // * DES9797Alg3with7816-4Padding 5210+ // */ 5211+ // public static class DES9797Alg3with7816d4 5212+ // extends BaseMac 5213+ // { 5214+ // public DES9797Alg3with7816d4() 5215+ // { 5216+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5217+ // } 5218+ // } 5219+ // 5220+ // /** 5221+ // * DES9797Alg3 5222+ // */ 5223+ // public static class DES9797Alg3 5224+ // extends BaseMac 5225+ // { 5226+ // public DES9797Alg3() 5227+ // { 5228+ // super(new ISO9797Alg3Mac(new DESEngine())); 5229+ // } 5230+ // } 5231+ // 5232+ // public static class RFC3211 5233+ // extends BaseWrapCipher 5234+ // { 5235+ // public RFC3211() 5236+ // { 5237+ // super(new RFC3211WrapEngine(new DESEngine()), 8); 5238+ // } 5239+ // } 5240+ // END android-removed 5241 5242 public static class AlgParamGen 5243 extends BaseAlgorithmParameterGenerator 5244@@ -350,17 +358,19 @@ 5245 } 5246 } 5247 5248- /** 5249- * PBEWithMD2AndDES 5250- */ 5251- static public class PBEWithMD2KeyFactory 5252- extends DESPBEKeyFactory 5253- { 5254- public PBEWithMD2KeyFactory() 5255- { 5256- super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 5257- } 5258- } 5259+ // BEGIN android-removed 5260+ // /** 5261+ // * PBEWithMD2AndDES 5262+ // */ 5263+ // static public class PBEWithMD2KeyFactory 5264+ // extends DESPBEKeyFactory 5265+ // { 5266+ // public PBEWithMD2KeyFactory() 5267+ // { 5268+ // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 5269+ // } 5270+ // } 5271+ // END android-removed 5272 5273 /** 5274 * PBEWithMD5AndDES 5275@@ -386,17 +396,19 @@ 5276 } 5277 } 5278 5279- /** 5280- * PBEWithMD2AndDES 5281- */ 5282- static public class PBEWithMD2 5283- extends BaseBlockCipher 5284- { 5285- public PBEWithMD2() 5286- { 5287- super(new CBCBlockCipher(new DESEngine())); 5288- } 5289- } 5290+ // BEGIN android-removed 5291+ // /** 5292+ // * PBEWithMD2AndDES 5293+ // */ 5294+ // static public class PBEWithMD2 5295+ // extends BaseBlockCipher 5296+ // { 5297+ // public PBEWithMD2() 5298+ // { 5299+ // super(new CBCBlockCipher(new DESEngine())); 5300+ // } 5301+ // } 5302+ // END android-removed 5303 5304 /** 5305 * PBEWithMD5AndDES 5306@@ -436,61 +448,75 @@ 5307 { 5308 5309 provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); 5310- provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 5311- 5312- addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 5313- 5314- provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 5315+ // BEGIN android-removed 5316+ // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 5317+ // 5318+ // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 5319+ // 5320+ // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 5321+ // END android-removed 5322 5323 provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); 5324 5325 provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); 5326 5327- provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 5328- provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 5329- provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 5330- 5331- provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 5332- provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 5333- 5334- provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 5335- provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 5336- 5337- provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 5338- provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5339- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5340- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5341- 5342- provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 5343- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 5344- 5345- provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 5346- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 5347- provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 5348- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 5349+ // BEGIN android-removed 5350+ // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 5351+ // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 5352+ // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 5353+ // 5354+ // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 5355+ // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 5356+ // 5357+ // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 5358+ // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 5359+ // 5360+ // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 5361+ // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5362+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5363+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5364+ // 5365+ // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 5366+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 5367+ // 5368+ // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 5369+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 5370+ // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 5371+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 5372+ // END android-removed 5373 5374 provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); 5375 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); 5376 5377- provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 5378- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 5379- 5380- provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 5381+ // BEGIN android-removed 5382+ // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 5383+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 5384+ // 5385+ // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 5386+ // END android-removed 5387 provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5"); 5388 provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1"); 5389 5390- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5391+ // BEGIN android-removed 5392+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5393+ // END android-removed 5394 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 5395 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 5396 5397- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 5398+ // BEGIN android-removed 5399+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 5400+ // END android-removed 5401 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory"); 5402 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory"); 5403 5404- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 5405+ // BEGIN android-removed 5406+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 5407+ // END android-removed 5408 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); 5409 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); 5410- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5411+ // BEGIN android-removed 5412+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5413+ // END android-removed 5414 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 5415 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 5416 } 5417diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 5418--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-03-01 12:03:02.000000000 +0000 5419+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-04-09 13:10:16.000000000 +0000 5420@@ -1,30 +1,42 @@ 5421 package org.bouncycastle.jcajce.provider.symmetric; 5422 5423-import java.security.AlgorithmParameters; 5424-import java.security.InvalidAlgorithmParameterException; 5425+// BEGIN android-removed 5426+// import java.security.AlgorithmParameters; 5427+// import java.security.InvalidAlgorithmParameterException; 5428+// END android-removed 5429 import java.security.SecureRandom; 5430-import java.security.spec.AlgorithmParameterSpec; 5431+// BEGIN android-removed 5432+// import java.security.spec.AlgorithmParameterSpec; 5433+// END android-removed 5434 import java.security.spec.InvalidKeySpecException; 5435 import java.security.spec.KeySpec; 5436 5437 import javax.crypto.SecretKey; 5438 import javax.crypto.spec.DESedeKeySpec; 5439-import javax.crypto.spec.IvParameterSpec; 5440+// BEGIN android-removed 5441+// import javax.crypto.spec.IvParameterSpec; 5442+// END android-removed 5443 import javax.crypto.spec.SecretKeySpec; 5444 5445 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5446 import org.bouncycastle.crypto.KeyGenerationParameters; 5447 import org.bouncycastle.crypto.engines.DESedeEngine; 5448 import org.bouncycastle.crypto.engines.DESedeWrapEngine; 5449-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5450+// BEGIN android-removed 5451+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5452+// END android-removed 5453 import org.bouncycastle.crypto.generators.DESedeKeyGenerator; 5454 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5455-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5456-import org.bouncycastle.crypto.macs.CMac; 5457+// BEGIN android-removed 5458+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5459+// import org.bouncycastle.crypto.macs.CMac; 5460+// END android-removed 5461 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5462 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 5463 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 5464-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5465+// BEGIN android-removed 5466+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5467+// END android-removed 5468 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 5469 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5470 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5471@@ -56,17 +68,19 @@ 5472 } 5473 } 5474 5475- /** 5476- * DESede CFB8 5477- */ 5478- public static class DESedeCFB8 5479- extends BaseMac 5480- { 5481- public DESedeCFB8() 5482- { 5483- super(new CFBBlockCipherMac(new DESedeEngine())); 5484- } 5485- } 5486+ // BEGIN android-removed 5487+ // /** 5488+ // * DESede CFB8 5489+ // */ 5490+ // public static class DESedeCFB8 5491+ // extends BaseMac 5492+ // { 5493+ // public DESedeCFB8() 5494+ // { 5495+ // super(new CFBBlockCipherMac(new DESedeEngine())); 5496+ // } 5497+ // } 5498+ // END android-removed 5499 5500 /** 5501 * DESede64 5502@@ -101,15 +115,17 @@ 5503 } 5504 } 5505 5506- static public class CMAC 5507- extends BaseMac 5508- { 5509- public CMAC() 5510- { 5511- super(new CMac(new DESedeEngine())); 5512- } 5513- } 5514- 5515+ // BEGIN android-removed 5516+ // static public class CMAC 5517+ // extends BaseMac 5518+ // { 5519+ // public CMAC() 5520+ // { 5521+ // super(new CMac(new DESedeEngine())); 5522+ // } 5523+ // } 5524+ // END android-removed 5525+ 5526 public static class Wrap 5527 extends BaseWrapCipher 5528 { 5529@@ -118,15 +134,17 @@ 5530 super(new DESedeWrapEngine()); 5531 } 5532 } 5533- 5534- public static class RFC3211 5535- extends BaseWrapCipher 5536- { 5537- public RFC3211() 5538- { 5539- super(new RFC3211WrapEngine(new DESedeEngine()), 8); 5540- } 5541- } 5542+ 5543+ // BEGIN android-removed 5544+ // public static class RFC3211 5545+ // extends BaseWrapCipher 5546+ // { 5547+ // public RFC3211() 5548+ // { 5549+ // super(new RFC3211WrapEngine(new DESedeEngine()), 8); 5550+ // } 5551+ // } 5552+ // END android-removed 5553 5554 /** 5555 * DESede - the default for this is to generate a key in 5556@@ -240,43 +258,45 @@ 5557 } 5558 } 5559 5560- public static class AlgParamGen 5561- extends BaseAlgorithmParameterGenerator 5562- { 5563- protected void engineInit( 5564- AlgorithmParameterSpec genParamSpec, 5565- SecureRandom random) 5566- throws InvalidAlgorithmParameterException 5567- { 5568- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 5569- } 5570- 5571- protected AlgorithmParameters engineGenerateParameters() 5572- { 5573- byte[] iv = new byte[8]; 5574- 5575- if (random == null) 5576- { 5577- random = new SecureRandom(); 5578- } 5579- 5580- random.nextBytes(iv); 5581- 5582- AlgorithmParameters params; 5583- 5584- try 5585- { 5586- params = createParametersInstance("DES"); 5587- params.init(new IvParameterSpec(iv)); 5588- } 5589- catch (Exception e) 5590- { 5591- throw new RuntimeException(e.getMessage()); 5592- } 5593- 5594- return params; 5595- } 5596- } 5597+ // BEGIN android-removed 5598+ // public static class AlgParamGen 5599+ // extends BaseAlgorithmParameterGenerator 5600+ // { 5601+ // protected void engineInit( 5602+ // AlgorithmParameterSpec genParamSpec, 5603+ // SecureRandom random) 5604+ // throws InvalidAlgorithmParameterException 5605+ // { 5606+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 5607+ // } 5608+ 5609+ // protected AlgorithmParameters engineGenerateParameters() 5610+ // { 5611+ // byte[] iv = new byte[8]; 5612+ 5613+ // if (random == null) 5614+ // { 5615+ // random = new SecureRandom(); 5616+ // } 5617+ 5618+ // random.nextBytes(iv); 5619+ 5620+ // AlgorithmParameters params; 5621+ 5622+ // try 5623+ // { 5624+ // params = createParametersInstance("DES"); 5625+ // params.init(new IvParameterSpec(iv)); 5626+ // } 5627+ // catch (Exception e) 5628+ // { 5629+ // throw new RuntimeException(e.getMessage()); 5630+ // } 5631+ 5632+ // return params; 5633+ // } 5634+ // } 5635+ // END android-removed 5636 5637 static public class KeyFactory 5638 extends BaseSecretKeyFactory 5639@@ -360,25 +380,37 @@ 5640 public void configure(ConfigurableProvider provider) 5641 { 5642 provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); 5643- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 5644+ // BEGIN android-removed 5645+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 5646+ // END android-removed 5647 provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); 5648- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap"); 5649- provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 5650+ // BEGIN android-changed 5651+ provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); 5652+ // END android-changed 5653+ // BEGIN android-removed 5654+ // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 5655+ // END android-removed 5656 5657 provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE"); 5658 provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP"); 5659 provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); 5660 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE"); 5661- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 5662+ // BEGIN android-removed 5663+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 5664+ // END android-removed 5665 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); 5666 5667 if (provider.hasAlgorithm("MessageDigest", "SHA-1")) 5668 { 5669 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); 5670- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 5671- provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 5672+ // BEGIN android-removed 5673+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 5674+ // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 5675+ // END android-removed 5676 provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); 5677- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 5678+ // BEGIN android-removed 5679+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 5680+ // END android-removed 5681 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 5682 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 5683 provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 5684@@ -387,31 +419,37 @@ 5685 } 5686 5687 provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); 5688- provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 5689- provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 5690+ // BEGIN android-removed 5691+ // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 5692+ // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 5693+ // END android-removed 5694 5695 provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); 5696 5697- provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 5698- provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 5699- provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 5700- 5701- provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 5702- provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 5703- 5704- provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 5705- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 5706- 5707- provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 5708- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5709- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5710- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5711+ // BEGIN android-removed 5712+ // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 5713+ // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 5714+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 5715+ // 5716+ // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 5717+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 5718+ // 5719+ // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 5720+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 5721+ // 5722+ // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 5723+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5724+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5725+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5726+ // END android-removed 5727 5728 provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); 5729 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5730 5731- provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 5732- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5733+ // BEGIN android-removed 5734+ // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 5735+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5736+ // END android-removed 5737 5738 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory"); 5739 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory"); 5740diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 5741--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-03-01 12:03:02.000000000 +0000 5742+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-04-09 13:10:16.000000000 +0000 5743@@ -12,20 +12,28 @@ 5744 5745 import org.bouncycastle.asn1.ASN1Primitive; 5746 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5747-import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 5748-import org.bouncycastle.crypto.CipherKeyGenerator; 5749+// BEGIN android-removed 5750+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 5751+// import org.bouncycastle.crypto.CipherKeyGenerator; 5752+// END android-removed 5753 import org.bouncycastle.crypto.engines.RC2Engine; 5754-import org.bouncycastle.crypto.engines.RC2WrapEngine; 5755-import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5756-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5757+// BEGIN android-removed 5758+// import org.bouncycastle.crypto.engines.RC2WrapEngine; 5759+// import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5760+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5761+// END android-removed 5762 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5763 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 5764-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5765-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 5766+// BEGIN android-removed 5767+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5768+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 5769+// END android-removed 5770 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 5771-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5772-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5773-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 5774+// BEGIN android-removed 5775+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5776+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5777+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 5778+// END android-removed 5779 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 5780 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; 5781 import org.bouncycastle.util.Arrays; 5782@@ -36,59 +44,61 @@ 5783 { 5784 } 5785 5786- /** 5787- * RC2 5788- */ 5789- static public class ECB 5790- extends BaseBlockCipher 5791- { 5792- public ECB() 5793- { 5794- super(new RC2Engine()); 5795- } 5796- } 5797- 5798- /** 5799- * RC2CBC 5800- */ 5801- static public class CBC 5802- extends BaseBlockCipher 5803- { 5804- public CBC() 5805- { 5806- super(new CBCBlockCipher(new RC2Engine()), 64); 5807- } 5808- } 5809- 5810- public static class Wrap 5811- extends BaseWrapCipher 5812- { 5813- public Wrap() 5814- { 5815- super(new RC2WrapEngine()); 5816- } 5817- } 5818- 5819- /** 5820- * RC2 5821- */ 5822- public static class CBCMAC 5823- extends BaseMac 5824- { 5825- public CBCMAC() 5826- { 5827- super(new CBCBlockCipherMac(new RC2Engine())); 5828- } 5829- } 5830- 5831- public static class CFB8MAC 5832- extends BaseMac 5833- { 5834- public CFB8MAC() 5835- { 5836- super(new CFBBlockCipherMac(new RC2Engine())); 5837- } 5838- } 5839+ // BEGIN android-removed 5840+ // /** 5841+ // * RC2 5842+ // */ 5843+ // static public class ECB 5844+ // extends BaseBlockCipher 5845+ // { 5846+ // public ECB() 5847+ // { 5848+ // super(new RC2Engine()); 5849+ // } 5850+ // } 5851+ // 5852+ // /** 5853+ // * RC2CBC 5854+ // */ 5855+ // static public class CBC 5856+ // extends BaseBlockCipher 5857+ // { 5858+ // public CBC() 5859+ // { 5860+ // super(new CBCBlockCipher(new RC2Engine()), 64); 5861+ // } 5862+ // } 5863+ // 5864+ // public static class Wrap 5865+ // extends BaseWrapCipher 5866+ // { 5867+ // public Wrap() 5868+ // { 5869+ // super(new RC2WrapEngine()); 5870+ // } 5871+ // } 5872+ // 5873+ // /** 5874+ // * RC2 5875+ // */ 5876+ // public static class CBCMAC 5877+ // extends BaseMac 5878+ // { 5879+ // public CBCMAC() 5880+ // { 5881+ // super(new CBCBlockCipherMac(new RC2Engine())); 5882+ // } 5883+ // } 5884+ // 5885+ // public static class CFB8MAC 5886+ // extends BaseMac 5887+ // { 5888+ // public CFB8MAC() 5889+ // { 5890+ // super(new CFBBlockCipherMac(new RC2Engine())); 5891+ // } 5892+ // } 5893+ // END android-removed 5894 5895 /** 5896 * PBEWithSHA1AndRC2 5897@@ -174,17 +184,19 @@ 5898 } 5899 } 5900 5901- /** 5902- * PBEWithMD2AndRC2 5903- */ 5904- static public class PBEWithMD2KeyFactory 5905- extends PBESecretKeyFactory 5906- { 5907- public PBEWithMD2KeyFactory() 5908- { 5909- super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 5910- } 5911- } 5912+ // BEGIN android-removed 5913+ // /** 5914+ // * PBEWithMD2AndRC2 5915+ // */ 5916+ // static public class PBEWithMD2KeyFactory 5917+ // extends PBESecretKeyFactory 5918+ // { 5919+ // public PBEWithMD2KeyFactory() 5920+ // { 5921+ // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 5922+ // } 5923+ // } 5924+ // END android-removed 5925 5926 /** 5927 * PBEWithMD5AndRC2 5928@@ -198,247 +210,249 @@ 5929 } 5930 } 5931 5932- public static class AlgParamGen 5933- extends BaseAlgorithmParameterGenerator 5934- { 5935- RC2ParameterSpec spec = null; 5936- 5937- protected void engineInit( 5938- AlgorithmParameterSpec genParamSpec, 5939- SecureRandom random) 5940- throws InvalidAlgorithmParameterException 5941- { 5942- if (genParamSpec instanceof RC2ParameterSpec) 5943- { 5944- spec = (RC2ParameterSpec)genParamSpec; 5945- return; 5946- } 5947- 5948- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 5949- } 5950- 5951- protected AlgorithmParameters engineGenerateParameters() 5952- { 5953- AlgorithmParameters params; 5954- 5955- if (spec == null) 5956- { 5957- byte[] iv = new byte[8]; 5958- 5959- if (random == null) 5960- { 5961- random = new SecureRandom(); 5962- } 5963- 5964- random.nextBytes(iv); 5965- 5966- try 5967- { 5968- params = createParametersInstance("RC2"); 5969- params.init(new IvParameterSpec(iv)); 5970- } 5971- catch (Exception e) 5972- { 5973- throw new RuntimeException(e.getMessage()); 5974- } 5975- } 5976- else 5977- { 5978- try 5979- { 5980- params = createParametersInstance("RC2"); 5981- params.init(spec); 5982- } 5983- catch (Exception e) 5984- { 5985- throw new RuntimeException(e.getMessage()); 5986- } 5987- } 5988- 5989- return params; 5990- } 5991- } 5992- 5993- public static class KeyGenerator 5994- extends BaseKeyGenerator 5995- { 5996- public KeyGenerator() 5997- { 5998- super("RC2", 128, new CipherKeyGenerator()); 5999- } 6000- } 6001- 6002- public static class AlgParams 6003- extends BaseAlgorithmParameters 6004- { 6005- private static final short[] table = { 6006- 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 6007- 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 6008- 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 6009- 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 6010- 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 6011- 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 6012- 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 6013- 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 6014- 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 6015- 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 6016- 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 6017- 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 6018- 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 6019- 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 6020- 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 6021- 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 6022- }; 6023- 6024- private static final short[] ekb = { 6025- 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 6026- 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 6027- 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 6028- 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 6029- 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 6030- 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 6031- 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 6032- 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 6033- 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 6034- 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 6035- 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 6036- 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 6037- 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 6038- 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 6039- 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 6040- 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 6041- }; 6042- 6043- private byte[] iv; 6044- private int parameterVersion = 58; 6045- 6046- protected byte[] engineGetEncoded() 6047- { 6048- return Arrays.clone(iv); 6049- } 6050- 6051- protected byte[] engineGetEncoded( 6052- String format) 6053- throws IOException 6054- { 6055- if (this.isASN1FormatString(format)) 6056- { 6057- if (parameterVersion == -1) 6058- { 6059- return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 6060- } 6061- else 6062- { 6063- return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 6064- } 6065- } 6066- 6067- if (format.equals("RAW")) 6068- { 6069- return engineGetEncoded(); 6070- } 6071- 6072- return null; 6073- } 6074- 6075- protected AlgorithmParameterSpec localEngineGetParameterSpec( 6076- Class paramSpec) 6077- throws InvalidParameterSpecException 6078- { 6079- if (paramSpec == RC2ParameterSpec.class) 6080- { 6081- if (parameterVersion != -1) 6082- { 6083- if (parameterVersion < 256) 6084- { 6085- return new RC2ParameterSpec(ekb[parameterVersion], iv); 6086- } 6087- else 6088- { 6089- return new RC2ParameterSpec(parameterVersion, iv); 6090- } 6091- } 6092- } 6093- 6094- if (paramSpec == IvParameterSpec.class) 6095- { 6096- return new IvParameterSpec(iv); 6097- } 6098- 6099- throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 6100- } 6101- 6102- protected void engineInit( 6103- AlgorithmParameterSpec paramSpec) 6104- throws InvalidParameterSpecException 6105- { 6106- if (paramSpec instanceof IvParameterSpec) 6107- { 6108- this.iv = ((IvParameterSpec)paramSpec).getIV(); 6109- } 6110- else if (paramSpec instanceof RC2ParameterSpec) 6111- { 6112- int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 6113- if (effKeyBits != -1) 6114- { 6115- if (effKeyBits < 256) 6116- { 6117- parameterVersion = table[effKeyBits]; 6118- } 6119- else 6120- { 6121- parameterVersion = effKeyBits; 6122- } 6123- } 6124- 6125- this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 6126- } 6127- else 6128- { 6129- throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 6130- } 6131- } 6132- 6133- protected void engineInit( 6134- byte[] params) 6135- throws IOException 6136- { 6137- this.iv = Arrays.clone(params); 6138- } 6139- 6140- protected void engineInit( 6141- byte[] params, 6142- String format) 6143- throws IOException 6144- { 6145- if (this.isASN1FormatString(format)) 6146- { 6147- RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 6148- 6149- if (p.getRC2ParameterVersion() != null) 6150- { 6151- parameterVersion = p.getRC2ParameterVersion().intValue(); 6152- } 6153- 6154- iv = p.getIV(); 6155- 6156- return; 6157- } 6158- 6159- if (format.equals("RAW")) 6160- { 6161- engineInit(params); 6162- return; 6163- } 6164- 6165- throw new IOException("Unknown parameters format in IV parameters object"); 6166- } 6167- 6168- protected String engineToString() 6169- { 6170- return "RC2 Parameters"; 6171- } 6172- } 6173+ // BEGIN android-removed 6174+ // public static class AlgParamGen 6175+ // extends BaseAlgorithmParameterGenerator 6176+ // { 6177+ // RC2ParameterSpec spec = null; 6178+ // 6179+ // protected void engineInit( 6180+ // AlgorithmParameterSpec genParamSpec, 6181+ // SecureRandom random) 6182+ // throws InvalidAlgorithmParameterException 6183+ // { 6184+ // if (genParamSpec instanceof RC2ParameterSpec) 6185+ // { 6186+ // spec = (RC2ParameterSpec)genParamSpec; 6187+ // return; 6188+ // } 6189+ // 6190+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 6191+ // } 6192+ // 6193+ // protected AlgorithmParameters engineGenerateParameters() 6194+ // { 6195+ // AlgorithmParameters params; 6196+ // 6197+ // if (spec == null) 6198+ // { 6199+ // byte[] iv = new byte[8]; 6200+ // 6201+ // if (random == null) 6202+ // { 6203+ // random = new SecureRandom(); 6204+ // } 6205+ // 6206+ // random.nextBytes(iv); 6207+ // 6208+ // try 6209+ // { 6210+ // params = createParametersInstance("RC2"); 6211+ // params.init(new IvParameterSpec(iv)); 6212+ // } 6213+ // catch (Exception e) 6214+ // { 6215+ // throw new RuntimeException(e.getMessage()); 6216+ // } 6217+ // } 6218+ // else 6219+ // { 6220+ // try 6221+ // { 6222+ // params = createParametersInstance("RC2"); 6223+ // params.init(spec); 6224+ // } 6225+ // catch (Exception e) 6226+ // { 6227+ // throw new RuntimeException(e.getMessage()); 6228+ // } 6229+ // } 6230+ // 6231+ // return params; 6232+ // } 6233+ // } 6234+ // 6235+ // public static class KeyGenerator 6236+ // extends BaseKeyGenerator 6237+ // { 6238+ // public KeyGenerator() 6239+ // { 6240+ // super("RC2", 128, new CipherKeyGenerator()); 6241+ // } 6242+ // } 6243+ // 6244+ // public static class AlgParams 6245+ // extends BaseAlgorithmParameters 6246+ // { 6247+ // private static final short[] table = { 6248+ // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 6249+ // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 6250+ // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 6251+ // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 6252+ // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 6253+ // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 6254+ // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 6255+ // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 6256+ // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 6257+ // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 6258+ // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 6259+ // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 6260+ // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 6261+ // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 6262+ // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 6263+ // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 6264+ // }; 6265+ // 6266+ // private static final short[] ekb = { 6267+ // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 6268+ // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 6269+ // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 6270+ // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 6271+ // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 6272+ // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 6273+ // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 6274+ // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 6275+ // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 6276+ // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 6277+ // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 6278+ // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 6279+ // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 6280+ // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 6281+ // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 6282+ // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 6283+ // }; 6284+ // 6285+ // private byte[] iv; 6286+ // private int parameterVersion = 58; 6287+ // 6288+ // protected byte[] engineGetEncoded() 6289+ // { 6290+ // return Arrays.clone(iv); 6291+ // } 6292+ // 6293+ // protected byte[] engineGetEncoded( 6294+ // String format) 6295+ // throws IOException 6296+ // { 6297+ // if (this.isASN1FormatString(format)) 6298+ // { 6299+ // if (parameterVersion == -1) 6300+ // { 6301+ // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 6302+ // } 6303+ // else 6304+ // { 6305+ // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 6306+ // } 6307+ // } 6308+ // 6309+ // if (format.equals("RAW")) 6310+ // { 6311+ // return engineGetEncoded(); 6312+ // } 6313+ // 6314+ // return null; 6315+ // } 6316+ // 6317+ // protected AlgorithmParameterSpec localEngineGetParameterSpec( 6318+ // Class paramSpec) 6319+ // throws InvalidParameterSpecException 6320+ // { 6321+ // if (paramSpec == RC2ParameterSpec.class) 6322+ // { 6323+ // if (parameterVersion != -1) 6324+ // { 6325+ // if (parameterVersion < 256) 6326+ // { 6327+ // return new RC2ParameterSpec(ekb[parameterVersion], iv); 6328+ // } 6329+ // else 6330+ // { 6331+ // return new RC2ParameterSpec(parameterVersion, iv); 6332+ // } 6333+ // } 6334+ // } 6335+ // 6336+ // if (paramSpec == IvParameterSpec.class) 6337+ // { 6338+ // return new IvParameterSpec(iv); 6339+ // } 6340+ // 6341+ // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 6342+ // } 6343+ // 6344+ // protected void engineInit( 6345+ // AlgorithmParameterSpec paramSpec) 6346+ // throws InvalidParameterSpecException 6347+ // { 6348+ // if (paramSpec instanceof IvParameterSpec) 6349+ // { 6350+ // this.iv = ((IvParameterSpec)paramSpec).getIV(); 6351+ // } 6352+ // else if (paramSpec instanceof RC2ParameterSpec) 6353+ // { 6354+ // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 6355+ // if (effKeyBits != -1) 6356+ // { 6357+ // if (effKeyBits < 256) 6358+ // { 6359+ // parameterVersion = table[effKeyBits]; 6360+ // } 6361+ // else 6362+ // { 6363+ // parameterVersion = effKeyBits; 6364+ // } 6365+ // } 6366+ // 6367+ // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 6368+ // } 6369+ // else 6370+ // { 6371+ // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 6372+ // } 6373+ // } 6374+ // 6375+ // protected void engineInit( 6376+ // byte[] params) 6377+ // throws IOException 6378+ // { 6379+ // this.iv = Arrays.clone(params); 6380+ // } 6381+ // 6382+ // protected void engineInit( 6383+ // byte[] params, 6384+ // String format) 6385+ // throws IOException 6386+ // { 6387+ // if (this.isASN1FormatString(format)) 6388+ // { 6389+ // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 6390+ // 6391+ // if (p.getRC2ParameterVersion() != null) 6392+ // { 6393+ // parameterVersion = p.getRC2ParameterVersion().intValue(); 6394+ // } 6395+ // 6396+ // iv = p.getIV(); 6397+ // 6398+ // return; 6399+ // } 6400+ // 6401+ // if (format.equals("RAW")) 6402+ // { 6403+ // engineInit(params); 6404+ // return; 6405+ // } 6406+ // 6407+ // throw new IOException("Unknown parameters format in IV parameters object"); 6408+ // } 6409+ // 6410+ // protected String engineToString() 6411+ // { 6412+ // return "RC2 Parameters"; 6413+ // } 6414+ // } 6415+ // END android-removed 6416 6417 public static class Mappings 6418 extends AlgorithmProvider 6419@@ -452,32 +466,36 @@ 6420 public void configure(ConfigurableProvider provider) 6421 { 6422 6423- provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 6424- provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 6425- 6426- provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 6427- provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 6428- 6429- provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 6430- provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 6431- 6432- provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 6433- provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 6434- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 6435- provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 6436- 6437- provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 6438- provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 6439- provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 6440- provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 6441- 6442- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6443+ // BEGIN android-removed 6444+ // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 6445+ // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 6446+ // 6447+ // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 6448+ // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 6449+ // 6450+ // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 6451+ // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 6452+ // 6453+ // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 6454+ // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 6455+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 6456+ // provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 6457+ // 6458+ // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 6459+ // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 6460+ // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 6461+ // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 6462+ // 6463+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6464+ // END android-removed 6465 6466 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); 6467 6468 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); 6469 6470- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6471+ // BEGIN android-removed 6472+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6473+ // END android-removed 6474 6475 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6476 6477@@ -485,14 +503,18 @@ 6478 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC"); 6479 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC"); 6480 6481- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 6482+ // BEGIN android-removed 6483+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 6484+ // END android-removed 6485 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory"); 6486 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory"); 6487 6488 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory"); 6489 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory"); 6490 6491- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6492+ // BEGIN android-removed 6493+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6494+ // END android-removed 6495 6496 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6497 6498diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 6499--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2015-03-01 12:03:02.000000000 +0000 6500+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2013-12-12 00:35:05.000000000 +0000 6501@@ -6,29 +6,31 @@ 6502 abstract class SymmetricAlgorithmProvider 6503 extends AlgorithmProvider 6504 { 6505- protected void addGMacAlgorithm( 6506- ConfigurableProvider provider, 6507- String algorithm, 6508- String algorithmClassName, 6509- String keyGeneratorClassName) 6510- { 6511- provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 6512- provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 6513- 6514- provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 6515- provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 6516- } 6517- 6518- protected void addPoly1305Algorithm(ConfigurableProvider provider, 6519- String algorithm, 6520- String algorithmClassName, 6521- String keyGeneratorClassName) 6522- { 6523- provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 6524- provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 6525- 6526- provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 6527- provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 6528- } 6529+ // BEGIN android-removed 6530+ // protected void addGMacAlgorithm( 6531+ // ConfigurableProvider provider, 6532+ // String algorithm, 6533+ // String algorithmClassName, 6534+ // String keyGeneratorClassName) 6535+ // { 6536+ // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 6537+ // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 6538+ // 6539+ // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 6540+ // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 6541+ // } 6542+ // 6543+ // protected void addPoly1305Algorithm(ConfigurableProvider provider, 6544+ // String algorithm, 6545+ // String algorithmClassName, 6546+ // String keyGeneratorClassName) 6547+ // { 6548+ // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 6549+ // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 6550+ // 6551+ // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 6552+ // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 6553+ // } 6554+ // END android-removed 6555 6556 } 6557diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 6558--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2015-03-01 12:03:02.000000000 +0000 6559+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2013-12-12 00:35:05.000000000 +0000 6560@@ -1,18 +1,26 @@ 6561 package org.bouncycastle.jcajce.provider.symmetric; 6562 6563-import org.bouncycastle.crypto.BlockCipher; 6564-import org.bouncycastle.crypto.CipherKeyGenerator; 6565+// BEGIN android-removed 6566+// import org.bouncycastle.crypto.BlockCipher; 6567+// import org.bouncycastle.crypto.CipherKeyGenerator; 6568+// END android-removed 6569 import org.bouncycastle.crypto.engines.TwofishEngine; 6570-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 6571-import org.bouncycastle.crypto.macs.GMac; 6572+// BEGIN android-removed 6573+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 6574+// import org.bouncycastle.crypto.macs.GMac; 6575+// END android-removed 6576 import org.bouncycastle.crypto.modes.CBCBlockCipher; 6577-import org.bouncycastle.crypto.modes.GCMBlockCipher; 6578+// BEGIN android-removed 6579+// import org.bouncycastle.crypto.modes.GCMBlockCipher; 6580+// END android-removed 6581 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 6582 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 6583-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 6584-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 6585-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 6586-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 6587+// BEGIN android-removed 6588+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 6589+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 6590+// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 6591+// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 6592+// END android-removed 6593 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 6594 6595 public final class Twofish 6596@@ -21,56 +29,58 @@ 6597 { 6598 } 6599 6600- public static class ECB 6601- extends BaseBlockCipher 6602- { 6603- public ECB() 6604- { 6605- super(new BlockCipherProvider() 6606- { 6607- public BlockCipher get() 6608- { 6609- return new TwofishEngine(); 6610- } 6611- }); 6612- } 6613- } 6614- 6615- public static class KeyGen 6616- extends BaseKeyGenerator 6617- { 6618- public KeyGen() 6619- { 6620- super("Twofish", 256, new CipherKeyGenerator()); 6621- } 6622- } 6623- 6624- public static class GMAC 6625- extends BaseMac 6626- { 6627- public GMAC() 6628- { 6629- super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 6630- } 6631- } 6632- 6633- public static class Poly1305 6634- extends BaseMac 6635- { 6636- public Poly1305() 6637- { 6638- super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 6639- } 6640- } 6641- 6642- public static class Poly1305KeyGen 6643- extends BaseKeyGenerator 6644- { 6645- public Poly1305KeyGen() 6646- { 6647- super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 6648- } 6649- } 6650+ // BEGIN android-removed 6651+ // public static class ECB 6652+ // extends BaseBlockCipher 6653+ // { 6654+ // public ECB() 6655+ // { 6656+ // super(new BlockCipherProvider() 6657+ // { 6658+ // public BlockCipher get() 6659+ // { 6660+ // return new TwofishEngine(); 6661+ // } 6662+ // }); 6663+ // } 6664+ // } 6665+ // 6666+ // public static class KeyGen 6667+ // extends BaseKeyGenerator 6668+ // { 6669+ // public KeyGen() 6670+ // { 6671+ // super("Twofish", 256, new CipherKeyGenerator()); 6672+ // } 6673+ // } 6674+ // 6675+ // public static class GMAC 6676+ // extends BaseMac 6677+ // { 6678+ // public GMAC() 6679+ // { 6680+ // super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 6681+ // } 6682+ // } 6683+ // 6684+ // public static class Poly1305 6685+ // extends BaseMac 6686+ // { 6687+ // public Poly1305() 6688+ // { 6689+ // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 6690+ // } 6691+ // } 6692+ // 6693+ // public static class Poly1305KeyGen 6694+ // extends BaseKeyGenerator 6695+ // { 6696+ // public Poly1305KeyGen() 6697+ // { 6698+ // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 6699+ // } 6700+ // } 6701+ // END android-removed 6702 6703 /** 6704 * PBEWithSHAAndTwofish-CBC 6705@@ -96,14 +106,16 @@ 6706 } 6707 } 6708 6709- public static class AlgParams 6710- extends IvAlgorithmParameters 6711- { 6712- protected String engineToString() 6713- { 6714- return "Twofish IV"; 6715- } 6716- } 6717+ // BEGIN android-removed 6718+ // public static class AlgParams 6719+ // extends IvAlgorithmParameters 6720+ // { 6721+ // protected String engineToString() 6722+ // { 6723+ // return "Twofish IV"; 6724+ // } 6725+ // } 6726+ // END android-removed 6727 6728 public static class Mappings 6729 extends SymmetricAlgorithmProvider 6730@@ -116,17 +128,21 @@ 6731 6732 public void configure(ConfigurableProvider provider) 6733 { 6734- provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 6735- provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 6736- provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 6737+ // BEGIN android-removed 6738+ // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 6739+ // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 6740+ // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 6741+ // END android-removed 6742 6743 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 6744 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 6745 provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA"); 6746 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory"); 6747 6748- addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 6749- addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 6750+ // BEGIN android-removed 6751+ // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 6752+ // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 6753+ // END android-removed 6754 } 6755 } 6756 } 6757diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 6758--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-03-01 12:03:02.000000000 +0000 6759+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-04-09 13:10:16.000000000 +0000 6760@@ -20,8 +20,10 @@ 6761 import javax.crypto.ShortBufferException; 6762 import javax.crypto.spec.IvParameterSpec; 6763 import javax.crypto.spec.PBEParameterSpec; 6764-import javax.crypto.spec.RC2ParameterSpec; 6765-import javax.crypto.spec.RC5ParameterSpec; 6766+// BEGIN android-removed 6767+// import javax.crypto.spec.RC2ParameterSpec; 6768+// import javax.crypto.spec.RC5ParameterSpec; 6769+// END android-removed 6770 6771 import org.bouncycastle.asn1.cms.GCMParameters; 6772 import org.bouncycastle.crypto.BlockCipher; 6773@@ -35,14 +37,20 @@ 6774 import org.bouncycastle.crypto.modes.CCMBlockCipher; 6775 import org.bouncycastle.crypto.modes.CFBBlockCipher; 6776 import org.bouncycastle.crypto.modes.CTSBlockCipher; 6777-import org.bouncycastle.crypto.modes.EAXBlockCipher; 6778-import org.bouncycastle.crypto.modes.GCFBBlockCipher; 6779+// BEGIN android-removed 6780+// import org.bouncycastle.crypto.modes.EAXBlockCipher; 6781+// import org.bouncycastle.crypto.modes.GCFBBlockCipher; 6782+// END android-removed 6783 import org.bouncycastle.crypto.modes.GCMBlockCipher; 6784-import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6785-import org.bouncycastle.crypto.modes.OCBBlockCipher; 6786+// BEGIN android-removed 6787+// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6788+// import org.bouncycastle.crypto.modes.OCBBlockCipher; 6789+// END android-removed 6790 import org.bouncycastle.crypto.modes.OFBBlockCipher; 6791-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6792-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6793+// BEGIN android-removed 6794+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6795+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6796+// END android-removed 6797 import org.bouncycastle.crypto.modes.SICBlockCipher; 6798 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 6799 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 6800@@ -55,11 +63,15 @@ 6801 import org.bouncycastle.crypto.params.KeyParameter; 6802 import org.bouncycastle.crypto.params.ParametersWithIV; 6803 import org.bouncycastle.crypto.params.ParametersWithRandom; 6804-import org.bouncycastle.crypto.params.ParametersWithSBox; 6805+// BEGIN android-removed 6806+// import org.bouncycastle.crypto.params.ParametersWithSBox; 6807+// END android-removed 6808 import org.bouncycastle.crypto.params.RC2Parameters; 6809-import org.bouncycastle.crypto.params.RC5Parameters; 6810-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 6811-import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 6812+// BEGIN android-removed 6813+// import org.bouncycastle.crypto.params.RC5Parameters; 6814+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 6815+// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 6816+// END android-removed 6817 import org.bouncycastle.jce.provider.BouncyCastleProvider; 6818 import org.bouncycastle.util.Strings; 6819 6820@@ -74,11 +86,15 @@ 6821 // 6822 private Class[] availableSpecs = 6823 { 6824- RC2ParameterSpec.class, 6825- RC5ParameterSpec.class, 6826+ // BEGIN android-removed 6827+ // RC2ParameterSpec.class, 6828+ // RC5ParameterSpec.class, 6829+ // END android-removed 6830 IvParameterSpec.class, 6831 PBEParameterSpec.class, 6832- GOST28147ParameterSpec.class, 6833+ // BEGIN android-removed 6834+ // GOST28147ParameterSpec.class, 6835+ // END android-removed 6836 gcmSpecClass 6837 }; 6838 6839@@ -284,48 +300,52 @@ 6840 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 6841 } 6842 } 6843- else if (modeName.startsWith("PGP")) 6844- { 6845- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6846- 6847- ivLength = baseEngine.getBlockSize(); 6848- cipher = new BufferedGenericBlockCipher( 6849- new PGPCFBBlockCipher(baseEngine, inlineIV)); 6850- } 6851- else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6852- { 6853- ivLength = 0; 6854- cipher = new BufferedGenericBlockCipher( 6855- new OpenPGPCFBBlockCipher(baseEngine)); 6856- } 6857- else if (modeName.startsWith("SIC")) 6858- { 6859- ivLength = baseEngine.getBlockSize(); 6860- if (ivLength < 16) 6861- { 6862- throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6863- } 6864- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6865- new SICBlockCipher(baseEngine))); 6866- } 6867+ // BEGIN android-removed 6868+ // else if (modeName.startsWith("PGP")) 6869+ // { 6870+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6871+ // 6872+ // ivLength = baseEngine.getBlockSize(); 6873+ // cipher = new BufferedGenericBlockCipher( 6874+ // new PGPCFBBlockCipher(baseEngine, inlineIV)); 6875+ // } 6876+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6877+ // { 6878+ // ivLength = 0; 6879+ // cipher = new BufferedGenericBlockCipher( 6880+ // new OpenPGPCFBBlockCipher(baseEngine)); 6881+ // } 6882+ // else if (modeName.startsWith("SIC")) 6883+ // { 6884+ // ivLength = baseEngine.getBlockSize(); 6885+ // if (ivLength < 16) 6886+ // { 6887+ // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6888+ // } 6889+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6890+ // new SICBlockCipher(baseEngine))); 6891+ // } 6892+ // END android-removed 6893 else if (modeName.startsWith("CTR")) 6894 { 6895 ivLength = baseEngine.getBlockSize(); 6896 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6897 new SICBlockCipher(baseEngine))); 6898 } 6899- else if (modeName.startsWith("GOFB")) 6900- { 6901- ivLength = baseEngine.getBlockSize(); 6902- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6903- new GOFBBlockCipher(baseEngine))); 6904- } 6905- else if (modeName.startsWith("GCFB")) 6906- { 6907- ivLength = baseEngine.getBlockSize(); 6908- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6909- new GCFBBlockCipher(baseEngine))); 6910- } 6911+ // BEGIN android-removed 6912+ // else if (modeName.startsWith("GOFB")) 6913+ // { 6914+ // ivLength = baseEngine.getBlockSize(); 6915+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6916+ // new GOFBBlockCipher(baseEngine))); 6917+ // } 6918+ // else if (modeName.startsWith("GCFB")) 6919+ // { 6920+ // ivLength = baseEngine.getBlockSize(); 6921+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6922+ // new GCFBBlockCipher(baseEngine))); 6923+ // } 6924+ // END android-removed 6925 else if (modeName.startsWith("CTS")) 6926 { 6927 ivLength = baseEngine.getBlockSize(); 6928@@ -336,26 +356,28 @@ 6929 ivLength = 13; // CCM nonce 7..13 bytes 6930 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 6931 } 6932- else if (modeName.startsWith("OCB")) 6933- { 6934- if (engineProvider != null) 6935- { 6936- /* 6937- * RFC 7253 4.2. Nonce is a string of no more than 120 bits 6938- */ 6939- ivLength = 15; 6940- cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 6941- } 6942- else 6943- { 6944- throw new NoSuchAlgorithmException("can't support mode " + mode); 6945- } 6946- } 6947- else if (modeName.startsWith("EAX")) 6948- { 6949- ivLength = baseEngine.getBlockSize(); 6950- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6951- } 6952+ // BEGIN android-removed 6953+ // else if (modeName.startsWith("OCB")) 6954+ // { 6955+ // if (engineProvider != null) 6956+ // { 6957+ // /* 6958+ // * RFC 7253 4.2. Nonce is a string of no more than 120 bits 6959+ // */ 6960+ // ivLength = 15; 6961+ // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 6962+ // } 6963+ // else 6964+ // { 6965+ // throw new NoSuchAlgorithmException("can't support mode " + mode); 6966+ // } 6967+ // } 6968+ // else if (modeName.startsWith("EAX")) 6969+ // { 6970+ // ivLength = baseEngine.getBlockSize(); 6971+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6972+ // } 6973+ // END android-removed 6974 else if (modeName.startsWith("GCM")) 6975 { 6976 ivLength = baseEngine.getBlockSize(); 6977@@ -478,18 +500,20 @@ 6978 6979 param = new ParametersWithIV(param, iv.getIV()); 6980 } 6981- else if (params instanceof GOST28147ParameterSpec) 6982- { 6983- // need to pick up IV and SBox. 6984- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6985- 6986- param = new ParametersWithSBox(param, gost28147Param.getSbox()); 6987- 6988- if (gost28147Param.getIV() != null && ivLength != 0) 6989- { 6990- param = new ParametersWithIV(param, gost28147Param.getIV()); 6991- } 6992- } 6993+ // BEGIN android-removed 6994+ // else if (params instanceof GOST28147ParameterSpec) 6995+ // { 6996+ // // need to pick up IV and SBox. 6997+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6998+ // 6999+ // param = new ParametersWithSBox(param, gost28147Param.getSbox()); 7000+ // 7001+ // if (gost28147Param.getIV() != null && ivLength != 0) 7002+ // { 7003+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 7004+ // } 7005+ // } 7006+ // END android-removed 7007 } 7008 else if (params instanceof PBEParameterSpec) 7009 { 7010@@ -521,12 +545,14 @@ 7011 throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long."); 7012 } 7013 7014- if (key instanceof RepeatedSecretKeySpec) 7015- { 7016- param = new ParametersWithIV(null, p.getIV()); 7017- ivParam = (ParametersWithIV)param; 7018- } 7019- else 7020+ // BEGIN android-removed 7021+ // if (key instanceof RepeatedSecretKeySpec) 7022+ // { 7023+ // param = new ParametersWithIV(null, p.getIV()); 7024+ // ivParam = (ParametersWithIV)param; 7025+ // } 7026+ // else 7027+ // END android-removed 7028 { 7029 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), p.getIV()); 7030 ivParam = (ParametersWithIV)param; 7031@@ -542,63 +568,65 @@ 7032 param = new KeyParameter(key.getEncoded()); 7033 } 7034 } 7035- else if (params instanceof GOST28147ParameterSpec) 7036- { 7037- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7038- 7039- param = new ParametersWithSBox( 7040- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7041- 7042- if (gost28147Param.getIV() != null && ivLength != 0) 7043- { 7044- param = new ParametersWithIV(param, gost28147Param.getIV()); 7045- ivParam = (ParametersWithIV)param; 7046- } 7047- } 7048- else if (params instanceof RC2ParameterSpec) 7049- { 7050- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7051- 7052- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7053- 7054- if (rc2Param.getIV() != null && ivLength != 0) 7055- { 7056- param = new ParametersWithIV(param, rc2Param.getIV()); 7057- ivParam = (ParametersWithIV)param; 7058- } 7059- } 7060- else if (params instanceof RC5ParameterSpec) 7061- { 7062- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7063- 7064- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7065- if (baseEngine.getAlgorithmName().startsWith("RC5")) 7066- { 7067- if (baseEngine.getAlgorithmName().equals("RC5-32")) 7068- { 7069- if (rc5Param.getWordSize() != 32) 7070- { 7071- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7072- } 7073- } 7074- else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7075- { 7076- if (rc5Param.getWordSize() != 64) 7077- { 7078- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7079- } 7080- } 7081- } 7082- else 7083- { 7084- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7085- } 7086- if ((rc5Param.getIV() != null) && (ivLength != 0)) 7087- { 7088- param = new ParametersWithIV(param, rc5Param.getIV()); 7089- ivParam = (ParametersWithIV)param; 7090- } 7091- } 7092+ // BEGIN android-removed 7093+ // else if (params instanceof GOST28147ParameterSpec) 7094+ // { 7095+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7096+ // 7097+ // param = new ParametersWithSBox( 7098+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7099+ // 7100+ // if (gost28147Param.getIV() != null && ivLength != 0) 7101+ // { 7102+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 7103+ // ivParam = (ParametersWithIV)param; 7104+ // } 7105+ // } 7106+ // else if (params instanceof RC2ParameterSpec) 7107+ // { 7108+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7109+ // 7110+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7111+ // 7112+ // if (rc2Param.getIV() != null && ivLength != 0) 7113+ // { 7114+ // param = new ParametersWithIV(param, rc2Param.getIV()); 7115+ // ivParam = (ParametersWithIV)param; 7116+ // } 7117+ // } 7118+ // else if (params instanceof RC5ParameterSpec) 7119+ // { 7120+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7121+ // 7122+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7123+ // if (baseEngine.getAlgorithmName().startsWith("RC5")) 7124+ // { 7125+ // if (baseEngine.getAlgorithmName().equals("RC5-32")) 7126+ // { 7127+ // if (rc5Param.getWordSize() != 32) 7128+ // { 7129+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7130+ // } 7131+ // } 7132+ // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7133+ // { 7134+ // if (rc5Param.getWordSize() != 64) 7135+ // { 7136+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7137+ // } 7138+ // } 7139+ // } 7140+ // else 7141+ // { 7142+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7143+ // } 7144+ // if ((rc5Param.getIV() != null) && (ivLength != 0)) 7145+ // { 7146+ // param = new ParametersWithIV(param, rc5Param.getIV()); 7147+ // ivParam = (ParametersWithIV)param; 7148+ // } 7149+ // } 7150+ // END android-removed 7151 else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) 7152 { 7153 if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) 7154@@ -611,11 +639,13 @@ 7155 Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]); 7156 Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]); 7157 7158- if (key instanceof RepeatedSecretKeySpec) 7159- { 7160- param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7161- } 7162- else 7163+ // BEGIN android-removed 7164+ // if (key instanceof RepeatedSecretKeySpec) 7165+ // { 7166+ // param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7167+ // } 7168+ // else 7169+ // END android-removed 7170 { 7171 param = aeadParams = new AEADParameters(new KeyParameter(key.getEncoded()), ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7172 } 7173@@ -867,7 +897,9 @@ 7174 private boolean isAEADModeName( 7175 String modeName) 7176 { 7177- return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName); 7178+ // BEGIN android-changed 7179+ return "CCM".equals(modeName) || "GCM".equals(modeName); 7180+ // END android-changed 7181 } 7182 7183 /* 7184diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 7185--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2015-03-01 12:03:02.000000000 +0000 7186+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-12-12 00:35:05.000000000 +0000 7187@@ -16,8 +16,10 @@ 7188 import org.bouncycastle.crypto.Mac; 7189 import org.bouncycastle.crypto.params.KeyParameter; 7190 import org.bouncycastle.crypto.params.ParametersWithIV; 7191-import org.bouncycastle.crypto.params.SkeinParameters; 7192-import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 7193+// BEGIN android-removed 7194+// import org.bouncycastle.crypto.params.SkeinParameters; 7195+// import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 7196+// END android-removed 7197 7198 public class BaseMac 7199 extends MacSpi implements PBE 7200@@ -79,10 +81,12 @@ 7201 { 7202 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV()); 7203 } 7204- else if (params instanceof SkeinParameterSpec) 7205- { 7206- param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 7207- } 7208+ // BEGIN android-removed 7209+ // else if (params instanceof SkeinParameterSpec) 7210+ // { 7211+ // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 7212+ // } 7213+ // END android-removed 7214 else if (params == null) 7215 { 7216 param = new KeyParameter(key.getEncoded()); 7217diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 7218--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-03-01 12:03:02.000000000 +0000 7219+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-04-09 13:10:16.000000000 +0000 7220@@ -15,8 +15,10 @@ 7221 import javax.crypto.ShortBufferException; 7222 import javax.crypto.spec.IvParameterSpec; 7223 import javax.crypto.spec.PBEParameterSpec; 7224-import javax.crypto.spec.RC2ParameterSpec; 7225-import javax.crypto.spec.RC5ParameterSpec; 7226+// BEGIN android-removed 7227+// import javax.crypto.spec.RC2ParameterSpec; 7228+// import javax.crypto.spec.RC5ParameterSpec; 7229+// END android-removed 7230 7231 import org.bouncycastle.crypto.CipherParameters; 7232 import org.bouncycastle.crypto.DataLengthException; 7233@@ -34,8 +36,10 @@ 7234 // 7235 private Class[] availableSpecs = 7236 { 7237- RC2ParameterSpec.class, 7238- RC5ParameterSpec.class, 7239+ // BEGIN android-removed 7240+ // RC2ParameterSpec.class, 7241+ // RC5ParameterSpec.class, 7242+ // END android-removed 7243 IvParameterSpec.class, 7244 PBEParameterSpec.class 7245 }; 7246diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 7247--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-03-01 12:03:02.000000000 +0000 7248+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-04-09 13:10:16.000000000 +0000 7249@@ -24,8 +24,10 @@ 7250 import javax.crypto.ShortBufferException; 7251 import javax.crypto.spec.IvParameterSpec; 7252 import javax.crypto.spec.PBEParameterSpec; 7253-import javax.crypto.spec.RC2ParameterSpec; 7254-import javax.crypto.spec.RC5ParameterSpec; 7255+// BEGIN android-removed 7256+// import javax.crypto.spec.RC2ParameterSpec; 7257+// import javax.crypto.spec.RC5ParameterSpec; 7258+// END android-removed 7259 import javax.crypto.spec.SecretKeySpec; 7260 7261 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 7262@@ -50,8 +52,10 @@ 7263 { 7264 IvParameterSpec.class, 7265 PBEParameterSpec.class, 7266- RC2ParameterSpec.class, 7267- RC5ParameterSpec.class 7268+ // BEGIN android-removed 7269+ // RC2ParameterSpec.class, 7270+ // RC5ParameterSpec.class 7271+ // END android-removed 7272 }; 7273 7274 protected int pbeType = PKCS12; 7275@@ -276,6 +280,8 @@ 7276 return null; 7277 } 7278 7279+ // BEGIN android-changed 7280+ // added ShortBufferException to throws statement 7281 protected int engineDoFinal( 7282 byte[] input, 7283 int inputOffset, 7284@@ -286,6 +292,7 @@ 7285 { 7286 return 0; 7287 } 7288+ // END android-changed 7289 7290 protected byte[] engineWrap( 7291 Key key) 7292diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 7293--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2015-03-01 12:03:02.000000000 +0000 7294+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-12-12 00:35:05.000000000 +0000 7295@@ -7,13 +7,18 @@ 7296 7297 import org.bouncycastle.crypto.CipherParameters; 7298 import org.bouncycastle.crypto.PBEParametersGenerator; 7299-import org.bouncycastle.crypto.digests.GOST3411Digest; 7300-import org.bouncycastle.crypto.digests.MD2Digest; 7301-import org.bouncycastle.crypto.digests.MD5Digest; 7302-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7303-import org.bouncycastle.crypto.digests.SHA1Digest; 7304-import org.bouncycastle.crypto.digests.SHA256Digest; 7305-import org.bouncycastle.crypto.digests.TigerDigest; 7306+// BEGIN android-removed 7307+// import org.bouncycastle.crypto.digests.GOST3411Digest; 7308+// import org.bouncycastle.crypto.digests.MD2Digest; 7309+// import org.bouncycastle.crypto.digests.MD5Digest; 7310+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7311+// import org.bouncycastle.crypto.digests.SHA1Digest; 7312+// import org.bouncycastle.crypto.digests.SHA256Digest; 7313+// import org.bouncycastle.crypto.digests.TigerDigest; 7314+// END android-removed 7315+// BEGIN android-added 7316+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7317+// END android-added 7318 import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; 7319 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 7320 import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; 7321@@ -29,11 +34,15 @@ 7322 // 7323 static final int MD5 = 0; 7324 static final int SHA1 = 1; 7325- static final int RIPEMD160 = 2; 7326- static final int TIGER = 3; 7327+ // BEGIN android-removed 7328+ // static final int RIPEMD160 = 2; 7329+ // static final int TIGER = 3; 7330+ // END android-removed 7331 static final int SHA256 = 4; 7332- static final int MD2 = 5; 7333- static final int GOST3411 = 6; 7334+ // BEGIN android-removed 7335+ // static final int MD2 = 5; 7336+ // static final int GOST3411 = 6; 7337+ // END android-removed 7338 7339 static final int PKCS5S1 = 0; 7340 static final int PKCS5S2 = 1; 7341@@ -57,14 +66,20 @@ 7342 { 7343 switch (hash) 7344 { 7345- case MD2: 7346- generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 7347- break; 7348+ // BEGIN android-removed 7349+ // case MD2: 7350+ // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 7351+ // break; 7352+ // END android-removed 7353 case MD5: 7354- generator = new PKCS5S1ParametersGenerator(new MD5Digest()); 7355+ // BEGIN android-changed 7356+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); 7357+ // END android-changed 7358 break; 7359 case SHA1: 7360- generator = new PKCS5S1ParametersGenerator(new SHA1Digest()); 7361+ // BEGIN android-changed 7362+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); 7363+ // END android-changed 7364 break; 7365 default: 7366 throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); 7367@@ -74,27 +89,39 @@ 7368 { 7369 switch (hash) 7370 { 7371- case MD2: 7372- generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 7373- break; 7374+ // BEGIN android-removed 7375+ // case MD2: 7376+ // generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 7377+ // break; 7378+ // END android-removed 7379 case MD5: 7380- generator = new PKCS5S2ParametersGenerator(new MD5Digest()); 7381+ // BEGIN android-changed 7382+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5()); 7383+ // END android-changed 7384 break; 7385 case SHA1: 7386- generator = new PKCS5S2ParametersGenerator(new SHA1Digest()); 7387- break; 7388- case RIPEMD160: 7389- generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 7390- break; 7391- case TIGER: 7392- generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 7393- break; 7394+ // BEGIN android-changed 7395+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1()); 7396+ // END android-changed 7397+ break; 7398+ // BEGIN android-removed 7399+ // case RIPEMD160: 7400+ // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 7401+ // break; 7402+ // case TIGER: 7403+ // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 7404+ // break; 7405+ // END android-removed 7406 case SHA256: 7407- generator = new PKCS5S2ParametersGenerator(new SHA256Digest()); 7408- break; 7409- case GOST3411: 7410- generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 7411- break; 7412+ // BEGIN android-changed 7413+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); 7414+ // END android-changed 7415+ break; 7416+ // BEGIN android-removed 7417+ // case GOST3411: 7418+ // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 7419+ // break; 7420+ // END android-removed 7421 default: 7422 throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption."); 7423 } 7424@@ -103,27 +130,39 @@ 7425 { 7426 switch (hash) 7427 { 7428- case MD2: 7429- generator = new PKCS12ParametersGenerator(new MD2Digest()); 7430- break; 7431+ // BEGIN android-removed 7432+ // case MD2: 7433+ // generator = new PKCS12ParametersGenerator(new MD2Digest()); 7434+ // break; 7435+ // END android-removed 7436 case MD5: 7437- generator = new PKCS12ParametersGenerator(new MD5Digest()); 7438+ // BEGIN android-changed 7439+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); 7440+ // END android-changed 7441 break; 7442 case SHA1: 7443- generator = new PKCS12ParametersGenerator(new SHA1Digest()); 7444- break; 7445- case RIPEMD160: 7446- generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 7447- break; 7448- case TIGER: 7449- generator = new PKCS12ParametersGenerator(new TigerDigest()); 7450- break; 7451+ // BEGIN android-changed 7452+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 7453+ // END android-changed 7454+ break; 7455+ // BEGIN android-removed 7456+ // case RIPEMD160: 7457+ // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 7458+ // break; 7459+ // case TIGER: 7460+ // generator = new PKCS12ParametersGenerator(new TigerDigest()); 7461+ // break; 7462+ // END android-removed 7463 case SHA256: 7464- generator = new PKCS12ParametersGenerator(new SHA256Digest()); 7465- break; 7466- case GOST3411: 7467- generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 7468- break; 7469+ // BEGIN android-changed 7470+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); 7471+ // END android-changed 7472+ break; 7473+ // BEGIN android-removed 7474+ // case GOST3411: 7475+ // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 7476+ // break; 7477+ // END android-removed 7478 default: 7479 throw new IllegalStateException("unknown digest scheme for PBE encryption."); 7480 } 7481diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 7482--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2015-03-01 12:03:02.000000000 +0000 7483+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-09-26 18:06:21.000000000 +0000 7484@@ -10,12 +10,17 @@ 7485 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7486 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7487 import org.bouncycastle.crypto.Digest; 7488-import org.bouncycastle.crypto.digests.MD5Digest; 7489-import org.bouncycastle.crypto.digests.SHA1Digest; 7490-import org.bouncycastle.crypto.digests.SHA224Digest; 7491-import org.bouncycastle.crypto.digests.SHA256Digest; 7492-import org.bouncycastle.crypto.digests.SHA384Digest; 7493-import org.bouncycastle.crypto.digests.SHA512Digest; 7494+// BEGIN android-removed 7495+// import org.bouncycastle.crypto.digests.MD5Digest; 7496+// import org.bouncycastle.crypto.digests.SHA1Digest; 7497+// import org.bouncycastle.crypto.digests.SHA224Digest; 7498+// import org.bouncycastle.crypto.digests.SHA256Digest; 7499+// import org.bouncycastle.crypto.digests.SHA384Digest; 7500+// import org.bouncycastle.crypto.digests.SHA512Digest; 7501+// END android-removed 7502+// BEGIN android-added 7503+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7504+// END android-added 7505 import org.bouncycastle.util.Strings; 7506 7507 public class DigestFactory 7508@@ -85,27 +90,39 @@ 7509 7510 if (sha1.contains(digestName)) 7511 { 7512- return new SHA1Digest(); 7513+ // BEGIN android-changed 7514+ return AndroidDigestFactory.getSHA1(); 7515+ // END android-changed 7516 } 7517 if (md5.contains(digestName)) 7518 { 7519- return new MD5Digest(); 7520+ // BEGIN android-changed 7521+ return AndroidDigestFactory.getMD5(); 7522+ // END android-changed 7523 } 7524 if (sha224.contains(digestName)) 7525 { 7526- return new SHA224Digest(); 7527+ // BEGIN android-changed 7528+ return AndroidDigestFactory.getSHA224(); 7529+ // END android-changed 7530 } 7531 if (sha256.contains(digestName)) 7532 { 7533- return new SHA256Digest(); 7534+ // BEGIN android-changed 7535+ return AndroidDigestFactory.getSHA256(); 7536+ // END android-changed 7537 } 7538 if (sha384.contains(digestName)) 7539 { 7540- return new SHA384Digest(); 7541+ // BEGIN android-changed 7542+ return AndroidDigestFactory.getSHA384(); 7543+ // END android-changed 7544 } 7545 if (sha512.contains(digestName)) 7546 { 7547- return new SHA512Digest(); 7548+ // BEGIN android-changed 7549+ return AndroidDigestFactory.getSHA512(); 7550+ // END android-changed 7551 } 7552 7553 return null; 7554diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 7555--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java 2015-03-01 12:03:02.000000000 +0000 7556+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 2014-07-28 19:51:54.000000000 +0000 7557@@ -6,11 +6,15 @@ 7558 import org.bouncycastle.asn1.ASN1Encodable; 7559 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 7560 import org.bouncycastle.asn1.ASN1Primitive; 7561-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7562+// BEGIN android-removed 7563+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7564+// END android-removed 7565 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 7566 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7567 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7568-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7569+// BEGIN android-removed 7570+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7571+// END android-removed 7572 7573 /** 7574 * General JCA/JCE utility methods. 7575@@ -100,22 +104,24 @@ 7576 { 7577 return "SHA512"; 7578 } 7579- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7580- { 7581- return "RIPEMD128"; 7582- } 7583- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7584- { 7585- return "RIPEMD160"; 7586- } 7587- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7588- { 7589- return "RIPEMD256"; 7590- } 7591- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7592- { 7593- return "GOST3411"; 7594- } 7595+ // BEGIN android-removed 7596+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7597+ // { 7598+ // return "RIPEMD128"; 7599+ // } 7600+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7601+ // { 7602+ // return "RIPEMD160"; 7603+ // } 7604+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7605+ // { 7606+ // return "RIPEMD256"; 7607+ // } 7608+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7609+ // { 7610+ // return "GOST3411"; 7611+ // } 7612+ // END android-removed 7613 else 7614 { 7615 return digestAlgOID.getId(); 7616diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 7617--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2015-03-01 12:03:02.000000000 +0000 7618+++ bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 2014-07-28 19:51:54.000000000 +0000 7619@@ -30,14 +30,18 @@ 7620 import org.bouncycastle.asn1.ASN1Set; 7621 import org.bouncycastle.asn1.DERBitString; 7622 import org.bouncycastle.asn1.DERNull; 7623-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7624+// BEGIN android-removed 7625+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7626+// END android-removed 7627 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 7628 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7629 import org.bouncycastle.asn1.pkcs.CertificationRequest; 7630 import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; 7631 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7632 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 7633-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7634+// BEGIN android-removed 7635+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7636+// END android-removed 7637 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7638 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 7639 import org.bouncycastle.asn1.x509.X509Name; 7640@@ -81,8 +85,11 @@ 7641 7642 static 7643 { 7644- algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7645- algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7646+ // BEGIN android-removed 7647+ // Dropping MD2 7648+ // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7649+ // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7650+ // END android-removed 7651 algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7652 algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7653 algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7654@@ -102,12 +109,14 @@ 7655 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 7656 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 7657 algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5")); 7658- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7659- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7660- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7661- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7662- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7663- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7664+ // BEGIN android-removed 7665+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7666+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7667+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7668+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7669+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7670+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7671+ // END android-removed 7672 algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); 7673 algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); 7674 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 7675@@ -120,11 +129,13 @@ 7676 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 7677 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 7678 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 7679- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7680- algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7681- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7682- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7683- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7684+ // BEGIN android-removed 7685+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7686+ // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7687+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7688+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7689+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7690+ // END android-removed 7691 7692 // 7693 // reverse mappings 7694@@ -134,11 +145,15 @@ 7695 oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); 7696 oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); 7697 oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); 7698- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 7699- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 7700+ // BEGIN android-removed 7701+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 7702+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 7703+ // END android-removed 7704 7705 oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); 7706- oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 7707+ // BEGIN android-removed 7708+ // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 7709+ // END android-removed 7710 oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); 7711 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); 7712 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 7713@@ -172,8 +187,10 @@ 7714 // 7715 // RFC 4491 7716 // 7717- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7718- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7719+ // BEGIN android-removed 7720+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7721+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7722+ // END android-removed 7723 // 7724 // explicit params 7725 // 7726@@ -616,22 +633,24 @@ 7727 { 7728 return "SHA512"; 7729 } 7730- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7731- { 7732- return "RIPEMD128"; 7733- } 7734- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7735- { 7736- return "RIPEMD160"; 7737- } 7738- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7739- { 7740- return "RIPEMD256"; 7741- } 7742- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7743- { 7744- return "GOST3411"; 7745- } 7746+ // BEGIN android-removed 7747+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7748+ // { 7749+ // return "RIPEMD128"; 7750+ // } 7751+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7752+ // { 7753+ // return "RIPEMD160"; 7754+ // } 7755+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7756+ // { 7757+ // return "RIPEMD256"; 7758+ // } 7759+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7760+ // { 7761+ // return "GOST3411"; 7762+ // } 7763+ // END android-removed 7764 else 7765 { 7766 return digestAlgOID.getId(); 7767diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 7768--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-03-01 12:03:02.000000000 +0000 7769+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-04-09 13:10:16.000000000 +0000 7770@@ -64,15 +64,22 @@ 7771 7772 private static final String[] SYMMETRIC_MACS = 7773 { 7774- "SipHash" 7775+ // BEGIN android-removed 7776+ // "SipHash" 7777+ // END android-removed 7778 }; 7779 7780 private static final String[] SYMMETRIC_CIPHERS = 7781 { 7782- "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 7783- "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 7784- "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 7785- "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 7786+ // BEGIN android-removed 7787+ // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 7788+ // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 7789+ // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 7790+ // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 7791+ // END android-removed 7792+ // BEGIN android-added 7793+ "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish", 7794+ // END android-added 7795 }; 7796 7797 /* 7798@@ -84,12 +91,22 @@ 7799 // later ones configure it. 7800 private static final String[] ASYMMETRIC_GENERIC = 7801 { 7802- "X509", "IES" 7803+ // BEGIN android-removed 7804+ // "X509", "IES" 7805+ // END android-removed 7806+ // BEGIN android-added 7807+ "X509" 7808+ // END android-added 7809 }; 7810 7811 private static final String[] ASYMMETRIC_CIPHERS = 7812 { 7813- "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 7814+ // BEGIN android-removed 7815+ // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 7816+ // END android-removed 7817+ // BEGIN android-added 7818+ "DSA", "DH", "EC", "RSA", 7819+ // END android-added 7820 }; 7821 7822 /* 7823@@ -98,7 +115,12 @@ 7824 private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; 7825 private static final String[] DIGESTS = 7826 { 7827- "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 7828+ // BEGIN android-removed 7829+ // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 7830+ // END android-removed 7831+ // BEGIN android-added 7832+ "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", 7833+ // END android-added 7834 }; 7835 7836 /* 7837@@ -145,48 +167,52 @@ 7838 7839 loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES); 7840 7841- // 7842- // X509Store 7843- // 7844- put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 7845- put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 7846- put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 7847- put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 7848- 7849- put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 7850- put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 7851- put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 7852- put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 7853- 7854- // 7855- // X509StreamParser 7856- // 7857- put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 7858- put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 7859- put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 7860- put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 7861- 7862- // 7863- // cipher engines 7864- // 7865- put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 7866- 7867- put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 7868- 7869- 7870- put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 7871- 7872- // Certification Path API 7873- put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 7874- put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 7875- put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7876- put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7877+ // BEGIN android-removed 7878+ // // 7879+ // // X509Store 7880+ // // 7881+ // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 7882+ // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 7883+ // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 7884+ // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 7885+ // 7886+ // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 7887+ // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 7888+ // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 7889+ // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 7890+ // 7891+ // // 7892+ // // X509StreamParser 7893+ // // 7894+ // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 7895+ // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 7896+ // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 7897+ // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 7898+ // 7899+ // // 7900+ // // cipher engines 7901+ // // 7902+ // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 7903+ // 7904+ // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 7905+ // 7906+ // 7907+ // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 7908+ // 7909+ // // Certification Path API 7910+ // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 7911+ // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 7912+ // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7913+ // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7914+ // END android-removed 7915 put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7916 put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7917 put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); 7918- put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 7919- put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 7920- put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 7921+ // BEGIN android-removed 7922+ // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 7923+ // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 7924+ // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 7925+ // END android-removed 7926 } 7927 7928 private void loadAlgorithms(String packageName, String[] names) 7929diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 7930--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 7931+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 2015-06-10 22:51:41.000000000 +0000 7932@@ -0,0 +1,233 @@ 7933+/* 7934+ * Copyright (C) 2012 The Android Open Source Project 7935+ * 7936+ * Licensed under the Apache License, Version 2.0 (the "License"); 7937+ * you may not use this file except in compliance with the License. 7938+ * You may obtain a copy of the License at 7939+ * 7940+ * http://www.apache.org/licenses/LICENSE-2.0 7941+ * 7942+ * Unless required by applicable law or agreed to in writing, software 7943+ * distributed under the License is distributed on an "AS IS" BASIS, 7944+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 7945+ * See the License for the specific language governing permissions and 7946+ * limitations under the License. 7947+ */ 7948+ 7949+package org.bouncycastle.jce.provider; 7950+ 7951+import java.io.Closeable; 7952+import java.io.ByteArrayOutputStream; 7953+import java.io.FileNotFoundException; 7954+import java.io.IOException; 7955+import java.io.RandomAccessFile; 7956+import java.math.BigInteger; 7957+import java.security.PublicKey; 7958+import java.util.Arrays; 7959+import java.util.Collections; 7960+import java.util.HashSet; 7961+import java.util.Set; 7962+import java.util.logging.Level; 7963+import java.util.logging.Logger; 7964+import org.bouncycastle.crypto.Digest; 7965+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7966+import org.bouncycastle.util.encoders.Hex; 7967+ 7968+public class CertBlacklist { 7969+ private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName()); 7970+ 7971+ // public for testing 7972+ public final Set<BigInteger> serialBlacklist; 7973+ public final Set<byte[]> pubkeyBlacklist; 7974+ 7975+ public CertBlacklist() { 7976+ String androidData = System.getenv("ANDROID_DATA"); 7977+ String blacklistRoot = androidData + "/misc/keychain/"; 7978+ String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt"; 7979+ String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt"; 7980+ 7981+ pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath); 7982+ serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath); 7983+ } 7984+ 7985+ /** Test only interface, not for public use */ 7986+ public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) { 7987+ pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath); 7988+ serialBlacklist = readSerialBlackList(serialBlacklistPath); 7989+ } 7990+ 7991+ private static boolean isHex(String value) { 7992+ try { 7993+ new BigInteger(value, 16); 7994+ return true; 7995+ } catch (NumberFormatException e) { 7996+ logger.log(Level.WARNING, "Could not parse hex value " + value, e); 7997+ return false; 7998+ } 7999+ } 8000+ 8001+ private static boolean isPubkeyHash(String value) { 8002+ if (value.length() != 40) { 8003+ logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length()); 8004+ return false; 8005+ } 8006+ return isHex(value); 8007+ } 8008+ 8009+ private static String readBlacklist(String path) { 8010+ try { 8011+ return readFileAsString(path); 8012+ } catch (FileNotFoundException ignored) { 8013+ } catch (IOException e) { 8014+ logger.log(Level.WARNING, "Could not read blacklist", e); 8015+ } 8016+ return ""; 8017+ } 8018+ 8019+ // From IoUtils.readFileAsString 8020+ private static String readFileAsString(String path) throws IOException { 8021+ return readFileAsBytes(path).toString("UTF-8"); 8022+ } 8023+ 8024+ // Based on IoUtils.readFileAsBytes 8025+ private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException { 8026+ RandomAccessFile f = null; 8027+ try { 8028+ f = new RandomAccessFile(path, "r"); 8029+ ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length()); 8030+ byte[] buffer = new byte[8192]; 8031+ while (true) { 8032+ int byteCount = f.read(buffer); 8033+ if (byteCount == -1) { 8034+ return bytes; 8035+ } 8036+ bytes.write(buffer, 0, byteCount); 8037+ } 8038+ } finally { 8039+ closeQuietly(f); 8040+ } 8041+ } 8042+ 8043+ // Base on IoUtils.closeQuietly 8044+ private static void closeQuietly(Closeable closeable) { 8045+ if (closeable != null) { 8046+ try { 8047+ closeable.close(); 8048+ } catch (RuntimeException rethrown) { 8049+ throw rethrown; 8050+ } catch (Exception ignored) { 8051+ } 8052+ } 8053+ } 8054+ 8055+ private static final Set<BigInteger> readSerialBlackList(String path) { 8056+ 8057+ /* Start out with a base set of known bad values. 8058+ * 8059+ * WARNING: Do not add short serials to this list! 8060+ * 8061+ * Since this currently doesn't compare the serial + issuer, you 8062+ * should only add serials that have enough entropy here. Short 8063+ * serials may inadvertently match a certificate that was issued 8064+ * not in compliance with the Baseline Requirements. 8065+ */ 8066+ Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList( 8067+ // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup 8068+ // Not a real certificate. For testing only. 8069+ new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16), 8070+ new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16), 8071+ new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16), 8072+ new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16), 8073+ new BigInteger("9239d5348f40d1695a745470e1f23f43", 16), 8074+ new BigInteger("e9028b9578e415dc1a710a2b88154447", 16), 8075+ new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16), 8076+ new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16), 8077+ new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), 8078+ new BigInteger("3e75ced46b693021218830ae86a82a71", 16) 8079+ )); 8080+ 8081+ // attempt to augment it with values taken from gservices 8082+ String serialBlacklist = readBlacklist(path); 8083+ if (!serialBlacklist.equals("")) { 8084+ for(String value : serialBlacklist.split(",")) { 8085+ try { 8086+ bl.add(new BigInteger(value, 16)); 8087+ } catch (NumberFormatException e) { 8088+ logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e); 8089+ } 8090+ } 8091+ } 8092+ 8093+ // whether that succeeds or fails, send it on its merry way 8094+ return Collections.unmodifiableSet(bl); 8095+ } 8096+ 8097+ private static final Set<byte[]> readPublicKeyBlackList(String path) { 8098+ 8099+ // start out with a base set of known bad values 8100+ Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList( 8101+ // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 8102+ // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl 8103+ "410f36363258f30b347d12ce4863e433437806a8".getBytes(), 8104+ // Subject: CN=DigiNotar Cyber CA 8105+ // Issuer: CN=GTE CyberTrust Global Root 8106+ "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(), 8107+ // Subject: CN=DigiNotar Services 1024 CA 8108+ // Issuer: CN=Entrust.net 8109+ "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(), 8110+ // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 8111+ // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 8112+ "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(), 8113+ // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven 8114+ // Issuer: CN=Staat der Nederlanden Overheid CA 8115+ "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(), 8116+ // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479 8117+ // Subject: O=Digicert Sdn. Bhd. 8118+ // Issuer: CN=GTE CyberTrust Global Root 8119+ "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(), 8120+ // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org 8121+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 8122+ "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), 8123+ // Subject: CN=*.EGO.GOV.TR 93 8124+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 8125+ "783333c9687df63377efceddd82efa9101913e8e".getBytes(), 8126+ // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL 8127+ // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification 8128+ "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes() 8129+ )); 8130+ 8131+ // attempt to augment it with values taken from gservices 8132+ String pubkeyBlacklist = readBlacklist(path); 8133+ if (!pubkeyBlacklist.equals("")) { 8134+ for (String value : pubkeyBlacklist.split(",")) { 8135+ value = value.trim(); 8136+ if (isPubkeyHash(value)) { 8137+ bl.add(value.getBytes()); 8138+ } else { 8139+ logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value); 8140+ } 8141+ } 8142+ } 8143+ 8144+ return bl; 8145+ } 8146+ 8147+ public boolean isPublicKeyBlackListed(PublicKey publicKey) { 8148+ byte[] encoded = publicKey.getEncoded(); 8149+ Digest digest = AndroidDigestFactory.getSHA1(); 8150+ digest.update(encoded, 0, encoded.length); 8151+ byte[] out = new byte[digest.getDigestSize()]; 8152+ digest.doFinal(out, 0); 8153+ for (byte[] blacklisted : pubkeyBlacklist) { 8154+ if (Arrays.equals(blacklisted, Hex.encode(out))) { 8155+ return true; 8156+ } 8157+ } 8158+ return false; 8159+ } 8160+ 8161+ public boolean isSerialNumberBlackListed(BigInteger serial) { 8162+ return serialBlacklist.contains(serial); 8163+ } 8164+ 8165+} 8166diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 8167--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-03-01 12:03:02.000000000 +0000 8168+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-04-09 13:10:16.000000000 +0000 8169@@ -35,6 +35,7 @@ 8170 import java.util.List; 8171 import java.util.Map; 8172 import java.util.Set; 8173+import javax.security.auth.x500.X500Principal; 8174 8175 import org.bouncycastle.asn1.ASN1Encodable; 8176 import org.bouncycastle.asn1.ASN1Enumerated; 8177@@ -73,7 +74,9 @@ 8178 import org.bouncycastle.util.Store; 8179 import org.bouncycastle.util.StoreException; 8180 import org.bouncycastle.x509.X509AttributeCertificate; 8181-import org.bouncycastle.x509.extension.X509ExtensionUtil; 8182+// BEGIN android-removed 8183+// import org.bouncycastle.x509.extension.X509ExtensionUtil; 8184+// END android-removed 8185 8186 class CertPathValidatorUtilities 8187 { 8188@@ -653,20 +656,22 @@ 8189 { 8190 Object obj = iter.next(); 8191 8192- if (obj instanceof Store) 8193- { 8194- Store certStore = (Store)obj; 8195- try 8196- { 8197- certs.addAll(certStore.getMatches(certSelect)); 8198- } 8199- catch (StoreException e) 8200- { 8201- throw new AnnotatedException( 8202- "Problem while picking certificates from X.509 store.", e); 8203- } 8204- } 8205- else 8206+ // BEGIN android-removed 8207+ // if (obj instanceof X509Store) 8208+ // { 8209+ // X509Store certStore = (X509Store)obj; 8210+ // try 8211+ // { 8212+ // certs.addAll(certStore.getMatches(certSelect)); 8213+ // } 8214+ // catch (StoreException e) 8215+ // { 8216+ // throw new AnnotatedException( 8217+ // "Problem while picking certificates from X.509 store.", e); 8218+ // } 8219+ // } 8220+ // else 8221+ // END android-removed 8222 { 8223 CertStore certStore = (CertStore)obj; 8224 8225@@ -715,7 +720,14 @@ 8226 8227 for (int j = 0; j < genNames.length; j++) 8228 { 8229- PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]); 8230+ // BEGIN android-removed 8231+ // PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]); 8232+ // END android-removed 8233+ // BEGIN android-added 8234+ // Seems like a bug, unless there should be a guarantee that j < i, 8235+ // However, it's breaking the tests. 8236+ PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]); 8237+ // END android-added 8238 if (store != null) 8239 { 8240 stores.add(store); 8241@@ -888,8 +900,20 @@ 8242 { 8243 return; 8244 } 8245- 8246- X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded()); 8247+ // BEGIN android-removed 8248+ // X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded()); 8249+ // END android-removed 8250+ // BEGIN android-added 8251+ // The original code throws null pointer exception for OpenSSLX509CRL, 8252+ // which uses the implementation for getCertificateIssuer() in X509CRL, method 8253+ // whose reference implementation has the following JavaDoc: "If the certificate 8254+ // issuer is also the CRL issuer, this method returns null." 8255+ X500Name certIssuer = null; 8256+ X500Principal certificateIssuerPrincipal = crl_entry.getCertificateIssuer(); 8257+ if (certificateIssuerPrincipal != null) { 8258+ certIssuer = X500Name.getInstance(certificateIssuerPrincipal.getEncoded()); 8259+ } 8260+ // END android-added 8261 8262 if (certIssuer == null) 8263 { 8264diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 8265--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2015-03-01 12:03:02.000000000 +0000 8266+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2014-07-28 19:51:54.000000000 +0000 8267@@ -19,8 +19,10 @@ 8268 import org.bouncycastle.asn1.ASN1Sequence; 8269 import org.bouncycastle.asn1.DERBitString; 8270 import org.bouncycastle.asn1.DERNull; 8271-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8272-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8273+// BEGIN android-removed 8274+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8275+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8276+// END android-removed 8277 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 8278 import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; 8279 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8280@@ -202,21 +204,23 @@ 8281 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 8282 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 8283 8284- if (ecP == null) // GOST Curve 8285- { 8286- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 8287- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 8288- 8289- ecSpec = new ECNamedCurveSpec( 8290- ECGOST3410NamedCurves.getName(oid), 8291- ellipticCurve, 8292- new ECPoint( 8293- gParam.getG().getAffineXCoord().toBigInteger(), 8294- gParam.getG().getAffineYCoord().toBigInteger()), 8295- gParam.getN(), 8296- gParam.getH()); 8297- } 8298- else 8299+ // BEGIN android-removed 8300+ // if (ecP == null) // GOST Curve 8301+ // { 8302+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 8303+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 8304+ // 8305+ // ecSpec = new ECNamedCurveSpec( 8306+ // ECGOST3410NamedCurves.getName(oid), 8307+ // ellipticCurve, 8308+ // new ECPoint( 8309+ // gParam.getG().getAffineXCoord().toBigInteger(), 8310+ // gParam.getG().getAffineYCoord().toBigInteger()), 8311+ // gParam.getN(), 8312+ // gParam.getH()); 8313+ // } 8314+ // else 8315+ // END android-removed 8316 { 8317 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 8318 8319@@ -330,11 +334,13 @@ 8320 8321 try 8322 { 8323- if (algorithm.equals("ECGOST3410")) 8324- { 8325- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8326- } 8327- else 8328+ // BEGIN android-removed 8329+ // if (algorithm.equals("ECGOST3410")) 8330+ // { 8331+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8332+ // } 8333+ // else 8334+ // END android-removed 8335 { 8336 8337 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8338diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 8339--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2015-03-01 12:03:02.000000000 +0000 8340+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 2014-07-28 19:51:54.000000000 +0000 8341@@ -18,9 +18,11 @@ 8342 import org.bouncycastle.asn1.DERBitString; 8343 import org.bouncycastle.asn1.DERNull; 8344 import org.bouncycastle.asn1.DEROctetString; 8345-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8346-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8347-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 8348+// BEGIN android-removed 8349+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8350+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8351+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 8352+// END android-removed 8353 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8354 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 8355 import org.bouncycastle.asn1.x9.X962Parameters; 8356@@ -33,9 +35,13 @@ 8357 import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; 8358 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 8359 import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; 8360-import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 8361+// BEGIN android-removed 8362+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 8363+// END android-removed 8364 import org.bouncycastle.jce.interfaces.ECPointEncoder; 8365-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 8366+// BEGIN android-removed 8367+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 8368+// END android-removed 8369 import org.bouncycastle.jce.spec.ECNamedCurveSpec; 8370 import org.bouncycastle.math.ec.ECCurve; 8371 import org.bouncycastle.math.ec.custom.sec.SecP256K1Point; 8372@@ -48,7 +54,9 @@ 8373 private org.bouncycastle.math.ec.ECPoint q; 8374 private ECParameterSpec ecSpec; 8375 private boolean withCompression; 8376- private GOST3410PublicKeyAlgParameters gostParams; 8377+ // BEGIN android-removed 8378+ // private GOST3410PublicKeyAlgParameters gostParams; 8379+ // END android-removed 8380 8381 public JCEECPublicKey( 8382 String algorithm, 8383@@ -58,7 +66,9 @@ 8384 this.q = key.q; 8385 this.ecSpec = key.ecSpec; 8386 this.withCompression = key.withCompression; 8387- this.gostParams = key.gostParams; 8388+ // BEGIN android-removed 8389+ // this.gostParams = key.gostParams; 8390+ // END android-removed 8391 } 8392 8393 public JCEECPublicKey( 8394@@ -181,54 +191,55 @@ 8395 8396 private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) 8397 { 8398- if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 8399- { 8400- DERBitString bits = info.getPublicKeyData(); 8401- ASN1OctetString key; 8402- this.algorithm = "ECGOST3410"; 8403- 8404- try 8405- { 8406- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 8407- } 8408- catch (IOException ex) 8409- { 8410- throw new IllegalArgumentException("error recovering public key"); 8411- } 8412- 8413- byte[] keyEnc = key.getOctets(); 8414- byte[] x = new byte[32]; 8415- byte[] y = new byte[32]; 8416- 8417- for (int i = 0; i != x.length; i++) 8418- { 8419- x[i] = keyEnc[32 - 1 - i]; 8420- } 8421- 8422- for (int i = 0; i != y.length; i++) 8423- { 8424- y[i] = keyEnc[64 - 1 - i]; 8425- } 8426- 8427- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 8428- 8429- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 8430- 8431- ECCurve curve = spec.getCurve(); 8432- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 8433- 8434- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 8435- 8436- ecSpec = new ECNamedCurveSpec( 8437- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 8438- ellipticCurve, 8439- new ECPoint( 8440- spec.getG().getAffineXCoord().toBigInteger(), 8441- spec.getG().getAffineYCoord().toBigInteger()), 8442- spec.getN(), spec.getH()); 8443- 8444- } 8445- else 8446+ // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 8447+ // { 8448+ // DERBitString bits = info.getPublicKeyData(); 8449+ // ASN1OctetString key; 8450+ // this.algorithm = "ECGOST3410"; 8451+ // 8452+ // try 8453+ // { 8454+ // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 8455+ // } 8456+ // catch (IOException ex) 8457+ // { 8458+ // throw new IllegalArgumentException("error recovering public key"); 8459+ // } 8460+ // 8461+ // byte[] keyEnc = key.getOctets(); 8462+ // byte[] x = new byte[32]; 8463+ // byte[] y = new byte[32]; 8464+ // 8465+ // for (int i = 0; i != x.length; i++) 8466+ // { 8467+ // x[i] = keyEnc[32 - 1 - i]; 8468+ // } 8469+ // 8470+ // for (int i = 0; i != y.length; i++) 8471+ // { 8472+ // y[i] = keyEnc[64 - 1 - i]; 8473+ // } 8474+ // 8475+ // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 8476+ // 8477+ // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 8478+ // 8479+ // ECCurve curve = spec.getCurve(); 8480+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 8481+ // 8482+ // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 8483+ // 8484+ // ecSpec = new ECNamedCurveSpec( 8485+ // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 8486+ // ellipticCurve, 8487+ // new ECPoint( 8488+ // spec.getG().getAffineXCoord().toBigInteger(), 8489+ // spec.getG().getAffineYCoord().toBigInteger()), 8490+ // spec.getN(), spec.getH()); 8491+ // 8492+ // } 8493+ // else 8494+ // END android-removed 8495 { 8496 X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); 8497 ECCurve curve; 8498@@ -317,52 +328,54 @@ 8499 ASN1Encodable params; 8500 SubjectPublicKeyInfo info; 8501 8502- if (algorithm.equals("ECGOST3410")) 8503- { 8504- if (gostParams != null) 8505- { 8506- params = gostParams; 8507- } 8508- else 8509- { 8510- if (ecSpec instanceof ECNamedCurveSpec) 8511- { 8512- params = new GOST3410PublicKeyAlgParameters( 8513- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 8514- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 8515- } 8516- else 8517- { // strictly speaking this may not be applicable... 8518- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 8519- 8520- X9ECParameters ecP = new X9ECParameters( 8521- curve, 8522- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 8523- ecSpec.getOrder(), 8524- BigInteger.valueOf(ecSpec.getCofactor()), 8525- ecSpec.getCurve().getSeed()); 8526- 8527- params = new X962Parameters(ecP); 8528- } 8529- } 8530- 8531- BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 8532- BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 8533- byte[] encKey = new byte[64]; 8534- 8535- extractBytes(encKey, 0, bX); 8536- extractBytes(encKey, 32, bY); 8537- 8538- try 8539- { 8540- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 8541- } 8542- catch (IOException e) 8543- { 8544- return null; 8545- } 8546- } 8547- else 8548+ // BEGIN android-removed 8549+ // if (algorithm.equals("ECGOST3410")) 8550+ // { 8551+ // if (gostParams != null) 8552+ // { 8553+ // params = gostParams; 8554+ // } 8555+ // else 8556+ // { 8557+ // if (ecSpec instanceof ECNamedCurveSpec) 8558+ // { 8559+ // params = new GOST3410PublicKeyAlgParameters( 8560+ // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 8561+ // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 8562+ // } 8563+ // else 8564+ // { // strictly speaking this may not be applicable... 8565+ // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 8566+ // 8567+ // X9ECParameters ecP = new X9ECParameters( 8568+ // curve, 8569+ // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 8570+ // ecSpec.getOrder(), 8571+ // BigInteger.valueOf(ecSpec.getCofactor()), 8572+ // ecSpec.getCurve().getSeed()); 8573+ // 8574+ // params = new X962Parameters(ecP); 8575+ // } 8576+ // } 8577+ // 8578+ // BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 8579+ // BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 8580+ // byte[] encKey = new byte[64]; 8581+ // 8582+ // extractBytes(encKey, 0, bX); 8583+ // extractBytes(encKey, 32, bY); 8584+ // 8585+ // try 8586+ // { 8587+ // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 8588+ // } 8589+ // catch (IOException e) 8590+ // { 8591+ // return null; 8592+ // } 8593+ // } 8594+ // else 8595+ // END android-removed 8596 { 8597 if (ecSpec instanceof ECNamedCurveSpec) 8598 { 8599diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 8600--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-03-01 12:03:02.000000000 +0000 8601+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-04-09 13:10:16.000000000 +0000 8602@@ -88,22 +88,24 @@ 8603 { 8604 Object obj = iter.next(); 8605 8606- if (obj instanceof Store) 8607- { 8608- Store store = (Store)obj; 8609+ // BEGIN android-removed 8610+ // if (obj instanceof Store) 8611+ // { 8612+ // Store store = (Store)obj; 8613 8614- try 8615- { 8616- crls.addAll(store.getMatches(crlSelect)); 8617- foundValidStore = true; 8618- } 8619- catch (StoreException e) 8620- { 8621- lastException = new AnnotatedException( 8622- "Exception searching in X.509 CRL store.", e); 8623- } 8624- } 8625- else 8626+ // try 8627+ // { 8628+ // crls.addAll(store.getMatches(crlSelect)); 8629+ // foundValidStore = true; 8630+ // } 8631+ // catch (StoreException e) 8632+ // { 8633+ // lastException = new AnnotatedException( 8634+ // "Exception searching in X.509 CRL store.", e); 8635+ // } 8636+ // } 8637+ // else 8638+ // END android-removed 8639 { 8640 CertStore store = (CertStore)obj; 8641 8642diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 8643--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-03-01 12:03:02.000000000 +0000 8644+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-04-24 13:59:41.000000000 +0000 8645@@ -1,5 +1,8 @@ 8646 package org.bouncycastle.jce.provider; 8647 8648+// BEGIN android-added 8649+import java.math.BigInteger; 8650+// END android-added 8651 import java.security.InvalidAlgorithmParameterException; 8652 import java.security.PublicKey; 8653 import java.security.cert.CertPath; 8654@@ -41,6 +44,11 @@ 8655 public PKIXCertPathValidatorSpi() 8656 { 8657 } 8658+ // BEGIN android-added 8659+ private static class NoPreloadHolder { 8660+ private final static CertBlacklist blacklist = new CertBlacklist(); 8661+ } 8662+ // END android-added 8663 8664 public CertPathValidatorResult engineValidate( 8665 CertPath certPath, 8666@@ -73,10 +81,18 @@ 8667 { 8668 paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters(); 8669 } 8670- else 8671+ // BEGIN android-changed 8672+ // else 8673+ else if (params instanceof PKIXExtendedParameters) 8674+ // END android-changed 8675 { 8676 paramsPKIX = (PKIXExtendedParameters)params; 8677 } 8678+ // BEGIN android-added 8679+ else { 8680+ throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters"); 8681+ } 8682+ // END android-added 8683 8684 if (paramsPKIX.getTrustAnchors() == null) 8685 { 8686@@ -98,6 +114,22 @@ 8687 { 8688 throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); 8689 } 8690+ // BEGIN android-added 8691+ { 8692+ X509Certificate cert = (X509Certificate) certs.get(0); 8693+ 8694+ if (cert != null) { 8695+ BigInteger serial = cert.getSerialNumber(); 8696+ if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) { 8697+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8698+ String message = "Certificate revocation of serial 0x" + serial.toString(16); 8699+ System.out.println(message); 8700+ AnnotatedException e = new AnnotatedException(message); 8701+ throw new CertPathValidatorException(e.getMessage(), e, certPath, 0); 8702+ } 8703+ } 8704+ } 8705+ // END android-added 8706 8707 // 8708 // (b) 8709@@ -277,6 +309,15 @@ 8710 8711 for (index = certs.size() - 1; index >= 0; index--) 8712 { 8713+ // BEGIN android-added 8714+ if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { 8715+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8716+ String message = "Certificate revocation of public key " + workingPublicKey; 8717+ System.out.println(message); 8718+ AnnotatedException e = new AnnotatedException(message); 8719+ throw new CertPathValidatorException(e.getMessage(), e, certPath, index); 8720+ } 8721+ // END android-added 8722 // try 8723 // { 8724 // 8725diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 8726--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000 8727+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-31 02:26:40.000000000 +0000 8728@@ -57,6 +57,9 @@ 8729 import org.bouncycastle.asn1.x509.Extensions; 8730 import org.bouncycastle.asn1.x509.GeneralName; 8731 import org.bouncycastle.asn1.x509.KeyUsage; 8732+// BEGIN android-added 8733+import org.bouncycastle.asn1.x509.X509Name; 8734+// END android-added 8735 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 8736 import org.bouncycastle.jce.X509Principal; 8737 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 8738@@ -562,12 +565,20 @@ 8739 } 8740 } 8741 8742+ // BEGIN android-changed 8743+ private byte[] encoded; 8744+ // END android-changed 8745 public byte[] getEncoded() 8746 throws CertificateEncodingException 8747 { 8748 try 8749 { 8750- return c.getEncoded(ASN1Encoding.DER); 8751+ // BEGIN android-changed 8752+ if (encoded == null) { 8753+ encoded = c.getEncoded(ASN1Encoding.DER); 8754+ } 8755+ return encoded; 8756+ // END android-changed 8757 } 8758 catch (IOException e) 8759 { 8760@@ -858,7 +869,9 @@ 8761 list.add(genName.getEncoded()); 8762 break; 8763 case GeneralName.directoryName: 8764- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 8765+ // BEGIN android-changed 8766+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 8767+ // END android-changed 8768 break; 8769 case GeneralName.dNSName: 8770 case GeneralName.rfc822Name: 8771diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 8772--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000 8773+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 2014-07-28 19:51:54.000000000 +0000 8774@@ -14,7 +14,9 @@ 8775 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 8776 import org.bouncycastle.asn1.ASN1Sequence; 8777 import org.bouncycastle.asn1.DERNull; 8778-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8779+// BEGIN android-removed 8780+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8781+// END android-removed 8782 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8783 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8784 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8785@@ -66,12 +68,14 @@ 8786 8787 if (params != null && !derNull.equals(params)) 8788 { 8789- if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8790- { 8791- RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8792- 8793- return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 8794- } 8795+ // BEGIN android-removed 8796+ // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8797+ // { 8798+ // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8799+ // 8800+ // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 8801+ // } 8802+ // END android-removed 8803 if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 8804 { 8805 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 8806@@ -114,22 +118,24 @@ 8807 { 8808 return "SHA512"; 8809 } 8810- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8811- { 8812- return "RIPEMD128"; 8813- } 8814- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8815- { 8816- return "RIPEMD160"; 8817- } 8818- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8819- { 8820- return "RIPEMD256"; 8821- } 8822- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8823- { 8824- return "GOST3411"; 8825- } 8826+ // BEGIN android-removed 8827+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8828+ // { 8829+ // return "RIPEMD128"; 8830+ // } 8831+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8832+ // { 8833+ // return "RIPEMD160"; 8834+ // } 8835+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8836+ // { 8837+ // return "RIPEMD256"; 8838+ // } 8839+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8840+ // { 8841+ // return "GOST3411"; 8842+ // } 8843+ // END android-removed 8844 else 8845 { 8846 return digestAlgOID.getId(); 8847diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 8848--- bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java 2015-03-01 12:03:02.000000000 +0000 8849+++ bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 2014-07-28 19:51:54.000000000 +0000 8850@@ -25,12 +25,16 @@ 8851 import org.bouncycastle.asn1.ASN1Integer; 8852 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 8853 import org.bouncycastle.asn1.DERNull; 8854-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8855+// BEGIN android-removed 8856+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8857+// END android-removed 8858 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8859 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8860 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8861 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 8862-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8863+// BEGIN android-removed 8864+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8865+// END android-removed 8866 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8867 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 8868 import org.bouncycastle.jce.X509Principal; 8869@@ -44,8 +48,10 @@ 8870 8871 static 8872 { 8873- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8874- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8875+ // BEGIN android-removed 8876+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8877+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8878+ // END android-removed 8879 algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); 8880 algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); 8881 algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); 8882@@ -63,12 +69,14 @@ 8883 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8884 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8885 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8886- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8887- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8888- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8889- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8890- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8891- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8892+ // BEGIN android-removed 8893+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8894+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8895+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8896+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8897+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8898+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8899+ // END android-removed 8900 algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); 8901 algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); 8902 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 8903@@ -81,11 +89,13 @@ 8904 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 8905 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 8906 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 8907- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8908- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8909- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8910- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8911- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8912+ // BEGIN android-removed 8913+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8914+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8915+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8916+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8917+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8918+ // END android-removed 8919 8920 // 8921 // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 8922@@ -105,8 +115,10 @@ 8923 // 8924 // RFC 4491 8925 // 8926- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8927- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8928+ // BEGIN android-removed 8929+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8930+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8931+ // END android-removed 8932 8933 // 8934 // explicit params 8935