1 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java 2015-03-01 12:03:02.000000000 +0000 3 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2014-07-28 19:51:54.000000000 +0000 4 @@ -23,7 +23,9 @@ 5 private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; 6 private static final byte[] FALSE_VALUE = new byte[] { 0 }; 7 8 - private byte[] value; 9 + // BEGIN android-changed 10 + final private byte[] value; 11 + // END android-changed 12 13 public static final ASN1Boolean FALSE = new ASN1Boolean(false); 14 public static final ASN1Boolean TRUE = new ASN1Boolean(true); 15 @@ -79,6 +81,17 @@ 16 return (value != 0 ? TRUE : FALSE); 17 } 18 19 + // BEGIN android-added 20 + /** 21 + * return a ASN1Boolean from the passed in array. 22 + */ 23 + public static ASN1Boolean getInstance( 24 + byte[] octets) 25 + { 26 + return (octets[0] != 0) ? TRUE : FALSE; 27 + } 28 + 29 + // END android-added 30 /** 31 * return a Boolean from a tagged object. 32 * 33 @@ -105,7 +118,9 @@ 34 } 35 } 36 37 - ASN1Boolean( 38 + // BEGIN android-changed 39 + protected ASN1Boolean( 40 + // END android-changed 41 byte[] value) 42 { 43 if (value.length != 1) 44 @@ -131,8 +146,10 @@ 45 * @deprecated use getInstance(boolean) method. 46 * @param value true or false. 47 */ 48 - public ASN1Boolean( 49 + // BEGIN android-changed 50 + protected ASN1Boolean( 51 boolean value) 52 + // END android-changed 53 { 54 this.value = (value) ? TRUE_VALUE : FALSE_VALUE; 55 } 56 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 57 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java 2015-03-01 12:03:02.000000000 +0000 58 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 2014-07-28 19:51:54.000000000 +0000 59 @@ -8,6 +8,12 @@ 60 public abstract class ASN1Null 61 extends ASN1Primitive 62 { 63 + // BEGIN android-added 64 + /*package*/ ASN1Null() 65 + { 66 + } 67 + 68 + // END android-added 69 /** 70 * Return an instance of ASN.1 NULL from the passed in object. 71 * <p> 72 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 73 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2015-03-01 12:03:02.000000000 +0000 74 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2014-07-28 19:51:54.000000000 +0000 75 @@ -152,7 +152,13 @@ 76 } 77 } 78 79 - this.identifier = objId.toString(); 80 + // BEGIN android-changed 81 + /* 82 + * Intern the identifier so there aren't hundreds of duplicates 83 + * (in practice). 84 + */ 85 + this.identifier = objId.toString().intern(); 86 + // END android-changed 87 this.body = Arrays.clone(bytes); 88 } 89 90 @@ -173,7 +179,13 @@ 91 throw new IllegalArgumentException("string " + identifier + " not an OID"); 92 } 93 94 - this.identifier = identifier; 95 + // BEGIN android-changed 96 + /* 97 + * Intern the identifier so there aren't hundreds of duplicates 98 + * (in practice). 99 + */ 100 + this.identifier = identifier.intern(); 101 + // END android-changed 102 } 103 104 /** 105 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 106 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java 2015-03-01 12:03:02.000000000 +0000 107 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 2013-01-31 02:26:40.000000000 +0000 108 @@ -15,7 +15,9 @@ 109 /** 110 * @deprecated use DERNull.INSTANCE 111 */ 112 - public DERNull() 113 + // BEGIN android-changed 114 + protected DERNull() 115 + // END android-changed 116 { 117 } 118 119 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 120 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java 2015-03-01 12:03:02.000000000 +0000 121 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 2014-07-28 19:51:54.000000000 +0000 122 @@ -12,7 +12,9 @@ 123 extends ASN1Primitive 124 implements ASN1String 125 { 126 - private byte[] string; 127 + // BEGIN android-changed 128 + private final byte[] string; 129 + // END android-changed 130 131 /** 132 * return a printable string from the passed in object. 133 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 134 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java 2015-03-01 12:03:02.000000000 +0000 135 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 2014-05-05 17:17:14.000000000 +0000 136 @@ -8,7 +8,9 @@ 137 138 class StreamUtil 139 { 140 - private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 141 + // BEGIN android-removed 142 + // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 143 + // END android-removed 144 145 /** 146 * Find out possible longest length... 147 @@ -48,12 +50,15 @@ 148 } 149 } 150 151 - if (MAX_MEMORY > Integer.MAX_VALUE) 152 + // BEGIN android-changed 153 + long maxMemory = Runtime.getRuntime().maxMemory(); 154 + if (maxMemory > Integer.MAX_VALUE) 155 { 156 return Integer.MAX_VALUE; 157 } 158 159 - return (int)MAX_MEMORY; 160 + return (int) maxMemory; 161 + // END android-changed 162 } 163 164 static int calculateBodyLength( 165 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 166 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2015-03-01 12:03:02.000000000 +0000 167 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 2013-12-12 00:35:05.000000000 +0000 168 @@ -28,7 +28,9 @@ 169 */ 170 public class ContentInfo 171 extends ASN1Object 172 - implements CMSObjectIdentifiers 173 + // BEGIN android-removed 174 + // implements CMSObjectIdentifiers 175 + // END android-removed 176 { 177 private ASN1ObjectIdentifier contentType; 178 private ASN1Encodable content; 179 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 180 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2015-03-01 12:03:02.000000000 +0000 181 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-12-12 00:35:05.000000000 +0000 182 @@ -13,10 +13,12 @@ 183 static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); 184 /** PKCS#1: 1.2.840.113549.1.1.1 */ 185 static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); 186 - /** PKCS#1: 1.2.840.113549.1.1.2 */ 187 - static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 188 - /** PKCS#1: 1.2.840.113549.1.1.3 */ 189 - static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 190 + // BEGIN android-removed 191 + // /** PKCS#1: 1.2.840.113549.1.1.2 */ 192 + // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 193 + // /** PKCS#1: 1.2.840.113549.1.1.3 */ 194 + // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 195 + // END android-removed 196 /** PKCS#1: 1.2.840.113549.1.1.4 */ 197 static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); 198 /** PKCS#1: 1.2.840.113549.1.1.5 */ 199 @@ -96,15 +98,19 @@ 200 // md2 OBJECT IDENTIFIER ::= 201 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} 202 // 203 - /** 1.2.840.113549.2.2 */ 204 - static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 205 + // BEGIN android-removed 206 + // /** 1.2.840.113549.2.2 */ 207 + // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 208 + // END android-removed 209 210 // 211 // md4 OBJECT IDENTIFIER ::= 212 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} 213 // 214 - /** 1.2.840.113549.2.4 */ 215 - static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 216 + // BEGIN android-removed 217 + // /** 1.2.840.113549.2.4 */ 218 + // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 219 + // END android-removed 220 221 // 222 // md5 OBJECT IDENTIFIER ::= 223 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 224 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2015-03-01 12:03:02.000000000 +0000 225 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2014-07-28 19:51:54.000000000 +0000 226 @@ -14,7 +14,9 @@ 227 import org.bouncycastle.asn1.DERSequence; 228 import org.bouncycastle.asn1.DERTaggedObject; 229 import org.bouncycastle.crypto.Digest; 230 -import org.bouncycastle.crypto.digests.SHA1Digest; 231 +// BEGIN android-changed 232 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 233 +// END android-changed 234 235 /** 236 * The AuthorityKeyIdentifier object. 237 @@ -106,7 +108,9 @@ 238 public AuthorityKeyIdentifier( 239 SubjectPublicKeyInfo spki) 240 { 241 - Digest digest = new SHA1Digest(); 242 + // BEGIN android-changed 243 + Digest digest = AndroidDigestFactory.getSHA1(); 244 + // END android-changed 245 byte[] resBuf = new byte[digest.getDigestSize()]; 246 247 byte[] bytes = spki.getPublicKeyData().getBytes(); 248 @@ -125,7 +129,9 @@ 249 GeneralNames name, 250 BigInteger serialNumber) 251 { 252 - Digest digest = new SHA1Digest(); 253 + // BEGIN android-changed 254 + Digest digest = AndroidDigestFactory.getSHA1(); 255 + // END android-changed 256 byte[] resBuf = new byte[digest.getDigestSize()]; 257 258 byte[] bytes = spki.getPublicKeyData().getBytes(); 259 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 260 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java 2015-03-01 12:03:02.000000000 +0000 261 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 2013-12-12 00:35:05.000000000 +0000 262 @@ -255,8 +255,10 @@ 263 */ 264 public static final Hashtable SymbolLookUp = DefaultLookUp; 265 266 - private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility 267 - private static final Boolean FALSE = new Boolean(false); 268 + // BEGIN android-changed 269 + private static final Boolean TRUE = Boolean.TRUE; 270 + private static final Boolean FALSE = Boolean.FALSE; 271 + // END android-changed 272 273 static 274 { 275 @@ -446,7 +448,9 @@ 276 throw new IllegalArgumentException("cannot encode value"); 277 } 278 } 279 - added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility 280 + // BEGIN android-changed 281 + added.addElement(Boolean.valueOf(i != 0)); 282 + // END android-changed 283 } 284 } 285 } 286 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 287 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2015-03-01 12:03:02.000000000 +0000 288 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-05-25 02:14:15.000000000 +0000 289 @@ -78,6 +78,17 @@ 290 } 291 else 292 { 293 + // BEGIN android-added 294 + // copied from a newer version of BouncyCastle 295 + if (c == '#' && buf.charAt(buf.length() - 1) == '=') 296 + { 297 + buf.append('\\'); 298 + } 299 + else if (c == '+' && separator != '+') 300 + { 301 + buf.append('\\'); 302 + } 303 + // END android-added 304 buf.append(c); 305 } 306 } 307 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 308 --- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2015-03-01 12:03:02.000000000 +0000 309 +++ bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2014-07-28 19:51:54.000000000 +0000 310 @@ -6,7 +6,9 @@ 311 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 312 import org.bouncycastle.asn1.nist.NISTNamedCurves; 313 import org.bouncycastle.asn1.sec.SECNamedCurves; 314 -import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 315 +// BEGIN android-removed 316 +// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 317 +// END android-removed 318 319 /** 320 * A general class that reads all X9.62 style EC curve tables. 321 @@ -30,10 +32,12 @@ 322 ecP = SECNamedCurves.getByName(name); 323 } 324 325 - if (ecP == null) 326 - { 327 - ecP = TeleTrusTNamedCurves.getByName(name); 328 - } 329 + // BEGIN android-removed 330 + // if (ecP == null) 331 + // { 332 + // ecP = TeleTrusTNamedCurves.getByName(name); 333 + // } 334 + // END android-removed 335 336 if (ecP == null) 337 { 338 @@ -59,10 +63,12 @@ 339 oid = SECNamedCurves.getOID(name); 340 } 341 342 - if (oid == null) 343 - { 344 - oid = TeleTrusTNamedCurves.getOID(name); 345 - } 346 + // BEGIN android-removed 347 + // if (oid == null) 348 + // { 349 + // oid = TeleTrusTNamedCurves.getOID(name); 350 + // } 351 + // END android-removed 352 353 if (oid == null) 354 { 355 @@ -89,10 +95,12 @@ 356 ecP = SECNamedCurves.getByOID(oid); 357 } 358 359 - if (ecP == null) 360 - { 361 - ecP = TeleTrusTNamedCurves.getByOID(oid); 362 - } 363 + // BEGIN android-removed 364 + // if (ecP == null) 365 + // { 366 + // ecP = TeleTrusTNamedCurves.getByOID(oid); 367 + // } 368 + // END android-removed 369 370 // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup 371 372 @@ -111,7 +119,9 @@ 373 addEnumeration(v, X962NamedCurves.getNames()); 374 addEnumeration(v, SECNamedCurves.getNames()); 375 addEnumeration(v, NISTNamedCurves.getNames()); 376 - addEnumeration(v, TeleTrusTNamedCurves.getNames()); 377 + // BEGIN android-removed 378 + // addEnumeration(v, TeleTrusTNamedCurves.getNames()); 379 + // END android-removed 380 381 return v.elements(); 382 } 383 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java bcprov-jdk15on-152/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java 384 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java 2015-03-01 12:03:02.000000000 +0000 385 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java 2015-07-07 18:14:00.000000000 +0000 386 @@ -6,6 +6,9 @@ 387 import org.bouncycastle.crypto.CipherParameters; 388 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 389 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 390 +// BEGIN android-added 391 +import org.bouncycastle.math.ec.ECCurve; 392 +// END android-added 393 import org.bouncycastle.math.ec.ECPoint; 394 395 /** 396 @@ -41,8 +44,23 @@ 397 public BigInteger calculateAgreement( 398 CipherParameters pubKey) 399 { 400 - ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; 401 - ECPoint P = pub.getQ().multiply(key.getD()).normalize(); 402 + // BEGIN android-changed 403 + ECPoint peerPoint = ((ECPublicKeyParameters) pubKey).getQ(); 404 + ECCurve myCurve = key.getParameters().getCurve(); 405 + if (peerPoint.isInfinity()) { 406 + throw new IllegalStateException("Infinity is not a valid public key for ECDH"); 407 + } 408 + try { 409 + myCurve.validatePoint(peerPoint.getXCoord().toBigInteger(), 410 + peerPoint.getYCoord().toBigInteger()); 411 + } catch (IllegalArgumentException ex) { 412 + throw new IllegalStateException("The peer public key must be on the curve for ECDH"); 413 + } 414 + // Explicitly construct a public key using the private key's curve. 415 + ECPoint pubPoint = myCurve.createPoint(peerPoint.getXCoord().toBigInteger(), 416 + peerPoint.getYCoord().toBigInteger()); 417 + ECPoint P = pubPoint.multiply(key.getD()).normalize(); 418 + // END android-changed 419 420 if (P.isInfinity()) 421 { 422 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 423 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000 424 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-09-26 18:06:21.000000000 +0000 425 @@ -0,0 +1,87 @@ 426 +/* 427 + * Copyright (C) 2012 The Android Open Source Project 428 + * 429 + * Licensed under the Apache License, Version 2.0 (the "License"); 430 + * you may not use this file except in compliance with the License. 431 + * You may obtain a copy of the License at 432 + * 433 + * http://www.apache.org/licenses/LICENSE-2.0 434 + * 435 + * Unless required by applicable law or agreed to in writing, software 436 + * distributed under the License is distributed on an "AS IS" BASIS, 437 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 438 + * See the License for the specific language governing permissions and 439 + * limitations under the License. 440 + */ 441 + 442 +package org.bouncycastle.crypto.digests; 443 + 444 +import org.bouncycastle.crypto.Digest; 445 + 446 +/** 447 + * Level of indirection to let us select OpenSSLDigest implementations 448 + * for libcore but fallback to BouncyCastle ones on the RI. 449 + */ 450 +public final class AndroidDigestFactory { 451 + private static final String OpenSSLFactoryClassName 452 + = AndroidDigestFactory.class.getName() + "OpenSSL"; 453 + private static final String BouncyCastleFactoryClassName 454 + = AndroidDigestFactory.class.getName() + "BouncyCastle"; 455 + 456 + private static final AndroidDigestFactoryInterface FACTORY; 457 + static { 458 + Class factoryImplementationClass; 459 + try { 460 + factoryImplementationClass = Class.forName(OpenSSLFactoryClassName); 461 + // Double check for NativeCrypto in case we are running on RI for testing 462 + Class.forName("com.android.org.conscrypt.NativeCrypto"); 463 + } catch (ClassNotFoundException e1) { 464 + try { 465 + factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName); 466 + } catch (ClassNotFoundException e2) { 467 + AssertionError e = new AssertionError("Failed to load " 468 + + "AndroidDigestFactoryInterface " 469 + + "implementation. Looked for " 470 + + OpenSSLFactoryClassName + " and " 471 + + BouncyCastleFactoryClassName); 472 + e.initCause(e1); 473 + throw e; 474 + } 475 + } 476 + if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) { 477 + throw new AssertionError(factoryImplementationClass 478 + + "does not implement AndroidDigestFactoryInterface"); 479 + } 480 + try { 481 + FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance(); 482 + } catch (InstantiationException e) { 483 + throw new AssertionError(e); 484 + } catch (IllegalAccessException e) { 485 + throw new AssertionError(e); 486 + } 487 + } 488 + 489 + public static Digest getMD5() { 490 + return FACTORY.getMD5(); 491 + } 492 + 493 + public static Digest getSHA1() { 494 + return FACTORY.getSHA1(); 495 + } 496 + 497 + public static Digest getSHA224() { 498 + return FACTORY.getSHA224(); 499 + } 500 + 501 + public static Digest getSHA256() { 502 + return FACTORY.getSHA256(); 503 + } 504 + 505 + public static Digest getSHA384() { 506 + return FACTORY.getSHA384(); 507 + } 508 + 509 + public static Digest getSHA512() { 510 + return FACTORY.getSHA512(); 511 + } 512 +} 513 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 514 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000 515 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-09-26 18:06:21.000000000 +0000 516 @@ -0,0 +1,40 @@ 517 +/* 518 + * Copyright (C) 2012 The Android Open Source Project 519 + * 520 + * Licensed under the Apache License, Version 2.0 (the "License"); 521 + * you may not use this file except in compliance with the License. 522 + * You may obtain a copy of the License at 523 + * 524 + * http://www.apache.org/licenses/LICENSE-2.0 525 + * 526 + * Unless required by applicable law or agreed to in writing, software 527 + * distributed under the License is distributed on an "AS IS" BASIS, 528 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 529 + * See the License for the specific language governing permissions and 530 + * limitations under the License. 531 + */ 532 + 533 +package org.bouncycastle.crypto.digests; 534 + 535 +import org.bouncycastle.crypto.Digest; 536 + 537 +public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface { 538 + public Digest getMD5() { 539 + return new MD5Digest(); 540 + } 541 + public Digest getSHA1() { 542 + return new SHA1Digest(); 543 + } 544 + public Digest getSHA224() { 545 + return new SHA224Digest(); 546 + } 547 + public Digest getSHA256() { 548 + return new SHA256Digest(); 549 + } 550 + public Digest getSHA384() { 551 + return new SHA384Digest(); 552 + } 553 + public Digest getSHA512() { 554 + return new SHA512Digest(); 555 + } 556 +} 557 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 558 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000 559 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-09-26 18:06:21.000000000 +0000 560 @@ -0,0 +1,28 @@ 561 +/* 562 + * Copyright (C) 2012 The Android Open Source Project 563 + * 564 + * Licensed under the Apache License, Version 2.0 (the "License"); 565 + * you may not use this file except in compliance with the License. 566 + * You may obtain a copy of the License at 567 + * 568 + * http://www.apache.org/licenses/LICENSE-2.0 569 + * 570 + * Unless required by applicable law or agreed to in writing, software 571 + * distributed under the License is distributed on an "AS IS" BASIS, 572 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 573 + * See the License for the specific language governing permissions and 574 + * limitations under the License. 575 + */ 576 + 577 +package org.bouncycastle.crypto.digests; 578 + 579 +import org.bouncycastle.crypto.Digest; 580 + 581 +interface AndroidDigestFactoryInterface { 582 + public Digest getMD5(); 583 + public Digest getSHA1(); 584 + public Digest getSHA224(); 585 + public Digest getSHA256(); 586 + public Digest getSHA384(); 587 + public Digest getSHA512(); 588 +} 589 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 590 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000 591 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-09-26 18:06:21.000000000 +0000 592 @@ -0,0 +1,40 @@ 593 +/* 594 + * Copyright (C) 2012 The Android Open Source Project 595 + * 596 + * Licensed under the Apache License, Version 2.0 (the "License"); 597 + * you may not use this file except in compliance with the License. 598 + * You may obtain a copy of the License at 599 + * 600 + * http://www.apache.org/licenses/LICENSE-2.0 601 + * 602 + * Unless required by applicable law or agreed to in writing, software 603 + * distributed under the License is distributed on an "AS IS" BASIS, 604 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 605 + * See the License for the specific language governing permissions and 606 + * limitations under the License. 607 + */ 608 + 609 +package org.bouncycastle.crypto.digests; 610 + 611 +import org.bouncycastle.crypto.Digest; 612 + 613 +public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface { 614 + public Digest getMD5() { 615 + return new OpenSSLDigest.MD5(); 616 + } 617 + public Digest getSHA1() { 618 + return new OpenSSLDigest.SHA1(); 619 + } 620 + public Digest getSHA224() { 621 + return new OpenSSLDigest.SHA224(); 622 + } 623 + public Digest getSHA256() { 624 + return new OpenSSLDigest.SHA256(); 625 + } 626 + public Digest getSHA384() { 627 + return new OpenSSLDigest.SHA384(); 628 + } 629 + public Digest getSHA512() { 630 + return new OpenSSLDigest.SHA512(); 631 + } 632 +} 633 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 634 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 635 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2014-02-27 18:09:19.000000000 +0000 636 @@ -0,0 +1,97 @@ 637 +/* 638 + * Copyright (C) 2008 The Android Open Source Project 639 + * 640 + * Licensed under the Apache License, Version 2.0 (the "License"); 641 + * you may not use this file except in compliance with the License. 642 + * You may obtain a copy of the License at 643 + * 644 + * http://www.apache.org/licenses/LICENSE-2.0 645 + * 646 + * Unless required by applicable law or agreed to in writing, software 647 + * distributed under the License is distributed on an "AS IS" BASIS, 648 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 649 + * See the License for the specific language governing permissions and 650 + * limitations under the License. 651 + */ 652 + 653 +package org.bouncycastle.crypto.digests; 654 + 655 +import org.bouncycastle.crypto.ExtendedDigest; 656 +import org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi; 657 +import java.security.DigestException; 658 +import java.security.MessageDigest; 659 + 660 +/** 661 + * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This 662 + * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it. 663 + */ 664 +public class OpenSSLDigest implements ExtendedDigest { 665 + private final MessageDigest delegate; 666 + 667 + private final int byteSize; 668 + 669 + public OpenSSLDigest(String algorithm, int byteSize) { 670 + try { 671 + delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL"); 672 + this.byteSize = byteSize; 673 + } catch (Exception e) { 674 + throw new RuntimeException(e); 675 + } 676 + } 677 + 678 + public String getAlgorithmName() { 679 + return delegate.getAlgorithm(); 680 + } 681 + 682 + public int getDigestSize() { 683 + return delegate.getDigestLength(); 684 + } 685 + 686 + public int getByteLength() { 687 + return byteSize; 688 + } 689 + 690 + public void reset() { 691 + delegate.reset(); 692 + } 693 + 694 + public void update(byte in) { 695 + delegate.update(in); 696 + } 697 + 698 + public void update(byte[] in, int inOff, int len) { 699 + delegate.update(in, inOff, len); 700 + } 701 + 702 + public int doFinal(byte[] out, int outOff) { 703 + try { 704 + return delegate.digest(out, outOff, out.length - outOff); 705 + } catch (DigestException e) { 706 + throw new RuntimeException(e); 707 + } 708 + } 709 + 710 + public static class MD5 extends OpenSSLDigest { 711 + public MD5() { super("MD5", 64); } 712 + } 713 + 714 + public static class SHA1 extends OpenSSLDigest { 715 + public SHA1() { super("SHA-1", 64); } 716 + } 717 + 718 + public static class SHA224 extends OpenSSLDigest { 719 + public SHA224() { super("SHA-224", 64); } 720 + } 721 + 722 + public static class SHA256 extends OpenSSLDigest { 723 + public SHA256() { super("SHA-256", 64); } 724 + } 725 + 726 + public static class SHA384 extends OpenSSLDigest { 727 + public SHA384() { super("SHA-384", 128); } 728 + } 729 + 730 + public static class SHA512 extends OpenSSLDigest { 731 + public SHA512() { super("SHA-512", 128); } 732 + } 733 +} 734 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 735 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2015-03-01 12:03:02.000000000 +0000 736 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2014-07-28 19:51:54.000000000 +0000 737 @@ -10,7 +10,9 @@ 738 import org.bouncycastle.asn1.x9.X9ECParametersHolder; 739 import org.bouncycastle.math.ec.ECCurve; 740 import org.bouncycastle.math.ec.ECPoint; 741 -import org.bouncycastle.math.ec.custom.djb.Curve25519; 742 +// BEGIN android-removed 743 +// import org.bouncycastle.math.ec.custom.djb.Curve25519; 744 +// END android-removed 745 import org.bouncycastle.math.ec.custom.sec.SecP192K1Curve; 746 import org.bouncycastle.math.ec.custom.sec.SecP192R1Curve; 747 import org.bouncycastle.math.ec.custom.sec.SecP224K1Curve; 748 @@ -36,32 +38,34 @@ 749 return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create(); 750 } 751 752 - /* 753 - * curve25519 754 - */ 755 - static X9ECParametersHolder curve25519 = new X9ECParametersHolder() 756 - { 757 - protected X9ECParameters createParameters() 758 - { 759 - byte[] S = null; 760 - ECCurve curve = configureCurve(new Curve25519()); 761 - 762 - /* 763 - * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form 764 - * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). 765 - * 766 - * The Curve25519 paper doesn't say which of the two possible y values the base 767 - * point has. The choice here is guided by language in the Ed25519 paper. 768 - * 769 - * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 770 - */ 771 - ECPoint G = curve.decodePoint(Hex.decode("04" 772 - + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" 773 - + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); 774 - 775 - return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); 776 - } 777 - }; 778 + // BEGIN android-removed 779 + // /* 780 + // * curve25519 781 + // */ 782 + // static X9ECParametersHolder curve25519 = new X9ECParametersHolder() 783 + // { 784 + // protected X9ECParameters createParameters() 785 + // { 786 + // byte[] S = null; 787 + // ECCurve curve = configureCurve(new Curve25519()); 788 + // 789 + // /* 790 + // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form 791 + // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). 792 + // * 793 + // * The Curve25519 paper doesn't say which of the two possible y values the base 794 + // * point has. The choice here is guided by language in the Ed25519 paper. 795 + // * 796 + // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 797 + // */ 798 + // ECPoint G = curve.decodePoint(Hex.decode("04" 799 + // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" 800 + // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); 801 + // 802 + // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); 803 + // } 804 + // }; 805 + // END android-removed 806 807 /* 808 * secp192k1 809 @@ -254,7 +258,9 @@ 810 811 static 812 { 813 - defineCurve("curve25519", curve25519); 814 + // BEGIN android-removed 815 + // defineCurve("curve25519", curve25519); 816 + // END android-removed 817 818 defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1); 819 defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1); 820 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 821 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2015-03-01 12:03:02.000000000 +0000 822 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-05-25 02:14:15.000000000 +0000 823 @@ -6,7 +6,9 @@ 824 import org.bouncycastle.crypto.CipherParameters; 825 import org.bouncycastle.crypto.Digest; 826 import org.bouncycastle.crypto.InvalidCipherTextException; 827 -import org.bouncycastle.crypto.digests.SHA1Digest; 828 +// BEGIN android-changed 829 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 830 +// END android-changed 831 import org.bouncycastle.crypto.params.ParametersWithRandom; 832 833 /** 834 @@ -25,7 +27,9 @@ 835 public OAEPEncoding( 836 AsymmetricBlockCipher cipher) 837 { 838 - this(cipher, new SHA1Digest(), null); 839 + // BEGIN android-changed 840 + this(cipher, AndroidDigestFactory.getSHA1(), null); 841 + // END android-changed 842 } 843 844 public OAEPEncoding( 845 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 846 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-03-01 12:03:02.000000000 +0000 847 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-04-09 13:10:16.000000000 +0000 848 @@ -378,6 +378,12 @@ 849 throw new InvalidCipherTextException("unknown block type"); 850 } 851 } 852 + // BEGIN android-added 853 + if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) 854 + { 855 + throw new InvalidCipherTextException("invalid block type " + type); 856 + } 857 + // END android-added 858 859 if (useStrictLength && block.length != engine.getOutputBlockSize()) 860 { 861 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 862 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2015-03-01 12:03:02.000000000 +0000 863 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2014-07-28 19:51:54.000000000 +0000 864 @@ -6,7 +6,9 @@ 865 import org.bouncycastle.crypto.Digest; 866 import org.bouncycastle.crypto.InvalidCipherTextException; 867 import org.bouncycastle.crypto.Wrapper; 868 -import org.bouncycastle.crypto.digests.SHA1Digest; 869 +// BEGIN android-changed 870 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 871 +// END android-changed 872 import org.bouncycastle.crypto.modes.CBCBlockCipher; 873 import org.bouncycastle.crypto.params.KeyParameter; 874 import org.bouncycastle.crypto.params.ParametersWithIV; 875 @@ -52,7 +54,9 @@ 876 // 877 // checksum digest 878 // 879 - Digest sha1 = new SHA1Digest(); 880 + // BEGIN android-changed 881 + Digest sha1 = AndroidDigestFactory.getSHA1(); 882 + // END android-changed 883 byte[] digest = new byte[20]; 884 885 /** 886 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 887 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2015-03-01 12:03:02.000000000 +0000 888 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 2014-07-28 19:51:54.000000000 +0000 889 @@ -3,11 +3,18 @@ 890 import java.math.BigInteger; 891 import java.security.SecureRandom; 892 893 +// BEGIN android-added 894 +import java.util.logging.Logger; 895 +// END android-added 896 import org.bouncycastle.math.ec.WNafUtil; 897 import org.bouncycastle.util.BigIntegers; 898 899 class DHParametersHelper 900 { 901 + // BEGIN android-added 902 + private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); 903 + // END android-added 904 + 905 private static final BigInteger ONE = BigInteger.valueOf(1); 906 private static final BigInteger TWO = BigInteger.valueOf(2); 907 908 @@ -18,12 +25,20 @@ 909 */ 910 static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) 911 { 912 + // BEGIN android-added 913 + logger.info("Generating safe primes. This may take a long time."); 914 + long start = System.currentTimeMillis(); 915 + int tries = 0; 916 + // END android-added 917 BigInteger p, q; 918 int qLength = size - 1; 919 int minWeight = size >>> 2; 920 921 for (;;) 922 { 923 + // BEGIN android-added 924 + tries++; 925 + // END android-added 926 q = new BigInteger(qLength, 2, random); 927 928 // p <- 2q + 1 929 @@ -52,6 +67,11 @@ 930 931 break; 932 } 933 + // BEGIN android-added 934 + long end = System.currentTimeMillis(); 935 + long duration = end - start; 936 + logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); 937 + // END android-added 938 939 return new BigInteger[] { p, q }; 940 } 941 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 942 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 943 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2014-07-28 19:51:54.000000000 +0000 944 @@ -4,7 +4,9 @@ 945 import java.security.SecureRandom; 946 947 import org.bouncycastle.crypto.Digest; 948 -import org.bouncycastle.crypto.digests.SHA1Digest; 949 +// BEGIN android-changed 950 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 951 +// END android-changed 952 import org.bouncycastle.crypto.params.DSAParameterGenerationParameters; 953 import org.bouncycastle.crypto.params.DSAParameters; 954 import org.bouncycastle.crypto.params.DSAValidationParameters; 955 @@ -31,7 +33,9 @@ 956 957 public DSAParametersGenerator() 958 { 959 - this(new SHA1Digest()); 960 + // BEGIN android-changed 961 + this(AndroidDigestFactory.getSHA1()); 962 + // END android-changed 963 } 964 965 public DSAParametersGenerator(Digest digest) 966 @@ -122,7 +126,9 @@ 967 int n = (L - 1) / 160; 968 byte[] w = new byte[L / 8]; 969 970 - if (!(digest instanceof SHA1Digest)) 971 + // BEGIN android-changed 972 + if (!(digest.getAlgorithmName().equals("SHA-1"))) 973 + // END android-changed 974 { 975 throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters"); 976 } 977 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 978 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 979 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000 980 @@ -3,7 +3,9 @@ 981 import org.bouncycastle.crypto.CipherParameters; 982 import org.bouncycastle.crypto.Digest; 983 import org.bouncycastle.crypto.PBEParametersGenerator; 984 -import org.bouncycastle.crypto.digests.MD5Digest; 985 +// BEGIN android-changed 986 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 987 +// END android-changed 988 import org.bouncycastle.crypto.params.KeyParameter; 989 import org.bouncycastle.crypto.params.ParametersWithIV; 990 991 @@ -17,7 +19,9 @@ 992 public class OpenSSLPBEParametersGenerator 993 extends PBEParametersGenerator 994 { 995 - private Digest digest = new MD5Digest(); 996 + // BEGIN android-changed 997 + private Digest digest = AndroidDigestFactory.getMD5(); 998 + // END android-changed 999 1000 /** 1001 * Construct a OpenSSL Parameters generator. 1002 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 1003 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 1004 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-12-12 00:35:05.000000000 +0000 1005 @@ -4,7 +4,9 @@ 1006 import org.bouncycastle.crypto.Digest; 1007 import org.bouncycastle.crypto.Mac; 1008 import org.bouncycastle.crypto.PBEParametersGenerator; 1009 -import org.bouncycastle.crypto.digests.SHA1Digest; 1010 +// BEGIN android-changed 1011 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1012 +// END android-changed 1013 import org.bouncycastle.crypto.macs.HMac; 1014 import org.bouncycastle.crypto.params.KeyParameter; 1015 import org.bouncycastle.crypto.params.ParametersWithIV; 1016 @@ -28,7 +30,9 @@ 1017 */ 1018 public PKCS5S2ParametersGenerator() 1019 { 1020 - this(new SHA1Digest()); 1021 + // BEGIN android-changed 1022 + this(AndroidDigestFactory.getSHA1()); 1023 + // END android-changed 1024 } 1025 1026 public PKCS5S2ParametersGenerator(Digest digest) 1027 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 1028 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java 2015-03-01 12:03:02.000000000 +0000 1029 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 2013-09-26 18:06:21.000000000 +0000 1030 @@ -36,14 +36,18 @@ 1031 { 1032 blockLengths = new Hashtable(); 1033 1034 - blockLengths.put("GOST3411", Integers.valueOf(32)); 1035 - 1036 - blockLengths.put("MD2", Integers.valueOf(16)); 1037 - blockLengths.put("MD4", Integers.valueOf(64)); 1038 + // BEGIN android-removed 1039 + // blockLengths.put("GOST3411", Integers.valueOf(32)); 1040 + // 1041 + // blockLengths.put("MD2", Integers.valueOf(16)); 1042 + // blockLengths.put("MD4", Integers.valueOf(64)); 1043 + // END android-removed 1044 blockLengths.put("MD5", Integers.valueOf(64)); 1045 1046 - blockLengths.put("RIPEMD128", Integers.valueOf(64)); 1047 - blockLengths.put("RIPEMD160", Integers.valueOf(64)); 1048 + // BEGIN android-removed 1049 + // blockLengths.put("RIPEMD128", Integers.valueOf(64)); 1050 + // blockLengths.put("RIPEMD160", Integers.valueOf(64)); 1051 + // END android-removed 1052 1053 blockLengths.put("SHA-1", Integers.valueOf(64)); 1054 blockLengths.put("SHA-224", Integers.valueOf(64)); 1055 @@ -51,8 +55,10 @@ 1056 blockLengths.put("SHA-384", Integers.valueOf(128)); 1057 blockLengths.put("SHA-512", Integers.valueOf(128)); 1058 1059 - blockLengths.put("Tiger", Integers.valueOf(64)); 1060 - blockLengths.put("Whirlpool", Integers.valueOf(64)); 1061 + // BEGIN android-removed 1062 + // blockLengths.put("Tiger", Integers.valueOf(64)); 1063 + // blockLengths.put("Whirlpool", Integers.valueOf(64)); 1064 + // END android-removed 1065 } 1066 1067 private static int getByteLength( 1068 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java 1069 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-03-01 12:03:02.000000000 +0000 1070 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-11-12 22:10:47.000000000 +0000 1071 @@ -24,6 +24,11 @@ 1072 implements AEADBlockCipher 1073 { 1074 private static final int BLOCK_SIZE = 16; 1075 + // BEGIN android-added 1076 + // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak 1077 + // plaintext and authentication key 1078 + private static final long MAX_INPUT_SIZE = 68719476704L; 1079 + // END android-added 1080 1081 // not final due to a compiler bug 1082 private BlockCipher cipher; 1083 @@ -202,6 +207,14 @@ 1084 return totalData < macSize ? 0 : totalData - macSize; 1085 } 1086 1087 + // BEGIN android-added 1088 + /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */ 1089 + private long getTotalInputSizeAfterNewInput(int newInputLen) 1090 + { 1091 + return totalLength + newInputLen + bufOff; 1092 + } 1093 + // END android-added 1094 + 1095 public int getUpdateOutputSize(int len) 1096 { 1097 int totalData = len + bufOff; 1098 @@ -218,6 +231,11 @@ 1099 1100 public void processAADByte(byte in) 1101 { 1102 + // BEGIN android-added 1103 + if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { 1104 + throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1105 + } 1106 + // END android-added 1107 atBlock[atBlockPos] = in; 1108 if (++atBlockPos == BLOCK_SIZE) 1109 { 1110 @@ -230,6 +248,11 @@ 1111 1112 public void processAADBytes(byte[] in, int inOff, int len) 1113 { 1114 + // BEGIN android-added 1115 + if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { 1116 + throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1117 + } 1118 + // END android-added 1119 for (int i = 0; i < len; ++i) 1120 { 1121 atBlock[atBlockPos] = in[inOff + i]; 1122 @@ -267,6 +290,11 @@ 1123 public int processByte(byte in, byte[] out, int outOff) 1124 throws DataLengthException 1125 { 1126 + // BEGIN android-added 1127 + if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { 1128 + throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1129 + } 1130 + // END android-added 1131 bufBlock[bufOff] = in; 1132 if (++bufOff == bufBlock.length) 1133 { 1134 @@ -279,6 +307,11 @@ 1135 public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff) 1136 throws DataLengthException 1137 { 1138 + // BEGIN android-added 1139 + if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { 1140 + throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); 1141 + } 1142 + // END android-added 1143 if (in.length < (inOff + len)) 1144 { 1145 throw new DataLengthException("Input buffer too short"); 1146 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 1147 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-03-01 12:03:02.000000000 +0000 1148 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-04-09 13:10:16.000000000 +0000 1149 @@ -39,9 +39,11 @@ 1150 */ 1151 static 1152 { 1153 - oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1154 - oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1155 - oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1156 + // BEGIN android-removed 1157 + // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1158 + // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1159 + // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1160 + // END android-removed 1161 1162 oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); 1163 oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 1164 @@ -51,8 +53,10 @@ 1165 oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224); 1166 oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256); 1167 1168 - oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1169 - oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1170 + // BEGIN android-removed 1171 + // oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1172 + // oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1173 + // END android-removed 1174 oidMap.put("MD5", PKCSObjectIdentifiers.md5); 1175 } 1176 1177 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 1178 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2015-03-01 12:03:02.000000000 +0000 1179 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2014-07-28 19:51:54.000000000 +0000 1180 @@ -9,7 +9,9 @@ 1181 import org.bouncycastle.asn1.ASN1Integer; 1182 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1183 import org.bouncycastle.asn1.ASN1Primitive; 1184 -import org.bouncycastle.asn1.oiw.ElGamalParameter; 1185 +// BEGIN android-removed 1186 +// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1187 +// END android-removed 1188 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1189 import org.bouncycastle.asn1.pkcs.DHParameter; 1190 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1191 @@ -31,8 +33,10 @@ 1192 import org.bouncycastle.crypto.params.ECDomainParameters; 1193 import org.bouncycastle.crypto.params.ECNamedDomainParameters; 1194 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 1195 -import org.bouncycastle.crypto.params.ElGamalParameters; 1196 -import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1197 +// BEGIN android-removed 1198 +// import org.bouncycastle.crypto.params.ElGamalParameters; 1199 +// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1200 +// END android-removed 1201 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; 1202 1203 /** 1204 @@ -98,14 +102,16 @@ 1205 1206 return new DHPrivateKeyParameters(derX.getValue(), dhParams); 1207 } 1208 - else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1209 - { 1210 - ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1211 - ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1212 - 1213 - return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1214 - params.getP(), params.getG())); 1215 - } 1216 + // BEGIN android-removed 1217 + // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1218 + // { 1219 + // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1220 + // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1221 + // 1222 + // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1223 + // params.getP(), params.getG())); 1224 + // } 1225 + // END android-removed 1226 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) 1227 { 1228 ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1229 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 1230 --- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2015-03-01 12:03:02.000000000 +0000 1231 +++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 2014-07-28 19:51:54.000000000 +0000 1232 @@ -11,7 +11,9 @@ 1233 import org.bouncycastle.asn1.ASN1OctetString; 1234 import org.bouncycastle.asn1.ASN1Primitive; 1235 import org.bouncycastle.asn1.DEROctetString; 1236 -import org.bouncycastle.asn1.oiw.ElGamalParameter; 1237 +// BEGIN android-removed 1238 +// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1239 +// END android-removed 1240 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1241 import org.bouncycastle.asn1.pkcs.DHParameter; 1242 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1243 @@ -38,8 +40,10 @@ 1244 import org.bouncycastle.crypto.params.ECDomainParameters; 1245 import org.bouncycastle.crypto.params.ECNamedDomainParameters; 1246 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 1247 -import org.bouncycastle.crypto.params.ElGamalParameters; 1248 -import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1249 +// BEGIN android-removed 1250 +// import org.bouncycastle.crypto.params.ElGamalParameters; 1251 +// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1252 +// END android-removed 1253 import org.bouncycastle.crypto.params.RSAKeyParameters; 1254 1255 /** 1256 @@ -133,14 +137,16 @@ 1257 1258 return new DHPublicKeyParameters(derY.getValue(), dhParams); 1259 } 1260 - else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1261 - { 1262 - ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1263 - ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1264 - 1265 - return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1266 - params.getP(), params.getG())); 1267 - } 1268 + // BEGIN android-removed 1269 + // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1270 + // { 1271 + // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1272 + // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1273 + // 1274 + // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1275 + // params.getP(), params.getG())); 1276 + // } 1277 + // END android-removed 1278 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) 1279 || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) 1280 { 1281 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 1282 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2015-03-01 12:03:02.000000000 +0000 1283 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2014-07-28 19:51:54.000000000 +0000 1284 @@ -35,10 +35,12 @@ 1285 1286 provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); 1287 1288 - provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1289 - provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1290 - provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1291 - provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1292 + // BEGIN android-removed 1293 + // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1294 + // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1295 + // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1296 + // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1297 + // END android-removed 1298 1299 registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi()); 1300 registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi()); 1301 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 1302 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-03-01 12:03:02.000000000 +0000 1303 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-06-01 19:10:55.000000000 +0000 1304 @@ -27,40 +27,55 @@ 1305 provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); 1306 provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); 1307 1308 - provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); 1309 + // BEGIN android-changed 1310 + provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); 1311 + // END android-changed 1312 provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); 1313 1314 provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); 1315 1316 - provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1317 - provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1318 - provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1319 - provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1320 - provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1321 - provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1322 + // BEGIN android-removed 1323 + // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1324 + // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1325 + // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1326 + // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1327 + // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1328 + // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1329 + // END android-removed 1330 1331 addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1332 addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1333 - addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1334 - addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1335 - 1336 - provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); 1337 - provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); 1338 - provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); 1339 - provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); 1340 - provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); 1341 - provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); 1342 - provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); 1343 - provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); 1344 - provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); 1345 - 1346 - provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1347 + // BEGIN android-removed 1348 + // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1349 + // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1350 + // END android-removed 1351 + 1352 + // BEGIN android-added 1353 + provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); 1354 + // END android-added 1355 + // BEGIN android-changed 1356 + provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); 1357 + provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA"); 1358 + provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); 1359 + provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); 1360 + provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); 1361 + provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); 1362 + provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); 1363 + provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); 1364 + provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); 1365 + // END android-changed 1366 + 1367 + // BEGIN android-removed 1368 + // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1369 + // END android-removed 1370 1371 AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); 1372 1373 for (int i = 0; i != DSAUtil.dsaOids.length; i++) 1374 { 1375 - provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA"); 1376 + // BEGIN android-changed 1377 + provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); 1378 + // END android-changed 1379 1380 registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); 1381 registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); 1382 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 1383 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-03-01 12:03:02.000000000 +0000 1384 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-04-09 13:10:16.000000000 +0000 1385 @@ -1,8 +1,10 @@ 1386 package org.bouncycastle.jcajce.provider.asymmetric; 1387 1388 -import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; 1389 -import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1390 -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1391 +// BEGIN android-removed 1392 +// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; 1393 +// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1394 +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1395 +// END android-removed 1396 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 1397 import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; 1398 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1399 @@ -22,45 +24,59 @@ 1400 public void configure(ConfigurableProvider provider) 1401 { 1402 provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); 1403 - provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1404 - provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1405 - provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1406 - provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1407 - provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1408 + // BEGIN android-removed 1409 + // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1410 + // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1411 + // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1412 + // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1413 + // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1414 + // END android-removed 1415 1416 registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); 1417 // TODO Should this be an alias for ECDH? 1418 registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); 1419 - registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1420 - 1421 - registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1422 + // BEGIN android-removed 1423 + // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1424 + // 1425 + // // Android comment: the registration below is causing CTS tests to fail and doesn't seem 1426 + // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). 1427 + // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1428 + // END android-removed 1429 // TODO Should this be an alias for ECDH? 1430 - registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1431 - registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1432 + // BEGIN android-removed 1433 + // // Android comment: the registration below is causing CTS tests to fail and doesn't seem 1434 + // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). 1435 + // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1436 + // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1437 + // END android-removed 1438 1439 provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); 1440 - provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1441 - provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1442 - provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1443 - provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1444 + // BEGIN android-removed 1445 + // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1446 + // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1447 + // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1448 + // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1449 + // END android-removed 1450 1451 provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); 1452 - provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1453 - provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1454 - provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1455 - provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1456 - provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1457 - provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1458 - 1459 - provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1460 - provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1461 - provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1462 - provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1463 - provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1464 - provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1465 - provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1466 - provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1467 - provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1468 + // BEGIN android-removed 1469 + // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1470 + // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1471 + // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1472 + // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1473 + // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1474 + // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1475 + // 1476 + // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1477 + // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1478 + // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1479 + // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1480 + // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1481 + // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1482 + // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1483 + // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1484 + // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1485 + // END android-removed 1486 1487 provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); 1488 provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); 1489 @@ -72,39 +88,43 @@ 1490 provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); 1491 provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); 1492 provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); 1493 - provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1494 - 1495 - provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1496 - provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1497 - provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1498 - provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1499 - provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1500 - provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1501 + // BEGIN android-removed 1502 + // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1503 + // 1504 + // provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1505 + // provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1506 + // provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1507 + // provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1508 + // provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1509 + // provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1510 + // END android-removed 1511 1512 addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1513 addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); 1514 addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); 1515 addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); 1516 - addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1517 - 1518 - provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1519 - provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1520 - provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1521 - provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1522 - provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1523 - 1524 - addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1525 - addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1526 - addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1527 - addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1528 - addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1529 - 1530 - addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); 1531 - addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); 1532 - addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); 1533 - addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); 1534 - addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); 1535 - addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); 1536 + // BEGIN android-removed 1537 + // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1538 + // 1539 + // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1540 + // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1541 + // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1542 + // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1543 + // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1544 + // 1545 + // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1546 + // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1547 + // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1548 + // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1549 + // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1550 + // 1551 + // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); 1552 + // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); 1553 + // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); 1554 + // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); 1555 + // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); 1556 + // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); 1557 + // END android-removed 1558 } 1559 } 1560 } 1561 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 1562 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-03-01 12:03:02.000000000 +0000 1563 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-04-09 13:10:16.000000000 +0000 1564 @@ -3,7 +3,9 @@ 1565 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1566 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1567 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1568 -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1569 +// BEGIN android-removed 1570 +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1571 +// END android-removed 1572 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 1573 import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; 1574 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1575 @@ -26,39 +28,47 @@ 1576 provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); 1577 provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1578 1579 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1580 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1581 - 1582 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1583 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1584 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1585 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1586 - 1587 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1588 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1589 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1590 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1591 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1592 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1593 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1594 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1595 + // BEGIN android-removed 1596 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1597 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1598 + // 1599 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1600 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1601 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1602 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1603 + // 1604 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1605 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1606 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1607 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1608 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1609 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1610 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1611 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1612 + // END android-removed 1613 1614 provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); 1615 - provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding"); 1616 - provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1617 - provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1618 - provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1619 - provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1620 - provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1621 - provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1622 - provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1623 - provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1624 + // BEGIN android-changed 1625 + provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); 1626 + // END android-changed 1627 + // BEGIN android-removed 1628 + // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1629 + // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1630 + // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1631 + // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1632 + // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1633 + // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1634 + // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1635 + // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1636 + // END android-removed 1637 1638 provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); 1639 provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); 1640 - provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1641 - provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1642 - provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1643 + // BEGIN android-removed 1644 + // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1645 + // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1646 + // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1647 + // END android-removed 1648 1649 provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); 1650 provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); 1651 @@ -68,79 +78,89 @@ 1652 registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); 1653 registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); 1654 registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); 1655 - registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1656 - 1657 - registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1658 - registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1659 - registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1660 - registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1661 - 1662 - 1663 - provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1664 - provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1665 - provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1666 - 1667 - provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1668 - provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1669 - provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1670 - provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1671 - provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1672 - provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1673 - provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1674 - provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1675 - 1676 - provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1677 - provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1678 - 1679 - provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1680 - provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1681 - provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1682 - provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1683 - provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1684 - provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1685 - provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1686 - 1687 - 1688 - provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1689 - provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1690 - provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1691 - provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1692 - 1693 - if (provider.hasAlgorithm("MessageDigest", "MD2")) 1694 - { 1695 - addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1696 - } 1697 - 1698 - if (provider.hasAlgorithm("MessageDigest", "MD4")) 1699 - { 1700 - addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1701 - } 1702 + // BEGIN android-removed 1703 + // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1704 + // 1705 + // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1706 + // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1707 + // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1708 + // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1709 + // 1710 + // 1711 + // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1712 + // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1713 + // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1714 + // 1715 + // provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1716 + // provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1717 + // provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1718 + // provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1719 + // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1720 + // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1721 + // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1722 + // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1723 + // 1724 + // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1725 + // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1726 + // 1727 + // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1728 + // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1729 + // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1730 + // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1731 + // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1732 + // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1733 + // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1734 + // 1735 + // 1736 + // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1737 + // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1738 + // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1739 + // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1740 + // 1741 + // if (provider.hasAlgorithm("MessageDigest", "MD2")) 1742 + // { 1743 + // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1744 + // } 1745 + // 1746 + // if (provider.hasAlgorithm("MessageDigest", "MD4")) 1747 + // { 1748 + // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1749 + // } 1750 + // END android-removed 1751 1752 if (provider.hasAlgorithm("MessageDigest", "MD5")) 1753 { 1754 addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); 1755 - provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1756 - provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1757 + // END android-removed 1758 + // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1759 + // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1760 + // END android-removed 1761 } 1762 1763 if (provider.hasAlgorithm("MessageDigest", "SHA1")) 1764 { 1765 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1766 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1767 - provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1768 - provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1769 - provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1770 + // BEGIN android-removed 1771 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1772 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1773 + // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1774 + // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1775 + // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1776 + // END android-removed 1777 1778 addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); 1779 1780 - provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1781 - provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1782 + // BEGIN android-removed 1783 + // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1784 + // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1785 + // END android-removed 1786 provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1787 provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1788 1789 - provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); 1790 - provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); 1791 - provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); 1792 + // BEGIN android-removed 1793 + // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); 1794 + // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); 1795 + // provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); 1796 + // END android-removed 1797 } 1798 1799 addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); 1800 @@ -148,52 +168,54 @@ 1801 addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); 1802 addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); 1803 1804 - provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); 1805 - provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); 1806 - provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); 1807 - provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); 1808 - provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); 1809 - provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); 1810 - provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); 1811 - provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); 1812 - provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); 1813 - provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); 1814 - provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); 1815 - provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); 1816 - 1817 - if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1818 - { 1819 - addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1820 - addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1821 - provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1822 - provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1823 - provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); 1824 - } 1825 - 1826 - if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1827 - { 1828 - addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1829 - addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1830 - provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1831 - provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1832 - provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1833 - provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1834 - provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); 1835 - } 1836 - 1837 - if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1838 - { 1839 - addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1840 - addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1841 - } 1842 - 1843 - if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) 1844 - { 1845 - provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1846 - provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1847 - provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1848 - provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); 1849 - } 1850 + // BEGIN android-removed 1851 + // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); 1852 + // provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); 1853 + // provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); 1854 + // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); 1855 + // provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); 1856 + // provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); 1857 + // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); 1858 + // provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); 1859 + // provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); 1860 + // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); 1861 + // provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); 1862 + // provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); 1863 + // 1864 + // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1865 + // { 1866 + // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1867 + // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1868 + // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1869 + // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1870 + // provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); 1871 + // } 1872 + // 1873 + // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1874 + // { 1875 + // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1876 + // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1877 + // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1878 + // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1879 + // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1880 + // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1881 + // provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); 1882 + // } 1883 + // 1884 + // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1885 + // { 1886 + // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1887 + // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1888 + // } 1889 + // 1890 + // if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) 1891 + // { 1892 + // provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1893 + // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1894 + // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1895 + // provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); 1896 + // } 1897 + // END android-removed 1898 } 1899 1900 private void addDigestSignature( 1901 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 1902 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2015-03-01 12:03:02.000000000 +0000 1903 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-09-17 23:04:47.000000000 +0000 1904 @@ -18,8 +18,10 @@ 1905 1906 public void configure(ConfigurableProvider provider) 1907 { 1908 - provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1909 - provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1910 + // BEGIN android-removed 1911 + // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1912 + // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1913 + // END android-removed 1914 1915 // 1916 // certificate factories. 1917 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 1918 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2015-03-01 12:03:02.000000000 +0000 1919 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2015-07-21 14:37:00.000000000 +0000 1920 @@ -23,13 +23,24 @@ 1921 import org.bouncycastle.crypto.DSA; 1922 import org.bouncycastle.crypto.Digest; 1923 import org.bouncycastle.crypto.digests.NullDigest; 1924 -import org.bouncycastle.crypto.digests.SHA1Digest; 1925 -import org.bouncycastle.crypto.digests.SHA224Digest; 1926 -import org.bouncycastle.crypto.digests.SHA256Digest; 1927 -import org.bouncycastle.crypto.digests.SHA384Digest; 1928 -import org.bouncycastle.crypto.digests.SHA512Digest; 1929 +// BEGIN android-added 1930 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1931 +// END android-added 1932 +// BEGIN android-removed 1933 +// import org.bouncycastle.crypto.digests.SHA1Digest; 1934 +// import org.bouncycastle.crypto.digests.SHA224Digest; 1935 +// import org.bouncycastle.crypto.digests.SHA256Digest; 1936 +// import org.bouncycastle.crypto.digests.SHA384Digest; 1937 +// import org.bouncycastle.crypto.digests.SHA512Digest; 1938 +// END android-removed 1939 +// BEGIN android-added 1940 +import org.bouncycastle.crypto.params.DSAKeyParameters; 1941 +import org.bouncycastle.crypto.params.DSAParameters; 1942 +// END android-added 1943 import org.bouncycastle.crypto.params.ParametersWithRandom; 1944 -import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1945 +// BEGIN android-removed 1946 +// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1947 +// END android-removed 1948 1949 public class DSASigner 1950 extends SignatureSpi 1951 @@ -79,6 +90,10 @@ 1952 throw new InvalidKeyException("can't recognise key type in DSA based signer"); 1953 } 1954 } 1955 + // BEGIN android-added 1956 + DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters(); 1957 + checkKey(dsaParam); 1958 + // END android-added 1959 1960 digest.reset(); 1961 signer.init(false, param); 1962 @@ -100,6 +115,10 @@ 1963 CipherParameters param; 1964 1965 param = DSAUtil.generatePrivateKeyParameter(privateKey); 1966 + // BEGIN android-added 1967 + DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters(); 1968 + checkKey(dsaParam); 1969 + // END android-added 1970 1971 if (random != null) 1972 { 1973 @@ -173,6 +192,28 @@ 1974 throw new UnsupportedOperationException("engineSetParameter unsupported"); 1975 } 1976 1977 + // BEGIN android-added 1978 + protected void checkKey(DSAParameters params) throws InvalidKeyException { 1979 + int valueL = params.getP().bitLength(); 1980 + int valueN = params.getQ().bitLength(); 1981 + int digestSize = digest.getDigestSize(); 1982 + 1983 + // The checks are consistent with DSAParametersGenerator's init method. 1984 + if ((valueL < 1024 || valueL > 3072) || valueL % 1024 != 0) { 1985 + throw new InvalidKeyException("valueL values must be between 1024 and 3072 and a multiple of 1024"); 1986 + } else if (valueL == 1024 && valueN != 160) { 1987 + throw new InvalidKeyException("valueN must be 160 for valueL = 1024"); 1988 + } else if (valueL == 2048 && (valueN != 224 && valueN != 256)) { 1989 + throw new InvalidKeyException("valueN must be 224 or 256 for valueL = 2048"); 1990 + } else if (valueL == 3072 && valueN != 256) { 1991 + throw new InvalidKeyException("valueN must be 256 for valueL = 3072"); 1992 + } 1993 + if (valueN > digestSize * 8) { 1994 + throw new InvalidKeyException("Key is too strong for this signature algorithm"); 1995 + } 1996 + } 1997 + 1998 + // END android-added 1999 /** 2000 * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> 2001 */ 2002 @@ -217,90 +258,102 @@ 2003 { 2004 public stdDSA() 2005 { 2006 - super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2007 + // BEGIN android-changed 2008 + super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); 2009 + // END android-changed 2010 } 2011 } 2012 2013 - static public class detDSA 2014 - extends DSASigner 2015 - { 2016 - public detDSA() 2017 - { 2018 - super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 2019 - } 2020 - } 2021 + // BEGIN android-removed 2022 + // static public class detDSA 2023 + // extends DSASigner 2024 + // { 2025 + // public detDSA() 2026 + // { 2027 + // super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 2028 + // } 2029 + // } 2030 + // END android-removed 2031 2032 static public class dsa224 2033 extends DSASigner 2034 { 2035 public dsa224() 2036 { 2037 - super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2038 + // BEGIN android-changed 2039 + super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); 2040 + // END android-changed 2041 } 2042 } 2043 2044 - static public class detDSA224 2045 - extends DSASigner 2046 - { 2047 - public detDSA224() 2048 - { 2049 - super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 2050 - } 2051 - } 2052 + // BEGIN android-removed 2053 + // static public class detDSA224 2054 + // extends DSASigner 2055 + // { 2056 + // public detDSA224() 2057 + // { 2058 + // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 2059 + // } 2060 + // } 2061 + // END android-removed 2062 2063 static public class dsa256 2064 extends DSASigner 2065 { 2066 public dsa256() 2067 { 2068 - super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2069 + // BEGIN android-changed 2070 + super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); 2071 + // END android-changed 2072 } 2073 } 2074 2075 - static public class detDSA256 2076 - extends DSASigner 2077 - { 2078 - public detDSA256() 2079 - { 2080 - super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 2081 - } 2082 - } 2083 - 2084 - static public class dsa384 2085 - extends DSASigner 2086 - { 2087 - public dsa384() 2088 - { 2089 - super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2090 - } 2091 - } 2092 - 2093 - static public class detDSA384 2094 - extends DSASigner 2095 - { 2096 - public detDSA384() 2097 - { 2098 - super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 2099 - } 2100 - } 2101 - 2102 - static public class dsa512 2103 - extends DSASigner 2104 - { 2105 - public dsa512() 2106 - { 2107 - super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2108 - } 2109 - } 2110 - 2111 - static public class detDSA512 2112 - extends DSASigner 2113 - { 2114 - public detDSA512() 2115 - { 2116 - super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 2117 - } 2118 - } 2119 + // BEGIN android-removed 2120 + // static public class detDSA256 2121 + // extends DSASigner 2122 + // { 2123 + // public detDSA256() 2124 + // { 2125 + // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 2126 + // } 2127 + // } 2128 + // 2129 + // static public class dsa384 2130 + // extends DSASigner 2131 + // { 2132 + // public dsa384() 2133 + // { 2134 + // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2135 + // } 2136 + // } 2137 + // 2138 + // static public class detDSA384 2139 + // extends DSASigner 2140 + // { 2141 + // public detDSA384() 2142 + // { 2143 + // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 2144 + // } 2145 + // } 2146 + // 2147 + // static public class dsa512 2148 + // extends DSASigner 2149 + // { 2150 + // public dsa512() 2151 + // { 2152 + // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 2153 + // } 2154 + // } 2155 + // 2156 + // static public class detDSA512 2157 + // extends DSASigner 2158 + // { 2159 + // public detDSA512() 2160 + // { 2161 + // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 2162 + // } 2163 + // } 2164 + // END android-removed 2165 2166 static public class noneDSA 2167 extends DSASigner 2168 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2169 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-03-01 12:03:02.000000000 +0000 2170 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-06-01 19:10:55.000000000 +0000 2171 @@ -23,6 +23,9 @@ 2172 public static final ASN1ObjectIdentifier[] dsaOids = 2173 { 2174 X9ObjectIdentifiers.id_dsa, 2175 + // BEGIN android-added 2176 + X9ObjectIdentifiers.id_dsa_with_sha1, 2177 + // END android-added 2178 OIWObjectIdentifiers.dsaWithSHA1 2179 }; 2180 2181 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2182 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2015-03-01 12:03:02.000000000 +0000 2183 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2015-07-07 18:14:00.000000000 +0000 2184 @@ -24,22 +24,28 @@ 2185 import org.bouncycastle.crypto.CipherParameters; 2186 import org.bouncycastle.crypto.DerivationFunction; 2187 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; 2188 -import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2189 -import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2190 -import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2191 -import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2192 +// BEGIN android-removed 2193 +// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2194 +// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2195 +// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2196 +// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2197 +// END android-removed 2198 import org.bouncycastle.crypto.digests.SHA1Digest; 2199 import org.bouncycastle.crypto.params.DESParameters; 2200 import org.bouncycastle.crypto.params.ECDomainParameters; 2201 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 2202 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 2203 -import org.bouncycastle.crypto.params.MQVPrivateParameters; 2204 -import org.bouncycastle.crypto.params.MQVPublicParameters; 2205 +// BEGIN android-removed 2206 +// import org.bouncycastle.crypto.params.MQVPrivateParameters; 2207 +// import org.bouncycastle.crypto.params.MQVPublicParameters; 2208 +// END android-removed 2209 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 2210 import org.bouncycastle.jce.interfaces.ECPrivateKey; 2211 import org.bouncycastle.jce.interfaces.ECPublicKey; 2212 -import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2213 -import org.bouncycastle.jce.interfaces.MQVPublicKey; 2214 +// BEGIN android-removed 2215 +// import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2216 +// import org.bouncycastle.jce.interfaces.MQVPublicKey; 2217 +// END android-removed 2218 import org.bouncycastle.util.Integers; 2219 import org.bouncycastle.util.Strings; 2220 2221 @@ -89,7 +95,9 @@ 2222 private BigInteger result; 2223 private ECDomainParameters parameters; 2224 private BasicAgreement agreement; 2225 - private DerivationFunction kdf; 2226 + // BEGIN android-removed 2227 + // private DerivationFunction kdf; 2228 + // END android-removed 2229 2230 private byte[] bigIntToBytes( 2231 BigInteger r) 2232 @@ -104,7 +112,9 @@ 2233 { 2234 this.kaAlgorithm = kaAlgorithm; 2235 this.agreement = agreement; 2236 - this.kdf = kdf; 2237 + // BEGIN android-removed 2238 + // this.kdf = kdf; 2239 + // END android-removed 2240 } 2241 2242 protected Key engineDoPhase( 2243 @@ -123,25 +133,27 @@ 2244 } 2245 2246 CipherParameters pubKey; 2247 - if (agreement instanceof ECMQVBasicAgreement) 2248 - { 2249 - if (!(key instanceof MQVPublicKey)) 2250 - { 2251 - throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2252 - + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2253 - } 2254 - 2255 - MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2256 - ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2257 - ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2258 - ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2259 - ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2260 - 2261 - pubKey = new MQVPublicParameters(staticKey, ephemKey); 2262 - 2263 - // TODO Validate that all the keys are using the same parameters? 2264 - } 2265 - else 2266 + // BEGIN android-removed 2267 + // if (agreement instanceof ECMQVBasicAgreement) 2268 + // { 2269 + // if (!(key instanceof MQVPublicKey)) 2270 + // { 2271 + // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2272 + // + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2273 + // } 2274 + // 2275 + // MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2276 + // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2277 + // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2278 + // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2279 + // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2280 + // 2281 + // pubKey = new MQVPublicParameters(staticKey, ephemKey); 2282 + // 2283 + // // TODO Validate that all the keys are using the same parameters? 2284 + // } 2285 + // else 2286 + // END android-removed 2287 { 2288 if (!(key instanceof PublicKey)) 2289 { 2290 @@ -154,7 +166,15 @@ 2291 // TODO Validate that all the keys are using the same parameters? 2292 } 2293 2294 + // BEGIN android-added 2295 + try { 2296 + // END android-added 2297 result = agreement.calculateAgreement(pubKey); 2298 + // BEGIN android-added 2299 + } catch (IllegalStateException e) { 2300 + throw new InvalidKeyException("Invalid public key"); 2301 + } 2302 + // END android-added 2303 2304 return null; 2305 } 2306 @@ -162,11 +182,13 @@ 2307 protected byte[] engineGenerateSecret() 2308 throws IllegalStateException 2309 { 2310 - if (kdf != null) 2311 - { 2312 - throw new UnsupportedOperationException( 2313 - "KDF can only be used when algorithm is known"); 2314 - } 2315 + // BEGIN android-removed 2316 + // if (kdf != null) 2317 + // { 2318 + // throw new UnsupportedOperationException( 2319 + // "KDF can only be used when algorithm is known"); 2320 + // } 2321 + // END android-removed 2322 2323 return bigIntToBytes(result); 2324 } 2325 @@ -201,23 +223,25 @@ 2326 oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId(); 2327 } 2328 2329 - if (kdf != null) 2330 - { 2331 - if (!algorithms.containsKey(oidAlgorithm)) 2332 - { 2333 - throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2334 - } 2335 - 2336 - int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); 2337 - 2338 - DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); 2339 - 2340 - byte[] keyBytes = new byte[keySize / 8]; 2341 - kdf.init(params); 2342 - kdf.generateBytes(keyBytes, 0, keyBytes.length); 2343 - secret = keyBytes; 2344 - } 2345 - else 2346 + // BEGIN android-removed 2347 + // if (kdf != null) 2348 + // { 2349 + // if (!algorithms.containsKey(oidAlgorithm)) 2350 + // { 2351 + // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2352 + // } 2353 + // 2354 + // int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); 2355 + // 2356 + // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); 2357 + // 2358 + // byte[] keyBytes = new byte[keySize / 8]; 2359 + // kdf.init(params); 2360 + // kdf.generateBytes(keyBytes, 0, keyBytes.length); 2361 + // secret = keyBytes; 2362 + // } 2363 + // else 2364 + // END android-removed 2365 { 2366 if (algorithms.containsKey(oidAlgorithm)) 2367 { 2368 @@ -264,35 +288,37 @@ 2369 private void initFromKey(Key key) 2370 throws InvalidKeyException 2371 { 2372 - if (agreement instanceof ECMQVBasicAgreement) 2373 - { 2374 - if (!(key instanceof MQVPrivateKey)) 2375 - { 2376 - throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2377 - + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2378 - } 2379 - 2380 - MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2381 - ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2382 - ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2383 - ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2384 - ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2385 - 2386 - ECPublicKeyParameters ephemPubKey = null; 2387 - if (mqvPrivKey.getEphemeralPublicKey() != null) 2388 - { 2389 - ephemPubKey = (ECPublicKeyParameters) 2390 - ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2391 - } 2392 - 2393 - MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2394 - this.parameters = staticPrivKey.getParameters(); 2395 - 2396 - // TODO Validate that all the keys are using the same parameters? 2397 - 2398 - agreement.init(localParams); 2399 - } 2400 - else 2401 + // BEGIN android-removed 2402 + // if (agreement instanceof ECMQVBasicAgreement) 2403 + // { 2404 + // if (!(key instanceof MQVPrivateKey)) 2405 + // { 2406 + // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2407 + // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2408 + // } 2409 + // 2410 + // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2411 + // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2412 + // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2413 + // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2414 + // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2415 + // 2416 + // ECPublicKeyParameters ephemPubKey = null; 2417 + // if (mqvPrivKey.getEphemeralPublicKey() != null) 2418 + // { 2419 + // ephemPubKey = (ECPublicKeyParameters) 2420 + // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2421 + // } 2422 + // 2423 + // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2424 + // this.parameters = staticPrivKey.getParameters(); 2425 + // 2426 + // // TODO Validate that all the keys are using the same parameters? 2427 + // 2428 + // agreement.init(localParams); 2429 + // } 2430 + // else 2431 + // END android-removed 2432 { 2433 if (!(key instanceof PrivateKey)) 2434 { 2435 @@ -323,39 +349,41 @@ 2436 } 2437 } 2438 2439 - public static class DHC 2440 - extends KeyAgreementSpi 2441 - { 2442 - public DHC() 2443 - { 2444 - super("ECDHC", new ECDHCBasicAgreement(), null); 2445 - } 2446 - } 2447 - 2448 - public static class MQV 2449 - extends KeyAgreementSpi 2450 - { 2451 - public MQV() 2452 - { 2453 - super("ECMQV", new ECMQVBasicAgreement(), null); 2454 - } 2455 - } 2456 - 2457 - public static class DHwithSHA1KDF 2458 - extends KeyAgreementSpi 2459 - { 2460 - public DHwithSHA1KDF() 2461 - { 2462 - super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2463 - } 2464 - } 2465 - 2466 - public static class MQVwithSHA1KDF 2467 - extends KeyAgreementSpi 2468 - { 2469 - public MQVwithSHA1KDF() 2470 - { 2471 - super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2472 - } 2473 - } 2474 + // BEGIN android-removed 2475 + // public static class DHC 2476 + // extends KeyAgreementSpi 2477 + // { 2478 + // public DHC() 2479 + // { 2480 + // super("ECDHC", new ECDHCBasicAgreement(), null); 2481 + // } 2482 + // } 2483 + // 2484 + // public static class MQV 2485 + // extends KeyAgreementSpi 2486 + // { 2487 + // public MQV() 2488 + // { 2489 + // super("ECMQV", new ECMQVBasicAgreement(), null); 2490 + // } 2491 + // } 2492 + // 2493 + // public static class DHwithSHA1KDF 2494 + // extends KeyAgreementSpi 2495 + // { 2496 + // public DHwithSHA1KDF() 2497 + // { 2498 + // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2499 + // } 2500 + // } 2501 + // 2502 + // public static class MQVwithSHA1KDF 2503 + // extends KeyAgreementSpi 2504 + // { 2505 + // public MQVwithSHA1KDF() 2506 + // { 2507 + // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2508 + // } 2509 + // } 2510 + // END android-removed 2511 } 2512 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2513 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2015-03-01 12:03:02.000000000 +0000 2514 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-05-25 02:14:15.000000000 +0000 2515 @@ -201,14 +201,16 @@ 2516 } 2517 } 2518 2519 - public static class ECGOST3410 2520 - extends KeyFactorySpi 2521 - { 2522 - public ECGOST3410() 2523 - { 2524 - super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2525 - } 2526 - } 2527 + // BEGIN android-removed 2528 + // public static class ECGOST3410 2529 + // extends KeyFactorySpi 2530 + // { 2531 + // public ECGOST3410() 2532 + // { 2533 + // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2534 + // } 2535 + // } 2536 + // END android-removed 2537 2538 public static class ECDH 2539 extends KeyFactorySpi 2540 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2541 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-03-01 12:03:02.000000000 +0000 2542 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-05-12 17:22:22.000000000 +0000 2543 @@ -42,7 +42,9 @@ 2544 ECKeyGenerationParameters param; 2545 ECKeyPairGenerator engine = new ECKeyPairGenerator(); 2546 Object ecParams = null; 2547 - int strength = 239; 2548 + // BEGIN android-changed 2549 + int strength = 256; 2550 + // BEGIN android-changed 2551 int certainty = 50; 2552 SecureRandom random = new SecureRandom(); 2553 boolean initialised = false; 2554 @@ -84,7 +86,13 @@ 2555 SecureRandom random) 2556 { 2557 this.strength = strength; 2558 + // BEGIN android-added 2559 + if (random != null) { 2560 + // END android-added 2561 this.random = random; 2562 + // BEGIN android-added 2563 + } 2564 + // END android-added 2565 2566 ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); 2567 if (ecParams == null) 2568 @@ -107,6 +115,11 @@ 2569 SecureRandom random) 2570 throws InvalidAlgorithmParameterException 2571 { 2572 + // BEGIN android-added 2573 + if (random == null) { 2574 + random = this.random; 2575 + } 2576 + // END android-added 2577 if (params == null) 2578 { 2579 ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); 2580 @@ -267,4 +280,4 @@ 2581 super("ECMQV", BouncyCastleProvider.CONFIGURATION); 2582 } 2583 } 2584 -} 2585 \ No newline at end of file 2586 +} 2587 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2588 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2015-03-01 12:03:02.000000000 +0000 2589 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2014-07-28 19:51:54.000000000 +0000 2590 @@ -16,16 +16,23 @@ 2591 import org.bouncycastle.crypto.DSA; 2592 import org.bouncycastle.crypto.Digest; 2593 import org.bouncycastle.crypto.digests.NullDigest; 2594 -import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2595 -import org.bouncycastle.crypto.digests.SHA1Digest; 2596 -import org.bouncycastle.crypto.digests.SHA224Digest; 2597 -import org.bouncycastle.crypto.digests.SHA256Digest; 2598 -import org.bouncycastle.crypto.digests.SHA384Digest; 2599 -import org.bouncycastle.crypto.digests.SHA512Digest; 2600 +// BEGIN android-added 2601 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2602 +// END android-added 2603 +// BEGIN android-removed 2604 +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2605 +// import org.bouncycastle.crypto.digests.SHA1Digest; 2606 +// import org.bouncycastle.crypto.digests.SHA224Digest; 2607 +// import org.bouncycastle.crypto.digests.SHA256Digest; 2608 +// import org.bouncycastle.crypto.digests.SHA384Digest; 2609 +// import org.bouncycastle.crypto.digests.SHA512Digest; 2610 +// END android-removed 2611 import org.bouncycastle.crypto.params.ParametersWithRandom; 2612 import org.bouncycastle.crypto.signers.ECDSASigner; 2613 -import org.bouncycastle.crypto.signers.ECNRSigner; 2614 -import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2615 +// BEGIN android-removed 2616 +// import org.bouncycastle.crypto.signers.ECNRSigner; 2617 +// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2618 +// END android-removed 2619 import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; 2620 import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; 2621 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 2622 @@ -70,18 +77,22 @@ 2623 { 2624 public ecDSA() 2625 { 2626 - super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); 2627 + // BEGIN android-changed 2628 + super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); 2629 + // END android-changed 2630 } 2631 } 2632 2633 - static public class ecDetDSA 2634 - extends SignatureSpi 2635 - { 2636 - public ecDetDSA() 2637 - { 2638 - super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2639 - } 2640 - } 2641 + // BEGIN android-removed 2642 + // static public class ecDetDSA 2643 + // extends SignatureSpi 2644 + // { 2645 + // public ecDetDSA() 2646 + // { 2647 + // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2648 + // } 2649 + // } 2650 + // END android-removed 2651 2652 static public class ecDSAnone 2653 extends SignatureSpi 2654 @@ -97,180 +108,196 @@ 2655 { 2656 public ecDSA224() 2657 { 2658 - super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2659 + // BEGIN android-changed 2660 + super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); 2661 + // END android-changed 2662 } 2663 } 2664 2665 - static public class ecDetDSA224 2666 - extends SignatureSpi 2667 - { 2668 - public ecDetDSA224() 2669 - { 2670 - super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2671 - } 2672 - } 2673 + // BEGIN android-removed 2674 + // static public class ecDetDSA224 2675 + // extends SignatureSpi 2676 + // { 2677 + // public ecDetDSA224() 2678 + // { 2679 + // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2680 + // } 2681 + // } 2682 + // END android-removed 2683 2684 static public class ecDSA256 2685 extends SignatureSpi 2686 { 2687 public ecDSA256() 2688 { 2689 - super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); 2690 + // BEGIN android-changed 2691 + super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); 2692 + // END android-changed 2693 } 2694 } 2695 2696 - static public class ecDetDSA256 2697 - extends SignatureSpi 2698 - { 2699 - public ecDetDSA256() 2700 - { 2701 - super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2702 - } 2703 - } 2704 + // BEGIN android-removed 2705 + // static public class ecDetDSA256 2706 + // extends SignatureSpi 2707 + // { 2708 + // public ecDetDSA256() 2709 + // { 2710 + // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2711 + // } 2712 + // } 2713 + // END android-removed 2714 2715 static public class ecDSA384 2716 extends SignatureSpi 2717 { 2718 public ecDSA384() 2719 { 2720 - super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); 2721 + // BEGIN android-changed 2722 + super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); 2723 + // END android-changed 2724 } 2725 } 2726 2727 - static public class ecDetDSA384 2728 - extends SignatureSpi 2729 - { 2730 - public ecDetDSA384() 2731 - { 2732 - super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2733 - } 2734 - } 2735 + // BEGIN android-removed 2736 + // static public class ecDetDSA384 2737 + // extends SignatureSpi 2738 + // { 2739 + // public ecDetDSA384() 2740 + // { 2741 + // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2742 + // } 2743 + // } 2744 + // END android-removed 2745 2746 static public class ecDSA512 2747 extends SignatureSpi 2748 { 2749 public ecDSA512() 2750 { 2751 - super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); 2752 - } 2753 - } 2754 - 2755 - static public class ecDetDSA512 2756 - extends SignatureSpi 2757 - { 2758 - public ecDetDSA512() 2759 - { 2760 - super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2761 - } 2762 - } 2763 - 2764 - static public class ecDSARipeMD160 2765 - extends SignatureSpi 2766 - { 2767 - public ecDSARipeMD160() 2768 - { 2769 - super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2770 - } 2771 - } 2772 - 2773 - static public class ecNR 2774 - extends SignatureSpi 2775 - { 2776 - public ecNR() 2777 - { 2778 - super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2779 - } 2780 - } 2781 - 2782 - static public class ecNR224 2783 - extends SignatureSpi 2784 - { 2785 - public ecNR224() 2786 - { 2787 - super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2788 - } 2789 - } 2790 - 2791 - static public class ecNR256 2792 - extends SignatureSpi 2793 - { 2794 - public ecNR256() 2795 - { 2796 - super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2797 - } 2798 - } 2799 - 2800 - static public class ecNR384 2801 - extends SignatureSpi 2802 - { 2803 - public ecNR384() 2804 - { 2805 - super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2806 - } 2807 - } 2808 - 2809 - static public class ecNR512 2810 - extends SignatureSpi 2811 - { 2812 - public ecNR512() 2813 - { 2814 - super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2815 - } 2816 - } 2817 - 2818 - static public class ecCVCDSA 2819 - extends SignatureSpi 2820 - { 2821 - public ecCVCDSA() 2822 - { 2823 - super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2824 - } 2825 - } 2826 - 2827 - static public class ecCVCDSA224 2828 - extends SignatureSpi 2829 - { 2830 - public ecCVCDSA224() 2831 - { 2832 - super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2833 - } 2834 - } 2835 - 2836 - static public class ecCVCDSA256 2837 - extends SignatureSpi 2838 - { 2839 - public ecCVCDSA256() 2840 - { 2841 - super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2842 - } 2843 - } 2844 - 2845 - static public class ecCVCDSA384 2846 - extends SignatureSpi 2847 - { 2848 - public ecCVCDSA384() 2849 - { 2850 - super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2851 - } 2852 - } 2853 - 2854 - static public class ecCVCDSA512 2855 - extends SignatureSpi 2856 - { 2857 - public ecCVCDSA512() 2858 - { 2859 - super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2860 - } 2861 - } 2862 - 2863 - static public class ecPlainDSARP160 2864 - extends SignatureSpi 2865 - { 2866 - public ecPlainDSARP160() 2867 - { 2868 - super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2869 - } 2870 - } 2871 + // BEGIN android-changed 2872 + super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); 2873 + // END android-changed 2874 + } 2875 + } 2876 + 2877 + // BEGIN android-removed 2878 + // static public class ecDetDSA512 2879 + // extends SignatureSpi 2880 + // { 2881 + // public ecDetDSA512() 2882 + // { 2883 + // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2884 + // } 2885 + // } 2886 + // 2887 + // static public class ecDSARipeMD160 2888 + // extends SignatureSpi 2889 + // { 2890 + // public ecDSARipeMD160() 2891 + // { 2892 + // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2893 + // } 2894 + // } 2895 + // 2896 + // static public class ecNR 2897 + // extends SignatureSpi 2898 + // { 2899 + // public ecNR() 2900 + // { 2901 + // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2902 + // } 2903 + // } 2904 + // 2905 + // static public class ecNR224 2906 + // extends SignatureSpi 2907 + // { 2908 + // public ecNR224() 2909 + // { 2910 + // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2911 + // } 2912 + // } 2913 + // 2914 + // static public class ecNR256 2915 + // extends SignatureSpi 2916 + // { 2917 + // public ecNR256() 2918 + // { 2919 + // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2920 + // } 2921 + // } 2922 + // 2923 + // static public class ecNR384 2924 + // extends SignatureSpi 2925 + // { 2926 + // public ecNR384() 2927 + // { 2928 + // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2929 + // } 2930 + // } 2931 + // 2932 + // static public class ecNR512 2933 + // extends SignatureSpi 2934 + // { 2935 + // public ecNR512() 2936 + // { 2937 + // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2938 + // } 2939 + // } 2940 + // 2941 + // static public class ecCVCDSA 2942 + // extends SignatureSpi 2943 + // { 2944 + // public ecCVCDSA() 2945 + // { 2946 + // super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2947 + // } 2948 + // } 2949 + // 2950 + // static public class ecCVCDSA224 2951 + // extends SignatureSpi 2952 + // { 2953 + // public ecCVCDSA224() 2954 + // { 2955 + // super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2956 + // } 2957 + // } 2958 + // 2959 + // static public class ecCVCDSA256 2960 + // extends SignatureSpi 2961 + // { 2962 + // public ecCVCDSA256() 2963 + // { 2964 + // super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2965 + // } 2966 + // } 2967 + // 2968 + // static public class ecCVCDSA384 2969 + // extends SignatureSpi 2970 + // { 2971 + // public ecCVCDSA384() 2972 + // { 2973 + // super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2974 + // } 2975 + // } 2976 + // 2977 + // static public class ecCVCDSA512 2978 + // extends SignatureSpi 2979 + // { 2980 + // public ecCVCDSA512() 2981 + // { 2982 + // super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2983 + // } 2984 + // } 2985 + // 2986 + // static public class ecPlainDSARP160 2987 + // extends SignatureSpi 2988 + // { 2989 + // public ecPlainDSARP160() 2990 + // { 2991 + // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2992 + // } 2993 + // } 2994 + // END android-removed 2995 2996 private static class StdDSAEncoder 2997 implements DSAEncoder 2998 @@ -302,66 +329,68 @@ 2999 } 3000 } 3001 3002 - private static class PlainDSAEncoder 3003 - implements DSAEncoder 3004 - { 3005 - public byte[] encode( 3006 - BigInteger r, 3007 - BigInteger s) 3008 - throws IOException 3009 - { 3010 - byte[] first = makeUnsigned(r); 3011 - byte[] second = makeUnsigned(s); 3012 - byte[] res; 3013 - 3014 - if (first.length > second.length) 3015 - { 3016 - res = new byte[first.length * 2]; 3017 - } 3018 - else 3019 - { 3020 - res = new byte[second.length * 2]; 3021 - } 3022 - 3023 - System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); 3024 - System.arraycopy(second, 0, res, res.length - second.length, second.length); 3025 - 3026 - return res; 3027 - } 3028 - 3029 - 3030 - private byte[] makeUnsigned(BigInteger val) 3031 - { 3032 - byte[] res = val.toByteArray(); 3033 - 3034 - if (res[0] == 0) 3035 - { 3036 - byte[] tmp = new byte[res.length - 1]; 3037 - 3038 - System.arraycopy(res, 1, tmp, 0, tmp.length); 3039 - 3040 - return tmp; 3041 - } 3042 - 3043 - return res; 3044 - } 3045 - 3046 - public BigInteger[] decode( 3047 - byte[] encoding) 3048 - throws IOException 3049 - { 3050 - BigInteger[] sig = new BigInteger[2]; 3051 - 3052 - byte[] first = new byte[encoding.length / 2]; 3053 - byte[] second = new byte[encoding.length / 2]; 3054 - 3055 - System.arraycopy(encoding, 0, first, 0, first.length); 3056 - System.arraycopy(encoding, first.length, second, 0, second.length); 3057 - 3058 - sig[0] = new BigInteger(1, first); 3059 - sig[1] = new BigInteger(1, second); 3060 - 3061 - return sig; 3062 - } 3063 - } 3064 -} 3065 \ No newline at end of file 3066 + // BEGIN android-removed 3067 + // private static class PlainDSAEncoder 3068 + // implements DSAEncoder 3069 + // { 3070 + // public byte[] encode( 3071 + // BigInteger r, 3072 + // BigInteger s) 3073 + // throws IOException 3074 + // { 3075 + // byte[] first = makeUnsigned(r); 3076 + // byte[] second = makeUnsigned(s); 3077 + // byte[] res; 3078 + // 3079 + // if (first.length > second.length) 3080 + // { 3081 + // res = new byte[first.length * 2]; 3082 + // } 3083 + // else 3084 + // { 3085 + // res = new byte[second.length * 2]; 3086 + // } 3087 + // 3088 + // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); 3089 + // System.arraycopy(second, 0, res, res.length - second.length, second.length); 3090 + // 3091 + // return res; 3092 + // } 3093 + // 3094 + // 3095 + // private byte[] makeUnsigned(BigInteger val) 3096 + // { 3097 + // byte[] res = val.toByteArray(); 3098 + // 3099 + // if (res[0] == 0) 3100 + // { 3101 + // byte[] tmp = new byte[res.length - 1]; 3102 + // 3103 + // System.arraycopy(res, 1, tmp, 0, tmp.length); 3104 + // 3105 + // return tmp; 3106 + // } 3107 + // 3108 + // return res; 3109 + // } 3110 + // 3111 + // public BigInteger[] decode( 3112 + // byte[] encoding) 3113 + // throws IOException 3114 + // { 3115 + // BigInteger[] sig = new BigInteger[2]; 3116 + // 3117 + // byte[] first = new byte[encoding.length / 2]; 3118 + // byte[] second = new byte[encoding.length / 2]; 3119 + // 3120 + // System.arraycopy(encoding, 0, first, 0, first.length); 3121 + // System.arraycopy(encoding, first.length, second, 0, second.length); 3122 + // 3123 + // sig[0] = new BigInteger(1, first); 3124 + // sig[1] = new BigInteger(1, second); 3125 + // 3126 + // return sig; 3127 + // } 3128 + // } 3129 + // END android-removed 3130 +} 3131 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 3132 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-03-01 12:03:02.000000000 +0000 3133 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-04-09 13:10:16.000000000 +0000 3134 @@ -26,7 +26,9 @@ 3135 import org.bouncycastle.crypto.CipherParameters; 3136 import org.bouncycastle.crypto.Digest; 3137 import org.bouncycastle.crypto.InvalidCipherTextException; 3138 -import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 3139 +// BEGIN android-removed 3140 +// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 3141 +// END android-removed 3142 import org.bouncycastle.crypto.encodings.OAEPEncoding; 3143 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 3144 import org.bouncycastle.crypto.engines.RSABlindedEngine; 3145 @@ -201,10 +203,12 @@ 3146 { 3147 cipher = new PKCS1Encoding(new RSABlindedEngine()); 3148 } 3149 - else if (pad.equals("ISO9796-1PADDING")) 3150 - { 3151 - cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 3152 - } 3153 + // BEGIN android-removed 3154 + // else if (pad.equals("ISO9796-1PADDING")) 3155 + // { 3156 + // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 3157 + // } 3158 + // END android-removed 3159 else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) 3160 { 3161 initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); 3162 @@ -543,48 +547,50 @@ 3163 } 3164 } 3165 3166 - static public class PKCS1v1_5Padding 3167 - extends CipherSpi 3168 - { 3169 - public PKCS1v1_5Padding() 3170 - { 3171 - super(new PKCS1Encoding(new RSABlindedEngine())); 3172 - } 3173 - } 3174 - 3175 - static public class PKCS1v1_5Padding_PrivateOnly 3176 - extends CipherSpi 3177 - { 3178 - public PKCS1v1_5Padding_PrivateOnly() 3179 - { 3180 - super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 3181 - } 3182 - } 3183 - 3184 - static public class PKCS1v1_5Padding_PublicOnly 3185 - extends CipherSpi 3186 - { 3187 - public PKCS1v1_5Padding_PublicOnly() 3188 - { 3189 - super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3190 - } 3191 - } 3192 - 3193 - static public class OAEPPadding 3194 - extends CipherSpi 3195 - { 3196 - public OAEPPadding() 3197 - { 3198 - super(OAEPParameterSpec.DEFAULT); 3199 - } 3200 - } 3201 - 3202 - static public class ISO9796d1Padding 3203 - extends CipherSpi 3204 - { 3205 - public ISO9796d1Padding() 3206 - { 3207 - super(new ISO9796d1Encoding(new RSABlindedEngine())); 3208 - } 3209 - } 3210 + // BEGIN android-removed 3211 + // static public class PKCS1v1_5Padding 3212 + // extends CipherSpi 3213 + // { 3214 + // public PKCS1v1_5Padding() 3215 + // { 3216 + // super(new PKCS1Encoding(new RSABlindedEngine())); 3217 + // } 3218 + // } 3219 + // 3220 + // static public class PKCS1v1_5Padding_PrivateOnly 3221 + // extends CipherSpi 3222 + // { 3223 + // public PKCS1v1_5Padding_PrivateOnly() 3224 + // { 3225 + // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 3226 + // } 3227 + // } 3228 + // 3229 + // static public class PKCS1v1_5Padding_PublicOnly 3230 + // extends CipherSpi 3231 + // { 3232 + // public PKCS1v1_5Padding_PublicOnly() 3233 + // { 3234 + // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3235 + // } 3236 + // } 3237 + // 3238 + // static public class OAEPPadding 3239 + // extends CipherSpi 3240 + // { 3241 + // public OAEPPadding() 3242 + // { 3243 + // super(OAEPParameterSpec.DEFAULT); 3244 + // } 3245 + // } 3246 + // 3247 + // static public class ISO9796d1Padding 3248 + // extends CipherSpi 3249 + // { 3250 + // public ISO9796d1Padding() 3251 + // { 3252 + // super(new ISO9796d1Encoding(new RSABlindedEngine())); 3253 + // } 3254 + // } 3255 + // END android-removed 3256 } 3257 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 3258 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-03-01 12:03:02.000000000 +0000 3259 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-04-09 13:10:16.000000000 +0000 3260 @@ -17,24 +17,31 @@ 3261 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3262 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3263 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3264 -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3265 +// BEGIN android-removed 3266 +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3267 +// END android-removed 3268 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3269 import org.bouncycastle.asn1.x509.DigestInfo; 3270 import org.bouncycastle.crypto.AsymmetricBlockCipher; 3271 import org.bouncycastle.crypto.CipherParameters; 3272 import org.bouncycastle.crypto.Digest; 3273 -import org.bouncycastle.crypto.digests.MD2Digest; 3274 -import org.bouncycastle.crypto.digests.MD4Digest; 3275 -import org.bouncycastle.crypto.digests.MD5Digest; 3276 -import org.bouncycastle.crypto.digests.NullDigest; 3277 -import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3278 -import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3279 -import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3280 -import org.bouncycastle.crypto.digests.SHA1Digest; 3281 -import org.bouncycastle.crypto.digests.SHA224Digest; 3282 -import org.bouncycastle.crypto.digests.SHA256Digest; 3283 -import org.bouncycastle.crypto.digests.SHA384Digest; 3284 -import org.bouncycastle.crypto.digests.SHA512Digest; 3285 +// BEGIN android-removed 3286 +// import org.bouncycastle.crypto.digests.MD2Digest; 3287 +// import org.bouncycastle.crypto.digests.MD4Digest; 3288 +// import org.bouncycastle.crypto.digests.MD5Digest; 3289 +// import org.bouncycastle.crypto.digests.NullDigest; 3290 +// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3291 +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3292 +// import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3293 +// import org.bouncycastle.crypto.digests.SHA1Digest; 3294 +// import org.bouncycastle.crypto.digests.SHA224Digest; 3295 +// import org.bouncycastle.crypto.digests.SHA256Digest; 3296 +// import org.bouncycastle.crypto.digests.SHA384Digest; 3297 +// import org.bouncycastle.crypto.digests.SHA512Digest; 3298 +// END android-removed 3299 +// BEGIN android-added 3300 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 3301 +// END android-added 3302 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 3303 import org.bouncycastle.crypto.engines.RSABlindedEngine; 3304 import org.bouncycastle.util.Arrays; 3305 @@ -254,7 +261,9 @@ 3306 { 3307 public SHA1() 3308 { 3309 - super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3310 + // BEGIN android-changed 3311 + super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); 3312 + // END android-changed 3313 } 3314 } 3315 3316 @@ -263,7 +272,9 @@ 3317 { 3318 public SHA224() 3319 { 3320 - super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3321 + // BEGIN android-changed 3322 + super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); 3323 + // END android-changed 3324 } 3325 } 3326 3327 @@ -272,7 +283,9 @@ 3328 { 3329 public SHA256() 3330 { 3331 - super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3332 + // BEGIN android-changed 3333 + super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); 3334 + // END android-changed 3335 } 3336 } 3337 3338 @@ -281,7 +294,9 @@ 3339 { 3340 public SHA384() 3341 { 3342 - super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3343 + // BEGIN android-changed 3344 + super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); 3345 + // END android-changed 3346 } 3347 } 3348 3349 @@ -290,70 +305,78 @@ 3350 { 3351 public SHA512() 3352 { 3353 - super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3354 + // BEGIN android-changed 3355 + super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); 3356 + // END android-changed 3357 } 3358 } 3359 3360 - static public class MD2 3361 - extends DigestSignatureSpi 3362 - { 3363 - public MD2() 3364 - { 3365 - super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3366 - } 3367 - } 3368 - 3369 - static public class MD4 3370 - extends DigestSignatureSpi 3371 - { 3372 - public MD4() 3373 - { 3374 - super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3375 - } 3376 - } 3377 + // BEGIN android-removed 3378 + // static public class MD2 3379 + // extends DigestSignatureSpi 3380 + // { 3381 + // public MD2() 3382 + // { 3383 + // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3384 + // } 3385 + // } 3386 + // 3387 + // static public class MD4 3388 + // extends DigestSignatureSpi 3389 + // { 3390 + // public MD4() 3391 + // { 3392 + // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3393 + // } 3394 + // } 3395 + // END android-removed 3396 3397 static public class MD5 3398 extends DigestSignatureSpi 3399 { 3400 public MD5() 3401 { 3402 - super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3403 - } 3404 - } 3405 - 3406 - static public class RIPEMD160 3407 - extends DigestSignatureSpi 3408 - { 3409 - public RIPEMD160() 3410 - { 3411 - super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3412 + // BEGIN android-changed 3413 + super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); 3414 + // END android-changed 3415 } 3416 } 3417 3418 - static public class RIPEMD128 3419 - extends DigestSignatureSpi 3420 - { 3421 - public RIPEMD128() 3422 - { 3423 - super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3424 - } 3425 - } 3426 - 3427 - static public class RIPEMD256 3428 - extends DigestSignatureSpi 3429 - { 3430 - public RIPEMD256() 3431 - { 3432 - super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3433 - } 3434 - } 3435 - 3436 - static public class noneRSA 3437 - extends DigestSignatureSpi 3438 - { 3439 - public noneRSA() 3440 - { 3441 - super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3442 - } 3443 - } 3444 + // BEGIN android-removed 3445 + // static public class RIPEMD160 3446 + // extends DigestSignatureSpi 3447 + // { 3448 + // public RIPEMD160() 3449 + // { 3450 + // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3451 + // } 3452 + // } 3453 + // 3454 + // static public class RIPEMD128 3455 + // extends DigestSignatureSpi 3456 + // { 3457 + // public RIPEMD128() 3458 + // { 3459 + // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3460 + // } 3461 + // } 3462 + // 3463 + // static public class RIPEMD256 3464 + // extends DigestSignatureSpi 3465 + // { 3466 + // public RIPEMD256() 3467 + // { 3468 + // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3469 + // } 3470 + // } 3471 + // 3472 + // static public class noneRSA 3473 + // extends DigestSignatureSpi 3474 + // { 3475 + // public noneRSA() 3476 + // { 3477 + // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3478 + // } 3479 + // } 3480 + // END android-removed 3481 } 3482 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 3483 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-03-01 12:03:02.000000000 +0000 3484 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-04-09 13:10:16.000000000 +0000 3485 @@ -18,8 +18,10 @@ 3486 import javax.crypto.NoSuchPaddingException; 3487 import javax.crypto.spec.IvParameterSpec; 3488 import javax.crypto.spec.PBEParameterSpec; 3489 -import javax.crypto.spec.RC2ParameterSpec; 3490 -import javax.crypto.spec.RC5ParameterSpec; 3491 +// BEGIN android-removed 3492 +// import javax.crypto.spec.RC2ParameterSpec; 3493 +// import javax.crypto.spec.RC5ParameterSpec; 3494 +// END android-removed 3495 import javax.crypto.spec.SecretKeySpec; 3496 3497 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3498 @@ -39,8 +41,10 @@ 3499 { 3500 IvParameterSpec.class, 3501 PBEParameterSpec.class, 3502 - RC2ParameterSpec.class, 3503 - RC5ParameterSpec.class 3504 + // BEGIN android-removed 3505 + // RC2ParameterSpec.class, 3506 + // RC5ParameterSpec.class 3507 + // END android-removed 3508 }; 3509 3510 private final JcaJceHelper helper = new BCJcaJceHelper(); 3511 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 3512 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-03-01 12:03:02.000000000 +0000 3513 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-04-09 13:10:16.000000000 +0000 3514 @@ -6,11 +6,15 @@ 3515 import java.security.PublicKey; 3516 3517 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 3518 -import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3519 +// BEGIN android-removed 3520 +// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3521 +// END android-removed 3522 import org.bouncycastle.asn1.nist.NISTNamedCurves; 3523 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3524 import org.bouncycastle.asn1.sec.SECNamedCurves; 3525 -import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3526 +// BEGIN android-removed 3527 +// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3528 +// END android-removed 3529 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 3530 import org.bouncycastle.asn1.x9.X962NamedCurves; 3531 import org.bouncycastle.asn1.x9.X962Parameters; 3532 @@ -247,14 +251,16 @@ 3533 { 3534 oid = NISTNamedCurves.getOID(name); 3535 } 3536 - if (oid == null) 3537 - { 3538 - oid = TeleTrusTNamedCurves.getOID(name); 3539 - } 3540 - if (oid == null) 3541 - { 3542 - oid = ECGOST3410NamedCurves.getOID(name); 3543 - } 3544 + // BEGIN android-removed 3545 + // if (oid == null) 3546 + // { 3547 + // oid = TeleTrusTNamedCurves.getOID(name); 3548 + // } 3549 + // if (oid == null) 3550 + // { 3551 + // oid = ECGOST3410NamedCurves.getOID(name); 3552 + // } 3553 + // END android-removed 3554 } 3555 3556 return oid; 3557 @@ -276,10 +282,12 @@ 3558 { 3559 params = NISTNamedCurves.getByOID(oid); 3560 } 3561 - if (params == null) 3562 - { 3563 - params = TeleTrusTNamedCurves.getByOID(oid); 3564 - } 3565 + // BEGIN android-removed 3566 + // if (params == null) 3567 + // { 3568 + // params = TeleTrusTNamedCurves.getByOID(oid); 3569 + // } 3570 + // END android-removed 3571 } 3572 3573 return params; 3574 @@ -297,14 +305,16 @@ 3575 { 3576 name = NISTNamedCurves.getName(oid); 3577 } 3578 - if (name == null) 3579 - { 3580 - name = TeleTrusTNamedCurves.getName(oid); 3581 - } 3582 - if (name == null) 3583 - { 3584 - name = ECGOST3410NamedCurves.getName(oid); 3585 - } 3586 + // BEGIN android-removed 3587 + // if (name == null) 3588 + // { 3589 + // name = TeleTrusTNamedCurves.getName(oid); 3590 + // } 3591 + // if (name == null) 3592 + // { 3593 + // name = ECGOST3410NamedCurves.getName(oid); 3594 + // } 3595 + // END android-removed 3596 } 3597 3598 return name; 3599 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 3600 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-03-01 12:03:02.000000000 +0000 3601 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-04-09 13:10:16.000000000 +0000 3602 @@ -37,7 +37,9 @@ 3603 import org.bouncycastle.jcajce.util.BCJcaJceHelper; 3604 import org.bouncycastle.jcajce.util.JcaJceHelper; 3605 import org.bouncycastle.util.io.pem.PemObject; 3606 -import org.bouncycastle.util.io.pem.PemWriter; 3607 +// BEGIN android-removed 3608 +// import org.bouncycastle.util.io.pem.PemWriter; 3609 +// END android-removed 3610 3611 /** 3612 * CertPath implementation for X.509 certificates. 3613 @@ -54,7 +56,9 @@ 3614 { 3615 List encodings = new ArrayList(); 3616 encodings.add("PkiPath"); 3617 - encodings.add("PEM"); 3618 + // BEGIN android-removed 3619 + // encodings.add("PEM"); 3620 + // END android-removed 3621 encodings.add("PKCS7"); 3622 certPathEncodings = Collections.unmodifiableList(encodings); 3623 } 3624 @@ -301,27 +305,29 @@ 3625 return toDEREncoded(new ContentInfo( 3626 PKCSObjectIdentifiers.signedData, sd)); 3627 } 3628 - else if (encoding.equalsIgnoreCase("PEM")) 3629 - { 3630 - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3631 - PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3632 - 3633 - try 3634 - { 3635 - for (int i = 0; i != certificates.size(); i++) 3636 - { 3637 - pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3638 - } 3639 - 3640 - pWrt.close(); 3641 - } 3642 - catch (Exception e) 3643 - { 3644 - throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3645 - } 3646 - 3647 - return bOut.toByteArray(); 3648 - } 3649 + // BEGIN android-removed 3650 + // else if (encoding.equalsIgnoreCase("PEM")) 3651 + // { 3652 + // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3653 + // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3654 + // 3655 + // try 3656 + // { 3657 + // for (int i = 0; i != certificates.size(); i++) 3658 + // { 3659 + // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3660 + // } 3661 + // 3662 + // pWrt.close(); 3663 + // } 3664 + // catch (Exception e) 3665 + // { 3666 + // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3667 + // } 3668 + // 3669 + // return bOut.toByteArray(); 3670 + // } 3671 + // END android-removed 3672 else 3673 { 3674 throw new CertificateEncodingException("unsupported encoding: " + encoding); 3675 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 3676 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000 3677 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-04-09 13:10:16.000000000 +0000 3678 @@ -55,6 +55,9 @@ 3679 import org.bouncycastle.asn1.x509.Extensions; 3680 import org.bouncycastle.asn1.x509.GeneralName; 3681 import org.bouncycastle.asn1.x509.KeyUsage; 3682 +// BEGIN android-added 3683 +import org.bouncycastle.asn1.x509.X509Name; 3684 +// END android-added 3685 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 3686 import org.bouncycastle.jce.X509Principal; 3687 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 3688 @@ -534,12 +537,20 @@ 3689 } 3690 } 3691 3692 + // BEGIN android-changed 3693 + private byte[] encoded; 3694 + // END android-changed 3695 public byte[] getEncoded() 3696 throws CertificateEncodingException 3697 { 3698 try 3699 { 3700 - return c.getEncoded(ASN1Encoding.DER); 3701 + // BEGIN android-changed 3702 + if (encoded == null) { 3703 + encoded = c.getEncoded(ASN1Encoding.DER); 3704 + } 3705 + return encoded; 3706 + // END android-changed 3707 } 3708 catch (IOException e) 3709 { 3710 @@ -839,7 +850,9 @@ 3711 list.add(genName.getEncoded()); 3712 break; 3713 case GeneralName.directoryName: 3714 - list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 3715 + // BEGIN android-changed 3716 + list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 3717 + // END android-changed 3718 break; 3719 case GeneralName.dNSName: 3720 case GeneralName.rfc822Name: 3721 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 3722 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000 3723 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-04-09 13:10:16.000000000 +0000 3724 @@ -16,12 +16,16 @@ 3725 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 3726 import org.bouncycastle.asn1.ASN1Sequence; 3727 import org.bouncycastle.asn1.DERNull; 3728 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3729 +// BEGIN android-removed 3730 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3731 +// END android-removed 3732 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3733 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3734 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3735 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 3736 -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3737 +// BEGIN android-removed 3738 +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3739 +// END android-removed 3740 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3741 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 3742 import org.bouncycastle.jce.provider.BouncyCastleProvider; 3743 @@ -143,22 +147,24 @@ 3744 { 3745 return "SHA512"; 3746 } 3747 - else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3748 - { 3749 - return "RIPEMD128"; 3750 - } 3751 - else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3752 - { 3753 - return "RIPEMD160"; 3754 - } 3755 - else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3756 - { 3757 - return "RIPEMD256"; 3758 - } 3759 - else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3760 - { 3761 - return "GOST3411"; 3762 - } 3763 + // BEGIN android-removed 3764 + // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3765 + // { 3766 + // return "RIPEMD128"; 3767 + // } 3768 + // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3769 + // { 3770 + // return "RIPEMD160"; 3771 + // } 3772 + // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3773 + // { 3774 + // return "RIPEMD256"; 3775 + // } 3776 + // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3777 + // { 3778 + // return "GOST3411"; 3779 + // } 3780 + // END android-removed 3781 else 3782 { 3783 return digestAlgOID.getId(); 3784 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 3785 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java 2015-03-01 12:03:02.000000000 +0000 3786 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 2013-05-25 02:14:15.000000000 +0000 3787 @@ -45,17 +45,19 @@ 3788 } 3789 } 3790 3791 - /** 3792 - * PBEWithHmacSHA 3793 - */ 3794 - public static class PBEWithMacKeyFactory 3795 - extends PBESecretKeyFactory 3796 - { 3797 - public PBEWithMacKeyFactory() 3798 - { 3799 - super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3800 - } 3801 - } 3802 + // BEGIN android-removed 3803 + // /** 3804 + // * PBEWithHmacSHA 3805 + // */ 3806 + // public static class PBEWithMacKeyFactory 3807 + // extends PBESecretKeyFactory 3808 + // { 3809 + // public PBEWithMacKeyFactory() 3810 + // { 3811 + // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3812 + // } 3813 + // } 3814 + // END android-removed 3815 3816 /** 3817 * HMACSHA256 3818 @@ -84,9 +86,11 @@ 3819 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256"); 3820 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); 3821 3822 - provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3823 - provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3824 - provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3825 + // BEGIN android-removed 3826 + // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3827 + // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3828 + // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3829 + // END android-removed 3830 3831 addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3832 addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256); 3833 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 3834 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java 2015-03-01 12:03:02.000000000 +0000 3835 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 2013-05-25 02:14:15.000000000 +0000 3836 @@ -5,7 +5,9 @@ 3837 import org.bouncycastle.crypto.CipherKeyGenerator; 3838 import org.bouncycastle.crypto.digests.SHA384Digest; 3839 import org.bouncycastle.crypto.macs.HMac; 3840 -import org.bouncycastle.crypto.macs.OldHMac; 3841 +// BEGIN android-removed 3842 +// import org.bouncycastle.crypto.macs.OldHMac; 3843 +// END android-removed 3844 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3845 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3846 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3847 @@ -57,14 +59,16 @@ 3848 } 3849 } 3850 3851 - public static class OldSHA384 3852 - extends BaseMac 3853 - { 3854 - public OldSHA384() 3855 - { 3856 - super(new OldHMac(new SHA384Digest())); 3857 - } 3858 - } 3859 + // BEGIN android-removed 3860 + // public static class OldSHA384 3861 + // extends BaseMac 3862 + // { 3863 + // public OldSHA384() 3864 + // { 3865 + // super(new OldHMac(new SHA384Digest())); 3866 + // } 3867 + // } 3868 + // END android-removed 3869 3870 public static class Mappings 3871 extends DigestAlgorithmProvider 3872 @@ -80,7 +84,9 @@ 3873 provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest"); 3874 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384"); 3875 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384"); 3876 - provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3877 + // BEGIN android-removed 3878 + // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3879 + // END android-removed 3880 3881 addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3882 addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384); 3883 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 3884 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java 2015-03-01 12:03:02.000000000 +0000 3885 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 2013-05-25 02:14:15.000000000 +0000 3886 @@ -4,9 +4,13 @@ 3887 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3888 import org.bouncycastle.crypto.CipherKeyGenerator; 3889 import org.bouncycastle.crypto.digests.SHA512Digest; 3890 -import org.bouncycastle.crypto.digests.SHA512tDigest; 3891 +// BEGIN android-removed 3892 +// import org.bouncycastle.crypto.digests.SHA512tDigest; 3893 +// END android-removed 3894 import org.bouncycastle.crypto.macs.HMac; 3895 -import org.bouncycastle.crypto.macs.OldHMac; 3896 +// BEGIN android-removed 3897 +// import org.bouncycastle.crypto.macs.OldHMac; 3898 +// END android-removed 3899 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3900 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3901 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3902 @@ -37,42 +41,44 @@ 3903 } 3904 } 3905 3906 - static public class DigestT 3907 - extends BCMessageDigest 3908 - implements Cloneable 3909 - { 3910 - public DigestT(int bitLength) 3911 - { 3912 - super(new SHA512tDigest(bitLength)); 3913 - } 3914 - 3915 - public Object clone() 3916 - throws CloneNotSupportedException 3917 - { 3918 - DigestT d = (DigestT)super.clone(); 3919 - d.digest = new SHA512tDigest((SHA512tDigest)digest); 3920 - 3921 - return d; 3922 - } 3923 - } 3924 - 3925 - static public class DigestT224 3926 - extends DigestT 3927 - { 3928 - public DigestT224() 3929 - { 3930 - super(224); 3931 - } 3932 - } 3933 - 3934 - static public class DigestT256 3935 - extends DigestT 3936 - { 3937 - public DigestT256() 3938 - { 3939 - super(256); 3940 - } 3941 - } 3942 + // BEGIN android-removed 3943 + // static public class DigestT 3944 + // extends BCMessageDigest 3945 + // implements Cloneable 3946 + // { 3947 + // public DigestT(int bitLength) 3948 + // { 3949 + // super(new SHA512tDigest(bitLength)); 3950 + // } 3951 + // 3952 + // public Object clone() 3953 + // throws CloneNotSupportedException 3954 + // { 3955 + // DigestT d = (DigestT)super.clone(); 3956 + // d.digest = new SHA512tDigest((SHA512tDigest)digest); 3957 + // 3958 + // return d; 3959 + // } 3960 + // } 3961 + // 3962 + // static public class DigestT224 3963 + // extends DigestT 3964 + // { 3965 + // public DigestT224() 3966 + // { 3967 + // super(224); 3968 + // } 3969 + // } 3970 + // 3971 + // static public class DigestT256 3972 + // extends DigestT 3973 + // { 3974 + // public DigestT256() 3975 + // { 3976 + // super(256); 3977 + // } 3978 + // } 3979 + // END android-removed 3980 3981 public static class HashMac 3982 extends BaseMac 3983 @@ -83,35 +89,37 @@ 3984 } 3985 } 3986 3987 - public static class HashMacT224 3988 - extends BaseMac 3989 - { 3990 - public HashMacT224() 3991 - { 3992 - super(new HMac(new SHA512tDigest(224))); 3993 - } 3994 - } 3995 - 3996 - public static class HashMacT256 3997 - extends BaseMac 3998 - { 3999 - public HashMacT256() 4000 - { 4001 - super(new HMac(new SHA512tDigest(256))); 4002 - } 4003 - } 4004 - 4005 - /** 4006 - * SHA-512 HMac 4007 - */ 4008 - public static class OldSHA512 4009 - extends BaseMac 4010 - { 4011 - public OldSHA512() 4012 - { 4013 - super(new OldHMac(new SHA512Digest())); 4014 - } 4015 - } 4016 + // BEGIN android-removed 4017 + // public static class HashMacT224 4018 + // extends BaseMac 4019 + // { 4020 + // public HashMacT224() 4021 + // { 4022 + // super(new HMac(new SHA512tDigest(224))); 4023 + // } 4024 + // } 4025 + // 4026 + // public static class HashMacT256 4027 + // extends BaseMac 4028 + // { 4029 + // public HashMacT256() 4030 + // { 4031 + // super(new HMac(new SHA512tDigest(256))); 4032 + // } 4033 + // } 4034 + // 4035 + // /** 4036 + // * SHA-512 HMac 4037 + // */ 4038 + // public static class OldSHA512 4039 + // extends BaseMac 4040 + // { 4041 + // public OldSHA512() 4042 + // { 4043 + // super(new OldHMac(new SHA512Digest())); 4044 + // } 4045 + // } 4046 + // END android-removed 4047 4048 /** 4049 * HMACSHA512 4050 @@ -125,23 +133,25 @@ 4051 } 4052 } 4053 4054 - public static class KeyGeneratorT224 4055 - extends BaseKeyGenerator 4056 - { 4057 - public KeyGeneratorT224() 4058 - { 4059 - super("HMACSHA512/224", 224, new CipherKeyGenerator()); 4060 - } 4061 - } 4062 - 4063 - public static class KeyGeneratorT256 4064 - extends BaseKeyGenerator 4065 - { 4066 - public KeyGeneratorT256() 4067 - { 4068 - super("HMACSHA512/256", 256, new CipherKeyGenerator()); 4069 - } 4070 - } 4071 + // BEGIN android-removed 4072 + // public static class KeyGeneratorT224 4073 + // extends BaseKeyGenerator 4074 + // { 4075 + // public KeyGeneratorT224() 4076 + // { 4077 + // super("HMACSHA512/224", 224, new CipherKeyGenerator()); 4078 + // } 4079 + // } 4080 + // 4081 + // public static class KeyGeneratorT256 4082 + // extends BaseKeyGenerator 4083 + // { 4084 + // public KeyGeneratorT256() 4085 + // { 4086 + // super("HMACSHA512/256", 256, new CipherKeyGenerator()); 4087 + // } 4088 + // } 4089 + // END android-removed 4090 4091 public static class Mappings 4092 extends DigestAlgorithmProvider 4093 @@ -158,21 +168,25 @@ 4094 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512"); 4095 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); 4096 4097 - provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 4098 - provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 4099 - provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 4100 - 4101 - provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 4102 - provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 4103 - provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 4104 - 4105 - provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 4106 + // BEGIN android-removed 4107 + // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 4108 + // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 4109 + // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 4110 + // 4111 + // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 4112 + // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 4113 + // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 4114 + // 4115 + // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 4116 + // END android-removed 4117 4118 addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 4119 addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); 4120 4121 - addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 4122 - addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 4123 + // BEGIN android-removed 4124 + // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 4125 + // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 4126 + // END android-removed 4127 } 4128 } 4129 4130 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 4131 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java 2015-03-01 12:03:02.000000000 +0000 4132 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 2013-05-25 02:14:15.000000000 +0000 4133 @@ -17,7 +17,9 @@ 4134 public void configure(ConfigurableProvider provider) 4135 { 4136 provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std"); 4137 - provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 4138 + // BEGIN android-removed 4139 + // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 4140 + // END android-removed 4141 provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore"); 4142 provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle"); 4143 provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); 4144 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 4145 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2015-03-01 12:03:02.000000000 +0000 4146 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2013-05-25 02:14:15.000000000 +0000 4147 @@ -17,14 +17,16 @@ 4148 public void configure(ConfigurableProvider provider) 4149 { 4150 provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4151 - provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4152 - provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4153 - 4154 - provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4155 - provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 4156 - 4157 - provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4158 - provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 4159 + // BEGIN android-removed 4160 + // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4161 + // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4162 + // 4163 + // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 4164 + // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 4165 + // 4166 + // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 4167 + // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 4168 + // END android-removed 4169 } 4170 } 4171 } 4172 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 4173 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-03-01 12:03:02.000000000 +0000 4174 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-04-09 13:10:16.000000000 +0000 4175 @@ -62,8 +62,10 @@ 4176 import org.bouncycastle.asn1.DEROutputStream; 4177 import org.bouncycastle.asn1.DERSequence; 4178 import org.bouncycastle.asn1.DERSet; 4179 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 4180 -import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 4181 +// BEGIN android-removed 4182 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 4183 +// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 4184 +// END android-removed 4185 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 4186 import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; 4187 import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; 4188 @@ -89,7 +91,9 @@ 4189 import org.bouncycastle.crypto.digests.SHA1Digest; 4190 import org.bouncycastle.jcajce.PKCS12StoreParameter; 4191 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; 4192 -import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 4193 +// BEGIN android-removed 4194 +// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 4195 +// END android-removed 4196 import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; 4197 import org.bouncycastle.jcajce.util.BCJcaJceHelper; 4198 import org.bouncycastle.jcajce.util.JcaJceHelper; 4199 @@ -753,13 +757,15 @@ 4200 { 4201 cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets())); 4202 } 4203 - else 4204 - { 4205 - // TODO: at the moment it's just GOST, but... 4206 - GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 4207 - 4208 - cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 4209 - } 4210 + // BEGIN android-removed 4211 + // else 4212 + // { 4213 + // // TODO: at the moment it's just GOST, but... 4214 + // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 4215 + // 4216 + // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 4217 + // } 4218 + // END android-removed 4219 return cipher; 4220 } 4221 4222 @@ -1680,33 +1686,34 @@ 4223 super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4224 } 4225 } 4226 - 4227 - public static class BCPKCS12KeyStore3DES 4228 - extends PKCS12KeyStoreSpi 4229 - { 4230 - public BCPKCS12KeyStore3DES() 4231 - { 4232 - super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4233 - } 4234 - } 4235 - 4236 - public static class DefPKCS12KeyStore 4237 - extends PKCS12KeyStoreSpi 4238 - { 4239 - public DefPKCS12KeyStore() 4240 - { 4241 - super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4242 - } 4243 - } 4244 - 4245 - public static class DefPKCS12KeyStore3DES 4246 - extends PKCS12KeyStoreSpi 4247 - { 4248 - public DefPKCS12KeyStore3DES() 4249 - { 4250 - super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4251 - } 4252 - } 4253 + // BEGIN android-removed 4254 + // public static class BCPKCS12KeyStore3DES 4255 + // extends PKCS12KeyStoreSpi 4256 + // { 4257 + // public BCPKCS12KeyStore3DES() 4258 + // { 4259 + // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4260 + // } 4261 + // } 4262 + // 4263 + // public static class DefPKCS12KeyStore 4264 + // extends PKCS12KeyStoreSpi 4265 + // { 4266 + // public DefPKCS12KeyStore() 4267 + // { 4268 + // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4269 + // } 4270 + // } 4271 + // 4272 + // public static class DefPKCS12KeyStore3DES 4273 + // extends PKCS12KeyStoreSpi 4274 + // { 4275 + // public DefPKCS12KeyStore3DES() 4276 + // { 4277 + // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4278 + // } 4279 + // } 4280 + // END android-removed 4281 4282 private static class IgnoresCaseHashtable 4283 { 4284 @@ -1779,7 +1786,9 @@ 4285 keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192)); 4286 keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256)); 4287 4288 - keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 4289 + // BEGIN android-removed 4290 + // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 4291 + // END android-removed 4292 4293 KEY_SIZES = Collections.unmodifiableMap(keySizes); 4294 } 4295 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 4296 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-03-01 12:03:02.000000000 +0000 4297 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-07-22 00:42:46.000000000 +0000 4298 @@ -3,16 +3,28 @@ 4299 import java.io.IOException; 4300 import java.lang.reflect.Constructor; 4301 import java.lang.reflect.Method; 4302 -import java.security.AlgorithmParameters; 4303 -import java.security.InvalidAlgorithmParameterException; 4304 +// BEGIN android-added 4305 +import java.security.NoSuchAlgorithmException; 4306 +// END android-added 4307 +// BEGIN android-removed 4308 +// import java.security.AlgorithmParameters; 4309 +// import java.security.InvalidAlgorithmParameterException; 4310 +// END android-removed 4311 import java.security.SecureRandom; 4312 import java.security.spec.AlgorithmParameterSpec; 4313 import java.security.spec.InvalidParameterSpecException; 4314 4315 -import javax.crypto.spec.IvParameterSpec; 4316 - 4317 +// BEGIN android-removed 4318 +// import javax.crypto.spec.IvParameterSpec; 4319 +// END android-removed 4320 + 4321 +// BEGIN android-added 4322 +import javax.crypto.NoSuchPaddingException; 4323 +// END android-added 4324 import org.bouncycastle.asn1.bc.BCObjectIdentifiers; 4325 -import org.bouncycastle.asn1.cms.CCMParameters; 4326 +// BEGIN android-removed 4327 +// import org.bouncycastle.asn1.cms.CCMParameters; 4328 +// END android-removed 4329 import org.bouncycastle.asn1.cms.GCMParameters; 4330 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 4331 import org.bouncycastle.crypto.BlockCipher; 4332 @@ -20,22 +32,30 @@ 4333 import org.bouncycastle.crypto.CipherKeyGenerator; 4334 import org.bouncycastle.crypto.engines.AESFastEngine; 4335 import org.bouncycastle.crypto.engines.AESWrapEngine; 4336 -import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4337 -import org.bouncycastle.crypto.engines.RFC5649WrapEngine; 4338 -import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 4339 -import org.bouncycastle.crypto.macs.CMac; 4340 -import org.bouncycastle.crypto.macs.GMac; 4341 +// BEGIN android-removed 4342 +// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4343 +// import org.bouncycastle.crypto.engines.RFC5649WrapEngine; 4344 +// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 4345 +// import org.bouncycastle.crypto.macs.CMac; 4346 +// import org.bouncycastle.crypto.macs.GMac; 4347 +// END android-removed 4348 import org.bouncycastle.crypto.modes.CBCBlockCipher; 4349 -import org.bouncycastle.crypto.modes.CCMBlockCipher; 4350 +// BEGIN android-removed 4351 +// import org.bouncycastle.crypto.modes.CCMBlockCipher; 4352 +// END android-removed 4353 import org.bouncycastle.crypto.modes.CFBBlockCipher; 4354 import org.bouncycastle.crypto.modes.GCMBlockCipher; 4355 import org.bouncycastle.crypto.modes.OFBBlockCipher; 4356 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 4357 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4358 +// BEGIN android-removed 4359 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4360 +// END android-removed 4361 import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 4362 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 4363 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 4364 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4365 +// BEGIN android-removed 4366 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4367 +// END android-removed 4368 import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 4369 import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 4370 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 4371 @@ -98,53 +118,64 @@ 4372 public GCM() 4373 { 4374 super(new GCMBlockCipher(new AESFastEngine())); 4375 + // BEGIN android-added 4376 + try { 4377 + engineSetMode("GCM"); 4378 + engineSetPadding("NoPadding"); 4379 + } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { 4380 + // this should not be possible 4381 + throw new RuntimeException("Could not set mode or padding for GCM mode", e); 4382 + } 4383 + // END android-added 4384 } 4385 } 4386 4387 - static public class CCM 4388 - extends BaseBlockCipher 4389 - { 4390 - public CCM() 4391 - { 4392 - super(new CCMBlockCipher(new AESFastEngine())); 4393 - } 4394 - } 4395 - 4396 - public static class AESCMAC 4397 - extends BaseMac 4398 - { 4399 - public AESCMAC() 4400 - { 4401 - super(new CMac(new AESFastEngine())); 4402 - } 4403 - } 4404 - 4405 - public static class AESGMAC 4406 - extends BaseMac 4407 - { 4408 - public AESGMAC() 4409 - { 4410 - super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 4411 - } 4412 - } 4413 - 4414 - public static class Poly1305 4415 - extends BaseMac 4416 - { 4417 - public Poly1305() 4418 - { 4419 - super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 4420 - } 4421 - } 4422 - 4423 - public static class Poly1305KeyGen 4424 - extends BaseKeyGenerator 4425 - { 4426 - public Poly1305KeyGen() 4427 - { 4428 - super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 4429 - } 4430 - } 4431 + // BEGIN android-removed 4432 + // static public class CCM 4433 + // extends BaseBlockCipher 4434 + // { 4435 + // public CCM() 4436 + // { 4437 + // super(new CCMBlockCipher(new AESFastEngine())); 4438 + // } 4439 + // } 4440 + // 4441 + // public static class AESCMAC 4442 + // extends BaseMac 4443 + // { 4444 + // public AESCMAC() 4445 + // { 4446 + // super(new CMac(new AESFastEngine())); 4447 + // } 4448 + // } 4449 + // 4450 + // public static class AESGMAC 4451 + // extends BaseMac 4452 + // { 4453 + // public AESGMAC() 4454 + // { 4455 + // super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 4456 + // } 4457 + // } 4458 + // 4459 + // public static class Poly1305 4460 + // extends BaseMac 4461 + // { 4462 + // public Poly1305() 4463 + // { 4464 + // super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 4465 + // } 4466 + // } 4467 + // 4468 + // public static class Poly1305KeyGen 4469 + // extends BaseKeyGenerator 4470 + // { 4471 + // public Poly1305KeyGen() 4472 + // { 4473 + // super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 4474 + // } 4475 + // } 4476 + // END android-removed 4477 4478 static public class Wrap 4479 extends BaseWrapCipher 4480 @@ -155,23 +186,25 @@ 4481 } 4482 } 4483 4484 - public static class RFC3211Wrap 4485 - extends BaseWrapCipher 4486 - { 4487 - public RFC3211Wrap() 4488 - { 4489 - super(new RFC3211WrapEngine(new AESFastEngine()), 16); 4490 - } 4491 - } 4492 - 4493 - public static class RFC5649Wrap 4494 - extends BaseWrapCipher 4495 - { 4496 - public RFC5649Wrap() 4497 - { 4498 - super(new RFC5649WrapEngine(new AESFastEngine())); 4499 - } 4500 - } 4501 + // BEGIN android-removed 4502 + // public static class RFC3211Wrap 4503 + // extends BaseWrapCipher 4504 + // { 4505 + // public RFC3211Wrap() 4506 + // { 4507 + // super(new RFC3211WrapEngine(new AESFastEngine()), 16); 4508 + // } 4509 + // } 4510 + // 4511 + // public static class RFC5649Wrap 4512 + // extends BaseWrapCipher 4513 + // { 4514 + // public RFC5649Wrap() 4515 + // { 4516 + // super(new RFC5649WrapEngine(new AESFastEngine())); 4517 + // } 4518 + // } 4519 + // END android-removed 4520 4521 /** 4522 * PBEWithAES-CBC 4523 @@ -190,7 +223,9 @@ 4524 { 4525 public KeyGen() 4526 { 4527 - this(192); 4528 + // BEGIN android-changed 4529 + this(128); 4530 + // END android-changed 4531 } 4532 4533 public KeyGen(int keySize) 4534 @@ -199,32 +234,34 @@ 4535 } 4536 } 4537 4538 - public static class KeyGen128 4539 - extends KeyGen 4540 - { 4541 - public KeyGen128() 4542 - { 4543 - super(128); 4544 - } 4545 - } 4546 - 4547 - public static class KeyGen192 4548 - extends KeyGen 4549 - { 4550 - public KeyGen192() 4551 - { 4552 - super(192); 4553 - } 4554 - } 4555 - 4556 - public static class KeyGen256 4557 - extends KeyGen 4558 - { 4559 - public KeyGen256() 4560 - { 4561 - super(256); 4562 - } 4563 - } 4564 + // BEGIN android-removed 4565 + // public static class KeyGen128 4566 + // extends KeyGen 4567 + // { 4568 + // public KeyGen128() 4569 + // { 4570 + // super(128); 4571 + // } 4572 + // } 4573 + // 4574 + // public static class KeyGen192 4575 + // extends KeyGen 4576 + // { 4577 + // public KeyGen192() 4578 + // { 4579 + // super(192); 4580 + // } 4581 + // } 4582 + // 4583 + // public static class KeyGen256 4584 + // extends KeyGen 4585 + // { 4586 + // public KeyGen256() 4587 + // { 4588 + // super(256); 4589 + // } 4590 + // } 4591 + // END android-removed 4592 4593 /** 4594 * PBEWithSHA1And128BitAES-BC 4595 @@ -334,119 +371,121 @@ 4596 } 4597 } 4598 4599 - public static class AlgParamGen 4600 - extends BaseAlgorithmParameterGenerator 4601 - { 4602 - protected void engineInit( 4603 - AlgorithmParameterSpec genParamSpec, 4604 - SecureRandom random) 4605 - throws InvalidAlgorithmParameterException 4606 - { 4607 - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4608 - } 4609 - 4610 - protected AlgorithmParameters engineGenerateParameters() 4611 - { 4612 - byte[] iv = new byte[16]; 4613 - 4614 - if (random == null) 4615 - { 4616 - random = new SecureRandom(); 4617 - } 4618 - 4619 - random.nextBytes(iv); 4620 - 4621 - AlgorithmParameters params; 4622 - 4623 - try 4624 - { 4625 - params = createParametersInstance("AES"); 4626 - params.init(new IvParameterSpec(iv)); 4627 - } 4628 - catch (Exception e) 4629 - { 4630 - throw new RuntimeException(e.getMessage()); 4631 - } 4632 - 4633 - return params; 4634 - } 4635 - } 4636 - 4637 - public static class AlgParamGenCCM 4638 - extends BaseAlgorithmParameterGenerator 4639 - { 4640 - protected void engineInit( 4641 - AlgorithmParameterSpec genParamSpec, 4642 - SecureRandom random) 4643 - throws InvalidAlgorithmParameterException 4644 - { 4645 - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4646 - } 4647 - 4648 - protected AlgorithmParameters engineGenerateParameters() 4649 - { 4650 - byte[] iv = new byte[12]; 4651 - 4652 - if (random == null) 4653 - { 4654 - random = new SecureRandom(); 4655 - } 4656 - 4657 - random.nextBytes(iv); 4658 - 4659 - AlgorithmParameters params; 4660 - 4661 - try 4662 - { 4663 - params = createParametersInstance("CCM"); 4664 - params.init(new CCMParameters(iv, 12).getEncoded()); 4665 - } 4666 - catch (Exception e) 4667 - { 4668 - throw new RuntimeException(e.getMessage()); 4669 - } 4670 - 4671 - return params; 4672 - } 4673 - } 4674 - 4675 - public static class AlgParamGenGCM 4676 - extends BaseAlgorithmParameterGenerator 4677 - { 4678 - protected void engineInit( 4679 - AlgorithmParameterSpec genParamSpec, 4680 - SecureRandom random) 4681 - throws InvalidAlgorithmParameterException 4682 - { 4683 - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4684 - } 4685 - 4686 - protected AlgorithmParameters engineGenerateParameters() 4687 - { 4688 - byte[] nonce = new byte[12]; 4689 - 4690 - if (random == null) 4691 - { 4692 - random = new SecureRandom(); 4693 - } 4694 - 4695 - random.nextBytes(nonce); 4696 - 4697 - AlgorithmParameters params; 4698 - 4699 - try 4700 - { 4701 - params = createParametersInstance("GCM"); 4702 - params.init(new GCMParameters(nonce, 12).getEncoded()); 4703 - } 4704 - catch (Exception e) 4705 - { 4706 - throw new RuntimeException(e.getMessage()); 4707 - } 4708 - 4709 - return params; 4710 - } 4711 - } 4712 + // BEGIN android-removed 4713 + // public static class AlgParamGen 4714 + // extends BaseAlgorithmParameterGenerator 4715 + // { 4716 + // protected void engineInit( 4717 + // AlgorithmParameterSpec genParamSpec, 4718 + // SecureRandom random) 4719 + // throws InvalidAlgorithmParameterException 4720 + // { 4721 + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4722 + // } 4723 + // 4724 + // protected AlgorithmParameters engineGenerateParameters() 4725 + // { 4726 + // byte[] iv = new byte[16]; 4727 + // 4728 + // if (random == null) 4729 + // { 4730 + // random = new SecureRandom(); 4731 + // } 4732 + // 4733 + // random.nextBytes(iv); 4734 + // 4735 + // AlgorithmParameters params; 4736 + // 4737 + // try 4738 + // { 4739 + // params = createParametersInstance("AES"); 4740 + // params.init(new IvParameterSpec(iv)); 4741 + // } 4742 + // catch (Exception e) 4743 + // { 4744 + // throw new RuntimeException(e.getMessage()); 4745 + // } 4746 + // 4747 + // return params; 4748 + // } 4749 + // } 4750 + // 4751 + // public static class AlgParamGenCCM 4752 + // extends BaseAlgorithmParameterGenerator 4753 + // { 4754 + // protected void engineInit( 4755 + // AlgorithmParameterSpec genParamSpec, 4756 + // SecureRandom random) 4757 + // throws InvalidAlgorithmParameterException 4758 + // { 4759 + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4760 + // } 4761 + // 4762 + // protected AlgorithmParameters engineGenerateParameters() 4763 + // { 4764 + // byte[] iv = new byte[12]; 4765 + // 4766 + // if (random == null) 4767 + // { 4768 + // random = new SecureRandom(); 4769 + // } 4770 + // 4771 + // random.nextBytes(iv); 4772 + // 4773 + // AlgorithmParameters params; 4774 + // 4775 + // try 4776 + // { 4777 + // params = createParametersInstance("CCM"); 4778 + // params.init(new CCMParameters(iv, 12).getEncoded()); 4779 + // } 4780 + // catch (Exception e) 4781 + // { 4782 + // throw new RuntimeException(e.getMessage()); 4783 + // } 4784 + // 4785 + // return params; 4786 + // } 4787 + // } 4788 + // 4789 + // public static class AlgParamGenGCM 4790 + // extends BaseAlgorithmParameterGenerator 4791 + // { 4792 + // protected void engineInit( 4793 + // AlgorithmParameterSpec genParamSpec, 4794 + // SecureRandom random) 4795 + // throws InvalidAlgorithmParameterException 4796 + // { 4797 + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4798 + // } 4799 + // 4800 + // protected AlgorithmParameters engineGenerateParameters() 4801 + // { 4802 + // byte[] nonce = new byte[12]; 4803 + // 4804 + // if (random == null) 4805 + // { 4806 + // random = new SecureRandom(); 4807 + // } 4808 + // 4809 + // random.nextBytes(nonce); 4810 + // 4811 + // AlgorithmParameters params; 4812 + // 4813 + // try 4814 + // { 4815 + // params = createParametersInstance("GCM"); 4816 + // params.init(new GCMParameters(nonce, 12).getEncoded()); 4817 + // } 4818 + // catch (Exception e) 4819 + // { 4820 + // throw new RuntimeException(e.getMessage()); 4821 + // } 4822 + // 4823 + // return params; 4824 + // } 4825 + // } 4826 + // END android-removed 4827 4828 public static class AlgParams 4829 extends IvAlgorithmParameters 4830 @@ -545,80 +584,82 @@ 4831 } 4832 } 4833 4834 - public static class AlgParamsCCM 4835 - extends BaseAlgorithmParameters 4836 - { 4837 - private CCMParameters ccmParams; 4838 - 4839 - protected void engineInit(AlgorithmParameterSpec paramSpec) 4840 - throws InvalidParameterSpecException 4841 - { 4842 - throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); 4843 - } 4844 - 4845 - protected void engineInit(byte[] params) 4846 - throws IOException 4847 - { 4848 - ccmParams = CCMParameters.getInstance(params); 4849 - } 4850 - 4851 - protected void engineInit(byte[] params, String format) 4852 - throws IOException 4853 - { 4854 - if (!isASN1FormatString(format)) 4855 - { 4856 - throw new IOException("unknown format specified"); 4857 - } 4858 - 4859 - ccmParams = CCMParameters.getInstance(params); 4860 - } 4861 - 4862 - protected byte[] engineGetEncoded() 4863 - throws IOException 4864 - { 4865 - return ccmParams.getEncoded(); 4866 - } 4867 - 4868 - protected byte[] engineGetEncoded(String format) 4869 - throws IOException 4870 - { 4871 - if (!isASN1FormatString(format)) 4872 - { 4873 - throw new IOException("unknown format specified"); 4874 - } 4875 - 4876 - return ccmParams.getEncoded(); 4877 - } 4878 - 4879 - protected String engineToString() 4880 - { 4881 - return "CCM"; 4882 - } 4883 - 4884 - protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4885 - throws InvalidParameterSpecException 4886 - { 4887 - if (gcmSpecClass != null) 4888 - { 4889 - try 4890 - { 4891 - Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); 4892 - 4893 - return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); 4894 - } 4895 - catch (NoSuchMethodException e) 4896 - { 4897 - throw new InvalidParameterSpecException("no constructor found!"); // should never happen 4898 - } 4899 - catch (Exception e) 4900 - { 4901 - throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen 4902 - } 4903 - } 4904 - 4905 - throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); 4906 - } 4907 - } 4908 + // BEGIN android-removed 4909 + // public static class AlgParamsCCM 4910 + // extends BaseAlgorithmParameters 4911 + // { 4912 + // private CCMParameters ccmParams; 4913 + // 4914 + // protected void engineInit(AlgorithmParameterSpec paramSpec) 4915 + // throws InvalidParameterSpecException 4916 + // { 4917 + // throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); 4918 + // } 4919 + // 4920 + // protected void engineInit(byte[] params) 4921 + // throws IOException 4922 + // { 4923 + // ccmParams = CCMParameters.getInstance(params); 4924 + // } 4925 + // 4926 + // protected void engineInit(byte[] params, String format) 4927 + // throws IOException 4928 + // { 4929 + // if (!isASN1FormatString(format)) 4930 + // { 4931 + // throw new IOException("unknown format specified"); 4932 + // } 4933 + // 4934 + // ccmParams = CCMParameters.getInstance(params); 4935 + // } 4936 + // 4937 + // protected byte[] engineGetEncoded() 4938 + // throws IOException 4939 + // { 4940 + // return ccmParams.getEncoded(); 4941 + // } 4942 + // 4943 + // protected byte[] engineGetEncoded(String format) 4944 + // throws IOException 4945 + // { 4946 + // if (!isASN1FormatString(format)) 4947 + // { 4948 + // throw new IOException("unknown format specified"); 4949 + // } 4950 + // 4951 + // return ccmParams.getEncoded(); 4952 + // } 4953 + // 4954 + // protected String engineToString() 4955 + // { 4956 + // return "CCM"; 4957 + // } 4958 + // 4959 + // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4960 + // throws InvalidParameterSpecException 4961 + // { 4962 + // if (gcmSpecClass != null) 4963 + // { 4964 + // try 4965 + // { 4966 + // Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); 4967 + // 4968 + // return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); 4969 + // } 4970 + // catch (NoSuchMethodException e) 4971 + // { 4972 + // throw new InvalidParameterSpecException("no constructor found!"); // should never happen 4973 + // } 4974 + // catch (Exception e) 4975 + // { 4976 + // throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen 4977 + // } 4978 + // } 4979 + // 4980 + // throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); 4981 + // } 4982 + // } 4983 + // END android-removed 4984 4985 public static class Mappings 4986 extends SymmetricAlgorithmProvider 4987 @@ -652,92 +693,101 @@ 4988 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4989 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4990 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4991 - 4992 - provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); 4993 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4994 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4995 - provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4996 - 4997 - provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 4998 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 4999 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 5000 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 5001 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 5002 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 5003 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 5004 + // BEGIN android-removed 5005 + // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); 5006 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 5007 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 5008 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 5009 + // 5010 + // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 5011 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 5012 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 5013 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 5014 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 5015 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 5016 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 5017 + // END android-removed 5018 5019 provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); 5020 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); 5021 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); 5022 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); 5023 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 5024 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 5025 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 5026 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 5027 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 5028 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 5029 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 5030 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 5031 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 5032 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 5033 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 5034 - provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 5035 + // BEGIN android-removed 5036 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 5037 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 5038 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 5039 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 5040 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 5041 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 5042 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 5043 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 5044 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 5045 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 5046 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 5047 + // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 5048 + // END android-removed 5049 provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); 5050 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); 5051 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); 5052 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); 5053 5054 - provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 5055 - provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); 5056 - 5057 - provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); 5058 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 5059 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 5060 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 5061 - 5062 - provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); 5063 - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 5064 - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 5065 - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 5066 - 5067 - provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); 5068 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 5069 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 5070 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 5071 - 5072 - provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM"); 5073 - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 5074 - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 5075 - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 5076 + // BEGIN android-removed 5077 + // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 5078 + // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); 5079 + // 5080 + // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); 5081 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 5082 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 5083 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 5084 + // 5085 + // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); 5086 + // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 5087 + // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 5088 + // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 5089 + // 5090 + // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); 5091 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 5092 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 5093 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 5094 + // END android-removed 5095 + 5096 + // BEGIN android-changed 5097 + provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM"); 5098 + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING"); 5099 + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING"); 5100 + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING"); 5101 + // END android-changed 5102 5103 provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); 5104 - provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 5105 - provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 5106 - provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 5107 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 5108 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 5109 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 5110 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 5111 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 5112 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 5113 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 5114 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 5115 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 5116 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 5117 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 5118 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 5119 - provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 5120 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 5121 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 5122 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 5123 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); 5124 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); 5125 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); 5126 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); 5127 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); 5128 - provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); 5129 - 5130 - provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 5131 + // BEGIN android-removed 5132 + // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 5133 + // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 5134 + // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 5135 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 5136 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 5137 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 5138 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 5139 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 5140 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 5141 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 5142 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 5143 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 5144 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 5145 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 5146 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 5147 + // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 5148 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 5149 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 5150 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 5151 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); 5152 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); 5153 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); 5154 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); 5155 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); 5156 + // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); 5157 + // 5158 + // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 5159 + // END android-removed 5160 5161 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC"); 5162 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC"); 5163 @@ -816,8 +866,10 @@ 5164 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); 5165 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); 5166 5167 - addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 5168 - addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 5169 + // BEGIN android-removed 5170 + // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 5171 + // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 5172 + // END android-removed 5173 } 5174 } 5175 5176 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 5177 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2015-03-01 12:03:02.000000000 +0000 5178 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-05-25 02:14:15.000000000 +0000 5179 @@ -29,7 +29,9 @@ 5180 { 5181 public KeyGen() 5182 { 5183 - super("RC4", 128, new CipherKeyGenerator()); 5184 + // BEGIN android-changed 5185 + super("ARC4", 128, new CipherKeyGenerator()); 5186 + // END android-changed 5187 } 5188 } 5189 5190 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 5191 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2015-03-01 12:03:02.000000000 +0000 5192 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-09-17 23:04:47.000000000 +0000 5193 @@ -64,7 +64,9 @@ 5194 { 5195 5196 provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); 5197 - provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 5198 + // BEGIN android-removed 5199 + // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 5200 + // END android-removed 5201 provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); 5202 provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); 5203 provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); 5204 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 5205 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-03-01 12:03:02.000000000 +0000 5206 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-04-09 13:10:16.000000000 +0000 5207 @@ -19,12 +19,16 @@ 5208 import org.bouncycastle.crypto.CipherParameters; 5209 import org.bouncycastle.crypto.KeyGenerationParameters; 5210 import org.bouncycastle.crypto.engines.DESEngine; 5211 -import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5212 +// BEGIN android-removed 5213 +// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5214 +// END android-removed 5215 import org.bouncycastle.crypto.generators.DESKeyGenerator; 5216 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5217 -import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5218 -import org.bouncycastle.crypto.macs.CMac; 5219 -import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5220 +// BEGIN android-removed 5221 +// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5222 +// import org.bouncycastle.crypto.macs.CMac; 5223 +// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5224 +// END android-removed 5225 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5226 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 5227 import org.bouncycastle.crypto.params.DESParameters; 5228 @@ -65,17 +69,19 @@ 5229 } 5230 } 5231 5232 - /** 5233 - * DES CFB8 5234 - */ 5235 - public static class DESCFB8 5236 - extends BaseMac 5237 - { 5238 - public DESCFB8() 5239 - { 5240 - super(new CFBBlockCipherMac(new DESEngine())); 5241 - } 5242 - } 5243 + // BEGIN android-removed 5244 + // /** 5245 + // * DES CFB8 5246 + // */ 5247 + // public static class DESCFB8 5248 + // extends BaseMac 5249 + // { 5250 + // public DESCFB8() 5251 + // { 5252 + // super(new CFBBlockCipherMac(new DESEngine())); 5253 + // } 5254 + // } 5255 + // END android-removed 5256 5257 /** 5258 * DES64 5259 @@ -110,47 +116,49 @@ 5260 } 5261 } 5262 5263 - static public class CMAC 5264 - extends BaseMac 5265 - { 5266 - public CMAC() 5267 - { 5268 - super(new CMac(new DESEngine())); 5269 - } 5270 - } 5271 - 5272 - /** 5273 - * DES9797Alg3with7816-4Padding 5274 - */ 5275 - public static class DES9797Alg3with7816d4 5276 - extends BaseMac 5277 - { 5278 - public DES9797Alg3with7816d4() 5279 - { 5280 - super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5281 - } 5282 - } 5283 - 5284 - /** 5285 - * DES9797Alg3 5286 - */ 5287 - public static class DES9797Alg3 5288 - extends BaseMac 5289 - { 5290 - public DES9797Alg3() 5291 - { 5292 - super(new ISO9797Alg3Mac(new DESEngine())); 5293 - } 5294 - } 5295 - 5296 - public static class RFC3211 5297 - extends BaseWrapCipher 5298 - { 5299 - public RFC3211() 5300 - { 5301 - super(new RFC3211WrapEngine(new DESEngine()), 8); 5302 - } 5303 - } 5304 + // BEGIN android-removed 5305 + // static public class CMAC 5306 + // extends BaseMac 5307 + // { 5308 + // public CMAC() 5309 + // { 5310 + // super(new CMac(new DESEngine())); 5311 + // } 5312 + // } 5313 + // 5314 + // /** 5315 + // * DES9797Alg3with7816-4Padding 5316 + // */ 5317 + // public static class DES9797Alg3with7816d4 5318 + // extends BaseMac 5319 + // { 5320 + // public DES9797Alg3with7816d4() 5321 + // { 5322 + // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5323 + // } 5324 + // } 5325 + // 5326 + // /** 5327 + // * DES9797Alg3 5328 + // */ 5329 + // public static class DES9797Alg3 5330 + // extends BaseMac 5331 + // { 5332 + // public DES9797Alg3() 5333 + // { 5334 + // super(new ISO9797Alg3Mac(new DESEngine())); 5335 + // } 5336 + // } 5337 + // 5338 + // public static class RFC3211 5339 + // extends BaseWrapCipher 5340 + // { 5341 + // public RFC3211() 5342 + // { 5343 + // super(new RFC3211WrapEngine(new DESEngine()), 8); 5344 + // } 5345 + // } 5346 + // END android-removed 5347 5348 public static class AlgParamGen 5349 extends BaseAlgorithmParameterGenerator 5350 @@ -350,17 +358,19 @@ 5351 } 5352 } 5353 5354 - /** 5355 - * PBEWithMD2AndDES 5356 - */ 5357 - static public class PBEWithMD2KeyFactory 5358 - extends DESPBEKeyFactory 5359 - { 5360 - public PBEWithMD2KeyFactory() 5361 - { 5362 - super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 5363 - } 5364 - } 5365 + // BEGIN android-removed 5366 + // /** 5367 + // * PBEWithMD2AndDES 5368 + // */ 5369 + // static public class PBEWithMD2KeyFactory 5370 + // extends DESPBEKeyFactory 5371 + // { 5372 + // public PBEWithMD2KeyFactory() 5373 + // { 5374 + // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 5375 + // } 5376 + // } 5377 + // END android-removed 5378 5379 /** 5380 * PBEWithMD5AndDES 5381 @@ -386,17 +396,19 @@ 5382 } 5383 } 5384 5385 - /** 5386 - * PBEWithMD2AndDES 5387 - */ 5388 - static public class PBEWithMD2 5389 - extends BaseBlockCipher 5390 - { 5391 - public PBEWithMD2() 5392 - { 5393 - super(new CBCBlockCipher(new DESEngine())); 5394 - } 5395 - } 5396 + // BEGIN android-removed 5397 + // /** 5398 + // * PBEWithMD2AndDES 5399 + // */ 5400 + // static public class PBEWithMD2 5401 + // extends BaseBlockCipher 5402 + // { 5403 + // public PBEWithMD2() 5404 + // { 5405 + // super(new CBCBlockCipher(new DESEngine())); 5406 + // } 5407 + // } 5408 + // END android-removed 5409 5410 /** 5411 * PBEWithMD5AndDES 5412 @@ -436,61 +448,75 @@ 5413 { 5414 5415 provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); 5416 - provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 5417 - 5418 - addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 5419 - 5420 - provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 5421 + // BEGIN android-removed 5422 + // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 5423 + // 5424 + // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 5425 + // 5426 + // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 5427 + // END android-removed 5428 5429 provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); 5430 5431 provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); 5432 5433 - provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 5434 - provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 5435 - provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 5436 - 5437 - provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 5438 - provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 5439 - 5440 - provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 5441 - provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 5442 - 5443 - provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 5444 - provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5445 - provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5446 - provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5447 - 5448 - provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 5449 - provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 5450 - 5451 - provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 5452 - provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 5453 - provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 5454 - provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 5455 + // BEGIN android-removed 5456 + // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 5457 + // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 5458 + // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 5459 + // 5460 + // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 5461 + // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 5462 + // 5463 + // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 5464 + // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 5465 + // 5466 + // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 5467 + // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5468 + // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5469 + // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5470 + // 5471 + // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 5472 + // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 5473 + // 5474 + // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 5475 + // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 5476 + // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 5477 + // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 5478 + // END android-removed 5479 5480 provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); 5481 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); 5482 5483 - provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 5484 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 5485 - 5486 - provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 5487 + // BEGIN android-removed 5488 + // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 5489 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 5490 + // 5491 + // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 5492 + // END android-removed 5493 provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5"); 5494 provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1"); 5495 5496 - provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5497 + // BEGIN android-removed 5498 + // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5499 + // END android-removed 5500 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 5501 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 5502 5503 - provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 5504 + // BEGIN android-removed 5505 + // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 5506 + // END android-removed 5507 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory"); 5508 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory"); 5509 5510 - provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 5511 + // BEGIN android-removed 5512 + // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 5513 + // END android-removed 5514 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); 5515 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); 5516 - provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5517 + // BEGIN android-removed 5518 + // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5519 + // END android-removed 5520 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 5521 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 5522 } 5523 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 5524 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-03-01 12:03:02.000000000 +0000 5525 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-04-09 13:10:16.000000000 +0000 5526 @@ -1,30 +1,42 @@ 5527 package org.bouncycastle.jcajce.provider.symmetric; 5528 5529 -import java.security.AlgorithmParameters; 5530 -import java.security.InvalidAlgorithmParameterException; 5531 +// BEGIN android-removed 5532 +// import java.security.AlgorithmParameters; 5533 +// import java.security.InvalidAlgorithmParameterException; 5534 +// END android-removed 5535 import java.security.SecureRandom; 5536 -import java.security.spec.AlgorithmParameterSpec; 5537 +// BEGIN android-removed 5538 +// import java.security.spec.AlgorithmParameterSpec; 5539 +// END android-removed 5540 import java.security.spec.InvalidKeySpecException; 5541 import java.security.spec.KeySpec; 5542 5543 import javax.crypto.SecretKey; 5544 import javax.crypto.spec.DESedeKeySpec; 5545 -import javax.crypto.spec.IvParameterSpec; 5546 +// BEGIN android-removed 5547 +// import javax.crypto.spec.IvParameterSpec; 5548 +// END android-removed 5549 import javax.crypto.spec.SecretKeySpec; 5550 5551 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5552 import org.bouncycastle.crypto.KeyGenerationParameters; 5553 import org.bouncycastle.crypto.engines.DESedeEngine; 5554 import org.bouncycastle.crypto.engines.DESedeWrapEngine; 5555 -import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5556 +// BEGIN android-removed 5557 +// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5558 +// END android-removed 5559 import org.bouncycastle.crypto.generators.DESedeKeyGenerator; 5560 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5561 -import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5562 -import org.bouncycastle.crypto.macs.CMac; 5563 +// BEGIN android-removed 5564 +// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5565 +// import org.bouncycastle.crypto.macs.CMac; 5566 +// END android-removed 5567 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5568 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 5569 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 5570 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5571 +// BEGIN android-removed 5572 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5573 +// END android-removed 5574 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 5575 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5576 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5577 @@ -56,17 +68,19 @@ 5578 } 5579 } 5580 5581 - /** 5582 - * DESede CFB8 5583 - */ 5584 - public static class DESedeCFB8 5585 - extends BaseMac 5586 - { 5587 - public DESedeCFB8() 5588 - { 5589 - super(new CFBBlockCipherMac(new DESedeEngine())); 5590 - } 5591 - } 5592 + // BEGIN android-removed 5593 + // /** 5594 + // * DESede CFB8 5595 + // */ 5596 + // public static class DESedeCFB8 5597 + // extends BaseMac 5598 + // { 5599 + // public DESedeCFB8() 5600 + // { 5601 + // super(new CFBBlockCipherMac(new DESedeEngine())); 5602 + // } 5603 + // } 5604 + // END android-removed 5605 5606 /** 5607 * DESede64 5608 @@ -101,15 +115,17 @@ 5609 } 5610 } 5611 5612 - static public class CMAC 5613 - extends BaseMac 5614 - { 5615 - public CMAC() 5616 - { 5617 - super(new CMac(new DESedeEngine())); 5618 - } 5619 - } 5620 - 5621 + // BEGIN android-removed 5622 + // static public class CMAC 5623 + // extends BaseMac 5624 + // { 5625 + // public CMAC() 5626 + // { 5627 + // super(new CMac(new DESedeEngine())); 5628 + // } 5629 + // } 5630 + // END android-removed 5631 + 5632 public static class Wrap 5633 extends BaseWrapCipher 5634 { 5635 @@ -118,15 +134,17 @@ 5636 super(new DESedeWrapEngine()); 5637 } 5638 } 5639 - 5640 - public static class RFC3211 5641 - extends BaseWrapCipher 5642 - { 5643 - public RFC3211() 5644 - { 5645 - super(new RFC3211WrapEngine(new DESedeEngine()), 8); 5646 - } 5647 - } 5648 + 5649 + // BEGIN android-removed 5650 + // public static class RFC3211 5651 + // extends BaseWrapCipher 5652 + // { 5653 + // public RFC3211() 5654 + // { 5655 + // super(new RFC3211WrapEngine(new DESedeEngine()), 8); 5656 + // } 5657 + // } 5658 + // END android-removed 5659 5660 /** 5661 * DESede - the default for this is to generate a key in 5662 @@ -240,43 +258,45 @@ 5663 } 5664 } 5665 5666 - public static class AlgParamGen 5667 - extends BaseAlgorithmParameterGenerator 5668 - { 5669 - protected void engineInit( 5670 - AlgorithmParameterSpec genParamSpec, 5671 - SecureRandom random) 5672 - throws InvalidAlgorithmParameterException 5673 - { 5674 - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 5675 - } 5676 - 5677 - protected AlgorithmParameters engineGenerateParameters() 5678 - { 5679 - byte[] iv = new byte[8]; 5680 - 5681 - if (random == null) 5682 - { 5683 - random = new SecureRandom(); 5684 - } 5685 - 5686 - random.nextBytes(iv); 5687 - 5688 - AlgorithmParameters params; 5689 - 5690 - try 5691 - { 5692 - params = createParametersInstance("DES"); 5693 - params.init(new IvParameterSpec(iv)); 5694 - } 5695 - catch (Exception e) 5696 - { 5697 - throw new RuntimeException(e.getMessage()); 5698 - } 5699 - 5700 - return params; 5701 - } 5702 - } 5703 + // BEGIN android-removed 5704 + // public static class AlgParamGen 5705 + // extends BaseAlgorithmParameterGenerator 5706 + // { 5707 + // protected void engineInit( 5708 + // AlgorithmParameterSpec genParamSpec, 5709 + // SecureRandom random) 5710 + // throws InvalidAlgorithmParameterException 5711 + // { 5712 + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 5713 + // } 5714 + 5715 + // protected AlgorithmParameters engineGenerateParameters() 5716 + // { 5717 + // byte[] iv = new byte[8]; 5718 + 5719 + // if (random == null) 5720 + // { 5721 + // random = new SecureRandom(); 5722 + // } 5723 + 5724 + // random.nextBytes(iv); 5725 + 5726 + // AlgorithmParameters params; 5727 + 5728 + // try 5729 + // { 5730 + // params = createParametersInstance("DES"); 5731 + // params.init(new IvParameterSpec(iv)); 5732 + // } 5733 + // catch (Exception e) 5734 + // { 5735 + // throw new RuntimeException(e.getMessage()); 5736 + // } 5737 + 5738 + // return params; 5739 + // } 5740 + // } 5741 + // END android-removed 5742 5743 static public class KeyFactory 5744 extends BaseSecretKeyFactory 5745 @@ -360,25 +380,37 @@ 5746 public void configure(ConfigurableProvider provider) 5747 { 5748 provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); 5749 - provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 5750 + // BEGIN android-removed 5751 + // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 5752 + // END android-removed 5753 provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); 5754 - provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap"); 5755 - provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 5756 + // BEGIN android-changed 5757 + provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); 5758 + // END android-changed 5759 + // BEGIN android-removed 5760 + // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 5761 + // END android-removed 5762 5763 provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE"); 5764 provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP"); 5765 provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); 5766 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE"); 5767 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 5768 + // BEGIN android-removed 5769 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 5770 + // END android-removed 5771 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); 5772 5773 if (provider.hasAlgorithm("MessageDigest", "SHA-1")) 5774 { 5775 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); 5776 - provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 5777 - provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 5778 + // BEGIN android-removed 5779 + // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 5780 + // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 5781 + // END android-removed 5782 provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); 5783 - provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 5784 + // BEGIN android-removed 5785 + // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 5786 + // END android-removed 5787 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 5788 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 5789 provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 5790 @@ -387,31 +419,37 @@ 5791 } 5792 5793 provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); 5794 - provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 5795 - provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 5796 + // BEGIN android-removed 5797 + // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 5798 + // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 5799 + // END android-removed 5800 5801 provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); 5802 5803 - provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 5804 - provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 5805 - provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 5806 - 5807 - provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 5808 - provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 5809 - 5810 - provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 5811 - provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 5812 - 5813 - provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 5814 - provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5815 - provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5816 - provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5817 + // BEGIN android-removed 5818 + // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 5819 + // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 5820 + // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 5821 + // 5822 + // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 5823 + // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 5824 + // 5825 + // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 5826 + // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 5827 + // 5828 + // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 5829 + // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5830 + // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5831 + // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5832 + // END android-removed 5833 5834 provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); 5835 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5836 5837 - provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 5838 - provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5839 + // BEGIN android-removed 5840 + // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 5841 + // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5842 + // END android-removed 5843 5844 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory"); 5845 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory"); 5846 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 5847 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-03-01 12:03:02.000000000 +0000 5848 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-04-09 13:10:16.000000000 +0000 5849 @@ -12,20 +12,28 @@ 5850 5851 import org.bouncycastle.asn1.ASN1Primitive; 5852 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5853 -import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 5854 -import org.bouncycastle.crypto.CipherKeyGenerator; 5855 +// BEGIN android-removed 5856 +// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 5857 +// import org.bouncycastle.crypto.CipherKeyGenerator; 5858 +// END android-removed 5859 import org.bouncycastle.crypto.engines.RC2Engine; 5860 -import org.bouncycastle.crypto.engines.RC2WrapEngine; 5861 -import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5862 -import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5863 +// BEGIN android-removed 5864 +// import org.bouncycastle.crypto.engines.RC2WrapEngine; 5865 +// import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5866 +// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5867 +// END android-removed 5868 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5869 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 5870 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5871 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 5872 +// BEGIN android-removed 5873 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5874 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 5875 +// END android-removed 5876 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 5877 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5878 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5879 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 5880 +// BEGIN android-removed 5881 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5882 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5883 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 5884 +// END android-removed 5885 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 5886 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; 5887 import org.bouncycastle.util.Arrays; 5888 @@ -36,59 +44,61 @@ 5889 { 5890 } 5891 5892 - /** 5893 - * RC2 5894 - */ 5895 - static public class ECB 5896 - extends BaseBlockCipher 5897 - { 5898 - public ECB() 5899 - { 5900 - super(new RC2Engine()); 5901 - } 5902 - } 5903 - 5904 - /** 5905 - * RC2CBC 5906 - */ 5907 - static public class CBC 5908 - extends BaseBlockCipher 5909 - { 5910 - public CBC() 5911 - { 5912 - super(new CBCBlockCipher(new RC2Engine()), 64); 5913 - } 5914 - } 5915 - 5916 - public static class Wrap 5917 - extends BaseWrapCipher 5918 - { 5919 - public Wrap() 5920 - { 5921 - super(new RC2WrapEngine()); 5922 - } 5923 - } 5924 - 5925 - /** 5926 - * RC2 5927 - */ 5928 - public static class CBCMAC 5929 - extends BaseMac 5930 - { 5931 - public CBCMAC() 5932 - { 5933 - super(new CBCBlockCipherMac(new RC2Engine())); 5934 - } 5935 - } 5936 - 5937 - public static class CFB8MAC 5938 - extends BaseMac 5939 - { 5940 - public CFB8MAC() 5941 - { 5942 - super(new CFBBlockCipherMac(new RC2Engine())); 5943 - } 5944 - } 5945 + // BEGIN android-removed 5946 + // /** 5947 + // * RC2 5948 + // */ 5949 + // static public class ECB 5950 + // extends BaseBlockCipher 5951 + // { 5952 + // public ECB() 5953 + // { 5954 + // super(new RC2Engine()); 5955 + // } 5956 + // } 5957 + // 5958 + // /** 5959 + // * RC2CBC 5960 + // */ 5961 + // static public class CBC 5962 + // extends BaseBlockCipher 5963 + // { 5964 + // public CBC() 5965 + // { 5966 + // super(new CBCBlockCipher(new RC2Engine()), 64); 5967 + // } 5968 + // } 5969 + // 5970 + // public static class Wrap 5971 + // extends BaseWrapCipher 5972 + // { 5973 + // public Wrap() 5974 + // { 5975 + // super(new RC2WrapEngine()); 5976 + // } 5977 + // } 5978 + // 5979 + // /** 5980 + // * RC2 5981 + // */ 5982 + // public static class CBCMAC 5983 + // extends BaseMac 5984 + // { 5985 + // public CBCMAC() 5986 + // { 5987 + // super(new CBCBlockCipherMac(new RC2Engine())); 5988 + // } 5989 + // } 5990 + // 5991 + // public static class CFB8MAC 5992 + // extends BaseMac 5993 + // { 5994 + // public CFB8MAC() 5995 + // { 5996 + // super(new CFBBlockCipherMac(new RC2Engine())); 5997 + // } 5998 + // } 5999 + // END android-removed 6000 6001 /** 6002 * PBEWithSHA1AndRC2 6003 @@ -174,17 +184,19 @@ 6004 } 6005 } 6006 6007 - /** 6008 - * PBEWithMD2AndRC2 6009 - */ 6010 - static public class PBEWithMD2KeyFactory 6011 - extends PBESecretKeyFactory 6012 - { 6013 - public PBEWithMD2KeyFactory() 6014 - { 6015 - super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 6016 - } 6017 - } 6018 + // BEGIN android-removed 6019 + // /** 6020 + // * PBEWithMD2AndRC2 6021 + // */ 6022 + // static public class PBEWithMD2KeyFactory 6023 + // extends PBESecretKeyFactory 6024 + // { 6025 + // public PBEWithMD2KeyFactory() 6026 + // { 6027 + // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 6028 + // } 6029 + // } 6030 + // END android-removed 6031 6032 /** 6033 * PBEWithMD5AndRC2 6034 @@ -198,247 +210,249 @@ 6035 } 6036 } 6037 6038 - public static class AlgParamGen 6039 - extends BaseAlgorithmParameterGenerator 6040 - { 6041 - RC2ParameterSpec spec = null; 6042 - 6043 - protected void engineInit( 6044 - AlgorithmParameterSpec genParamSpec, 6045 - SecureRandom random) 6046 - throws InvalidAlgorithmParameterException 6047 - { 6048 - if (genParamSpec instanceof RC2ParameterSpec) 6049 - { 6050 - spec = (RC2ParameterSpec)genParamSpec; 6051 - return; 6052 - } 6053 - 6054 - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 6055 - } 6056 - 6057 - protected AlgorithmParameters engineGenerateParameters() 6058 - { 6059 - AlgorithmParameters params; 6060 - 6061 - if (spec == null) 6062 - { 6063 - byte[] iv = new byte[8]; 6064 - 6065 - if (random == null) 6066 - { 6067 - random = new SecureRandom(); 6068 - } 6069 - 6070 - random.nextBytes(iv); 6071 - 6072 - try 6073 - { 6074 - params = createParametersInstance("RC2"); 6075 - params.init(new IvParameterSpec(iv)); 6076 - } 6077 - catch (Exception e) 6078 - { 6079 - throw new RuntimeException(e.getMessage()); 6080 - } 6081 - } 6082 - else 6083 - { 6084 - try 6085 - { 6086 - params = createParametersInstance("RC2"); 6087 - params.init(spec); 6088 - } 6089 - catch (Exception e) 6090 - { 6091 - throw new RuntimeException(e.getMessage()); 6092 - } 6093 - } 6094 - 6095 - return params; 6096 - } 6097 - } 6098 - 6099 - public static class KeyGenerator 6100 - extends BaseKeyGenerator 6101 - { 6102 - public KeyGenerator() 6103 - { 6104 - super("RC2", 128, new CipherKeyGenerator()); 6105 - } 6106 - } 6107 - 6108 - public static class AlgParams 6109 - extends BaseAlgorithmParameters 6110 - { 6111 - private static final short[] table = { 6112 - 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 6113 - 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 6114 - 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 6115 - 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 6116 - 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 6117 - 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 6118 - 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 6119 - 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 6120 - 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 6121 - 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 6122 - 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 6123 - 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 6124 - 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 6125 - 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 6126 - 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 6127 - 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 6128 - }; 6129 - 6130 - private static final short[] ekb = { 6131 - 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 6132 - 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 6133 - 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 6134 - 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 6135 - 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 6136 - 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 6137 - 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 6138 - 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 6139 - 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 6140 - 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 6141 - 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 6142 - 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 6143 - 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 6144 - 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 6145 - 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 6146 - 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 6147 - }; 6148 - 6149 - private byte[] iv; 6150 - private int parameterVersion = 58; 6151 - 6152 - protected byte[] engineGetEncoded() 6153 - { 6154 - return Arrays.clone(iv); 6155 - } 6156 - 6157 - protected byte[] engineGetEncoded( 6158 - String format) 6159 - throws IOException 6160 - { 6161 - if (this.isASN1FormatString(format)) 6162 - { 6163 - if (parameterVersion == -1) 6164 - { 6165 - return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 6166 - } 6167 - else 6168 - { 6169 - return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 6170 - } 6171 - } 6172 - 6173 - if (format.equals("RAW")) 6174 - { 6175 - return engineGetEncoded(); 6176 - } 6177 - 6178 - return null; 6179 - } 6180 - 6181 - protected AlgorithmParameterSpec localEngineGetParameterSpec( 6182 - Class paramSpec) 6183 - throws InvalidParameterSpecException 6184 - { 6185 - if (paramSpec == RC2ParameterSpec.class) 6186 - { 6187 - if (parameterVersion != -1) 6188 - { 6189 - if (parameterVersion < 256) 6190 - { 6191 - return new RC2ParameterSpec(ekb[parameterVersion], iv); 6192 - } 6193 - else 6194 - { 6195 - return new RC2ParameterSpec(parameterVersion, iv); 6196 - } 6197 - } 6198 - } 6199 - 6200 - if (paramSpec == IvParameterSpec.class) 6201 - { 6202 - return new IvParameterSpec(iv); 6203 - } 6204 - 6205 - throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 6206 - } 6207 - 6208 - protected void engineInit( 6209 - AlgorithmParameterSpec paramSpec) 6210 - throws InvalidParameterSpecException 6211 - { 6212 - if (paramSpec instanceof IvParameterSpec) 6213 - { 6214 - this.iv = ((IvParameterSpec)paramSpec).getIV(); 6215 - } 6216 - else if (paramSpec instanceof RC2ParameterSpec) 6217 - { 6218 - int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 6219 - if (effKeyBits != -1) 6220 - { 6221 - if (effKeyBits < 256) 6222 - { 6223 - parameterVersion = table[effKeyBits]; 6224 - } 6225 - else 6226 - { 6227 - parameterVersion = effKeyBits; 6228 - } 6229 - } 6230 - 6231 - this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 6232 - } 6233 - else 6234 - { 6235 - throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 6236 - } 6237 - } 6238 - 6239 - protected void engineInit( 6240 - byte[] params) 6241 - throws IOException 6242 - { 6243 - this.iv = Arrays.clone(params); 6244 - } 6245 - 6246 - protected void engineInit( 6247 - byte[] params, 6248 - String format) 6249 - throws IOException 6250 - { 6251 - if (this.isASN1FormatString(format)) 6252 - { 6253 - RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 6254 - 6255 - if (p.getRC2ParameterVersion() != null) 6256 - { 6257 - parameterVersion = p.getRC2ParameterVersion().intValue(); 6258 - } 6259 - 6260 - iv = p.getIV(); 6261 - 6262 - return; 6263 - } 6264 - 6265 - if (format.equals("RAW")) 6266 - { 6267 - engineInit(params); 6268 - return; 6269 - } 6270 - 6271 - throw new IOException("Unknown parameters format in IV parameters object"); 6272 - } 6273 - 6274 - protected String engineToString() 6275 - { 6276 - return "RC2 Parameters"; 6277 - } 6278 - } 6279 + // BEGIN android-removed 6280 + // public static class AlgParamGen 6281 + // extends BaseAlgorithmParameterGenerator 6282 + // { 6283 + // RC2ParameterSpec spec = null; 6284 + // 6285 + // protected void engineInit( 6286 + // AlgorithmParameterSpec genParamSpec, 6287 + // SecureRandom random) 6288 + // throws InvalidAlgorithmParameterException 6289 + // { 6290 + // if (genParamSpec instanceof RC2ParameterSpec) 6291 + // { 6292 + // spec = (RC2ParameterSpec)genParamSpec; 6293 + // return; 6294 + // } 6295 + // 6296 + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 6297 + // } 6298 + // 6299 + // protected AlgorithmParameters engineGenerateParameters() 6300 + // { 6301 + // AlgorithmParameters params; 6302 + // 6303 + // if (spec == null) 6304 + // { 6305 + // byte[] iv = new byte[8]; 6306 + // 6307 + // if (random == null) 6308 + // { 6309 + // random = new SecureRandom(); 6310 + // } 6311 + // 6312 + // random.nextBytes(iv); 6313 + // 6314 + // try 6315 + // { 6316 + // params = createParametersInstance("RC2"); 6317 + // params.init(new IvParameterSpec(iv)); 6318 + // } 6319 + // catch (Exception e) 6320 + // { 6321 + // throw new RuntimeException(e.getMessage()); 6322 + // } 6323 + // } 6324 + // else 6325 + // { 6326 + // try 6327 + // { 6328 + // params = createParametersInstance("RC2"); 6329 + // params.init(spec); 6330 + // } 6331 + // catch (Exception e) 6332 + // { 6333 + // throw new RuntimeException(e.getMessage()); 6334 + // } 6335 + // } 6336 + // 6337 + // return params; 6338 + // } 6339 + // } 6340 + // 6341 + // public static class KeyGenerator 6342 + // extends BaseKeyGenerator 6343 + // { 6344 + // public KeyGenerator() 6345 + // { 6346 + // super("RC2", 128, new CipherKeyGenerator()); 6347 + // } 6348 + // } 6349 + // 6350 + // public static class AlgParams 6351 + // extends BaseAlgorithmParameters 6352 + // { 6353 + // private static final short[] table = { 6354 + // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 6355 + // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 6356 + // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 6357 + // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 6358 + // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 6359 + // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 6360 + // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 6361 + // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 6362 + // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 6363 + // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 6364 + // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 6365 + // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 6366 + // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 6367 + // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 6368 + // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 6369 + // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 6370 + // }; 6371 + // 6372 + // private static final short[] ekb = { 6373 + // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 6374 + // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 6375 + // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 6376 + // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 6377 + // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 6378 + // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 6379 + // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 6380 + // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 6381 + // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 6382 + // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 6383 + // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 6384 + // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 6385 + // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 6386 + // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 6387 + // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 6388 + // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 6389 + // }; 6390 + // 6391 + // private byte[] iv; 6392 + // private int parameterVersion = 58; 6393 + // 6394 + // protected byte[] engineGetEncoded() 6395 + // { 6396 + // return Arrays.clone(iv); 6397 + // } 6398 + // 6399 + // protected byte[] engineGetEncoded( 6400 + // String format) 6401 + // throws IOException 6402 + // { 6403 + // if (this.isASN1FormatString(format)) 6404 + // { 6405 + // if (parameterVersion == -1) 6406 + // { 6407 + // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 6408 + // } 6409 + // else 6410 + // { 6411 + // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 6412 + // } 6413 + // } 6414 + // 6415 + // if (format.equals("RAW")) 6416 + // { 6417 + // return engineGetEncoded(); 6418 + // } 6419 + // 6420 + // return null; 6421 + // } 6422 + // 6423 + // protected AlgorithmParameterSpec localEngineGetParameterSpec( 6424 + // Class paramSpec) 6425 + // throws InvalidParameterSpecException 6426 + // { 6427 + // if (paramSpec == RC2ParameterSpec.class) 6428 + // { 6429 + // if (parameterVersion != -1) 6430 + // { 6431 + // if (parameterVersion < 256) 6432 + // { 6433 + // return new RC2ParameterSpec(ekb[parameterVersion], iv); 6434 + // } 6435 + // else 6436 + // { 6437 + // return new RC2ParameterSpec(parameterVersion, iv); 6438 + // } 6439 + // } 6440 + // } 6441 + // 6442 + // if (paramSpec == IvParameterSpec.class) 6443 + // { 6444 + // return new IvParameterSpec(iv); 6445 + // } 6446 + // 6447 + // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 6448 + // } 6449 + // 6450 + // protected void engineInit( 6451 + // AlgorithmParameterSpec paramSpec) 6452 + // throws InvalidParameterSpecException 6453 + // { 6454 + // if (paramSpec instanceof IvParameterSpec) 6455 + // { 6456 + // this.iv = ((IvParameterSpec)paramSpec).getIV(); 6457 + // } 6458 + // else if (paramSpec instanceof RC2ParameterSpec) 6459 + // { 6460 + // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 6461 + // if (effKeyBits != -1) 6462 + // { 6463 + // if (effKeyBits < 256) 6464 + // { 6465 + // parameterVersion = table[effKeyBits]; 6466 + // } 6467 + // else 6468 + // { 6469 + // parameterVersion = effKeyBits; 6470 + // } 6471 + // } 6472 + // 6473 + // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 6474 + // } 6475 + // else 6476 + // { 6477 + // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 6478 + // } 6479 + // } 6480 + // 6481 + // protected void engineInit( 6482 + // byte[] params) 6483 + // throws IOException 6484 + // { 6485 + // this.iv = Arrays.clone(params); 6486 + // } 6487 + // 6488 + // protected void engineInit( 6489 + // byte[] params, 6490 + // String format) 6491 + // throws IOException 6492 + // { 6493 + // if (this.isASN1FormatString(format)) 6494 + // { 6495 + // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 6496 + // 6497 + // if (p.getRC2ParameterVersion() != null) 6498 + // { 6499 + // parameterVersion = p.getRC2ParameterVersion().intValue(); 6500 + // } 6501 + // 6502 + // iv = p.getIV(); 6503 + // 6504 + // return; 6505 + // } 6506 + // 6507 + // if (format.equals("RAW")) 6508 + // { 6509 + // engineInit(params); 6510 + // return; 6511 + // } 6512 + // 6513 + // throw new IOException("Unknown parameters format in IV parameters object"); 6514 + // } 6515 + // 6516 + // protected String engineToString() 6517 + // { 6518 + // return "RC2 Parameters"; 6519 + // } 6520 + // } 6521 + // END android-removed 6522 6523 public static class Mappings 6524 extends AlgorithmProvider 6525 @@ -452,32 +466,36 @@ 6526 public void configure(ConfigurableProvider provider) 6527 { 6528 6529 - provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 6530 - provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 6531 - 6532 - provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 6533 - provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 6534 - 6535 - provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 6536 - provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 6537 - 6538 - provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 6539 - provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 6540 - provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 6541 - provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 6542 - 6543 - provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 6544 - provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 6545 - provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 6546 - provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 6547 - 6548 - provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6549 + // BEGIN android-removed 6550 + // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 6551 + // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 6552 + // 6553 + // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 6554 + // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 6555 + // 6556 + // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 6557 + // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 6558 + // 6559 + // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 6560 + // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 6561 + // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 6562 + // provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 6563 + // 6564 + // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 6565 + // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 6566 + // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 6567 + // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 6568 + // 6569 + // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6570 + // END android-removed 6571 6572 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); 6573 6574 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); 6575 6576 - provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6577 + // BEGIN android-removed 6578 + // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6579 + // END android-removed 6580 6581 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6582 6583 @@ -485,14 +503,18 @@ 6584 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC"); 6585 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC"); 6586 6587 - provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 6588 + // BEGIN android-removed 6589 + // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 6590 + // END android-removed 6591 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory"); 6592 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory"); 6593 6594 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory"); 6595 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory"); 6596 6597 - provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6598 + // BEGIN android-removed 6599 + // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6600 + // END android-removed 6601 6602 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6603 6604 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 6605 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2015-03-01 12:03:02.000000000 +0000 6606 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2013-12-12 00:35:05.000000000 +0000 6607 @@ -6,29 +6,31 @@ 6608 abstract class SymmetricAlgorithmProvider 6609 extends AlgorithmProvider 6610 { 6611 - protected void addGMacAlgorithm( 6612 - ConfigurableProvider provider, 6613 - String algorithm, 6614 - String algorithmClassName, 6615 - String keyGeneratorClassName) 6616 - { 6617 - provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 6618 - provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 6619 - 6620 - provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 6621 - provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 6622 - } 6623 - 6624 - protected void addPoly1305Algorithm(ConfigurableProvider provider, 6625 - String algorithm, 6626 - String algorithmClassName, 6627 - String keyGeneratorClassName) 6628 - { 6629 - provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 6630 - provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 6631 - 6632 - provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 6633 - provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 6634 - } 6635 + // BEGIN android-removed 6636 + // protected void addGMacAlgorithm( 6637 + // ConfigurableProvider provider, 6638 + // String algorithm, 6639 + // String algorithmClassName, 6640 + // String keyGeneratorClassName) 6641 + // { 6642 + // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 6643 + // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 6644 + // 6645 + // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 6646 + // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 6647 + // } 6648 + // 6649 + // protected void addPoly1305Algorithm(ConfigurableProvider provider, 6650 + // String algorithm, 6651 + // String algorithmClassName, 6652 + // String keyGeneratorClassName) 6653 + // { 6654 + // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 6655 + // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 6656 + // 6657 + // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 6658 + // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 6659 + // } 6660 + // END android-removed 6661 6662 } 6663 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 6664 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2015-03-01 12:03:02.000000000 +0000 6665 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2013-12-12 00:35:05.000000000 +0000 6666 @@ -1,18 +1,26 @@ 6667 package org.bouncycastle.jcajce.provider.symmetric; 6668 6669 -import org.bouncycastle.crypto.BlockCipher; 6670 -import org.bouncycastle.crypto.CipherKeyGenerator; 6671 +// BEGIN android-removed 6672 +// import org.bouncycastle.crypto.BlockCipher; 6673 +// import org.bouncycastle.crypto.CipherKeyGenerator; 6674 +// END android-removed 6675 import org.bouncycastle.crypto.engines.TwofishEngine; 6676 -import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 6677 -import org.bouncycastle.crypto.macs.GMac; 6678 +// BEGIN android-removed 6679 +// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 6680 +// import org.bouncycastle.crypto.macs.GMac; 6681 +// END android-removed 6682 import org.bouncycastle.crypto.modes.CBCBlockCipher; 6683 -import org.bouncycastle.crypto.modes.GCMBlockCipher; 6684 +// BEGIN android-removed 6685 +// import org.bouncycastle.crypto.modes.GCMBlockCipher; 6686 +// END android-removed 6687 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 6688 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 6689 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 6690 -import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 6691 -import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 6692 -import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 6693 +// BEGIN android-removed 6694 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 6695 +// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 6696 +// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 6697 +// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 6698 +// END android-removed 6699 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 6700 6701 public final class Twofish 6702 @@ -21,56 +29,58 @@ 6703 { 6704 } 6705 6706 - public static class ECB 6707 - extends BaseBlockCipher 6708 - { 6709 - public ECB() 6710 - { 6711 - super(new BlockCipherProvider() 6712 - { 6713 - public BlockCipher get() 6714 - { 6715 - return new TwofishEngine(); 6716 - } 6717 - }); 6718 - } 6719 - } 6720 - 6721 - public static class KeyGen 6722 - extends BaseKeyGenerator 6723 - { 6724 - public KeyGen() 6725 - { 6726 - super("Twofish", 256, new CipherKeyGenerator()); 6727 - } 6728 - } 6729 - 6730 - public static class GMAC 6731 - extends BaseMac 6732 - { 6733 - public GMAC() 6734 - { 6735 - super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 6736 - } 6737 - } 6738 - 6739 - public static class Poly1305 6740 - extends BaseMac 6741 - { 6742 - public Poly1305() 6743 - { 6744 - super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 6745 - } 6746 - } 6747 - 6748 - public static class Poly1305KeyGen 6749 - extends BaseKeyGenerator 6750 - { 6751 - public Poly1305KeyGen() 6752 - { 6753 - super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 6754 - } 6755 - } 6756 + // BEGIN android-removed 6757 + // public static class ECB 6758 + // extends BaseBlockCipher 6759 + // { 6760 + // public ECB() 6761 + // { 6762 + // super(new BlockCipherProvider() 6763 + // { 6764 + // public BlockCipher get() 6765 + // { 6766 + // return new TwofishEngine(); 6767 + // } 6768 + // }); 6769 + // } 6770 + // } 6771 + // 6772 + // public static class KeyGen 6773 + // extends BaseKeyGenerator 6774 + // { 6775 + // public KeyGen() 6776 + // { 6777 + // super("Twofish", 256, new CipherKeyGenerator()); 6778 + // } 6779 + // } 6780 + // 6781 + // public static class GMAC 6782 + // extends BaseMac 6783 + // { 6784 + // public GMAC() 6785 + // { 6786 + // super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 6787 + // } 6788 + // } 6789 + // 6790 + // public static class Poly1305 6791 + // extends BaseMac 6792 + // { 6793 + // public Poly1305() 6794 + // { 6795 + // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 6796 + // } 6797 + // } 6798 + // 6799 + // public static class Poly1305KeyGen 6800 + // extends BaseKeyGenerator 6801 + // { 6802 + // public Poly1305KeyGen() 6803 + // { 6804 + // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 6805 + // } 6806 + // } 6807 + // END android-removed 6808 6809 /** 6810 * PBEWithSHAAndTwofish-CBC 6811 @@ -96,14 +106,16 @@ 6812 } 6813 } 6814 6815 - public static class AlgParams 6816 - extends IvAlgorithmParameters 6817 - { 6818 - protected String engineToString() 6819 - { 6820 - return "Twofish IV"; 6821 - } 6822 - } 6823 + // BEGIN android-removed 6824 + // public static class AlgParams 6825 + // extends IvAlgorithmParameters 6826 + // { 6827 + // protected String engineToString() 6828 + // { 6829 + // return "Twofish IV"; 6830 + // } 6831 + // } 6832 + // END android-removed 6833 6834 public static class Mappings 6835 extends SymmetricAlgorithmProvider 6836 @@ -116,17 +128,21 @@ 6837 6838 public void configure(ConfigurableProvider provider) 6839 { 6840 - provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 6841 - provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 6842 - provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 6843 + // BEGIN android-removed 6844 + // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 6845 + // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 6846 + // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 6847 + // END android-removed 6848 6849 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 6850 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 6851 provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA"); 6852 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory"); 6853 6854 - addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 6855 - addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 6856 + // BEGIN android-removed 6857 + // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 6858 + // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 6859 + // END android-removed 6860 } 6861 } 6862 } 6863 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 6864 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-03-01 12:03:02.000000000 +0000 6865 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-04-09 13:10:16.000000000 +0000 6866 @@ -20,8 +20,10 @@ 6867 import javax.crypto.ShortBufferException; 6868 import javax.crypto.spec.IvParameterSpec; 6869 import javax.crypto.spec.PBEParameterSpec; 6870 -import javax.crypto.spec.RC2ParameterSpec; 6871 -import javax.crypto.spec.RC5ParameterSpec; 6872 +// BEGIN android-removed 6873 +// import javax.crypto.spec.RC2ParameterSpec; 6874 +// import javax.crypto.spec.RC5ParameterSpec; 6875 +// END android-removed 6876 6877 import org.bouncycastle.asn1.cms.GCMParameters; 6878 import org.bouncycastle.crypto.BlockCipher; 6879 @@ -35,14 +37,20 @@ 6880 import org.bouncycastle.crypto.modes.CCMBlockCipher; 6881 import org.bouncycastle.crypto.modes.CFBBlockCipher; 6882 import org.bouncycastle.crypto.modes.CTSBlockCipher; 6883 -import org.bouncycastle.crypto.modes.EAXBlockCipher; 6884 -import org.bouncycastle.crypto.modes.GCFBBlockCipher; 6885 +// BEGIN android-removed 6886 +// import org.bouncycastle.crypto.modes.EAXBlockCipher; 6887 +// import org.bouncycastle.crypto.modes.GCFBBlockCipher; 6888 +// END android-removed 6889 import org.bouncycastle.crypto.modes.GCMBlockCipher; 6890 -import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6891 -import org.bouncycastle.crypto.modes.OCBBlockCipher; 6892 +// BEGIN android-removed 6893 +// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6894 +// import org.bouncycastle.crypto.modes.OCBBlockCipher; 6895 +// END android-removed 6896 import org.bouncycastle.crypto.modes.OFBBlockCipher; 6897 -import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6898 -import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6899 +// BEGIN android-removed 6900 +// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6901 +// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6902 +// END android-removed 6903 import org.bouncycastle.crypto.modes.SICBlockCipher; 6904 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 6905 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 6906 @@ -55,11 +63,15 @@ 6907 import org.bouncycastle.crypto.params.KeyParameter; 6908 import org.bouncycastle.crypto.params.ParametersWithIV; 6909 import org.bouncycastle.crypto.params.ParametersWithRandom; 6910 -import org.bouncycastle.crypto.params.ParametersWithSBox; 6911 +// BEGIN android-removed 6912 +// import org.bouncycastle.crypto.params.ParametersWithSBox; 6913 +// END android-removed 6914 import org.bouncycastle.crypto.params.RC2Parameters; 6915 -import org.bouncycastle.crypto.params.RC5Parameters; 6916 -import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 6917 -import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 6918 +// BEGIN android-removed 6919 +// import org.bouncycastle.crypto.params.RC5Parameters; 6920 +// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 6921 +// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 6922 +// END android-removed 6923 import org.bouncycastle.jce.provider.BouncyCastleProvider; 6924 import org.bouncycastle.util.Strings; 6925 6926 @@ -74,11 +86,15 @@ 6927 // 6928 private Class[] availableSpecs = 6929 { 6930 - RC2ParameterSpec.class, 6931 - RC5ParameterSpec.class, 6932 + // BEGIN android-removed 6933 + // RC2ParameterSpec.class, 6934 + // RC5ParameterSpec.class, 6935 + // END android-removed 6936 IvParameterSpec.class, 6937 PBEParameterSpec.class, 6938 - GOST28147ParameterSpec.class, 6939 + // BEGIN android-removed 6940 + // GOST28147ParameterSpec.class, 6941 + // END android-removed 6942 gcmSpecClass 6943 }; 6944 6945 @@ -284,48 +300,52 @@ 6946 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 6947 } 6948 } 6949 - else if (modeName.startsWith("PGP")) 6950 - { 6951 - boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6952 - 6953 - ivLength = baseEngine.getBlockSize(); 6954 - cipher = new BufferedGenericBlockCipher( 6955 - new PGPCFBBlockCipher(baseEngine, inlineIV)); 6956 - } 6957 - else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6958 - { 6959 - ivLength = 0; 6960 - cipher = new BufferedGenericBlockCipher( 6961 - new OpenPGPCFBBlockCipher(baseEngine)); 6962 - } 6963 - else if (modeName.startsWith("SIC")) 6964 - { 6965 - ivLength = baseEngine.getBlockSize(); 6966 - if (ivLength < 16) 6967 - { 6968 - throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6969 - } 6970 - cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6971 - new SICBlockCipher(baseEngine))); 6972 - } 6973 + // BEGIN android-removed 6974 + // else if (modeName.startsWith("PGP")) 6975 + // { 6976 + // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6977 + // 6978 + // ivLength = baseEngine.getBlockSize(); 6979 + // cipher = new BufferedGenericBlockCipher( 6980 + // new PGPCFBBlockCipher(baseEngine, inlineIV)); 6981 + // } 6982 + // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6983 + // { 6984 + // ivLength = 0; 6985 + // cipher = new BufferedGenericBlockCipher( 6986 + // new OpenPGPCFBBlockCipher(baseEngine)); 6987 + // } 6988 + // else if (modeName.startsWith("SIC")) 6989 + // { 6990 + // ivLength = baseEngine.getBlockSize(); 6991 + // if (ivLength < 16) 6992 + // { 6993 + // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6994 + // } 6995 + // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6996 + // new SICBlockCipher(baseEngine))); 6997 + // } 6998 + // END android-removed 6999 else if (modeName.startsWith("CTR")) 7000 { 7001 ivLength = baseEngine.getBlockSize(); 7002 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7003 new SICBlockCipher(baseEngine))); 7004 } 7005 - else if (modeName.startsWith("GOFB")) 7006 - { 7007 - ivLength = baseEngine.getBlockSize(); 7008 - cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7009 - new GOFBBlockCipher(baseEngine))); 7010 - } 7011 - else if (modeName.startsWith("GCFB")) 7012 - { 7013 - ivLength = baseEngine.getBlockSize(); 7014 - cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7015 - new GCFBBlockCipher(baseEngine))); 7016 - } 7017 + // BEGIN android-removed 7018 + // else if (modeName.startsWith("GOFB")) 7019 + // { 7020 + // ivLength = baseEngine.getBlockSize(); 7021 + // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7022 + // new GOFBBlockCipher(baseEngine))); 7023 + // } 7024 + // else if (modeName.startsWith("GCFB")) 7025 + // { 7026 + // ivLength = baseEngine.getBlockSize(); 7027 + // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 7028 + // new GCFBBlockCipher(baseEngine))); 7029 + // } 7030 + // END android-removed 7031 else if (modeName.startsWith("CTS")) 7032 { 7033 ivLength = baseEngine.getBlockSize(); 7034 @@ -336,26 +356,28 @@ 7035 ivLength = 13; // CCM nonce 7..13 bytes 7036 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 7037 } 7038 - else if (modeName.startsWith("OCB")) 7039 - { 7040 - if (engineProvider != null) 7041 - { 7042 - /* 7043 - * RFC 7253 4.2. Nonce is a string of no more than 120 bits 7044 - */ 7045 - ivLength = 15; 7046 - cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 7047 - } 7048 - else 7049 - { 7050 - throw new NoSuchAlgorithmException("can't support mode " + mode); 7051 - } 7052 - } 7053 - else if (modeName.startsWith("EAX")) 7054 - { 7055 - ivLength = baseEngine.getBlockSize(); 7056 - cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 7057 - } 7058 + // BEGIN android-removed 7059 + // else if (modeName.startsWith("OCB")) 7060 + // { 7061 + // if (engineProvider != null) 7062 + // { 7063 + // /* 7064 + // * RFC 7253 4.2. Nonce is a string of no more than 120 bits 7065 + // */ 7066 + // ivLength = 15; 7067 + // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 7068 + // } 7069 + // else 7070 + // { 7071 + // throw new NoSuchAlgorithmException("can't support mode " + mode); 7072 + // } 7073 + // } 7074 + // else if (modeName.startsWith("EAX")) 7075 + // { 7076 + // ivLength = baseEngine.getBlockSize(); 7077 + // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 7078 + // } 7079 + // END android-removed 7080 else if (modeName.startsWith("GCM")) 7081 { 7082 ivLength = baseEngine.getBlockSize(); 7083 @@ -478,18 +500,20 @@ 7084 7085 param = new ParametersWithIV(param, iv.getIV()); 7086 } 7087 - else if (params instanceof GOST28147ParameterSpec) 7088 - { 7089 - // need to pick up IV and SBox. 7090 - GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7091 - 7092 - param = new ParametersWithSBox(param, gost28147Param.getSbox()); 7093 - 7094 - if (gost28147Param.getIV() != null && ivLength != 0) 7095 - { 7096 - param = new ParametersWithIV(param, gost28147Param.getIV()); 7097 - } 7098 - } 7099 + // BEGIN android-removed 7100 + // else if (params instanceof GOST28147ParameterSpec) 7101 + // { 7102 + // // need to pick up IV and SBox. 7103 + // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7104 + // 7105 + // param = new ParametersWithSBox(param, gost28147Param.getSbox()); 7106 + // 7107 + // if (gost28147Param.getIV() != null && ivLength != 0) 7108 + // { 7109 + // param = new ParametersWithIV(param, gost28147Param.getIV()); 7110 + // } 7111 + // } 7112 + // END android-removed 7113 } 7114 else if (params instanceof PBEParameterSpec) 7115 { 7116 @@ -521,12 +545,14 @@ 7117 throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long."); 7118 } 7119 7120 - if (key instanceof RepeatedSecretKeySpec) 7121 - { 7122 - param = new ParametersWithIV(null, p.getIV()); 7123 - ivParam = (ParametersWithIV)param; 7124 - } 7125 - else 7126 + // BEGIN android-removed 7127 + // if (key instanceof RepeatedSecretKeySpec) 7128 + // { 7129 + // param = new ParametersWithIV(null, p.getIV()); 7130 + // ivParam = (ParametersWithIV)param; 7131 + // } 7132 + // else 7133 + // END android-removed 7134 { 7135 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), p.getIV()); 7136 ivParam = (ParametersWithIV)param; 7137 @@ -542,63 +568,65 @@ 7138 param = new KeyParameter(key.getEncoded()); 7139 } 7140 } 7141 - else if (params instanceof GOST28147ParameterSpec) 7142 - { 7143 - GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7144 - 7145 - param = new ParametersWithSBox( 7146 - new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7147 - 7148 - if (gost28147Param.getIV() != null && ivLength != 0) 7149 - { 7150 - param = new ParametersWithIV(param, gost28147Param.getIV()); 7151 - ivParam = (ParametersWithIV)param; 7152 - } 7153 - } 7154 - else if (params instanceof RC2ParameterSpec) 7155 - { 7156 - RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7157 - 7158 - param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7159 - 7160 - if (rc2Param.getIV() != null && ivLength != 0) 7161 - { 7162 - param = new ParametersWithIV(param, rc2Param.getIV()); 7163 - ivParam = (ParametersWithIV)param; 7164 - } 7165 - } 7166 - else if (params instanceof RC5ParameterSpec) 7167 - { 7168 - RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7169 - 7170 - param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7171 - if (baseEngine.getAlgorithmName().startsWith("RC5")) 7172 - { 7173 - if (baseEngine.getAlgorithmName().equals("RC5-32")) 7174 - { 7175 - if (rc5Param.getWordSize() != 32) 7176 - { 7177 - throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7178 - } 7179 - } 7180 - else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7181 - { 7182 - if (rc5Param.getWordSize() != 64) 7183 - { 7184 - throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7185 - } 7186 - } 7187 - } 7188 - else 7189 - { 7190 - throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7191 - } 7192 - if ((rc5Param.getIV() != null) && (ivLength != 0)) 7193 - { 7194 - param = new ParametersWithIV(param, rc5Param.getIV()); 7195 - ivParam = (ParametersWithIV)param; 7196 - } 7197 - } 7198 + // BEGIN android-removed 7199 + // else if (params instanceof GOST28147ParameterSpec) 7200 + // { 7201 + // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7202 + // 7203 + // param = new ParametersWithSBox( 7204 + // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7205 + // 7206 + // if (gost28147Param.getIV() != null && ivLength != 0) 7207 + // { 7208 + // param = new ParametersWithIV(param, gost28147Param.getIV()); 7209 + // ivParam = (ParametersWithIV)param; 7210 + // } 7211 + // } 7212 + // else if (params instanceof RC2ParameterSpec) 7213 + // { 7214 + // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7215 + // 7216 + // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7217 + // 7218 + // if (rc2Param.getIV() != null && ivLength != 0) 7219 + // { 7220 + // param = new ParametersWithIV(param, rc2Param.getIV()); 7221 + // ivParam = (ParametersWithIV)param; 7222 + // } 7223 + // } 7224 + // else if (params instanceof RC5ParameterSpec) 7225 + // { 7226 + // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7227 + // 7228 + // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7229 + // if (baseEngine.getAlgorithmName().startsWith("RC5")) 7230 + // { 7231 + // if (baseEngine.getAlgorithmName().equals("RC5-32")) 7232 + // { 7233 + // if (rc5Param.getWordSize() != 32) 7234 + // { 7235 + // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7236 + // } 7237 + // } 7238 + // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7239 + // { 7240 + // if (rc5Param.getWordSize() != 64) 7241 + // { 7242 + // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7243 + // } 7244 + // } 7245 + // } 7246 + // else 7247 + // { 7248 + // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7249 + // } 7250 + // if ((rc5Param.getIV() != null) && (ivLength != 0)) 7251 + // { 7252 + // param = new ParametersWithIV(param, rc5Param.getIV()); 7253 + // ivParam = (ParametersWithIV)param; 7254 + // } 7255 + // } 7256 + // END android-removed 7257 else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) 7258 { 7259 if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) 7260 @@ -611,11 +639,13 @@ 7261 Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]); 7262 Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]); 7263 7264 - if (key instanceof RepeatedSecretKeySpec) 7265 - { 7266 - param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7267 - } 7268 - else 7269 + // BEGIN android-removed 7270 + // if (key instanceof RepeatedSecretKeySpec) 7271 + // { 7272 + // param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7273 + // } 7274 + // else 7275 + // END android-removed 7276 { 7277 param = aeadParams = new AEADParameters(new KeyParameter(key.getEncoded()), ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7278 } 7279 @@ -867,7 +897,9 @@ 7280 private boolean isAEADModeName( 7281 String modeName) 7282 { 7283 - return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName); 7284 + // BEGIN android-changed 7285 + return "CCM".equals(modeName) || "GCM".equals(modeName); 7286 + // END android-changed 7287 } 7288 7289 /* 7290 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 7291 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2015-03-01 12:03:02.000000000 +0000 7292 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-12-12 00:35:05.000000000 +0000 7293 @@ -16,8 +16,10 @@ 7294 import org.bouncycastle.crypto.Mac; 7295 import org.bouncycastle.crypto.params.KeyParameter; 7296 import org.bouncycastle.crypto.params.ParametersWithIV; 7297 -import org.bouncycastle.crypto.params.SkeinParameters; 7298 -import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 7299 +// BEGIN android-removed 7300 +// import org.bouncycastle.crypto.params.SkeinParameters; 7301 +// import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 7302 +// END android-removed 7303 7304 public class BaseMac 7305 extends MacSpi implements PBE 7306 @@ -79,10 +81,12 @@ 7307 { 7308 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV()); 7309 } 7310 - else if (params instanceof SkeinParameterSpec) 7311 - { 7312 - param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 7313 - } 7314 + // BEGIN android-removed 7315 + // else if (params instanceof SkeinParameterSpec) 7316 + // { 7317 + // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 7318 + // } 7319 + // END android-removed 7320 else if (params == null) 7321 { 7322 param = new KeyParameter(key.getEncoded()); 7323 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 7324 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-03-01 12:03:02.000000000 +0000 7325 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-04-09 13:10:16.000000000 +0000 7326 @@ -15,8 +15,10 @@ 7327 import javax.crypto.ShortBufferException; 7328 import javax.crypto.spec.IvParameterSpec; 7329 import javax.crypto.spec.PBEParameterSpec; 7330 -import javax.crypto.spec.RC2ParameterSpec; 7331 -import javax.crypto.spec.RC5ParameterSpec; 7332 +// BEGIN android-removed 7333 +// import javax.crypto.spec.RC2ParameterSpec; 7334 +// import javax.crypto.spec.RC5ParameterSpec; 7335 +// END android-removed 7336 7337 import org.bouncycastle.crypto.CipherParameters; 7338 import org.bouncycastle.crypto.DataLengthException; 7339 @@ -34,8 +36,10 @@ 7340 // 7341 private Class[] availableSpecs = 7342 { 7343 - RC2ParameterSpec.class, 7344 - RC5ParameterSpec.class, 7345 + // BEGIN android-removed 7346 + // RC2ParameterSpec.class, 7347 + // RC5ParameterSpec.class, 7348 + // END android-removed 7349 IvParameterSpec.class, 7350 PBEParameterSpec.class 7351 }; 7352 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 7353 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-03-01 12:03:02.000000000 +0000 7354 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-04-09 13:10:16.000000000 +0000 7355 @@ -24,8 +24,10 @@ 7356 import javax.crypto.ShortBufferException; 7357 import javax.crypto.spec.IvParameterSpec; 7358 import javax.crypto.spec.PBEParameterSpec; 7359 -import javax.crypto.spec.RC2ParameterSpec; 7360 -import javax.crypto.spec.RC5ParameterSpec; 7361 +// BEGIN android-removed 7362 +// import javax.crypto.spec.RC2ParameterSpec; 7363 +// import javax.crypto.spec.RC5ParameterSpec; 7364 +// END android-removed 7365 import javax.crypto.spec.SecretKeySpec; 7366 7367 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 7368 @@ -50,8 +52,10 @@ 7369 { 7370 IvParameterSpec.class, 7371 PBEParameterSpec.class, 7372 - RC2ParameterSpec.class, 7373 - RC5ParameterSpec.class 7374 + // BEGIN android-removed 7375 + // RC2ParameterSpec.class, 7376 + // RC5ParameterSpec.class 7377 + // END android-removed 7378 }; 7379 7380 protected int pbeType = PKCS12; 7381 @@ -276,6 +280,8 @@ 7382 return null; 7383 } 7384 7385 + // BEGIN android-changed 7386 + // added ShortBufferException to throws statement 7387 protected int engineDoFinal( 7388 byte[] input, 7389 int inputOffset, 7390 @@ -286,6 +292,7 @@ 7391 { 7392 return 0; 7393 } 7394 + // END android-changed 7395 7396 protected byte[] engineWrap( 7397 Key key) 7398 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 7399 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2015-03-01 12:03:02.000000000 +0000 7400 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-12-12 00:35:05.000000000 +0000 7401 @@ -7,13 +7,18 @@ 7402 7403 import org.bouncycastle.crypto.CipherParameters; 7404 import org.bouncycastle.crypto.PBEParametersGenerator; 7405 -import org.bouncycastle.crypto.digests.GOST3411Digest; 7406 -import org.bouncycastle.crypto.digests.MD2Digest; 7407 -import org.bouncycastle.crypto.digests.MD5Digest; 7408 -import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7409 -import org.bouncycastle.crypto.digests.SHA1Digest; 7410 -import org.bouncycastle.crypto.digests.SHA256Digest; 7411 -import org.bouncycastle.crypto.digests.TigerDigest; 7412 +// BEGIN android-removed 7413 +// import org.bouncycastle.crypto.digests.GOST3411Digest; 7414 +// import org.bouncycastle.crypto.digests.MD2Digest; 7415 +// import org.bouncycastle.crypto.digests.MD5Digest; 7416 +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7417 +// import org.bouncycastle.crypto.digests.SHA1Digest; 7418 +// import org.bouncycastle.crypto.digests.SHA256Digest; 7419 +// import org.bouncycastle.crypto.digests.TigerDigest; 7420 +// END android-removed 7421 +// BEGIN android-added 7422 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7423 +// END android-added 7424 import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; 7425 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 7426 import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; 7427 @@ -29,11 +34,15 @@ 7428 // 7429 static final int MD5 = 0; 7430 static final int SHA1 = 1; 7431 - static final int RIPEMD160 = 2; 7432 - static final int TIGER = 3; 7433 + // BEGIN android-removed 7434 + // static final int RIPEMD160 = 2; 7435 + // static final int TIGER = 3; 7436 + // END android-removed 7437 static final int SHA256 = 4; 7438 - static final int MD2 = 5; 7439 - static final int GOST3411 = 6; 7440 + // BEGIN android-removed 7441 + // static final int MD2 = 5; 7442 + // static final int GOST3411 = 6; 7443 + // END android-removed 7444 7445 static final int PKCS5S1 = 0; 7446 static final int PKCS5S2 = 1; 7447 @@ -57,14 +66,20 @@ 7448 { 7449 switch (hash) 7450 { 7451 - case MD2: 7452 - generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 7453 - break; 7454 + // BEGIN android-removed 7455 + // case MD2: 7456 + // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 7457 + // break; 7458 + // END android-removed 7459 case MD5: 7460 - generator = new PKCS5S1ParametersGenerator(new MD5Digest()); 7461 + // BEGIN android-changed 7462 + generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); 7463 + // END android-changed 7464 break; 7465 case SHA1: 7466 - generator = new PKCS5S1ParametersGenerator(new SHA1Digest()); 7467 + // BEGIN android-changed 7468 + generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); 7469 + // END android-changed 7470 break; 7471 default: 7472 throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); 7473 @@ -74,27 +89,39 @@ 7474 { 7475 switch (hash) 7476 { 7477 - case MD2: 7478 - generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 7479 - break; 7480 + // BEGIN android-removed 7481 + // case MD2: 7482 + // generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 7483 + // break; 7484 + // END android-removed 7485 case MD5: 7486 - generator = new PKCS5S2ParametersGenerator(new MD5Digest()); 7487 + // BEGIN android-changed 7488 + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5()); 7489 + // END android-changed 7490 break; 7491 case SHA1: 7492 - generator = new PKCS5S2ParametersGenerator(new SHA1Digest()); 7493 - break; 7494 - case RIPEMD160: 7495 - generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 7496 - break; 7497 - case TIGER: 7498 - generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 7499 - break; 7500 + // BEGIN android-changed 7501 + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1()); 7502 + // END android-changed 7503 + break; 7504 + // BEGIN android-removed 7505 + // case RIPEMD160: 7506 + // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 7507 + // break; 7508 + // case TIGER: 7509 + // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 7510 + // break; 7511 + // END android-removed 7512 case SHA256: 7513 - generator = new PKCS5S2ParametersGenerator(new SHA256Digest()); 7514 - break; 7515 - case GOST3411: 7516 - generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 7517 - break; 7518 + // BEGIN android-changed 7519 + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); 7520 + // END android-changed 7521 + break; 7522 + // BEGIN android-removed 7523 + // case GOST3411: 7524 + // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 7525 + // break; 7526 + // END android-removed 7527 default: 7528 throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption."); 7529 } 7530 @@ -103,27 +130,39 @@ 7531 { 7532 switch (hash) 7533 { 7534 - case MD2: 7535 - generator = new PKCS12ParametersGenerator(new MD2Digest()); 7536 - break; 7537 + // BEGIN android-removed 7538 + // case MD2: 7539 + // generator = new PKCS12ParametersGenerator(new MD2Digest()); 7540 + // break; 7541 + // END android-removed 7542 case MD5: 7543 - generator = new PKCS12ParametersGenerator(new MD5Digest()); 7544 + // BEGIN android-changed 7545 + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); 7546 + // END android-changed 7547 break; 7548 case SHA1: 7549 - generator = new PKCS12ParametersGenerator(new SHA1Digest()); 7550 - break; 7551 - case RIPEMD160: 7552 - generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 7553 - break; 7554 - case TIGER: 7555 - generator = new PKCS12ParametersGenerator(new TigerDigest()); 7556 - break; 7557 + // BEGIN android-changed 7558 + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 7559 + // END android-changed 7560 + break; 7561 + // BEGIN android-removed 7562 + // case RIPEMD160: 7563 + // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 7564 + // break; 7565 + // case TIGER: 7566 + // generator = new PKCS12ParametersGenerator(new TigerDigest()); 7567 + // break; 7568 + // END android-removed 7569 case SHA256: 7570 - generator = new PKCS12ParametersGenerator(new SHA256Digest()); 7571 - break; 7572 - case GOST3411: 7573 - generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 7574 - break; 7575 + // BEGIN android-changed 7576 + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); 7577 + // END android-changed 7578 + break; 7579 + // BEGIN android-removed 7580 + // case GOST3411: 7581 + // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 7582 + // break; 7583 + // END android-removed 7584 default: 7585 throw new IllegalStateException("unknown digest scheme for PBE encryption."); 7586 } 7587 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 7588 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2015-03-01 12:03:02.000000000 +0000 7589 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-09-26 18:06:21.000000000 +0000 7590 @@ -10,12 +10,17 @@ 7591 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7592 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7593 import org.bouncycastle.crypto.Digest; 7594 -import org.bouncycastle.crypto.digests.MD5Digest; 7595 -import org.bouncycastle.crypto.digests.SHA1Digest; 7596 -import org.bouncycastle.crypto.digests.SHA224Digest; 7597 -import org.bouncycastle.crypto.digests.SHA256Digest; 7598 -import org.bouncycastle.crypto.digests.SHA384Digest; 7599 -import org.bouncycastle.crypto.digests.SHA512Digest; 7600 +// BEGIN android-removed 7601 +// import org.bouncycastle.crypto.digests.MD5Digest; 7602 +// import org.bouncycastle.crypto.digests.SHA1Digest; 7603 +// import org.bouncycastle.crypto.digests.SHA224Digest; 7604 +// import org.bouncycastle.crypto.digests.SHA256Digest; 7605 +// import org.bouncycastle.crypto.digests.SHA384Digest; 7606 +// import org.bouncycastle.crypto.digests.SHA512Digest; 7607 +// END android-removed 7608 +// BEGIN android-added 7609 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7610 +// END android-added 7611 import org.bouncycastle.util.Strings; 7612 7613 public class DigestFactory 7614 @@ -85,27 +90,39 @@ 7615 7616 if (sha1.contains(digestName)) 7617 { 7618 - return new SHA1Digest(); 7619 + // BEGIN android-changed 7620 + return AndroidDigestFactory.getSHA1(); 7621 + // END android-changed 7622 } 7623 if (md5.contains(digestName)) 7624 { 7625 - return new MD5Digest(); 7626 + // BEGIN android-changed 7627 + return AndroidDigestFactory.getMD5(); 7628 + // END android-changed 7629 } 7630 if (sha224.contains(digestName)) 7631 { 7632 - return new SHA224Digest(); 7633 + // BEGIN android-changed 7634 + return AndroidDigestFactory.getSHA224(); 7635 + // END android-changed 7636 } 7637 if (sha256.contains(digestName)) 7638 { 7639 - return new SHA256Digest(); 7640 + // BEGIN android-changed 7641 + return AndroidDigestFactory.getSHA256(); 7642 + // END android-changed 7643 } 7644 if (sha384.contains(digestName)) 7645 { 7646 - return new SHA384Digest(); 7647 + // BEGIN android-changed 7648 + return AndroidDigestFactory.getSHA384(); 7649 + // END android-changed 7650 } 7651 if (sha512.contains(digestName)) 7652 { 7653 - return new SHA512Digest(); 7654 + // BEGIN android-changed 7655 + return AndroidDigestFactory.getSHA512(); 7656 + // END android-changed 7657 } 7658 7659 return null; 7660 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 7661 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java 2015-03-01 12:03:02.000000000 +0000 7662 +++ bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 2014-07-28 19:51:54.000000000 +0000 7663 @@ -6,11 +6,15 @@ 7664 import org.bouncycastle.asn1.ASN1Encodable; 7665 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 7666 import org.bouncycastle.asn1.ASN1Primitive; 7667 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7668 +// BEGIN android-removed 7669 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7670 +// END android-removed 7671 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 7672 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7673 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7674 -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7675 +// BEGIN android-removed 7676 +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7677 +// END android-removed 7678 7679 /** 7680 * General JCA/JCE utility methods. 7681 @@ -100,22 +104,24 @@ 7682 { 7683 return "SHA512"; 7684 } 7685 - else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7686 - { 7687 - return "RIPEMD128"; 7688 - } 7689 - else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7690 - { 7691 - return "RIPEMD160"; 7692 - } 7693 - else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7694 - { 7695 - return "RIPEMD256"; 7696 - } 7697 - else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7698 - { 7699 - return "GOST3411"; 7700 - } 7701 + // BEGIN android-removed 7702 + // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7703 + // { 7704 + // return "RIPEMD128"; 7705 + // } 7706 + // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7707 + // { 7708 + // return "RIPEMD160"; 7709 + // } 7710 + // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7711 + // { 7712 + // return "RIPEMD256"; 7713 + // } 7714 + // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7715 + // { 7716 + // return "GOST3411"; 7717 + // } 7718 + // END android-removed 7719 else 7720 { 7721 return digestAlgOID.getId(); 7722 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 7723 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2015-03-01 12:03:02.000000000 +0000 7724 +++ bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 2014-07-28 19:51:54.000000000 +0000 7725 @@ -30,14 +30,18 @@ 7726 import org.bouncycastle.asn1.ASN1Set; 7727 import org.bouncycastle.asn1.DERBitString; 7728 import org.bouncycastle.asn1.DERNull; 7729 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7730 +// BEGIN android-removed 7731 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7732 +// END android-removed 7733 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 7734 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7735 import org.bouncycastle.asn1.pkcs.CertificationRequest; 7736 import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; 7737 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7738 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 7739 -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7740 +// BEGIN android-removed 7741 +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7742 +// END android-removed 7743 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7744 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 7745 import org.bouncycastle.asn1.x509.X509Name; 7746 @@ -81,8 +85,11 @@ 7747 7748 static 7749 { 7750 - algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7751 - algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7752 + // BEGIN android-removed 7753 + // Dropping MD2 7754 + // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7755 + // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7756 + // END android-removed 7757 algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7758 algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7759 algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7760 @@ -102,12 +109,14 @@ 7761 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 7762 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 7763 algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5")); 7764 - algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7765 - algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7766 - algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7767 - algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7768 - algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7769 - algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7770 + // BEGIN android-removed 7771 + // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7772 + // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7773 + // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7774 + // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7775 + // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7776 + // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7777 + // END android-removed 7778 algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); 7779 algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); 7780 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 7781 @@ -120,11 +129,13 @@ 7782 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 7783 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 7784 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 7785 - algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7786 - algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7787 - algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7788 - algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7789 - algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7790 + // BEGIN android-removed 7791 + // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7792 + // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7793 + // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7794 + // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7795 + // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7796 + // END android-removed 7797 7798 // 7799 // reverse mappings 7800 @@ -134,11 +145,15 @@ 7801 oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); 7802 oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); 7803 oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); 7804 - oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 7805 - oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 7806 + // BEGIN android-removed 7807 + // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 7808 + // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 7809 + // END android-removed 7810 7811 oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); 7812 - oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 7813 + // BEGIN android-removed 7814 + // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 7815 + // END android-removed 7816 oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); 7817 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); 7818 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 7819 @@ -172,8 +187,10 @@ 7820 // 7821 // RFC 4491 7822 // 7823 - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7824 - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7825 + // BEGIN android-removed 7826 + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7827 + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7828 + // END android-removed 7829 // 7830 // explicit params 7831 // 7832 @@ -616,22 +633,24 @@ 7833 { 7834 return "SHA512"; 7835 } 7836 - else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7837 - { 7838 - return "RIPEMD128"; 7839 - } 7840 - else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7841 - { 7842 - return "RIPEMD160"; 7843 - } 7844 - else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7845 - { 7846 - return "RIPEMD256"; 7847 - } 7848 - else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7849 - { 7850 - return "GOST3411"; 7851 - } 7852 + // BEGIN android-removed 7853 + // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7854 + // { 7855 + // return "RIPEMD128"; 7856 + // } 7857 + // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7858 + // { 7859 + // return "RIPEMD160"; 7860 + // } 7861 + // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7862 + // { 7863 + // return "RIPEMD256"; 7864 + // } 7865 + // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7866 + // { 7867 + // return "GOST3411"; 7868 + // } 7869 + // END android-removed 7870 else 7871 { 7872 return digestAlgOID.getId(); 7873 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 7874 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-03-01 12:03:02.000000000 +0000 7875 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-04-09 13:10:16.000000000 +0000 7876 @@ -64,15 +64,22 @@ 7877 7878 private static final String[] SYMMETRIC_MACS = 7879 { 7880 - "SipHash" 7881 + // BEGIN android-removed 7882 + // "SipHash" 7883 + // END android-removed 7884 }; 7885 7886 private static final String[] SYMMETRIC_CIPHERS = 7887 { 7888 - "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 7889 - "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 7890 - "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 7891 - "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 7892 + // BEGIN android-removed 7893 + // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 7894 + // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 7895 + // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 7896 + // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 7897 + // END android-removed 7898 + // BEGIN android-added 7899 + "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish", 7900 + // END android-added 7901 }; 7902 7903 /* 7904 @@ -84,12 +91,22 @@ 7905 // later ones configure it. 7906 private static final String[] ASYMMETRIC_GENERIC = 7907 { 7908 - "X509", "IES" 7909 + // BEGIN android-removed 7910 + // "X509", "IES" 7911 + // END android-removed 7912 + // BEGIN android-added 7913 + "X509" 7914 + // END android-added 7915 }; 7916 7917 private static final String[] ASYMMETRIC_CIPHERS = 7918 { 7919 - "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 7920 + // BEGIN android-removed 7921 + // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 7922 + // END android-removed 7923 + // BEGIN android-added 7924 + "DSA", "DH", "EC", "RSA", 7925 + // END android-added 7926 }; 7927 7928 /* 7929 @@ -98,7 +115,12 @@ 7930 private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; 7931 private static final String[] DIGESTS = 7932 { 7933 - "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 7934 + // BEGIN android-removed 7935 + // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 7936 + // END android-removed 7937 + // BEGIN android-added 7938 + "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", 7939 + // END android-added 7940 }; 7941 7942 /* 7943 @@ -145,48 +167,52 @@ 7944 7945 loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES); 7946 7947 - // 7948 - // X509Store 7949 - // 7950 - put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 7951 - put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 7952 - put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 7953 - put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 7954 - 7955 - put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 7956 - put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 7957 - put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 7958 - put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 7959 - 7960 - // 7961 - // X509StreamParser 7962 - // 7963 - put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 7964 - put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 7965 - put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 7966 - put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 7967 - 7968 - // 7969 - // cipher engines 7970 - // 7971 - put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 7972 - 7973 - put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 7974 - 7975 - 7976 - put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 7977 - 7978 - // Certification Path API 7979 - put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 7980 - put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 7981 - put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7982 - put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7983 + // BEGIN android-removed 7984 + // // 7985 + // // X509Store 7986 + // // 7987 + // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 7988 + // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 7989 + // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 7990 + // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 7991 + // 7992 + // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 7993 + // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 7994 + // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 7995 + // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 7996 + // 7997 + // // 7998 + // // X509StreamParser 7999 + // // 8000 + // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 8001 + // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 8002 + // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 8003 + // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 8004 + // 8005 + // // 8006 + // // cipher engines 8007 + // // 8008 + // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 8009 + // 8010 + // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 8011 + // 8012 + // 8013 + // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 8014 + // 8015 + // // Certification Path API 8016 + // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 8017 + // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 8018 + // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 8019 + // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 8020 + // END android-removed 8021 put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 8022 put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 8023 put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); 8024 - put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 8025 - put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 8026 - put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 8027 + // BEGIN android-removed 8028 + // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 8029 + // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 8030 + // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 8031 + // END android-removed 8032 } 8033 8034 private void loadAlgorithms(String packageName, String[] names) 8035 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 8036 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 8037 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 2015-06-10 22:51:41.000000000 +0000 8038 @@ -0,0 +1,233 @@ 8039 +/* 8040 + * Copyright (C) 2012 The Android Open Source Project 8041 + * 8042 + * Licensed under the Apache License, Version 2.0 (the "License"); 8043 + * you may not use this file except in compliance with the License. 8044 + * You may obtain a copy of the License at 8045 + * 8046 + * http://www.apache.org/licenses/LICENSE-2.0 8047 + * 8048 + * Unless required by applicable law or agreed to in writing, software 8049 + * distributed under the License is distributed on an "AS IS" BASIS, 8050 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 8051 + * See the License for the specific language governing permissions and 8052 + * limitations under the License. 8053 + */ 8054 + 8055 +package org.bouncycastle.jce.provider; 8056 + 8057 +import java.io.Closeable; 8058 +import java.io.ByteArrayOutputStream; 8059 +import java.io.FileNotFoundException; 8060 +import java.io.IOException; 8061 +import java.io.RandomAccessFile; 8062 +import java.math.BigInteger; 8063 +import java.security.PublicKey; 8064 +import java.util.Arrays; 8065 +import java.util.Collections; 8066 +import java.util.HashSet; 8067 +import java.util.Set; 8068 +import java.util.logging.Level; 8069 +import java.util.logging.Logger; 8070 +import org.bouncycastle.crypto.Digest; 8071 +import org.bouncycastle.crypto.digests.AndroidDigestFactory; 8072 +import org.bouncycastle.util.encoders.Hex; 8073 + 8074 +public class CertBlacklist { 8075 + private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName()); 8076 + 8077 + // public for testing 8078 + public final Set<BigInteger> serialBlacklist; 8079 + public final Set<byte[]> pubkeyBlacklist; 8080 + 8081 + public CertBlacklist() { 8082 + String androidData = System.getenv("ANDROID_DATA"); 8083 + String blacklistRoot = androidData + "/misc/keychain/"; 8084 + String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt"; 8085 + String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt"; 8086 + 8087 + pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath); 8088 + serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath); 8089 + } 8090 + 8091 + /** Test only interface, not for public use */ 8092 + public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) { 8093 + pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath); 8094 + serialBlacklist = readSerialBlackList(serialBlacklistPath); 8095 + } 8096 + 8097 + private static boolean isHex(String value) { 8098 + try { 8099 + new BigInteger(value, 16); 8100 + return true; 8101 + } catch (NumberFormatException e) { 8102 + logger.log(Level.WARNING, "Could not parse hex value " + value, e); 8103 + return false; 8104 + } 8105 + } 8106 + 8107 + private static boolean isPubkeyHash(String value) { 8108 + if (value.length() != 40) { 8109 + logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length()); 8110 + return false; 8111 + } 8112 + return isHex(value); 8113 + } 8114 + 8115 + private static String readBlacklist(String path) { 8116 + try { 8117 + return readFileAsString(path); 8118 + } catch (FileNotFoundException ignored) { 8119 + } catch (IOException e) { 8120 + logger.log(Level.WARNING, "Could not read blacklist", e); 8121 + } 8122 + return ""; 8123 + } 8124 + 8125 + // From IoUtils.readFileAsString 8126 + private static String readFileAsString(String path) throws IOException { 8127 + return readFileAsBytes(path).toString("UTF-8"); 8128 + } 8129 + 8130 + // Based on IoUtils.readFileAsBytes 8131 + private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException { 8132 + RandomAccessFile f = null; 8133 + try { 8134 + f = new RandomAccessFile(path, "r"); 8135 + ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length()); 8136 + byte[] buffer = new byte[8192]; 8137 + while (true) { 8138 + int byteCount = f.read(buffer); 8139 + if (byteCount == -1) { 8140 + return bytes; 8141 + } 8142 + bytes.write(buffer, 0, byteCount); 8143 + } 8144 + } finally { 8145 + closeQuietly(f); 8146 + } 8147 + } 8148 + 8149 + // Base on IoUtils.closeQuietly 8150 + private static void closeQuietly(Closeable closeable) { 8151 + if (closeable != null) { 8152 + try { 8153 + closeable.close(); 8154 + } catch (RuntimeException rethrown) { 8155 + throw rethrown; 8156 + } catch (Exception ignored) { 8157 + } 8158 + } 8159 + } 8160 + 8161 + private static final Set<BigInteger> readSerialBlackList(String path) { 8162 + 8163 + /* Start out with a base set of known bad values. 8164 + * 8165 + * WARNING: Do not add short serials to this list! 8166 + * 8167 + * Since this currently doesn't compare the serial + issuer, you 8168 + * should only add serials that have enough entropy here. Short 8169 + * serials may inadvertently match a certificate that was issued 8170 + * not in compliance with the Baseline Requirements. 8171 + */ 8172 + Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList( 8173 + // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup 8174 + // Not a real certificate. For testing only. 8175 + new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16), 8176 + new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16), 8177 + new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16), 8178 + new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16), 8179 + new BigInteger("9239d5348f40d1695a745470e1f23f43", 16), 8180 + new BigInteger("e9028b9578e415dc1a710a2b88154447", 16), 8181 + new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16), 8182 + new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16), 8183 + new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), 8184 + new BigInteger("3e75ced46b693021218830ae86a82a71", 16) 8185 + )); 8186 + 8187 + // attempt to augment it with values taken from gservices 8188 + String serialBlacklist = readBlacklist(path); 8189 + if (!serialBlacklist.equals("")) { 8190 + for(String value : serialBlacklist.split(",")) { 8191 + try { 8192 + bl.add(new BigInteger(value, 16)); 8193 + } catch (NumberFormatException e) { 8194 + logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e); 8195 + } 8196 + } 8197 + } 8198 + 8199 + // whether that succeeds or fails, send it on its merry way 8200 + return Collections.unmodifiableSet(bl); 8201 + } 8202 + 8203 + private static final Set<byte[]> readPublicKeyBlackList(String path) { 8204 + 8205 + // start out with a base set of known bad values 8206 + Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList( 8207 + // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 8208 + // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info (a] diginotar.nl 8209 + "410f36363258f30b347d12ce4863e433437806a8".getBytes(), 8210 + // Subject: CN=DigiNotar Cyber CA 8211 + // Issuer: CN=GTE CyberTrust Global Root 8212 + "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(), 8213 + // Subject: CN=DigiNotar Services 1024 CA 8214 + // Issuer: CN=Entrust.net 8215 + "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(), 8216 + // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 8217 + // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 8218 + "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(), 8219 + // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven 8220 + // Issuer: CN=Staat der Nederlanden Overheid CA 8221 + "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(), 8222 + // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479 8223 + // Subject: O=Digicert Sdn. Bhd. 8224 + // Issuer: CN=GTE CyberTrust Global Root 8225 + "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(), 8226 + // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti (a] kktcmerkezbankasi.org 8227 + // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 8228 + "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), 8229 + // Subject: CN=*.EGO.GOV.TR 93 8230 + // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 8231 + "783333c9687df63377efceddd82efa9101913e8e".getBytes(), 8232 + // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL 8233 + // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification 8234 + "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes() 8235 + )); 8236 + 8237 + // attempt to augment it with values taken from gservices 8238 + String pubkeyBlacklist = readBlacklist(path); 8239 + if (!pubkeyBlacklist.equals("")) { 8240 + for (String value : pubkeyBlacklist.split(",")) { 8241 + value = value.trim(); 8242 + if (isPubkeyHash(value)) { 8243 + bl.add(value.getBytes()); 8244 + } else { 8245 + logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value); 8246 + } 8247 + } 8248 + } 8249 + 8250 + return bl; 8251 + } 8252 + 8253 + public boolean isPublicKeyBlackListed(PublicKey publicKey) { 8254 + byte[] encoded = publicKey.getEncoded(); 8255 + Digest digest = AndroidDigestFactory.getSHA1(); 8256 + digest.update(encoded, 0, encoded.length); 8257 + byte[] out = new byte[digest.getDigestSize()]; 8258 + digest.doFinal(out, 0); 8259 + for (byte[] blacklisted : pubkeyBlacklist) { 8260 + if (Arrays.equals(blacklisted, Hex.encode(out))) { 8261 + return true; 8262 + } 8263 + } 8264 + return false; 8265 + } 8266 + 8267 + public boolean isSerialNumberBlackListed(BigInteger serial) { 8268 + return serialBlacklist.contains(serial); 8269 + } 8270 + 8271 +} 8272 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 8273 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-03-01 12:03:02.000000000 +0000 8274 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-04-09 13:10:16.000000000 +0000 8275 @@ -35,6 +35,7 @@ 8276 import java.util.List; 8277 import java.util.Map; 8278 import java.util.Set; 8279 +import javax.security.auth.x500.X500Principal; 8280 8281 import org.bouncycastle.asn1.ASN1Encodable; 8282 import org.bouncycastle.asn1.ASN1Enumerated; 8283 @@ -73,7 +74,9 @@ 8284 import org.bouncycastle.util.Store; 8285 import org.bouncycastle.util.StoreException; 8286 import org.bouncycastle.x509.X509AttributeCertificate; 8287 -import org.bouncycastle.x509.extension.X509ExtensionUtil; 8288 +// BEGIN android-removed 8289 +// import org.bouncycastle.x509.extension.X509ExtensionUtil; 8290 +// END android-removed 8291 8292 class CertPathValidatorUtilities 8293 { 8294 @@ -653,20 +656,22 @@ 8295 { 8296 Object obj = iter.next(); 8297 8298 - if (obj instanceof Store) 8299 - { 8300 - Store certStore = (Store)obj; 8301 - try 8302 - { 8303 - certs.addAll(certStore.getMatches(certSelect)); 8304 - } 8305 - catch (StoreException e) 8306 - { 8307 - throw new AnnotatedException( 8308 - "Problem while picking certificates from X.509 store.", e); 8309 - } 8310 - } 8311 - else 8312 + // BEGIN android-removed 8313 + // if (obj instanceof X509Store) 8314 + // { 8315 + // X509Store certStore = (X509Store)obj; 8316 + // try 8317 + // { 8318 + // certs.addAll(certStore.getMatches(certSelect)); 8319 + // } 8320 + // catch (StoreException e) 8321 + // { 8322 + // throw new AnnotatedException( 8323 + // "Problem while picking certificates from X.509 store.", e); 8324 + // } 8325 + // } 8326 + // else 8327 + // END android-removed 8328 { 8329 CertStore certStore = (CertStore)obj; 8330 8331 @@ -715,7 +720,14 @@ 8332 8333 for (int j = 0; j < genNames.length; j++) 8334 { 8335 - PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]); 8336 + // BEGIN android-removed 8337 + // PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]); 8338 + // END android-removed 8339 + // BEGIN android-added 8340 + // Seems like a bug, unless there should be a guarantee that j < i, 8341 + // However, it's breaking the tests. 8342 + PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]); 8343 + // END android-added 8344 if (store != null) 8345 { 8346 stores.add(store); 8347 @@ -888,8 +900,20 @@ 8348 { 8349 return; 8350 } 8351 - 8352 - X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded()); 8353 + // BEGIN android-removed 8354 + // X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded()); 8355 + // END android-removed 8356 + // BEGIN android-added 8357 + // The original code throws null pointer exception for OpenSSLX509CRL, 8358 + // which uses the implementation for getCertificateIssuer() in X509CRL, method 8359 + // whose reference implementation has the following JavaDoc: "If the certificate 8360 + // issuer is also the CRL issuer, this method returns null." 8361 + X500Name certIssuer = null; 8362 + X500Principal certificateIssuerPrincipal = crl_entry.getCertificateIssuer(); 8363 + if (certificateIssuerPrincipal != null) { 8364 + certIssuer = X500Name.getInstance(certificateIssuerPrincipal.getEncoded()); 8365 + } 8366 + // END android-added 8367 8368 if (certIssuer == null) 8369 { 8370 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 8371 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2015-03-01 12:03:02.000000000 +0000 8372 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2014-07-28 19:51:54.000000000 +0000 8373 @@ -19,8 +19,10 @@ 8374 import org.bouncycastle.asn1.ASN1Sequence; 8375 import org.bouncycastle.asn1.DERBitString; 8376 import org.bouncycastle.asn1.DERNull; 8377 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8378 -import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8379 +// BEGIN android-removed 8380 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8381 +// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8382 +// END android-removed 8383 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 8384 import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; 8385 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8386 @@ -202,21 +204,23 @@ 8387 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 8388 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 8389 8390 - if (ecP == null) // GOST Curve 8391 - { 8392 - ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 8393 - EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 8394 - 8395 - ecSpec = new ECNamedCurveSpec( 8396 - ECGOST3410NamedCurves.getName(oid), 8397 - ellipticCurve, 8398 - new ECPoint( 8399 - gParam.getG().getAffineXCoord().toBigInteger(), 8400 - gParam.getG().getAffineYCoord().toBigInteger()), 8401 - gParam.getN(), 8402 - gParam.getH()); 8403 - } 8404 - else 8405 + // BEGIN android-removed 8406 + // if (ecP == null) // GOST Curve 8407 + // { 8408 + // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 8409 + // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 8410 + // 8411 + // ecSpec = new ECNamedCurveSpec( 8412 + // ECGOST3410NamedCurves.getName(oid), 8413 + // ellipticCurve, 8414 + // new ECPoint( 8415 + // gParam.getG().getAffineXCoord().toBigInteger(), 8416 + // gParam.getG().getAffineYCoord().toBigInteger()), 8417 + // gParam.getN(), 8418 + // gParam.getH()); 8419 + // } 8420 + // else 8421 + // END android-removed 8422 { 8423 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 8424 8425 @@ -330,11 +334,13 @@ 8426 8427 try 8428 { 8429 - if (algorithm.equals("ECGOST3410")) 8430 - { 8431 - info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8432 - } 8433 - else 8434 + // BEGIN android-removed 8435 + // if (algorithm.equals("ECGOST3410")) 8436 + // { 8437 + // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8438 + // } 8439 + // else 8440 + // END android-removed 8441 { 8442 8443 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8444 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 8445 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2015-03-01 12:03:02.000000000 +0000 8446 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 2014-07-28 19:51:54.000000000 +0000 8447 @@ -18,9 +18,11 @@ 8448 import org.bouncycastle.asn1.DERBitString; 8449 import org.bouncycastle.asn1.DERNull; 8450 import org.bouncycastle.asn1.DEROctetString; 8451 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8452 -import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8453 -import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 8454 +// BEGIN android-removed 8455 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8456 +// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8457 +// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 8458 +// END android-removed 8459 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8460 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 8461 import org.bouncycastle.asn1.x9.X962Parameters; 8462 @@ -33,9 +35,13 @@ 8463 import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; 8464 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 8465 import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; 8466 -import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 8467 +// BEGIN android-removed 8468 +// import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 8469 +// END android-removed 8470 import org.bouncycastle.jce.interfaces.ECPointEncoder; 8471 -import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 8472 +// BEGIN android-removed 8473 +// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 8474 +// END android-removed 8475 import org.bouncycastle.jce.spec.ECNamedCurveSpec; 8476 import org.bouncycastle.math.ec.ECCurve; 8477 import org.bouncycastle.math.ec.custom.sec.SecP256K1Point; 8478 @@ -48,7 +54,9 @@ 8479 private org.bouncycastle.math.ec.ECPoint q; 8480 private ECParameterSpec ecSpec; 8481 private boolean withCompression; 8482 - private GOST3410PublicKeyAlgParameters gostParams; 8483 + // BEGIN android-removed 8484 + // private GOST3410PublicKeyAlgParameters gostParams; 8485 + // END android-removed 8486 8487 public JCEECPublicKey( 8488 String algorithm, 8489 @@ -58,7 +66,9 @@ 8490 this.q = key.q; 8491 this.ecSpec = key.ecSpec; 8492 this.withCompression = key.withCompression; 8493 - this.gostParams = key.gostParams; 8494 + // BEGIN android-removed 8495 + // this.gostParams = key.gostParams; 8496 + // END android-removed 8497 } 8498 8499 public JCEECPublicKey( 8500 @@ -181,54 +191,55 @@ 8501 8502 private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) 8503 { 8504 - if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 8505 - { 8506 - DERBitString bits = info.getPublicKeyData(); 8507 - ASN1OctetString key; 8508 - this.algorithm = "ECGOST3410"; 8509 - 8510 - try 8511 - { 8512 - key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 8513 - } 8514 - catch (IOException ex) 8515 - { 8516 - throw new IllegalArgumentException("error recovering public key"); 8517 - } 8518 - 8519 - byte[] keyEnc = key.getOctets(); 8520 - byte[] x = new byte[32]; 8521 - byte[] y = new byte[32]; 8522 - 8523 - for (int i = 0; i != x.length; i++) 8524 - { 8525 - x[i] = keyEnc[32 - 1 - i]; 8526 - } 8527 - 8528 - for (int i = 0; i != y.length; i++) 8529 - { 8530 - y[i] = keyEnc[64 - 1 - i]; 8531 - } 8532 - 8533 - gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 8534 - 8535 - ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 8536 - 8537 - ECCurve curve = spec.getCurve(); 8538 - EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 8539 - 8540 - this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 8541 - 8542 - ecSpec = new ECNamedCurveSpec( 8543 - ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 8544 - ellipticCurve, 8545 - new ECPoint( 8546 - spec.getG().getAffineXCoord().toBigInteger(), 8547 - spec.getG().getAffineYCoord().toBigInteger()), 8548 - spec.getN(), spec.getH()); 8549 - 8550 - } 8551 - else 8552 + // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 8553 + // { 8554 + // DERBitString bits = info.getPublicKeyData(); 8555 + // ASN1OctetString key; 8556 + // this.algorithm = "ECGOST3410"; 8557 + // 8558 + // try 8559 + // { 8560 + // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 8561 + // } 8562 + // catch (IOException ex) 8563 + // { 8564 + // throw new IllegalArgumentException("error recovering public key"); 8565 + // } 8566 + // 8567 + // byte[] keyEnc = key.getOctets(); 8568 + // byte[] x = new byte[32]; 8569 + // byte[] y = new byte[32]; 8570 + // 8571 + // for (int i = 0; i != x.length; i++) 8572 + // { 8573 + // x[i] = keyEnc[32 - 1 - i]; 8574 + // } 8575 + // 8576 + // for (int i = 0; i != y.length; i++) 8577 + // { 8578 + // y[i] = keyEnc[64 - 1 - i]; 8579 + // } 8580 + // 8581 + // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 8582 + // 8583 + // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 8584 + // 8585 + // ECCurve curve = spec.getCurve(); 8586 + // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 8587 + // 8588 + // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 8589 + // 8590 + // ecSpec = new ECNamedCurveSpec( 8591 + // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 8592 + // ellipticCurve, 8593 + // new ECPoint( 8594 + // spec.getG().getAffineXCoord().toBigInteger(), 8595 + // spec.getG().getAffineYCoord().toBigInteger()), 8596 + // spec.getN(), spec.getH()); 8597 + // 8598 + // } 8599 + // else 8600 + // END android-removed 8601 { 8602 X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); 8603 ECCurve curve; 8604 @@ -317,52 +328,54 @@ 8605 ASN1Encodable params; 8606 SubjectPublicKeyInfo info; 8607 8608 - if (algorithm.equals("ECGOST3410")) 8609 - { 8610 - if (gostParams != null) 8611 - { 8612 - params = gostParams; 8613 - } 8614 - else 8615 - { 8616 - if (ecSpec instanceof ECNamedCurveSpec) 8617 - { 8618 - params = new GOST3410PublicKeyAlgParameters( 8619 - ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 8620 - CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 8621 - } 8622 - else 8623 - { // strictly speaking this may not be applicable... 8624 - ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 8625 - 8626 - X9ECParameters ecP = new X9ECParameters( 8627 - curve, 8628 - EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 8629 - ecSpec.getOrder(), 8630 - BigInteger.valueOf(ecSpec.getCofactor()), 8631 - ecSpec.getCurve().getSeed()); 8632 - 8633 - params = new X962Parameters(ecP); 8634 - } 8635 - } 8636 - 8637 - BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 8638 - BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 8639 - byte[] encKey = new byte[64]; 8640 - 8641 - extractBytes(encKey, 0, bX); 8642 - extractBytes(encKey, 32, bY); 8643 - 8644 - try 8645 - { 8646 - info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 8647 - } 8648 - catch (IOException e) 8649 - { 8650 - return null; 8651 - } 8652 - } 8653 - else 8654 + // BEGIN android-removed 8655 + // if (algorithm.equals("ECGOST3410")) 8656 + // { 8657 + // if (gostParams != null) 8658 + // { 8659 + // params = gostParams; 8660 + // } 8661 + // else 8662 + // { 8663 + // if (ecSpec instanceof ECNamedCurveSpec) 8664 + // { 8665 + // params = new GOST3410PublicKeyAlgParameters( 8666 + // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 8667 + // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 8668 + // } 8669 + // else 8670 + // { // strictly speaking this may not be applicable... 8671 + // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 8672 + // 8673 + // X9ECParameters ecP = new X9ECParameters( 8674 + // curve, 8675 + // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 8676 + // ecSpec.getOrder(), 8677 + // BigInteger.valueOf(ecSpec.getCofactor()), 8678 + // ecSpec.getCurve().getSeed()); 8679 + // 8680 + // params = new X962Parameters(ecP); 8681 + // } 8682 + // } 8683 + // 8684 + // BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 8685 + // BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 8686 + // byte[] encKey = new byte[64]; 8687 + // 8688 + // extractBytes(encKey, 0, bX); 8689 + // extractBytes(encKey, 32, bY); 8690 + // 8691 + // try 8692 + // { 8693 + // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 8694 + // } 8695 + // catch (IOException e) 8696 + // { 8697 + // return null; 8698 + // } 8699 + // } 8700 + // else 8701 + // END android-removed 8702 { 8703 if (ecSpec instanceof ECNamedCurveSpec) 8704 { 8705 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 8706 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-03-01 12:03:02.000000000 +0000 8707 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-04-09 13:10:16.000000000 +0000 8708 @@ -88,22 +88,24 @@ 8709 { 8710 Object obj = iter.next(); 8711 8712 - if (obj instanceof Store) 8713 - { 8714 - Store store = (Store)obj; 8715 + // BEGIN android-removed 8716 + // if (obj instanceof Store) 8717 + // { 8718 + // Store store = (Store)obj; 8719 8720 - try 8721 - { 8722 - crls.addAll(store.getMatches(crlSelect)); 8723 - foundValidStore = true; 8724 - } 8725 - catch (StoreException e) 8726 - { 8727 - lastException = new AnnotatedException( 8728 - "Exception searching in X.509 CRL store.", e); 8729 - } 8730 - } 8731 - else 8732 + // try 8733 + // { 8734 + // crls.addAll(store.getMatches(crlSelect)); 8735 + // foundValidStore = true; 8736 + // } 8737 + // catch (StoreException e) 8738 + // { 8739 + // lastException = new AnnotatedException( 8740 + // "Exception searching in X.509 CRL store.", e); 8741 + // } 8742 + // } 8743 + // else 8744 + // END android-removed 8745 { 8746 CertStore store = (CertStore)obj; 8747 8748 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 8749 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-03-01 12:03:02.000000000 +0000 8750 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-04-24 13:59:41.000000000 +0000 8751 @@ -1,5 +1,8 @@ 8752 package org.bouncycastle.jce.provider; 8753 8754 +// BEGIN android-added 8755 +import java.math.BigInteger; 8756 +// END android-added 8757 import java.security.InvalidAlgorithmParameterException; 8758 import java.security.PublicKey; 8759 import java.security.cert.CertPath; 8760 @@ -41,6 +44,11 @@ 8761 public PKIXCertPathValidatorSpi() 8762 { 8763 } 8764 + // BEGIN android-added 8765 + private static class NoPreloadHolder { 8766 + private final static CertBlacklist blacklist = new CertBlacklist(); 8767 + } 8768 + // END android-added 8769 8770 public CertPathValidatorResult engineValidate( 8771 CertPath certPath, 8772 @@ -73,10 +81,18 @@ 8773 { 8774 paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters(); 8775 } 8776 - else 8777 + // BEGIN android-changed 8778 + // else 8779 + else if (params instanceof PKIXExtendedParameters) 8780 + // END android-changed 8781 { 8782 paramsPKIX = (PKIXExtendedParameters)params; 8783 } 8784 + // BEGIN android-added 8785 + else { 8786 + throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters"); 8787 + } 8788 + // END android-added 8789 8790 if (paramsPKIX.getTrustAnchors() == null) 8791 { 8792 @@ -98,6 +114,22 @@ 8793 { 8794 throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); 8795 } 8796 + // BEGIN android-added 8797 + { 8798 + X509Certificate cert = (X509Certificate) certs.get(0); 8799 + 8800 + if (cert != null) { 8801 + BigInteger serial = cert.getSerialNumber(); 8802 + if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) { 8803 + // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8804 + String message = "Certificate revocation of serial 0x" + serial.toString(16); 8805 + System.out.println(message); 8806 + AnnotatedException e = new AnnotatedException(message); 8807 + throw new CertPathValidatorException(e.getMessage(), e, certPath, 0); 8808 + } 8809 + } 8810 + } 8811 + // END android-added 8812 8813 // 8814 // (b) 8815 @@ -277,6 +309,15 @@ 8816 8817 for (index = certs.size() - 1; index >= 0; index--) 8818 { 8819 + // BEGIN android-added 8820 + if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { 8821 + // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8822 + String message = "Certificate revocation of public key " + workingPublicKey; 8823 + System.out.println(message); 8824 + AnnotatedException e = new AnnotatedException(message); 8825 + throw new CertPathValidatorException(e.getMessage(), e, certPath, index); 8826 + } 8827 + // END android-added 8828 // try 8829 // { 8830 // 8831 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 8832 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000 8833 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-31 02:26:40.000000000 +0000 8834 @@ -57,6 +57,9 @@ 8835 import org.bouncycastle.asn1.x509.Extensions; 8836 import org.bouncycastle.asn1.x509.GeneralName; 8837 import org.bouncycastle.asn1.x509.KeyUsage; 8838 +// BEGIN android-added 8839 +import org.bouncycastle.asn1.x509.X509Name; 8840 +// END android-added 8841 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 8842 import org.bouncycastle.jce.X509Principal; 8843 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 8844 @@ -562,12 +565,20 @@ 8845 } 8846 } 8847 8848 + // BEGIN android-changed 8849 + private byte[] encoded; 8850 + // END android-changed 8851 public byte[] getEncoded() 8852 throws CertificateEncodingException 8853 { 8854 try 8855 { 8856 - return c.getEncoded(ASN1Encoding.DER); 8857 + // BEGIN android-changed 8858 + if (encoded == null) { 8859 + encoded = c.getEncoded(ASN1Encoding.DER); 8860 + } 8861 + return encoded; 8862 + // END android-changed 8863 } 8864 catch (IOException e) 8865 { 8866 @@ -858,7 +869,9 @@ 8867 list.add(genName.getEncoded()); 8868 break; 8869 case GeneralName.directoryName: 8870 - list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 8871 + // BEGIN android-changed 8872 + list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 8873 + // END android-changed 8874 break; 8875 case GeneralName.dNSName: 8876 case GeneralName.rfc822Name: 8877 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 8878 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000 8879 +++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 2014-07-28 19:51:54.000000000 +0000 8880 @@ -14,7 +14,9 @@ 8881 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 8882 import org.bouncycastle.asn1.ASN1Sequence; 8883 import org.bouncycastle.asn1.DERNull; 8884 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8885 +// BEGIN android-removed 8886 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8887 +// END android-removed 8888 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8889 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8890 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8891 @@ -66,12 +68,14 @@ 8892 8893 if (params != null && !derNull.equals(params)) 8894 { 8895 - if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8896 - { 8897 - RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8898 - 8899 - return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 8900 - } 8901 + // BEGIN android-removed 8902 + // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8903 + // { 8904 + // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8905 + // 8906 + // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 8907 + // } 8908 + // END android-removed 8909 if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 8910 { 8911 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 8912 @@ -114,22 +118,24 @@ 8913 { 8914 return "SHA512"; 8915 } 8916 - else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8917 - { 8918 - return "RIPEMD128"; 8919 - } 8920 - else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8921 - { 8922 - return "RIPEMD160"; 8923 - } 8924 - else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8925 - { 8926 - return "RIPEMD256"; 8927 - } 8928 - else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8929 - { 8930 - return "GOST3411"; 8931 - } 8932 + // BEGIN android-removed 8933 + // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8934 + // { 8935 + // return "RIPEMD128"; 8936 + // } 8937 + // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8938 + // { 8939 + // return "RIPEMD160"; 8940 + // } 8941 + // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8942 + // { 8943 + // return "RIPEMD256"; 8944 + // } 8945 + // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8946 + // { 8947 + // return "GOST3411"; 8948 + // } 8949 + // END android-removed 8950 else 8951 { 8952 return digestAlgOID.getId(); 8953 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 8954 --- bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java 2015-03-01 12:03:02.000000000 +0000 8955 +++ bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 2014-07-28 19:51:54.000000000 +0000 8956 @@ -25,12 +25,16 @@ 8957 import org.bouncycastle.asn1.ASN1Integer; 8958 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 8959 import org.bouncycastle.asn1.DERNull; 8960 -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8961 +// BEGIN android-removed 8962 +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8963 +// END android-removed 8964 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8965 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8966 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8967 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 8968 -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8969 +// BEGIN android-removed 8970 +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8971 +// END android-removed 8972 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8973 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 8974 import org.bouncycastle.jce.X509Principal; 8975 @@ -44,8 +48,10 @@ 8976 8977 static 8978 { 8979 - algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8980 - algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8981 + // BEGIN android-removed 8982 + // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8983 + // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8984 + // END android-removed 8985 algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); 8986 algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); 8987 algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); 8988 @@ -63,12 +69,14 @@ 8989 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8990 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8991 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8992 - algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8993 - algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8994 - algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8995 - algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8996 - algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8997 - algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8998 + // BEGIN android-removed 8999 + // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9000 + // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 9001 + // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9002 + // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 9003 + // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9004 + // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 9005 + // END android-removed 9006 algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); 9007 algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); 9008 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 9009 @@ -81,11 +89,13 @@ 9010 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 9011 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 9012 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 9013 - algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9014 - algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9015 - algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9016 - algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9017 - algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9018 + // BEGIN android-removed 9019 + // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9020 + // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9021 + // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9022 + // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9023 + // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9024 + // END android-removed 9025 9026 // 9027 // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 9028 @@ -105,8 +115,10 @@ 9029 // 9030 // RFC 4491 9031 // 9032 - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9033 - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9034 + // BEGIN android-removed 9035 + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 9036 + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 9037 + // END android-removed 9038 9039 // 9040 // explicit params 9041
