1diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java 2015-03-01 12:03:02.000000000 +0000 3+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2014-07-28 19:51:54.000000000 +0000 4@@ -23,7 +23,9 @@ 5 private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; 6 private static final byte[] FALSE_VALUE = new byte[] { 0 }; 7 8- private byte[] value; 9+ // BEGIN android-changed 10+ final private byte[] value; 11+ // END android-changed 12 13 public static final ASN1Boolean FALSE = new ASN1Boolean(false); 14 public static final ASN1Boolean TRUE = new ASN1Boolean(true); 15@@ -79,6 +81,17 @@ 16 return (value != 0 ? TRUE : FALSE); 17 } 18 19+ // BEGIN android-added 20+ /** 21+ * return a ASN1Boolean from the passed in array. 22+ */ 23+ public static ASN1Boolean getInstance( 24+ byte[] octets) 25+ { 26+ return (octets[0] != 0) ? TRUE : FALSE; 27+ } 28+ 29+ // END android-added 30 /** 31 * return a Boolean from a tagged object. 32 * 33@@ -105,7 +118,9 @@ 34 } 35 } 36 37- ASN1Boolean( 38+ // BEGIN android-changed 39+ protected ASN1Boolean( 40+ // END android-changed 41 byte[] value) 42 { 43 if (value.length != 1) 44@@ -131,8 +146,10 @@ 45 * @deprecated use getInstance(boolean) method. 46 * @param value true or false. 47 */ 48- public ASN1Boolean( 49+ // BEGIN android-changed 50+ protected ASN1Boolean( 51 boolean value) 52+ // END android-changed 53 { 54 this.value = (value) ? TRUE_VALUE : FALSE_VALUE; 55 } 56diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 57--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java 2015-03-01 12:03:02.000000000 +0000 58+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 2014-07-28 19:51:54.000000000 +0000 59@@ -8,6 +8,12 @@ 60 public abstract class ASN1Null 61 extends ASN1Primitive 62 { 63+ // BEGIN android-added 64+ /*package*/ ASN1Null() 65+ { 66+ } 67+ 68+ // END android-added 69 /** 70 * Return an instance of ASN.1 NULL from the passed in object. 71 * <p> 72diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 73--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2015-03-01 12:03:02.000000000 +0000 74+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2014-07-28 19:51:54.000000000 +0000 75@@ -152,7 +152,13 @@ 76 } 77 } 78 79- this.identifier = objId.toString(); 80+ // BEGIN android-changed 81+ /* 82+ * Intern the identifier so there aren't hundreds of duplicates 83+ * (in practice). 84+ */ 85+ this.identifier = objId.toString().intern(); 86+ // END android-changed 87 this.body = Arrays.clone(bytes); 88 } 89 90@@ -173,7 +179,13 @@ 91 throw new IllegalArgumentException("string " + identifier + " not an OID"); 92 } 93 94- this.identifier = identifier; 95+ // BEGIN android-changed 96+ /* 97+ * Intern the identifier so there aren't hundreds of duplicates 98+ * (in practice). 99+ */ 100+ this.identifier = identifier.intern(); 101+ // END android-changed 102 } 103 104 /** 105diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 106--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java 2015-03-01 12:03:02.000000000 +0000 107+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 2013-01-31 02:26:40.000000000 +0000 108@@ -15,7 +15,9 @@ 109 /** 110 * @deprecated use DERNull.INSTANCE 111 */ 112- public DERNull() 113+ // BEGIN android-changed 114+ protected DERNull() 115+ // END android-changed 116 { 117 } 118 119diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 120--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java 2015-03-01 12:03:02.000000000 +0000 121+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 2014-07-28 19:51:54.000000000 +0000 122@@ -12,7 +12,9 @@ 123 extends ASN1Primitive 124 implements ASN1String 125 { 126- private byte[] string; 127+ // BEGIN android-changed 128+ private final byte[] string; 129+ // END android-changed 130 131 /** 132 * return a printable string from the passed in object. 133diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 134--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java 2015-03-01 12:03:02.000000000 +0000 135+++ bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 2014-05-05 17:17:14.000000000 +0000 136@@ -8,7 +8,9 @@ 137 138 class StreamUtil 139 { 140- private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 141+ // BEGIN android-removed 142+ // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); 143+ // END android-removed 144 145 /** 146 * Find out possible longest length... 147@@ -48,12 +50,15 @@ 148 } 149 } 150 151- if (MAX_MEMORY > Integer.MAX_VALUE) 152+ // BEGIN android-changed 153+ long maxMemory = Runtime.getRuntime().maxMemory(); 154+ if (maxMemory > Integer.MAX_VALUE) 155 { 156 return Integer.MAX_VALUE; 157 } 158 159- return (int)MAX_MEMORY; 160+ return (int) maxMemory; 161+ // END android-changed 162 } 163 164 static int calculateBodyLength( 165diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 166--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2015-03-01 12:03:02.000000000 +0000 167+++ bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 2013-12-12 00:35:05.000000000 +0000 168@@ -28,7 +28,9 @@ 169 */ 170 public class ContentInfo 171 extends ASN1Object 172- implements CMSObjectIdentifiers 173+ // BEGIN android-removed 174+ // implements CMSObjectIdentifiers 175+ // END android-removed 176 { 177 private ASN1ObjectIdentifier contentType; 178 private ASN1Encodable content; 179diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 180--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2015-03-01 12:03:02.000000000 +0000 181+++ bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-12-12 00:35:05.000000000 +0000 182@@ -13,10 +13,12 @@ 183 static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); 184 /** PKCS#1: 1.2.840.113549.1.1.1 */ 185 static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); 186- /** PKCS#1: 1.2.840.113549.1.1.2 */ 187- static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 188- /** PKCS#1: 1.2.840.113549.1.1.3 */ 189- static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 190+ // BEGIN android-removed 191+ // /** PKCS#1: 1.2.840.113549.1.1.2 */ 192+ // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); 193+ // /** PKCS#1: 1.2.840.113549.1.1.3 */ 194+ // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); 195+ // END android-removed 196 /** PKCS#1: 1.2.840.113549.1.1.4 */ 197 static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); 198 /** PKCS#1: 1.2.840.113549.1.1.5 */ 199@@ -96,15 +98,19 @@ 200 // md2 OBJECT IDENTIFIER ::= 201 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} 202 // 203- /** 1.2.840.113549.2.2 */ 204- static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 205+ // BEGIN android-removed 206+ // /** 1.2.840.113549.2.2 */ 207+ // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); 208+ // END android-removed 209 210 // 211 // md4 OBJECT IDENTIFIER ::= 212 // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} 213 // 214- /** 1.2.840.113549.2.4 */ 215- static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 216+ // BEGIN android-removed 217+ // /** 1.2.840.113549.2.4 */ 218+ // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); 219+ // END android-removed 220 221 // 222 // md5 OBJECT IDENTIFIER ::= 223diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 224--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2015-03-01 12:03:02.000000000 +0000 225+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2014-07-28 19:51:54.000000000 +0000 226@@ -14,7 +14,9 @@ 227 import org.bouncycastle.asn1.DERSequence; 228 import org.bouncycastle.asn1.DERTaggedObject; 229 import org.bouncycastle.crypto.Digest; 230-import org.bouncycastle.crypto.digests.SHA1Digest; 231+// BEGIN android-changed 232+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 233+// END android-changed 234 235 /** 236 * The AuthorityKeyIdentifier object. 237@@ -106,7 +108,9 @@ 238 public AuthorityKeyIdentifier( 239 SubjectPublicKeyInfo spki) 240 { 241- Digest digest = new SHA1Digest(); 242+ // BEGIN android-changed 243+ Digest digest = AndroidDigestFactory.getSHA1(); 244+ // END android-changed 245 byte[] resBuf = new byte[digest.getDigestSize()]; 246 247 byte[] bytes = spki.getPublicKeyData().getBytes(); 248@@ -125,7 +129,9 @@ 249 GeneralNames name, 250 BigInteger serialNumber) 251 { 252- Digest digest = new SHA1Digest(); 253+ // BEGIN android-changed 254+ Digest digest = AndroidDigestFactory.getSHA1(); 255+ // END android-changed 256 byte[] resBuf = new byte[digest.getDigestSize()]; 257 258 byte[] bytes = spki.getPublicKeyData().getBytes(); 259diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 260--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java 2015-03-01 12:03:02.000000000 +0000 261+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 2013-12-12 00:35:05.000000000 +0000 262@@ -255,8 +255,10 @@ 263 */ 264 public static final Hashtable SymbolLookUp = DefaultLookUp; 265 266- private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility 267- private static final Boolean FALSE = new Boolean(false); 268+ // BEGIN android-changed 269+ private static final Boolean TRUE = Boolean.TRUE; 270+ private static final Boolean FALSE = Boolean.FALSE; 271+ // END android-changed 272 273 static 274 { 275@@ -446,7 +448,9 @@ 276 throw new IllegalArgumentException("cannot encode value"); 277 } 278 } 279- added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility 280+ // BEGIN android-changed 281+ added.addElement(Boolean.valueOf(i != 0)); 282+ // END android-changed 283 } 284 } 285 } 286diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 287--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2015-03-01 12:03:02.000000000 +0000 288+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-05-25 02:14:15.000000000 +0000 289@@ -78,6 +78,17 @@ 290 } 291 else 292 { 293+ // BEGIN android-added 294+ // copied from a newer version of BouncyCastle 295+ if (c == '#' && buf.charAt(buf.length() - 1) == '=') 296+ { 297+ buf.append('\\'); 298+ } 299+ else if (c == '+' && separator != '+') 300+ { 301+ buf.append('\\'); 302+ } 303+ // END android-added 304 buf.append(c); 305 } 306 } 307diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 308--- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2015-03-01 12:03:02.000000000 +0000 309+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2014-07-28 19:51:54.000000000 +0000 310@@ -6,7 +6,9 @@ 311 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 312 import org.bouncycastle.asn1.nist.NISTNamedCurves; 313 import org.bouncycastle.asn1.sec.SECNamedCurves; 314-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 315+// BEGIN android-removed 316+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 317+// END android-removed 318 319 /** 320 * A general class that reads all X9.62 style EC curve tables. 321@@ -30,10 +32,12 @@ 322 ecP = SECNamedCurves.getByName(name); 323 } 324 325- if (ecP == null) 326- { 327- ecP = TeleTrusTNamedCurves.getByName(name); 328- } 329+ // BEGIN android-removed 330+ // if (ecP == null) 331+ // { 332+ // ecP = TeleTrusTNamedCurves.getByName(name); 333+ // } 334+ // END android-removed 335 336 if (ecP == null) 337 { 338@@ -59,10 +63,12 @@ 339 oid = SECNamedCurves.getOID(name); 340 } 341 342- if (oid == null) 343- { 344- oid = TeleTrusTNamedCurves.getOID(name); 345- } 346+ // BEGIN android-removed 347+ // if (oid == null) 348+ // { 349+ // oid = TeleTrusTNamedCurves.getOID(name); 350+ // } 351+ // END android-removed 352 353 if (oid == null) 354 { 355@@ -89,10 +95,12 @@ 356 ecP = SECNamedCurves.getByOID(oid); 357 } 358 359- if (ecP == null) 360- { 361- ecP = TeleTrusTNamedCurves.getByOID(oid); 362- } 363+ // BEGIN android-removed 364+ // if (ecP == null) 365+ // { 366+ // ecP = TeleTrusTNamedCurves.getByOID(oid); 367+ // } 368+ // END android-removed 369 370 // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup 371 372@@ -111,7 +119,9 @@ 373 addEnumeration(v, X962NamedCurves.getNames()); 374 addEnumeration(v, SECNamedCurves.getNames()); 375 addEnumeration(v, NISTNamedCurves.getNames()); 376- addEnumeration(v, TeleTrusTNamedCurves.getNames()); 377+ // BEGIN android-removed 378+ // addEnumeration(v, TeleTrusTNamedCurves.getNames()); 379+ // END android-removed 380 381 return v.elements(); 382 } 383diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 384--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000 385+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-09-26 18:06:21.000000000 +0000 386@@ -0,0 +1,87 @@ 387+/* 388+ * Copyright (C) 2012 The Android Open Source Project 389+ * 390+ * Licensed under the Apache License, Version 2.0 (the "License"); 391+ * you may not use this file except in compliance with the License. 392+ * You may obtain a copy of the License at 393+ * 394+ * http://www.apache.org/licenses/LICENSE-2.0 395+ * 396+ * Unless required by applicable law or agreed to in writing, software 397+ * distributed under the License is distributed on an "AS IS" BASIS, 398+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 399+ * See the License for the specific language governing permissions and 400+ * limitations under the License. 401+ */ 402+ 403+package org.bouncycastle.crypto.digests; 404+ 405+import org.bouncycastle.crypto.Digest; 406+ 407+/** 408+ * Level of indirection to let us select OpenSSLDigest implementations 409+ * for libcore but fallback to BouncyCastle ones on the RI. 410+ */ 411+public final class AndroidDigestFactory { 412+ private static final String OpenSSLFactoryClassName 413+ = AndroidDigestFactory.class.getName() + "OpenSSL"; 414+ private static final String BouncyCastleFactoryClassName 415+ = AndroidDigestFactory.class.getName() + "BouncyCastle"; 416+ 417+ private static final AndroidDigestFactoryInterface FACTORY; 418+ static { 419+ Class factoryImplementationClass; 420+ try { 421+ factoryImplementationClass = Class.forName(OpenSSLFactoryClassName); 422+ // Double check for NativeCrypto in case we are running on RI for testing 423+ Class.forName("com.android.org.conscrypt.NativeCrypto"); 424+ } catch (ClassNotFoundException e1) { 425+ try { 426+ factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName); 427+ } catch (ClassNotFoundException e2) { 428+ AssertionError e = new AssertionError("Failed to load " 429+ + "AndroidDigestFactoryInterface " 430+ + "implementation. Looked for " 431+ + OpenSSLFactoryClassName + " and " 432+ + BouncyCastleFactoryClassName); 433+ e.initCause(e1); 434+ throw e; 435+ } 436+ } 437+ if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) { 438+ throw new AssertionError(factoryImplementationClass 439+ + "does not implement AndroidDigestFactoryInterface"); 440+ } 441+ try { 442+ FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance(); 443+ } catch (InstantiationException e) { 444+ throw new AssertionError(e); 445+ } catch (IllegalAccessException e) { 446+ throw new AssertionError(e); 447+ } 448+ } 449+ 450+ public static Digest getMD5() { 451+ return FACTORY.getMD5(); 452+ } 453+ 454+ public static Digest getSHA1() { 455+ return FACTORY.getSHA1(); 456+ } 457+ 458+ public static Digest getSHA224() { 459+ return FACTORY.getSHA224(); 460+ } 461+ 462+ public static Digest getSHA256() { 463+ return FACTORY.getSHA256(); 464+ } 465+ 466+ public static Digest getSHA384() { 467+ return FACTORY.getSHA384(); 468+ } 469+ 470+ public static Digest getSHA512() { 471+ return FACTORY.getSHA512(); 472+ } 473+} 474diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 475--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000 476+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-09-26 18:06:21.000000000 +0000 477@@ -0,0 +1,40 @@ 478+/* 479+ * Copyright (C) 2012 The Android Open Source Project 480+ * 481+ * Licensed under the Apache License, Version 2.0 (the "License"); 482+ * you may not use this file except in compliance with the License. 483+ * You may obtain a copy of the License at 484+ * 485+ * http://www.apache.org/licenses/LICENSE-2.0 486+ * 487+ * Unless required by applicable law or agreed to in writing, software 488+ * distributed under the License is distributed on an "AS IS" BASIS, 489+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 490+ * See the License for the specific language governing permissions and 491+ * limitations under the License. 492+ */ 493+ 494+package org.bouncycastle.crypto.digests; 495+ 496+import org.bouncycastle.crypto.Digest; 497+ 498+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface { 499+ public Digest getMD5() { 500+ return new MD5Digest(); 501+ } 502+ public Digest getSHA1() { 503+ return new SHA1Digest(); 504+ } 505+ public Digest getSHA224() { 506+ return new SHA224Digest(); 507+ } 508+ public Digest getSHA256() { 509+ return new SHA256Digest(); 510+ } 511+ public Digest getSHA384() { 512+ return new SHA384Digest(); 513+ } 514+ public Digest getSHA512() { 515+ return new SHA512Digest(); 516+ } 517+} 518diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 519--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000 520+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-09-26 18:06:21.000000000 +0000 521@@ -0,0 +1,28 @@ 522+/* 523+ * Copyright (C) 2012 The Android Open Source Project 524+ * 525+ * Licensed under the Apache License, Version 2.0 (the "License"); 526+ * you may not use this file except in compliance with the License. 527+ * You may obtain a copy of the License at 528+ * 529+ * http://www.apache.org/licenses/LICENSE-2.0 530+ * 531+ * Unless required by applicable law or agreed to in writing, software 532+ * distributed under the License is distributed on an "AS IS" BASIS, 533+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 534+ * See the License for the specific language governing permissions and 535+ * limitations under the License. 536+ */ 537+ 538+package org.bouncycastle.crypto.digests; 539+ 540+import org.bouncycastle.crypto.Digest; 541+ 542+interface AndroidDigestFactoryInterface { 543+ public Digest getMD5(); 544+ public Digest getSHA1(); 545+ public Digest getSHA224(); 546+ public Digest getSHA256(); 547+ public Digest getSHA384(); 548+ public Digest getSHA512(); 549+} 550diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 551--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000 552+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-09-26 18:06:21.000000000 +0000 553@@ -0,0 +1,40 @@ 554+/* 555+ * Copyright (C) 2012 The Android Open Source Project 556+ * 557+ * Licensed under the Apache License, Version 2.0 (the "License"); 558+ * you may not use this file except in compliance with the License. 559+ * You may obtain a copy of the License at 560+ * 561+ * http://www.apache.org/licenses/LICENSE-2.0 562+ * 563+ * Unless required by applicable law or agreed to in writing, software 564+ * distributed under the License is distributed on an "AS IS" BASIS, 565+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 566+ * See the License for the specific language governing permissions and 567+ * limitations under the License. 568+ */ 569+ 570+package org.bouncycastle.crypto.digests; 571+ 572+import org.bouncycastle.crypto.Digest; 573+ 574+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface { 575+ public Digest getMD5() { 576+ return new OpenSSLDigest.MD5(); 577+ } 578+ public Digest getSHA1() { 579+ return new OpenSSLDigest.SHA1(); 580+ } 581+ public Digest getSHA224() { 582+ return new OpenSSLDigest.SHA224(); 583+ } 584+ public Digest getSHA256() { 585+ return new OpenSSLDigest.SHA256(); 586+ } 587+ public Digest getSHA384() { 588+ return new OpenSSLDigest.SHA384(); 589+ } 590+ public Digest getSHA512() { 591+ return new OpenSSLDigest.SHA512(); 592+ } 593+} 594diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 595--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 596+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2014-02-27 18:09:19.000000000 +0000 597@@ -0,0 +1,97 @@ 598+/* 599+ * Copyright (C) 2008 The Android Open Source Project 600+ * 601+ * Licensed under the Apache License, Version 2.0 (the "License"); 602+ * you may not use this file except in compliance with the License. 603+ * You may obtain a copy of the License at 604+ * 605+ * http://www.apache.org/licenses/LICENSE-2.0 606+ * 607+ * Unless required by applicable law or agreed to in writing, software 608+ * distributed under the License is distributed on an "AS IS" BASIS, 609+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 610+ * See the License for the specific language governing permissions and 611+ * limitations under the License. 612+ */ 613+ 614+package org.bouncycastle.crypto.digests; 615+ 616+import org.bouncycastle.crypto.ExtendedDigest; 617+import org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi; 618+import java.security.DigestException; 619+import java.security.MessageDigest; 620+ 621+/** 622+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This 623+ * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it. 624+ */ 625+public class OpenSSLDigest implements ExtendedDigest { 626+ private final MessageDigest delegate; 627+ 628+ private final int byteSize; 629+ 630+ public OpenSSLDigest(String algorithm, int byteSize) { 631+ try { 632+ delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL"); 633+ this.byteSize = byteSize; 634+ } catch (Exception e) { 635+ throw new RuntimeException(e); 636+ } 637+ } 638+ 639+ public String getAlgorithmName() { 640+ return delegate.getAlgorithm(); 641+ } 642+ 643+ public int getDigestSize() { 644+ return delegate.getDigestLength(); 645+ } 646+ 647+ public int getByteLength() { 648+ return byteSize; 649+ } 650+ 651+ public void reset() { 652+ delegate.reset(); 653+ } 654+ 655+ public void update(byte in) { 656+ delegate.update(in); 657+ } 658+ 659+ public void update(byte[] in, int inOff, int len) { 660+ delegate.update(in, inOff, len); 661+ } 662+ 663+ public int doFinal(byte[] out, int outOff) { 664+ try { 665+ return delegate.digest(out, outOff, out.length - outOff); 666+ } catch (DigestException e) { 667+ throw new RuntimeException(e); 668+ } 669+ } 670+ 671+ public static class MD5 extends OpenSSLDigest { 672+ public MD5() { super("MD5", 64); } 673+ } 674+ 675+ public static class SHA1 extends OpenSSLDigest { 676+ public SHA1() { super("SHA-1", 64); } 677+ } 678+ 679+ public static class SHA224 extends OpenSSLDigest { 680+ public SHA224() { super("SHA-224", 64); } 681+ } 682+ 683+ public static class SHA256 extends OpenSSLDigest { 684+ public SHA256() { super("SHA-256", 64); } 685+ } 686+ 687+ public static class SHA384 extends OpenSSLDigest { 688+ public SHA384() { super("SHA-384", 128); } 689+ } 690+ 691+ public static class SHA512 extends OpenSSLDigest { 692+ public SHA512() { super("SHA-512", 128); } 693+ } 694+} 695diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 696--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2015-03-01 12:03:02.000000000 +0000 697+++ bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2014-07-28 19:51:54.000000000 +0000 698@@ -10,7 +10,9 @@ 699 import org.bouncycastle.asn1.x9.X9ECParametersHolder; 700 import org.bouncycastle.math.ec.ECCurve; 701 import org.bouncycastle.math.ec.ECPoint; 702-import org.bouncycastle.math.ec.custom.djb.Curve25519; 703+// BEGIN android-removed 704+// import org.bouncycastle.math.ec.custom.djb.Curve25519; 705+// END android-removed 706 import org.bouncycastle.math.ec.custom.sec.SecP192K1Curve; 707 import org.bouncycastle.math.ec.custom.sec.SecP192R1Curve; 708 import org.bouncycastle.math.ec.custom.sec.SecP224K1Curve; 709@@ -36,32 +38,34 @@ 710 return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create(); 711 } 712 713- /* 714- * curve25519 715- */ 716- static X9ECParametersHolder curve25519 = new X9ECParametersHolder() 717- { 718- protected X9ECParameters createParameters() 719- { 720- byte[] S = null; 721- ECCurve curve = configureCurve(new Curve25519()); 722- 723- /* 724- * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form 725- * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). 726- * 727- * The Curve25519 paper doesn't say which of the two possible y values the base 728- * point has. The choice here is guided by language in the Ed25519 paper. 729- * 730- * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 731- */ 732- ECPoint G = curve.decodePoint(Hex.decode("04" 733- + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" 734- + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); 735- 736- return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); 737- } 738- }; 739+ // BEGIN android-removed 740+ // /* 741+ // * curve25519 742+ // */ 743+ // static X9ECParametersHolder curve25519 = new X9ECParametersHolder() 744+ // { 745+ // protected X9ECParameters createParameters() 746+ // { 747+ // byte[] S = null; 748+ // ECCurve curve = configureCurve(new Curve25519()); 749+ // 750+ // /* 751+ // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form 752+ // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). 753+ // * 754+ // * The Curve25519 paper doesn't say which of the two possible y values the base 755+ // * point has. The choice here is guided by language in the Ed25519 paper. 756+ // * 757+ // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 758+ // */ 759+ // ECPoint G = curve.decodePoint(Hex.decode("04" 760+ // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" 761+ // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); 762+ // 763+ // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); 764+ // } 765+ // }; 766+ // END android-removed 767 768 /* 769 * secp192k1 770@@ -254,7 +258,9 @@ 771 772 static 773 { 774- defineCurve("curve25519", curve25519); 775+ // BEGIN android-removed 776+ // defineCurve("curve25519", curve25519); 777+ // END android-removed 778 779 defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1); 780 defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1); 781diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 782--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2015-03-01 12:03:02.000000000 +0000 783+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-05-25 02:14:15.000000000 +0000 784@@ -6,7 +6,9 @@ 785 import org.bouncycastle.crypto.CipherParameters; 786 import org.bouncycastle.crypto.Digest; 787 import org.bouncycastle.crypto.InvalidCipherTextException; 788-import org.bouncycastle.crypto.digests.SHA1Digest; 789+// BEGIN android-changed 790+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 791+// END android-changed 792 import org.bouncycastle.crypto.params.ParametersWithRandom; 793 794 /** 795@@ -25,7 +27,9 @@ 796 public OAEPEncoding( 797 AsymmetricBlockCipher cipher) 798 { 799- this(cipher, new SHA1Digest(), null); 800+ // BEGIN android-changed 801+ this(cipher, AndroidDigestFactory.getSHA1(), null); 802+ // END android-changed 803 } 804 805 public OAEPEncoding( 806diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 807--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-03-01 12:03:02.000000000 +0000 808+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-04-09 13:10:16.000000000 +0000 809@@ -378,6 +378,12 @@ 810 throw new InvalidCipherTextException("unknown block type"); 811 } 812 } 813+ // BEGIN android-added 814+ if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) 815+ { 816+ throw new InvalidCipherTextException("invalid block type " + type); 817+ } 818+ // END android-added 819 820 if (useStrictLength && block.length != engine.getOutputBlockSize()) 821 { 822diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 823--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2015-03-01 12:03:02.000000000 +0000 824+++ bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2014-07-28 19:51:54.000000000 +0000 825@@ -6,7 +6,9 @@ 826 import org.bouncycastle.crypto.Digest; 827 import org.bouncycastle.crypto.InvalidCipherTextException; 828 import org.bouncycastle.crypto.Wrapper; 829-import org.bouncycastle.crypto.digests.SHA1Digest; 830+// BEGIN android-changed 831+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 832+// END android-changed 833 import org.bouncycastle.crypto.modes.CBCBlockCipher; 834 import org.bouncycastle.crypto.params.KeyParameter; 835 import org.bouncycastle.crypto.params.ParametersWithIV; 836@@ -52,7 +54,9 @@ 837 // 838 // checksum digest 839 // 840- Digest sha1 = new SHA1Digest(); 841+ // BEGIN android-changed 842+ Digest sha1 = AndroidDigestFactory.getSHA1(); 843+ // END android-changed 844 byte[] digest = new byte[20]; 845 846 /** 847diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 848--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2015-03-01 12:03:02.000000000 +0000 849+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 2014-07-28 19:51:54.000000000 +0000 850@@ -3,11 +3,18 @@ 851 import java.math.BigInteger; 852 import java.security.SecureRandom; 853 854+// BEGIN android-added 855+import java.util.logging.Logger; 856+// END android-added 857 import org.bouncycastle.math.ec.WNafUtil; 858 import org.bouncycastle.util.BigIntegers; 859 860 class DHParametersHelper 861 { 862+ // BEGIN android-added 863+ private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); 864+ // END android-added 865+ 866 private static final BigInteger ONE = BigInteger.valueOf(1); 867 private static final BigInteger TWO = BigInteger.valueOf(2); 868 869@@ -18,12 +25,20 @@ 870 */ 871 static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) 872 { 873+ // BEGIN android-added 874+ logger.info("Generating safe primes. This may take a long time."); 875+ long start = System.currentTimeMillis(); 876+ int tries = 0; 877+ // END android-added 878 BigInteger p, q; 879 int qLength = size - 1; 880 int minWeight = size >>> 2; 881 882 for (;;) 883 { 884+ // BEGIN android-added 885+ tries++; 886+ // END android-added 887 q = new BigInteger(qLength, 2, random); 888 889 // p <- 2q + 1 890@@ -52,6 +67,11 @@ 891 892 break; 893 } 894+ // BEGIN android-added 895+ long end = System.currentTimeMillis(); 896+ long duration = end - start; 897+ logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); 898+ // END android-added 899 900 return new BigInteger[] { p, q }; 901 } 902diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 903--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 904+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2014-07-28 19:51:54.000000000 +0000 905@@ -4,7 +4,9 @@ 906 import java.security.SecureRandom; 907 908 import org.bouncycastle.crypto.Digest; 909-import org.bouncycastle.crypto.digests.SHA1Digest; 910+// BEGIN android-changed 911+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 912+// END android-changed 913 import org.bouncycastle.crypto.params.DSAParameterGenerationParameters; 914 import org.bouncycastle.crypto.params.DSAParameters; 915 import org.bouncycastle.crypto.params.DSAValidationParameters; 916@@ -31,7 +33,9 @@ 917 918 public DSAParametersGenerator() 919 { 920- this(new SHA1Digest()); 921+ // BEGIN android-changed 922+ this(AndroidDigestFactory.getSHA1()); 923+ // END android-changed 924 } 925 926 public DSAParametersGenerator(Digest digest) 927@@ -122,7 +126,9 @@ 928 int n = (L - 1) / 160; 929 byte[] w = new byte[L / 8]; 930 931- if (!(digest instanceof SHA1Digest)) 932+ // BEGIN android-changed 933+ if (!(digest.getAlgorithmName().equals("SHA-1"))) 934+ // END android-changed 935 { 936 throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters"); 937 } 938diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 939--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 940+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000 941@@ -3,7 +3,9 @@ 942 import org.bouncycastle.crypto.CipherParameters; 943 import org.bouncycastle.crypto.Digest; 944 import org.bouncycastle.crypto.PBEParametersGenerator; 945-import org.bouncycastle.crypto.digests.MD5Digest; 946+// BEGIN android-changed 947+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 948+// END android-changed 949 import org.bouncycastle.crypto.params.KeyParameter; 950 import org.bouncycastle.crypto.params.ParametersWithIV; 951 952@@ -17,7 +19,9 @@ 953 public class OpenSSLPBEParametersGenerator 954 extends PBEParametersGenerator 955 { 956- private Digest digest = new MD5Digest(); 957+ // BEGIN android-changed 958+ private Digest digest = AndroidDigestFactory.getMD5(); 959+ // END android-changed 960 961 /** 962 * Construct a OpenSSL Parameters generator. 963diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 964--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000 965+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-12-12 00:35:05.000000000 +0000 966@@ -4,7 +4,9 @@ 967 import org.bouncycastle.crypto.Digest; 968 import org.bouncycastle.crypto.Mac; 969 import org.bouncycastle.crypto.PBEParametersGenerator; 970-import org.bouncycastle.crypto.digests.SHA1Digest; 971+// BEGIN android-changed 972+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 973+// END android-changed 974 import org.bouncycastle.crypto.macs.HMac; 975 import org.bouncycastle.crypto.params.KeyParameter; 976 import org.bouncycastle.crypto.params.ParametersWithIV; 977@@ -28,7 +30,9 @@ 978 */ 979 public PKCS5S2ParametersGenerator() 980 { 981- this(new SHA1Digest()); 982+ // BEGIN android-changed 983+ this(AndroidDigestFactory.getSHA1()); 984+ // END android-changed 985 } 986 987 public PKCS5S2ParametersGenerator(Digest digest) 988diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 989--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java 2015-03-01 12:03:02.000000000 +0000 990+++ bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 2013-09-26 18:06:21.000000000 +0000 991@@ -36,14 +36,18 @@ 992 { 993 blockLengths = new Hashtable(); 994 995- blockLengths.put("GOST3411", Integers.valueOf(32)); 996- 997- blockLengths.put("MD2", Integers.valueOf(16)); 998- blockLengths.put("MD4", Integers.valueOf(64)); 999+ // BEGIN android-removed 1000+ // blockLengths.put("GOST3411", Integers.valueOf(32)); 1001+ // 1002+ // blockLengths.put("MD2", Integers.valueOf(16)); 1003+ // blockLengths.put("MD4", Integers.valueOf(64)); 1004+ // END android-removed 1005 blockLengths.put("MD5", Integers.valueOf(64)); 1006 1007- blockLengths.put("RIPEMD128", Integers.valueOf(64)); 1008- blockLengths.put("RIPEMD160", Integers.valueOf(64)); 1009+ // BEGIN android-removed 1010+ // blockLengths.put("RIPEMD128", Integers.valueOf(64)); 1011+ // blockLengths.put("RIPEMD160", Integers.valueOf(64)); 1012+ // END android-removed 1013 1014 blockLengths.put("SHA-1", Integers.valueOf(64)); 1015 blockLengths.put("SHA-224", Integers.valueOf(64)); 1016@@ -51,8 +55,10 @@ 1017 blockLengths.put("SHA-384", Integers.valueOf(128)); 1018 blockLengths.put("SHA-512", Integers.valueOf(128)); 1019 1020- blockLengths.put("Tiger", Integers.valueOf(64)); 1021- blockLengths.put("Whirlpool", Integers.valueOf(64)); 1022+ // BEGIN android-removed 1023+ // blockLengths.put("Tiger", Integers.valueOf(64)); 1024+ // blockLengths.put("Whirlpool", Integers.valueOf(64)); 1025+ // END android-removed 1026 } 1027 1028 private static int getByteLength( 1029diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 1030--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-03-01 12:03:02.000000000 +0000 1031+++ bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-04-09 13:10:16.000000000 +0000 1032@@ -39,9 +39,11 @@ 1033 */ 1034 static 1035 { 1036- oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1037- oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1038- oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1039+ // BEGIN android-removed 1040+ // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); 1041+ // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); 1042+ // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); 1043+ // END android-removed 1044 1045 oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); 1046 oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); 1047@@ -51,8 +53,10 @@ 1048 oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224); 1049 oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256); 1050 1051- oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1052- oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1053+ // BEGIN android-removed 1054+ // oidMap.put("MD2", PKCSObjectIdentifiers.md2); 1055+ // oidMap.put("MD4", PKCSObjectIdentifiers.md4); 1056+ // END android-removed 1057 oidMap.put("MD5", PKCSObjectIdentifiers.md5); 1058 } 1059 1060diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 1061--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2015-03-01 12:03:02.000000000 +0000 1062+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2014-07-28 19:51:54.000000000 +0000 1063@@ -9,7 +9,9 @@ 1064 import org.bouncycastle.asn1.ASN1Integer; 1065 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1066 import org.bouncycastle.asn1.ASN1Primitive; 1067-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1068+// BEGIN android-removed 1069+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1070+// END android-removed 1071 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1072 import org.bouncycastle.asn1.pkcs.DHParameter; 1073 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1074@@ -31,8 +33,10 @@ 1075 import org.bouncycastle.crypto.params.ECDomainParameters; 1076 import org.bouncycastle.crypto.params.ECNamedDomainParameters; 1077 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 1078-import org.bouncycastle.crypto.params.ElGamalParameters; 1079-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1080+// BEGIN android-removed 1081+// import org.bouncycastle.crypto.params.ElGamalParameters; 1082+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; 1083+// END android-removed 1084 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; 1085 1086 /** 1087@@ -98,14 +102,16 @@ 1088 1089 return new DHPrivateKeyParameters(derX.getValue(), dhParams); 1090 } 1091- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1092- { 1093- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1094- ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1095- 1096- return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1097- params.getP(), params.getG())); 1098- } 1099+ // BEGIN android-removed 1100+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1101+ // { 1102+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1103+ // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1104+ // 1105+ // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( 1106+ // params.getP(), params.getG())); 1107+ // } 1108+ // END android-removed 1109 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) 1110 { 1111 ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); 1112diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 1113--- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2015-03-01 12:03:02.000000000 +0000 1114+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 2014-07-28 19:51:54.000000000 +0000 1115@@ -11,7 +11,9 @@ 1116 import org.bouncycastle.asn1.ASN1OctetString; 1117 import org.bouncycastle.asn1.ASN1Primitive; 1118 import org.bouncycastle.asn1.DEROctetString; 1119-import org.bouncycastle.asn1.oiw.ElGamalParameter; 1120+// BEGIN android-removed 1121+// import org.bouncycastle.asn1.oiw.ElGamalParameter; 1122+// END android-removed 1123 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1124 import org.bouncycastle.asn1.pkcs.DHParameter; 1125 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1126@@ -38,8 +40,10 @@ 1127 import org.bouncycastle.crypto.params.ECDomainParameters; 1128 import org.bouncycastle.crypto.params.ECNamedDomainParameters; 1129 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 1130-import org.bouncycastle.crypto.params.ElGamalParameters; 1131-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1132+// BEGIN android-removed 1133+// import org.bouncycastle.crypto.params.ElGamalParameters; 1134+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; 1135+// END android-removed 1136 import org.bouncycastle.crypto.params.RSAKeyParameters; 1137 1138 /** 1139@@ -133,14 +137,16 @@ 1140 1141 return new DHPublicKeyParameters(derY.getValue(), dhParams); 1142 } 1143- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1144- { 1145- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1146- ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1147- 1148- return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1149- params.getP(), params.getG())); 1150- } 1151+ // BEGIN android-removed 1152+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) 1153+ // { 1154+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); 1155+ // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); 1156+ // 1157+ // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( 1158+ // params.getP(), params.getG())); 1159+ // } 1160+ // END android-removed 1161 else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) 1162 || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) 1163 { 1164diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 1165--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2015-03-01 12:03:02.000000000 +0000 1166+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2014-07-28 19:51:54.000000000 +0000 1167@@ -35,10 +35,12 @@ 1168 1169 provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); 1170 1171- provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1172- provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1173- provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1174- provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1175+ // BEGIN android-removed 1176+ // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); 1177+ // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); 1178+ // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); 1179+ // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); 1180+ // END android-removed 1181 1182 registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi()); 1183 registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi()); 1184diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 1185--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-03-01 20:03:02.000000000 +0000 1186+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-06-01 19:10:55.000000000 +0000 1187@@ -27,40 +27,55 @@ 1188 provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); 1189 provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); 1190 1191- provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); 1192+ // BEGIN android-changed 1193+ provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); 1194+ // END android-changed 1195 provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); 1196 1197 provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); 1198 1199- provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1200- provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1201- provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1202- provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1203- provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1204- provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1205+ // BEGIN android-removed 1206+ // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); 1207+ // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); 1208+ // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); 1209+ // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); 1210+ // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); 1211+ // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); 1212+ // END android-removed 1213 1214 addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); 1215 addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); 1216- addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1217- addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1218- 1219- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); 1220- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); 1221- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); 1222- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); 1223- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); 1224- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); 1225- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); 1226- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); 1227- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); 1228- 1229- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1230+ // BEGIN android-removed 1231+ // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); 1232+ // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); 1233+ // END android-removed 1234+ 1235+ // BEGIN android-added 1236+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); 1237+ // END android-added 1238+ // BEGIN android-changed 1239+ provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); 1240+ provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA"); 1241+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); 1242+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); 1243+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); 1244+ provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); 1245+ provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); 1246+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); 1247+ provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); 1248+ // END android-changed 1249+ 1250+ // BEGIN android-removed 1251+ // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); 1252+ // END android-removed 1253 1254 AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); 1255 1256 for (int i = 0; i != DSAUtil.dsaOids.length; i++) 1257 { 1258- provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA"); 1259+ // BEGIN android-changed 1260+ provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); 1261+ // END android-changed 1262 1263 registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); 1264 registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); 1265diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 1266--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-03-01 12:03:02.000000000 +0000 1267+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-04-09 13:10:16.000000000 +0000 1268@@ -1,8 +1,10 @@ 1269 package org.bouncycastle.jcajce.provider.asymmetric; 1270 1271-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; 1272-import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1273-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1274+// BEGIN android-removed 1275+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; 1276+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 1277+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1278+// END android-removed 1279 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 1280 import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; 1281 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1282@@ -22,45 +24,59 @@ 1283 public void configure(ConfigurableProvider provider) 1284 { 1285 provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); 1286- provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1287- provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1288- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1289- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1290- provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1291+ // BEGIN android-removed 1292+ // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); 1293+ // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); 1294+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1295+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); 1296+ // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); 1297+ // END android-removed 1298 1299 registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); 1300 // TODO Should this be an alias for ECDH? 1301 registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); 1302- registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1303- 1304- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1305+ // BEGIN android-removed 1306+ // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); 1307+ // 1308+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem 1309+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). 1310+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); 1311+ // END android-removed 1312 // TODO Should this be an alias for ECDH? 1313- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1314- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1315+ // BEGIN android-removed 1316+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem 1317+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). 1318+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); 1319+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); 1320+ // END android-removed 1321 1322 provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); 1323- provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1324- provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1325- provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1326- provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1327+ // BEGIN android-removed 1328+ // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); 1329+ // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); 1330+ // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); 1331+ // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); 1332+ // END android-removed 1333 1334 provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); 1335- provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1336- provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1337- provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1338- provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1339- provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1340- provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1341- 1342- provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1343- provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1344- provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1345- provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1346- provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1347- provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1348- provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1349- provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1350- provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1351+ // BEGIN android-removed 1352+ // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); 1353+ // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1354+ // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1355+ // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); 1356+ // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); 1357+ // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); 1358+ // 1359+ // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); 1360+ // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); 1361+ // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); 1362+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1363+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); 1364+ // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1365+ // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); 1366+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1367+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); 1368+ // END android-removed 1369 1370 provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); 1371 provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); 1372@@ -72,39 +88,43 @@ 1373 provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); 1374 provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); 1375 provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); 1376- provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1377- 1378- provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1379- provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1380- provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1381- provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1382- provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1383- provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1384+ // BEGIN android-removed 1385+ // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); 1386+ // 1387+ // provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1388+ // provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); 1389+ // provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); 1390+ // provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); 1391+ // provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); 1392+ // provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); 1393+ // END android-removed 1394 1395 addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); 1396 addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); 1397 addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); 1398 addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); 1399- addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1400- 1401- provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1402- provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1403- provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1404- provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1405- provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1406- 1407- addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1408- addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1409- addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1410- addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1411- addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1412- 1413- addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); 1414- addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); 1415- addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); 1416- addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); 1417- addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); 1418- addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); 1419+ // BEGIN android-removed 1420+ // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); 1421+ // 1422+ // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); 1423+ // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); 1424+ // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); 1425+ // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); 1426+ // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); 1427+ // 1428+ // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); 1429+ // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); 1430+ // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); 1431+ // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); 1432+ // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); 1433+ // 1434+ // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); 1435+ // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); 1436+ // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); 1437+ // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); 1438+ // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); 1439+ // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); 1440+ // END android-removed 1441 } 1442 } 1443 } 1444diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 1445--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-03-01 12:03:02.000000000 +0000 1446+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-04-09 13:10:16.000000000 +0000 1447@@ -3,7 +3,9 @@ 1448 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 1449 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 1450 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 1451-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1452+// BEGIN android-removed 1453+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 1454+// END android-removed 1455 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 1456 import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; 1457 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 1458@@ -24,41 +26,49 @@ 1459 public void configure(ConfigurableProvider provider) 1460 { 1461 provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); 1462- provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1463- 1464- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1465- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1466- 1467- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1468- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1469- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1470- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1471- 1472- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1473- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1474- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1475- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1476- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1477- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1478- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1479- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1480+ // BEGIN android-removed 1481+ // provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); 1482+ // 1483+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); 1484+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); 1485+ // 1486+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); 1487+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); 1488+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); 1489+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); 1490+ // 1491+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); 1492+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); 1493+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); 1494+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); 1495+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); 1496+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); 1497+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); 1498+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); 1499+ // END android-removed 1500 1501 provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); 1502- provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding"); 1503- provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1504- provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1505- provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1506- provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1507- provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1508- provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1509- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1510- provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1511+ // BEGIN android-changed 1512+ provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); 1513+ // END android-changed 1514+ // BEGIN android-removed 1515+ // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1516+ // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1517+ // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); 1518+ // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); 1519+ // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); 1520+ // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); 1521+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); 1522+ // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); 1523+ // END android-removed 1524 1525 provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); 1526 provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); 1527- provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1528- provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1529- provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1530+ // BEGIN android-removed 1531+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); 1532+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); 1533+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); 1534+ // END android-removed 1535 1536 provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); 1537 provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); 1538@@ -68,79 +78,89 @@ 1539 registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); 1540 registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); 1541 registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); 1542- registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1543- 1544- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1545- registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1546- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1547- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1548- 1549- 1550- provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1551- provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1552- provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1553- 1554- provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1555- provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1556- provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1557- provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1558- provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1559- provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1560- provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1561- provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1562- 1563- provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1564- provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1565- 1566- provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1567- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1568- provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1569- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1570- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1571- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1572- provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1573- 1574- 1575- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1576- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1577- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1578- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1579- 1580- if (provider.hasAlgorithm("MessageDigest", "MD2")) 1581- { 1582- addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1583- } 1584- 1585- if (provider.hasAlgorithm("MessageDigest", "MD4")) 1586- { 1587- addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1588- } 1589+ // BEGIN android-removed 1590+ // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); 1591+ // 1592+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); 1593+ // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); 1594+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); 1595+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); 1596+ // 1597+ // 1598+ // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1599+ // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1600+ // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); 1601+ // 1602+ // provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1603+ // provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1604+ // provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1605+ // provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1606+ // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); 1607+ // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); 1608+ // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); 1609+ // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); 1610+ // 1611+ // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); 1612+ // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); 1613+ // 1614+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); 1615+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); 1616+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); 1617+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); 1618+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); 1619+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); 1620+ // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); 1621+ // 1622+ // 1623+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 1624+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 1625+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 1626+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 1627+ // 1628+ // if (provider.hasAlgorithm("MessageDigest", "MD2")) 1629+ // { 1630+ // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); 1631+ // } 1632+ // 1633+ // if (provider.hasAlgorithm("MessageDigest", "MD4")) 1634+ // { 1635+ // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); 1636+ // } 1637+ // END android-removed 1638 1639 if (provider.hasAlgorithm("MessageDigest", "MD5")) 1640 { 1641 addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); 1642- provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1643- provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1644+ // END android-removed 1645+ // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); 1646+ // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); 1647+ // END android-removed 1648 } 1649 1650 if (provider.hasAlgorithm("MessageDigest", "SHA1")) 1651 { 1652- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1653- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1654- provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1655- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1656- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1657+ // BEGIN android-removed 1658+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); 1659+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); 1660+ // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); 1661+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 1662+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); 1663+ // END android-removed 1664 1665 addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); 1666 1667- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1668- provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1669+ // BEGIN android-removed 1670+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); 1671+ // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); 1672+ // END android-removed 1673 provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1674 provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 1675 1676- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); 1677- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); 1678- provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); 1679+ // BEGIN android-removed 1680+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); 1681+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); 1682+ // provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); 1683+ // END android-removed 1684 } 1685 1686 addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); 1687@@ -148,52 +168,54 @@ 1688 addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); 1689 addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); 1690 1691- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); 1692- provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); 1693- provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); 1694- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); 1695- provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); 1696- provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); 1697- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); 1698- provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); 1699- provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); 1700- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); 1701- provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); 1702- provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); 1703- 1704- if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1705- { 1706- addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1707- addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1708- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1709- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1710- provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); 1711- } 1712- 1713- if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1714- { 1715- addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1716- addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1717- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1718- provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1719- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1720- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1721- provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); 1722- } 1723- 1724- if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1725- { 1726- addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1727- addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1728- } 1729- 1730- if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) 1731- { 1732- provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1733- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1734- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1735- provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); 1736- } 1737+ // BEGIN android-removed 1738+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); 1739+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); 1740+ // provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); 1741+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); 1742+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); 1743+ // provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); 1744+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); 1745+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); 1746+ // provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); 1747+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); 1748+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); 1749+ // provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); 1750+ // 1751+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) 1752+ // { 1753+ // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 1754+ // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); 1755+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1756+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); 1757+ // provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); 1758+ // } 1759+ // 1760+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) 1761+ // { 1762+ // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 1763+ // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); 1764+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); 1765+ // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); 1766+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1767+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); 1768+ // provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); 1769+ // } 1770+ // 1771+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) 1772+ // { 1773+ // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 1774+ // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); 1775+ // } 1776+ // 1777+ // if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) 1778+ // { 1779+ // provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1780+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1781+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); 1782+ // provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); 1783+ // } 1784+ // END android-removed 1785 } 1786 1787 private void addDigestSignature( 1788diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 1789--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2015-03-01 12:03:02.000000000 +0000 1790+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-09-17 23:04:47.000000000 +0000 1791@@ -18,8 +18,10 @@ 1792 1793 public void configure(ConfigurableProvider provider) 1794 { 1795- provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1796- provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1797+ // BEGIN android-removed 1798+ // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); 1799+ // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); 1800+ // END android-removed 1801 1802 // 1803 // certificate factories. 1804diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 1805--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2015-03-01 12:03:02.000000000 +0000 1806+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-12-12 00:35:05.000000000 +0000 1807@@ -23,13 +23,20 @@ 1808 import org.bouncycastle.crypto.DSA; 1809 import org.bouncycastle.crypto.Digest; 1810 import org.bouncycastle.crypto.digests.NullDigest; 1811-import org.bouncycastle.crypto.digests.SHA1Digest; 1812-import org.bouncycastle.crypto.digests.SHA224Digest; 1813-import org.bouncycastle.crypto.digests.SHA256Digest; 1814-import org.bouncycastle.crypto.digests.SHA384Digest; 1815-import org.bouncycastle.crypto.digests.SHA512Digest; 1816+// BEGIN android-added 1817+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 1818+// END android-added 1819+// BEGIN android-removed 1820+// import org.bouncycastle.crypto.digests.SHA1Digest; 1821+// import org.bouncycastle.crypto.digests.SHA224Digest; 1822+// import org.bouncycastle.crypto.digests.SHA256Digest; 1823+// import org.bouncycastle.crypto.digests.SHA384Digest; 1824+// import org.bouncycastle.crypto.digests.SHA512Digest; 1825+// END android-removed 1826 import org.bouncycastle.crypto.params.ParametersWithRandom; 1827-import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1828+// BEGIN android-removed 1829+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 1830+// END android-removed 1831 1832 public class DSASigner 1833 extends SignatureSpi 1834@@ -217,90 +224,102 @@ 1835 { 1836 public stdDSA() 1837 { 1838- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1839+ // BEGIN android-changed 1840+ super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); 1841+ // END android-changed 1842 } 1843 } 1844 1845- static public class detDSA 1846- extends DSASigner 1847- { 1848- public detDSA() 1849- { 1850- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 1851- } 1852- } 1853+ // BEGIN android-removed 1854+ // static public class detDSA 1855+ // extends DSASigner 1856+ // { 1857+ // public detDSA() 1858+ // { 1859+ // super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); 1860+ // } 1861+ // } 1862+ // END android-removed 1863 1864 static public class dsa224 1865 extends DSASigner 1866 { 1867 public dsa224() 1868 { 1869- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1870+ // BEGIN android-changed 1871+ super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); 1872+ // END android-changed 1873 } 1874 } 1875 1876- static public class detDSA224 1877- extends DSASigner 1878- { 1879- public detDSA224() 1880- { 1881- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 1882- } 1883- } 1884+ // BEGIN android-removed 1885+ // static public class detDSA224 1886+ // extends DSASigner 1887+ // { 1888+ // public detDSA224() 1889+ // { 1890+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); 1891+ // } 1892+ // } 1893+ // END android-removed 1894 1895 static public class dsa256 1896 extends DSASigner 1897 { 1898 public dsa256() 1899 { 1900- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1901+ // BEGIN android-changed 1902+ super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); 1903+ // END android-changed 1904 } 1905 } 1906 1907- static public class detDSA256 1908- extends DSASigner 1909- { 1910- public detDSA256() 1911- { 1912- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 1913- } 1914- } 1915- 1916- static public class dsa384 1917- extends DSASigner 1918- { 1919- public dsa384() 1920- { 1921- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1922- } 1923- } 1924- 1925- static public class detDSA384 1926- extends DSASigner 1927- { 1928- public detDSA384() 1929- { 1930- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 1931- } 1932- } 1933- 1934- static public class dsa512 1935- extends DSASigner 1936- { 1937- public dsa512() 1938- { 1939- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1940- } 1941- } 1942- 1943- static public class detDSA512 1944- extends DSASigner 1945- { 1946- public detDSA512() 1947- { 1948- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 1949- } 1950- } 1951+ // BEGIN android-removed 1952+ // static public class detDSA256 1953+ // extends DSASigner 1954+ // { 1955+ // public detDSA256() 1956+ // { 1957+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); 1958+ // } 1959+ // } 1960+ // 1961+ // static public class dsa384 1962+ // extends DSASigner 1963+ // { 1964+ // public dsa384() 1965+ // { 1966+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1967+ // } 1968+ // } 1969+ // 1970+ // static public class detDSA384 1971+ // extends DSASigner 1972+ // { 1973+ // public detDSA384() 1974+ // { 1975+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); 1976+ // } 1977+ // } 1978+ // 1979+ // static public class dsa512 1980+ // extends DSASigner 1981+ // { 1982+ // public dsa512() 1983+ // { 1984+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); 1985+ // } 1986+ // } 1987+ // 1988+ // static public class detDSA512 1989+ // extends DSASigner 1990+ // { 1991+ // public detDSA512() 1992+ // { 1993+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); 1994+ // } 1995+ // } 1996+ // END android-removed 1997 1998 static public class noneDSA 1999 extends DSASigner 2000diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2001--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-03-01 20:03:02.000000000 +0000 2002+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-06-01 19:10:55.000000000 +0000 2003@@ -23,6 +23,9 @@ 2004 public static final ASN1ObjectIdentifier[] dsaOids = 2005 { 2006 X9ObjectIdentifiers.id_dsa, 2007+ // BEGIN android-added 2008+ X9ObjectIdentifiers.id_dsa_with_sha1, 2009+ // END android-added 2010 OIWObjectIdentifiers.dsaWithSHA1 2011 }; 2012 2013diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2014--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2015-03-01 12:03:02.000000000 +0000 2015+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2014-07-28 19:51:54.000000000 +0000 2016@@ -24,22 +24,28 @@ 2017 import org.bouncycastle.crypto.CipherParameters; 2018 import org.bouncycastle.crypto.DerivationFunction; 2019 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; 2020-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2021-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2022-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2023-import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2024+// BEGIN android-removed 2025+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; 2026+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; 2027+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; 2028+// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; 2029+// END android-removed 2030 import org.bouncycastle.crypto.digests.SHA1Digest; 2031 import org.bouncycastle.crypto.params.DESParameters; 2032 import org.bouncycastle.crypto.params.ECDomainParameters; 2033 import org.bouncycastle.crypto.params.ECPrivateKeyParameters; 2034 import org.bouncycastle.crypto.params.ECPublicKeyParameters; 2035-import org.bouncycastle.crypto.params.MQVPrivateParameters; 2036-import org.bouncycastle.crypto.params.MQVPublicParameters; 2037+// BEGIN android-removed 2038+// import org.bouncycastle.crypto.params.MQVPrivateParameters; 2039+// import org.bouncycastle.crypto.params.MQVPublicParameters; 2040+// END android-removed 2041 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 2042 import org.bouncycastle.jce.interfaces.ECPrivateKey; 2043 import org.bouncycastle.jce.interfaces.ECPublicKey; 2044-import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2045-import org.bouncycastle.jce.interfaces.MQVPublicKey; 2046+// BEGIN android-removed 2047+// import org.bouncycastle.jce.interfaces.MQVPrivateKey; 2048+// import org.bouncycastle.jce.interfaces.MQVPublicKey; 2049+// END android-removed 2050 import org.bouncycastle.util.Integers; 2051 import org.bouncycastle.util.Strings; 2052 2053@@ -89,7 +95,9 @@ 2054 private BigInteger result; 2055 private ECDomainParameters parameters; 2056 private BasicAgreement agreement; 2057- private DerivationFunction kdf; 2058+ // BEGIN android-removed 2059+ // private DerivationFunction kdf; 2060+ // END android-removed 2061 2062 private byte[] bigIntToBytes( 2063 BigInteger r) 2064@@ -104,7 +112,9 @@ 2065 { 2066 this.kaAlgorithm = kaAlgorithm; 2067 this.agreement = agreement; 2068- this.kdf = kdf; 2069+ // BEGIN android-removed 2070+ // this.kdf = kdf; 2071+ // END android-removed 2072 } 2073 2074 protected Key engineDoPhase( 2075@@ -123,25 +133,27 @@ 2076 } 2077 2078 CipherParameters pubKey; 2079- if (agreement instanceof ECMQVBasicAgreement) 2080- { 2081- if (!(key instanceof MQVPublicKey)) 2082- { 2083- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2084- + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2085- } 2086- 2087- MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2088- ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2089- ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2090- ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2091- ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2092- 2093- pubKey = new MQVPublicParameters(staticKey, ephemKey); 2094- 2095- // TODO Validate that all the keys are using the same parameters? 2096- } 2097- else 2098+ // BEGIN android-removed 2099+ // if (agreement instanceof ECMQVBasicAgreement) 2100+ // { 2101+ // if (!(key instanceof MQVPublicKey)) 2102+ // { 2103+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2104+ // + getSimpleName(MQVPublicKey.class) + " for doPhase"); 2105+ // } 2106+ // 2107+ // MQVPublicKey mqvPubKey = (MQVPublicKey)key; 2108+ // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) 2109+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); 2110+ // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) 2111+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); 2112+ // 2113+ // pubKey = new MQVPublicParameters(staticKey, ephemKey); 2114+ // 2115+ // // TODO Validate that all the keys are using the same parameters? 2116+ // } 2117+ // else 2118+ // END android-removed 2119 { 2120 if (!(key instanceof PublicKey)) 2121 { 2122@@ -162,11 +174,13 @@ 2123 protected byte[] engineGenerateSecret() 2124 throws IllegalStateException 2125 { 2126- if (kdf != null) 2127- { 2128- throw new UnsupportedOperationException( 2129- "KDF can only be used when algorithm is known"); 2130- } 2131+ // BEGIN android-removed 2132+ // if (kdf != null) 2133+ // { 2134+ // throw new UnsupportedOperationException( 2135+ // "KDF can only be used when algorithm is known"); 2136+ // } 2137+ // END android-removed 2138 2139 return bigIntToBytes(result); 2140 } 2141@@ -201,23 +215,25 @@ 2142 oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId(); 2143 } 2144 2145- if (kdf != null) 2146- { 2147- if (!algorithms.containsKey(oidAlgorithm)) 2148- { 2149- throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2150- } 2151- 2152- int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); 2153- 2154- DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); 2155- 2156- byte[] keyBytes = new byte[keySize / 8]; 2157- kdf.init(params); 2158- kdf.generateBytes(keyBytes, 0, keyBytes.length); 2159- secret = keyBytes; 2160- } 2161- else 2162+ // BEGIN android-removed 2163+ // if (kdf != null) 2164+ // { 2165+ // if (!algorithms.containsKey(oidAlgorithm)) 2166+ // { 2167+ // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); 2168+ // } 2169+ // 2170+ // int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); 2171+ // 2172+ // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); 2173+ // 2174+ // byte[] keyBytes = new byte[keySize / 8]; 2175+ // kdf.init(params); 2176+ // kdf.generateBytes(keyBytes, 0, keyBytes.length); 2177+ // secret = keyBytes; 2178+ // } 2179+ // else 2180+ // END android-removed 2181 { 2182 if (algorithms.containsKey(oidAlgorithm)) 2183 { 2184@@ -264,35 +280,37 @@ 2185 private void initFromKey(Key key) 2186 throws InvalidKeyException 2187 { 2188- if (agreement instanceof ECMQVBasicAgreement) 2189- { 2190- if (!(key instanceof MQVPrivateKey)) 2191- { 2192- throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2193- + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2194- } 2195- 2196- MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2197- ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2198- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2199- ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2200- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2201- 2202- ECPublicKeyParameters ephemPubKey = null; 2203- if (mqvPrivKey.getEphemeralPublicKey() != null) 2204- { 2205- ephemPubKey = (ECPublicKeyParameters) 2206- ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2207- } 2208- 2209- MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2210- this.parameters = staticPrivKey.getParameters(); 2211- 2212- // TODO Validate that all the keys are using the same parameters? 2213- 2214- agreement.init(localParams); 2215- } 2216- else 2217+ // BEGIN android-removed 2218+ // if (agreement instanceof ECMQVBasicAgreement) 2219+ // { 2220+ // if (!(key instanceof MQVPrivateKey)) 2221+ // { 2222+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " 2223+ // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); 2224+ // } 2225+ // 2226+ // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; 2227+ // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) 2228+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); 2229+ // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) 2230+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); 2231+ // 2232+ // ECPublicKeyParameters ephemPubKey = null; 2233+ // if (mqvPrivKey.getEphemeralPublicKey() != null) 2234+ // { 2235+ // ephemPubKey = (ECPublicKeyParameters) 2236+ // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); 2237+ // } 2238+ // 2239+ // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); 2240+ // this.parameters = staticPrivKey.getParameters(); 2241+ // 2242+ // // TODO Validate that all the keys are using the same parameters? 2243+ // 2244+ // agreement.init(localParams); 2245+ // } 2246+ // else 2247+ // END android-removed 2248 { 2249 if (!(key instanceof PrivateKey)) 2250 { 2251@@ -323,39 +341,41 @@ 2252 } 2253 } 2254 2255- public static class DHC 2256- extends KeyAgreementSpi 2257- { 2258- public DHC() 2259- { 2260- super("ECDHC", new ECDHCBasicAgreement(), null); 2261- } 2262- } 2263- 2264- public static class MQV 2265- extends KeyAgreementSpi 2266- { 2267- public MQV() 2268- { 2269- super("ECMQV", new ECMQVBasicAgreement(), null); 2270- } 2271- } 2272- 2273- public static class DHwithSHA1KDF 2274- extends KeyAgreementSpi 2275- { 2276- public DHwithSHA1KDF() 2277- { 2278- super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2279- } 2280- } 2281- 2282- public static class MQVwithSHA1KDF 2283- extends KeyAgreementSpi 2284- { 2285- public MQVwithSHA1KDF() 2286- { 2287- super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2288- } 2289- } 2290+ // BEGIN android-removed 2291+ // public static class DHC 2292+ // extends KeyAgreementSpi 2293+ // { 2294+ // public DHC() 2295+ // { 2296+ // super("ECDHC", new ECDHCBasicAgreement(), null); 2297+ // } 2298+ // } 2299+ // 2300+ // public static class MQV 2301+ // extends KeyAgreementSpi 2302+ // { 2303+ // public MQV() 2304+ // { 2305+ // super("ECMQV", new ECMQVBasicAgreement(), null); 2306+ // } 2307+ // } 2308+ // 2309+ // public static class DHwithSHA1KDF 2310+ // extends KeyAgreementSpi 2311+ // { 2312+ // public DHwithSHA1KDF() 2313+ // { 2314+ // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2315+ // } 2316+ // } 2317+ // 2318+ // public static class MQVwithSHA1KDF 2319+ // extends KeyAgreementSpi 2320+ // { 2321+ // public MQVwithSHA1KDF() 2322+ // { 2323+ // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); 2324+ // } 2325+ // } 2326+ // END android-removed 2327 } 2328diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2329--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2015-03-01 12:03:02.000000000 +0000 2330+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-05-25 02:14:15.000000000 +0000 2331@@ -201,14 +201,16 @@ 2332 } 2333 } 2334 2335- public static class ECGOST3410 2336- extends KeyFactorySpi 2337- { 2338- public ECGOST3410() 2339- { 2340- super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2341- } 2342- } 2343+ // BEGIN android-removed 2344+ // public static class ECGOST3410 2345+ // extends KeyFactorySpi 2346+ // { 2347+ // public ECGOST3410() 2348+ // { 2349+ // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); 2350+ // } 2351+ // } 2352+ // END android-removed 2353 2354 public static class ECDH 2355 extends KeyFactorySpi 2356diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2357--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-03-01 20:03:02.000000000 +0000 2358+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2014-07-28 19:51:54.000000000 +0000 2359@@ -42,7 +42,9 @@ 2360 ECKeyGenerationParameters param; 2361 ECKeyPairGenerator engine = new ECKeyPairGenerator(); 2362 Object ecParams = null; 2363- int strength = 239; 2364+ // BEGIN android-changed 2365+ int strength = 256; 2366+ // BEGIN android-changed 2367 int certainty = 50; 2368 SecureRandom random = new SecureRandom(); 2369 boolean initialised = false; 2370@@ -84,7 +86,13 @@ 2371 SecureRandom random) 2372 { 2373 this.strength = strength; 2374+ // BEGIN android-added 2375+ if (random != null) { 2376+ // END android-added 2377 this.random = random; 2378+ // BEGIN android-added 2379+ } 2380+ // END android-added 2381 2382 ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); 2383 if (ecParams == null) 2384@@ -107,6 +115,11 @@ 2385 SecureRandom random) 2386 throws InvalidAlgorithmParameterException 2387 { 2388+ // BEGIN android-added 2389+ if (random == null) { 2390+ random = this.random; 2391+ } 2392+ // END android-added 2393 if (params == null) 2394 { 2395 ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); 2396@@ -267,4 +280,4 @@ 2397 super("ECMQV", BouncyCastleProvider.CONFIGURATION); 2398 } 2399 } 2400-} 2401\ No newline at end of file 2402+} 2403diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2404--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2015-03-01 12:03:02.000000000 +0000 2405+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2014-07-28 19:51:54.000000000 +0000 2406@@ -16,16 +16,23 @@ 2407 import org.bouncycastle.crypto.DSA; 2408 import org.bouncycastle.crypto.Digest; 2409 import org.bouncycastle.crypto.digests.NullDigest; 2410-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2411-import org.bouncycastle.crypto.digests.SHA1Digest; 2412-import org.bouncycastle.crypto.digests.SHA224Digest; 2413-import org.bouncycastle.crypto.digests.SHA256Digest; 2414-import org.bouncycastle.crypto.digests.SHA384Digest; 2415-import org.bouncycastle.crypto.digests.SHA512Digest; 2416+// BEGIN android-added 2417+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 2418+// END android-added 2419+// BEGIN android-removed 2420+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 2421+// import org.bouncycastle.crypto.digests.SHA1Digest; 2422+// import org.bouncycastle.crypto.digests.SHA224Digest; 2423+// import org.bouncycastle.crypto.digests.SHA256Digest; 2424+// import org.bouncycastle.crypto.digests.SHA384Digest; 2425+// import org.bouncycastle.crypto.digests.SHA512Digest; 2426+// END android-removed 2427 import org.bouncycastle.crypto.params.ParametersWithRandom; 2428 import org.bouncycastle.crypto.signers.ECDSASigner; 2429-import org.bouncycastle.crypto.signers.ECNRSigner; 2430-import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2431+// BEGIN android-removed 2432+// import org.bouncycastle.crypto.signers.ECNRSigner; 2433+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; 2434+// END android-removed 2435 import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; 2436 import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; 2437 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 2438@@ -70,18 +77,22 @@ 2439 { 2440 public ecDSA() 2441 { 2442- super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); 2443+ // BEGIN android-changed 2444+ super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); 2445+ // END android-changed 2446 } 2447 } 2448 2449- static public class ecDetDSA 2450- extends SignatureSpi 2451- { 2452- public ecDetDSA() 2453- { 2454- super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2455- } 2456- } 2457+ // BEGIN android-removed 2458+ // static public class ecDetDSA 2459+ // extends SignatureSpi 2460+ // { 2461+ // public ecDetDSA() 2462+ // { 2463+ // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); 2464+ // } 2465+ // } 2466+ // END android-removed 2467 2468 static public class ecDSAnone 2469 extends SignatureSpi 2470@@ -97,180 +108,196 @@ 2471 { 2472 public ecDSA224() 2473 { 2474- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); 2475+ // BEGIN android-changed 2476+ super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); 2477+ // END android-changed 2478 } 2479 } 2480 2481- static public class ecDetDSA224 2482- extends SignatureSpi 2483- { 2484- public ecDetDSA224() 2485- { 2486- super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2487- } 2488- } 2489+ // BEGIN android-removed 2490+ // static public class ecDetDSA224 2491+ // extends SignatureSpi 2492+ // { 2493+ // public ecDetDSA224() 2494+ // { 2495+ // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); 2496+ // } 2497+ // } 2498+ // END android-removed 2499 2500 static public class ecDSA256 2501 extends SignatureSpi 2502 { 2503 public ecDSA256() 2504 { 2505- super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); 2506+ // BEGIN android-changed 2507+ super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); 2508+ // END android-changed 2509 } 2510 } 2511 2512- static public class ecDetDSA256 2513- extends SignatureSpi 2514- { 2515- public ecDetDSA256() 2516- { 2517- super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2518- } 2519- } 2520+ // BEGIN android-removed 2521+ // static public class ecDetDSA256 2522+ // extends SignatureSpi 2523+ // { 2524+ // public ecDetDSA256() 2525+ // { 2526+ // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); 2527+ // } 2528+ // } 2529+ // END android-removed 2530 2531 static public class ecDSA384 2532 extends SignatureSpi 2533 { 2534 public ecDSA384() 2535 { 2536- super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); 2537+ // BEGIN android-changed 2538+ super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); 2539+ // END android-changed 2540 } 2541 } 2542 2543- static public class ecDetDSA384 2544- extends SignatureSpi 2545- { 2546- public ecDetDSA384() 2547- { 2548- super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2549- } 2550- } 2551+ // BEGIN android-removed 2552+ // static public class ecDetDSA384 2553+ // extends SignatureSpi 2554+ // { 2555+ // public ecDetDSA384() 2556+ // { 2557+ // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); 2558+ // } 2559+ // } 2560+ // END android-removed 2561 2562 static public class ecDSA512 2563 extends SignatureSpi 2564 { 2565 public ecDSA512() 2566 { 2567- super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); 2568- } 2569- } 2570- 2571- static public class ecDetDSA512 2572- extends SignatureSpi 2573- { 2574- public ecDetDSA512() 2575- { 2576- super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2577- } 2578- } 2579- 2580- static public class ecDSARipeMD160 2581- extends SignatureSpi 2582- { 2583- public ecDSARipeMD160() 2584- { 2585- super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2586- } 2587- } 2588- 2589- static public class ecNR 2590- extends SignatureSpi 2591- { 2592- public ecNR() 2593- { 2594- super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2595- } 2596- } 2597- 2598- static public class ecNR224 2599- extends SignatureSpi 2600- { 2601- public ecNR224() 2602- { 2603- super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2604- } 2605- } 2606- 2607- static public class ecNR256 2608- extends SignatureSpi 2609- { 2610- public ecNR256() 2611- { 2612- super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2613- } 2614- } 2615- 2616- static public class ecNR384 2617- extends SignatureSpi 2618- { 2619- public ecNR384() 2620- { 2621- super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2622- } 2623- } 2624- 2625- static public class ecNR512 2626- extends SignatureSpi 2627- { 2628- public ecNR512() 2629- { 2630- super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2631- } 2632- } 2633- 2634- static public class ecCVCDSA 2635- extends SignatureSpi 2636- { 2637- public ecCVCDSA() 2638- { 2639- super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2640- } 2641- } 2642- 2643- static public class ecCVCDSA224 2644- extends SignatureSpi 2645- { 2646- public ecCVCDSA224() 2647- { 2648- super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2649- } 2650- } 2651- 2652- static public class ecCVCDSA256 2653- extends SignatureSpi 2654- { 2655- public ecCVCDSA256() 2656- { 2657- super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2658- } 2659- } 2660- 2661- static public class ecCVCDSA384 2662- extends SignatureSpi 2663- { 2664- public ecCVCDSA384() 2665- { 2666- super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2667- } 2668- } 2669- 2670- static public class ecCVCDSA512 2671- extends SignatureSpi 2672- { 2673- public ecCVCDSA512() 2674- { 2675- super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2676- } 2677- } 2678- 2679- static public class ecPlainDSARP160 2680- extends SignatureSpi 2681- { 2682- public ecPlainDSARP160() 2683- { 2684- super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2685- } 2686- } 2687+ // BEGIN android-changed 2688+ super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); 2689+ // END android-changed 2690+ } 2691+ } 2692+ 2693+ // BEGIN android-removed 2694+ // static public class ecDetDSA512 2695+ // extends SignatureSpi 2696+ // { 2697+ // public ecDetDSA512() 2698+ // { 2699+ // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); 2700+ // } 2701+ // } 2702+ // 2703+ // static public class ecDSARipeMD160 2704+ // extends SignatureSpi 2705+ // { 2706+ // public ecDSARipeMD160() 2707+ // { 2708+ // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); 2709+ // } 2710+ // } 2711+ // 2712+ // static public class ecNR 2713+ // extends SignatureSpi 2714+ // { 2715+ // public ecNR() 2716+ // { 2717+ // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); 2718+ // } 2719+ // } 2720+ // 2721+ // static public class ecNR224 2722+ // extends SignatureSpi 2723+ // { 2724+ // public ecNR224() 2725+ // { 2726+ // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); 2727+ // } 2728+ // } 2729+ // 2730+ // static public class ecNR256 2731+ // extends SignatureSpi 2732+ // { 2733+ // public ecNR256() 2734+ // { 2735+ // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); 2736+ // } 2737+ // } 2738+ // 2739+ // static public class ecNR384 2740+ // extends SignatureSpi 2741+ // { 2742+ // public ecNR384() 2743+ // { 2744+ // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); 2745+ // } 2746+ // } 2747+ // 2748+ // static public class ecNR512 2749+ // extends SignatureSpi 2750+ // { 2751+ // public ecNR512() 2752+ // { 2753+ // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); 2754+ // } 2755+ // } 2756+ // 2757+ // static public class ecCVCDSA 2758+ // extends SignatureSpi 2759+ // { 2760+ // public ecCVCDSA() 2761+ // { 2762+ // super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2763+ // } 2764+ // } 2765+ // 2766+ // static public class ecCVCDSA224 2767+ // extends SignatureSpi 2768+ // { 2769+ // public ecCVCDSA224() 2770+ // { 2771+ // super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2772+ // } 2773+ // } 2774+ // 2775+ // static public class ecCVCDSA256 2776+ // extends SignatureSpi 2777+ // { 2778+ // public ecCVCDSA256() 2779+ // { 2780+ // super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2781+ // } 2782+ // } 2783+ // 2784+ // static public class ecCVCDSA384 2785+ // extends SignatureSpi 2786+ // { 2787+ // public ecCVCDSA384() 2788+ // { 2789+ // super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2790+ // } 2791+ // } 2792+ // 2793+ // static public class ecCVCDSA512 2794+ // extends SignatureSpi 2795+ // { 2796+ // public ecCVCDSA512() 2797+ // { 2798+ // super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2799+ // } 2800+ // } 2801+ // 2802+ // static public class ecPlainDSARP160 2803+ // extends SignatureSpi 2804+ // { 2805+ // public ecPlainDSARP160() 2806+ // { 2807+ // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); 2808+ // } 2809+ // } 2810+ // END android-removed 2811 2812 private static class StdDSAEncoder 2813 implements DSAEncoder 2814@@ -302,66 +329,68 @@ 2815 } 2816 } 2817 2818- private static class PlainDSAEncoder 2819- implements DSAEncoder 2820- { 2821- public byte[] encode( 2822- BigInteger r, 2823- BigInteger s) 2824- throws IOException 2825- { 2826- byte[] first = makeUnsigned(r); 2827- byte[] second = makeUnsigned(s); 2828- byte[] res; 2829- 2830- if (first.length > second.length) 2831- { 2832- res = new byte[first.length * 2]; 2833- } 2834- else 2835- { 2836- res = new byte[second.length * 2]; 2837- } 2838- 2839- System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); 2840- System.arraycopy(second, 0, res, res.length - second.length, second.length); 2841- 2842- return res; 2843- } 2844- 2845- 2846- private byte[] makeUnsigned(BigInteger val) 2847- { 2848- byte[] res = val.toByteArray(); 2849- 2850- if (res[0] == 0) 2851- { 2852- byte[] tmp = new byte[res.length - 1]; 2853- 2854- System.arraycopy(res, 1, tmp, 0, tmp.length); 2855- 2856- return tmp; 2857- } 2858- 2859- return res; 2860- } 2861- 2862- public BigInteger[] decode( 2863- byte[] encoding) 2864- throws IOException 2865- { 2866- BigInteger[] sig = new BigInteger[2]; 2867- 2868- byte[] first = new byte[encoding.length / 2]; 2869- byte[] second = new byte[encoding.length / 2]; 2870- 2871- System.arraycopy(encoding, 0, first, 0, first.length); 2872- System.arraycopy(encoding, first.length, second, 0, second.length); 2873- 2874- sig[0] = new BigInteger(1, first); 2875- sig[1] = new BigInteger(1, second); 2876- 2877- return sig; 2878- } 2879- } 2880-} 2881\ No newline at end of file 2882+ // BEGIN android-removed 2883+ // private static class PlainDSAEncoder 2884+ // implements DSAEncoder 2885+ // { 2886+ // public byte[] encode( 2887+ // BigInteger r, 2888+ // BigInteger s) 2889+ // throws IOException 2890+ // { 2891+ // byte[] first = makeUnsigned(r); 2892+ // byte[] second = makeUnsigned(s); 2893+ // byte[] res; 2894+ // 2895+ // if (first.length > second.length) 2896+ // { 2897+ // res = new byte[first.length * 2]; 2898+ // } 2899+ // else 2900+ // { 2901+ // res = new byte[second.length * 2]; 2902+ // } 2903+ // 2904+ // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); 2905+ // System.arraycopy(second, 0, res, res.length - second.length, second.length); 2906+ // 2907+ // return res; 2908+ // } 2909+ // 2910+ // 2911+ // private byte[] makeUnsigned(BigInteger val) 2912+ // { 2913+ // byte[] res = val.toByteArray(); 2914+ // 2915+ // if (res[0] == 0) 2916+ // { 2917+ // byte[] tmp = new byte[res.length - 1]; 2918+ // 2919+ // System.arraycopy(res, 1, tmp, 0, tmp.length); 2920+ // 2921+ // return tmp; 2922+ // } 2923+ // 2924+ // return res; 2925+ // } 2926+ // 2927+ // public BigInteger[] decode( 2928+ // byte[] encoding) 2929+ // throws IOException 2930+ // { 2931+ // BigInteger[] sig = new BigInteger[2]; 2932+ // 2933+ // byte[] first = new byte[encoding.length / 2]; 2934+ // byte[] second = new byte[encoding.length / 2]; 2935+ // 2936+ // System.arraycopy(encoding, 0, first, 0, first.length); 2937+ // System.arraycopy(encoding, first.length, second, 0, second.length); 2938+ // 2939+ // sig[0] = new BigInteger(1, first); 2940+ // sig[1] = new BigInteger(1, second); 2941+ // 2942+ // return sig; 2943+ // } 2944+ // } 2945+ // END android-removed 2946+} 2947diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2948--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-03-01 12:03:02.000000000 +0000 2949+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-04-09 13:10:16.000000000 +0000 2950@@ -26,7 +26,9 @@ 2951 import org.bouncycastle.crypto.CipherParameters; 2952 import org.bouncycastle.crypto.Digest; 2953 import org.bouncycastle.crypto.InvalidCipherTextException; 2954-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2955+// BEGIN android-removed 2956+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; 2957+// END android-removed 2958 import org.bouncycastle.crypto.encodings.OAEPEncoding; 2959 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 2960 import org.bouncycastle.crypto.engines.RSABlindedEngine; 2961@@ -201,10 +203,12 @@ 2962 { 2963 cipher = new PKCS1Encoding(new RSABlindedEngine()); 2964 } 2965- else if (pad.equals("ISO9796-1PADDING")) 2966- { 2967- cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2968- } 2969+ // BEGIN android-removed 2970+ // else if (pad.equals("ISO9796-1PADDING")) 2971+ // { 2972+ // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); 2973+ // } 2974+ // END android-removed 2975 else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) 2976 { 2977 initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); 2978@@ -543,48 +547,50 @@ 2979 } 2980 } 2981 2982- static public class PKCS1v1_5Padding 2983- extends CipherSpi 2984- { 2985- public PKCS1v1_5Padding() 2986- { 2987- super(new PKCS1Encoding(new RSABlindedEngine())); 2988- } 2989- } 2990- 2991- static public class PKCS1v1_5Padding_PrivateOnly 2992- extends CipherSpi 2993- { 2994- public PKCS1v1_5Padding_PrivateOnly() 2995- { 2996- super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 2997- } 2998- } 2999- 3000- static public class PKCS1v1_5Padding_PublicOnly 3001- extends CipherSpi 3002- { 3003- public PKCS1v1_5Padding_PublicOnly() 3004- { 3005- super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3006- } 3007- } 3008- 3009- static public class OAEPPadding 3010- extends CipherSpi 3011- { 3012- public OAEPPadding() 3013- { 3014- super(OAEPParameterSpec.DEFAULT); 3015- } 3016- } 3017- 3018- static public class ISO9796d1Padding 3019- extends CipherSpi 3020- { 3021- public ISO9796d1Padding() 3022- { 3023- super(new ISO9796d1Encoding(new RSABlindedEngine())); 3024- } 3025- } 3026+ // BEGIN android-removed 3027+ // static public class PKCS1v1_5Padding 3028+ // extends CipherSpi 3029+ // { 3030+ // public PKCS1v1_5Padding() 3031+ // { 3032+ // super(new PKCS1Encoding(new RSABlindedEngine())); 3033+ // } 3034+ // } 3035+ // 3036+ // static public class PKCS1v1_5Padding_PrivateOnly 3037+ // extends CipherSpi 3038+ // { 3039+ // public PKCS1v1_5Padding_PrivateOnly() 3040+ // { 3041+ // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); 3042+ // } 3043+ // } 3044+ // 3045+ // static public class PKCS1v1_5Padding_PublicOnly 3046+ // extends CipherSpi 3047+ // { 3048+ // public PKCS1v1_5Padding_PublicOnly() 3049+ // { 3050+ // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); 3051+ // } 3052+ // } 3053+ // 3054+ // static public class OAEPPadding 3055+ // extends CipherSpi 3056+ // { 3057+ // public OAEPPadding() 3058+ // { 3059+ // super(OAEPParameterSpec.DEFAULT); 3060+ // } 3061+ // } 3062+ // 3063+ // static public class ISO9796d1Padding 3064+ // extends CipherSpi 3065+ // { 3066+ // public ISO9796d1Padding() 3067+ // { 3068+ // super(new ISO9796d1Encoding(new RSABlindedEngine())); 3069+ // } 3070+ // } 3071+ // END android-removed 3072 } 3073diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 3074--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-03-01 12:03:02.000000000 +0000 3075+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-04-09 13:10:16.000000000 +0000 3076@@ -17,24 +17,31 @@ 3077 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3078 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3079 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3080-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3081+// BEGIN android-removed 3082+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3083+// END android-removed 3084 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3085 import org.bouncycastle.asn1.x509.DigestInfo; 3086 import org.bouncycastle.crypto.AsymmetricBlockCipher; 3087 import org.bouncycastle.crypto.CipherParameters; 3088 import org.bouncycastle.crypto.Digest; 3089-import org.bouncycastle.crypto.digests.MD2Digest; 3090-import org.bouncycastle.crypto.digests.MD4Digest; 3091-import org.bouncycastle.crypto.digests.MD5Digest; 3092-import org.bouncycastle.crypto.digests.NullDigest; 3093-import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3094-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3095-import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3096-import org.bouncycastle.crypto.digests.SHA1Digest; 3097-import org.bouncycastle.crypto.digests.SHA224Digest; 3098-import org.bouncycastle.crypto.digests.SHA256Digest; 3099-import org.bouncycastle.crypto.digests.SHA384Digest; 3100-import org.bouncycastle.crypto.digests.SHA512Digest; 3101+// BEGIN android-removed 3102+// import org.bouncycastle.crypto.digests.MD2Digest; 3103+// import org.bouncycastle.crypto.digests.MD4Digest; 3104+// import org.bouncycastle.crypto.digests.MD5Digest; 3105+// import org.bouncycastle.crypto.digests.NullDigest; 3106+// import org.bouncycastle.crypto.digests.RIPEMD128Digest; 3107+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 3108+// import org.bouncycastle.crypto.digests.RIPEMD256Digest; 3109+// import org.bouncycastle.crypto.digests.SHA1Digest; 3110+// import org.bouncycastle.crypto.digests.SHA224Digest; 3111+// import org.bouncycastle.crypto.digests.SHA256Digest; 3112+// import org.bouncycastle.crypto.digests.SHA384Digest; 3113+// import org.bouncycastle.crypto.digests.SHA512Digest; 3114+// END android-removed 3115+// BEGIN android-added 3116+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 3117+// END android-added 3118 import org.bouncycastle.crypto.encodings.PKCS1Encoding; 3119 import org.bouncycastle.crypto.engines.RSABlindedEngine; 3120 import org.bouncycastle.util.Arrays; 3121@@ -254,7 +261,9 @@ 3122 { 3123 public SHA1() 3124 { 3125- super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3126+ // BEGIN android-changed 3127+ super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); 3128+ // END android-changed 3129 } 3130 } 3131 3132@@ -263,7 +272,9 @@ 3133 { 3134 public SHA224() 3135 { 3136- super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3137+ // BEGIN android-changed 3138+ super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); 3139+ // END android-changed 3140 } 3141 } 3142 3143@@ -272,7 +283,9 @@ 3144 { 3145 public SHA256() 3146 { 3147- super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3148+ // BEGIN android-changed 3149+ super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); 3150+ // END android-changed 3151 } 3152 } 3153 3154@@ -281,7 +294,9 @@ 3155 { 3156 public SHA384() 3157 { 3158- super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3159+ // BEGIN android-changed 3160+ super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); 3161+ // END android-changed 3162 } 3163 } 3164 3165@@ -290,70 +305,78 @@ 3166 { 3167 public SHA512() 3168 { 3169- super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3170+ // BEGIN android-changed 3171+ super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); 3172+ // END android-changed 3173 } 3174 } 3175 3176- static public class MD2 3177- extends DigestSignatureSpi 3178- { 3179- public MD2() 3180- { 3181- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3182- } 3183- } 3184- 3185- static public class MD4 3186- extends DigestSignatureSpi 3187- { 3188- public MD4() 3189- { 3190- super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3191- } 3192- } 3193+ // BEGIN android-removed 3194+ // static public class MD2 3195+ // extends DigestSignatureSpi 3196+ // { 3197+ // public MD2() 3198+ // { 3199+ // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3200+ // } 3201+ // } 3202+ // 3203+ // static public class MD4 3204+ // extends DigestSignatureSpi 3205+ // { 3206+ // public MD4() 3207+ // { 3208+ // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3209+ // } 3210+ // } 3211+ // END android-removed 3212 3213 static public class MD5 3214 extends DigestSignatureSpi 3215 { 3216 public MD5() 3217 { 3218- super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3219- } 3220- } 3221- 3222- static public class RIPEMD160 3223- extends DigestSignatureSpi 3224- { 3225- public RIPEMD160() 3226- { 3227- super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3228+ // BEGIN android-changed 3229+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); 3230+ // END android-changed 3231 } 3232 } 3233 3234- static public class RIPEMD128 3235- extends DigestSignatureSpi 3236- { 3237- public RIPEMD128() 3238- { 3239- super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3240- } 3241- } 3242- 3243- static public class RIPEMD256 3244- extends DigestSignatureSpi 3245- { 3246- public RIPEMD256() 3247- { 3248- super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3249- } 3250- } 3251- 3252- static public class noneRSA 3253- extends DigestSignatureSpi 3254- { 3255- public noneRSA() 3256- { 3257- super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3258- } 3259- } 3260+ // BEGIN android-removed 3261+ // static public class RIPEMD160 3262+ // extends DigestSignatureSpi 3263+ // { 3264+ // public RIPEMD160() 3265+ // { 3266+ // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3267+ // } 3268+ // } 3269+ // 3270+ // static public class RIPEMD128 3271+ // extends DigestSignatureSpi 3272+ // { 3273+ // public RIPEMD128() 3274+ // { 3275+ // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3276+ // } 3277+ // } 3278+ // 3279+ // static public class RIPEMD256 3280+ // extends DigestSignatureSpi 3281+ // { 3282+ // public RIPEMD256() 3283+ // { 3284+ // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); 3285+ // } 3286+ // } 3287+ // 3288+ // static public class noneRSA 3289+ // extends DigestSignatureSpi 3290+ // { 3291+ // public noneRSA() 3292+ // { 3293+ // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); 3294+ // } 3295+ // } 3296+ // END android-removed 3297 } 3298diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 3299--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-03-01 12:03:02.000000000 +0000 3300+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-04-09 13:10:16.000000000 +0000 3301@@ -18,8 +18,10 @@ 3302 import javax.crypto.NoSuchPaddingException; 3303 import javax.crypto.spec.IvParameterSpec; 3304 import javax.crypto.spec.PBEParameterSpec; 3305-import javax.crypto.spec.RC2ParameterSpec; 3306-import javax.crypto.spec.RC5ParameterSpec; 3307+// BEGIN android-removed 3308+// import javax.crypto.spec.RC2ParameterSpec; 3309+// import javax.crypto.spec.RC5ParameterSpec; 3310+// END android-removed 3311 import javax.crypto.spec.SecretKeySpec; 3312 3313 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3314@@ -39,8 +41,10 @@ 3315 { 3316 IvParameterSpec.class, 3317 PBEParameterSpec.class, 3318- RC2ParameterSpec.class, 3319- RC5ParameterSpec.class 3320+ // BEGIN android-removed 3321+ // RC2ParameterSpec.class, 3322+ // RC5ParameterSpec.class 3323+ // END android-removed 3324 }; 3325 3326 private final JcaJceHelper helper = new BCJcaJceHelper(); 3327diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 3328--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-03-01 12:03:02.000000000 +0000 3329+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-04-09 13:10:16.000000000 +0000 3330@@ -6,11 +6,15 @@ 3331 import java.security.PublicKey; 3332 3333 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 3334-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3335+// BEGIN android-removed 3336+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 3337+// END android-removed 3338 import org.bouncycastle.asn1.nist.NISTNamedCurves; 3339 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 3340 import org.bouncycastle.asn1.sec.SECNamedCurves; 3341-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3342+// BEGIN android-removed 3343+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; 3344+// END android-removed 3345 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 3346 import org.bouncycastle.asn1.x9.X962NamedCurves; 3347 import org.bouncycastle.asn1.x9.X962Parameters; 3348@@ -247,14 +251,16 @@ 3349 { 3350 oid = NISTNamedCurves.getOID(name); 3351 } 3352- if (oid == null) 3353- { 3354- oid = TeleTrusTNamedCurves.getOID(name); 3355- } 3356- if (oid == null) 3357- { 3358- oid = ECGOST3410NamedCurves.getOID(name); 3359- } 3360+ // BEGIN android-removed 3361+ // if (oid == null) 3362+ // { 3363+ // oid = TeleTrusTNamedCurves.getOID(name); 3364+ // } 3365+ // if (oid == null) 3366+ // { 3367+ // oid = ECGOST3410NamedCurves.getOID(name); 3368+ // } 3369+ // END android-removed 3370 } 3371 3372 return oid; 3373@@ -276,10 +282,12 @@ 3374 { 3375 params = NISTNamedCurves.getByOID(oid); 3376 } 3377- if (params == null) 3378- { 3379- params = TeleTrusTNamedCurves.getByOID(oid); 3380- } 3381+ // BEGIN android-removed 3382+ // if (params == null) 3383+ // { 3384+ // params = TeleTrusTNamedCurves.getByOID(oid); 3385+ // } 3386+ // END android-removed 3387 } 3388 3389 return params; 3390@@ -297,14 +305,16 @@ 3391 { 3392 name = NISTNamedCurves.getName(oid); 3393 } 3394- if (name == null) 3395- { 3396- name = TeleTrusTNamedCurves.getName(oid); 3397- } 3398- if (name == null) 3399- { 3400- name = ECGOST3410NamedCurves.getName(oid); 3401- } 3402+ // BEGIN android-removed 3403+ // if (name == null) 3404+ // { 3405+ // name = TeleTrusTNamedCurves.getName(oid); 3406+ // } 3407+ // if (name == null) 3408+ // { 3409+ // name = ECGOST3410NamedCurves.getName(oid); 3410+ // } 3411+ // END android-removed 3412 } 3413 3414 return name; 3415diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 3416--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-03-01 12:03:02.000000000 +0000 3417+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-04-09 13:10:16.000000000 +0000 3418@@ -37,7 +37,9 @@ 3419 import org.bouncycastle.jcajce.util.BCJcaJceHelper; 3420 import org.bouncycastle.jcajce.util.JcaJceHelper; 3421 import org.bouncycastle.util.io.pem.PemObject; 3422-import org.bouncycastle.util.io.pem.PemWriter; 3423+// BEGIN android-removed 3424+// import org.bouncycastle.util.io.pem.PemWriter; 3425+// END android-removed 3426 3427 /** 3428 * CertPath implementation for X.509 certificates. 3429@@ -54,7 +56,9 @@ 3430 { 3431 List encodings = new ArrayList(); 3432 encodings.add("PkiPath"); 3433- encodings.add("PEM"); 3434+ // BEGIN android-removed 3435+ // encodings.add("PEM"); 3436+ // END android-removed 3437 encodings.add("PKCS7"); 3438 certPathEncodings = Collections.unmodifiableList(encodings); 3439 } 3440@@ -301,27 +305,29 @@ 3441 return toDEREncoded(new ContentInfo( 3442 PKCSObjectIdentifiers.signedData, sd)); 3443 } 3444- else if (encoding.equalsIgnoreCase("PEM")) 3445- { 3446- ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3447- PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3448- 3449- try 3450- { 3451- for (int i = 0; i != certificates.size(); i++) 3452- { 3453- pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3454- } 3455- 3456- pWrt.close(); 3457- } 3458- catch (Exception e) 3459- { 3460- throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3461- } 3462- 3463- return bOut.toByteArray(); 3464- } 3465+ // BEGIN android-removed 3466+ // else if (encoding.equalsIgnoreCase("PEM")) 3467+ // { 3468+ // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 3469+ // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); 3470+ // 3471+ // try 3472+ // { 3473+ // for (int i = 0; i != certificates.size(); i++) 3474+ // { 3475+ // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); 3476+ // } 3477+ // 3478+ // pWrt.close(); 3479+ // } 3480+ // catch (Exception e) 3481+ // { 3482+ // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); 3483+ // } 3484+ // 3485+ // return bOut.toByteArray(); 3486+ // } 3487+ // END android-removed 3488 else 3489 { 3490 throw new CertificateEncodingException("unsupported encoding: " + encoding); 3491diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 3492--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000 3493+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-04-09 13:10:16.000000000 +0000 3494@@ -55,6 +55,9 @@ 3495 import org.bouncycastle.asn1.x509.Extensions; 3496 import org.bouncycastle.asn1.x509.GeneralName; 3497 import org.bouncycastle.asn1.x509.KeyUsage; 3498+// BEGIN android-added 3499+import org.bouncycastle.asn1.x509.X509Name; 3500+// END android-added 3501 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 3502 import org.bouncycastle.jce.X509Principal; 3503 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 3504@@ -534,12 +537,20 @@ 3505 } 3506 } 3507 3508+ // BEGIN android-changed 3509+ private byte[] encoded; 3510+ // END android-changed 3511 public byte[] getEncoded() 3512 throws CertificateEncodingException 3513 { 3514 try 3515 { 3516- return c.getEncoded(ASN1Encoding.DER); 3517+ // BEGIN android-changed 3518+ if (encoded == null) { 3519+ encoded = c.getEncoded(ASN1Encoding.DER); 3520+ } 3521+ return encoded; 3522+ // END android-changed 3523 } 3524 catch (IOException e) 3525 { 3526@@ -839,7 +850,9 @@ 3527 list.add(genName.getEncoded()); 3528 break; 3529 case GeneralName.directoryName: 3530- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 3531+ // BEGIN android-changed 3532+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 3533+ // END android-changed 3534 break; 3535 case GeneralName.dNSName: 3536 case GeneralName.rfc822Name: 3537diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 3538--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000 3539+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-04-09 13:10:16.000000000 +0000 3540@@ -16,12 +16,16 @@ 3541 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 3542 import org.bouncycastle.asn1.ASN1Sequence; 3543 import org.bouncycastle.asn1.DERNull; 3544-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3545+// BEGIN android-removed 3546+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3547+// END android-removed 3548 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 3549 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 3550 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3551 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 3552-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3553+// BEGIN android-removed 3554+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 3555+// END android-removed 3556 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 3557 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 3558 import org.bouncycastle.jce.provider.BouncyCastleProvider; 3559@@ -143,22 +147,24 @@ 3560 { 3561 return "SHA512"; 3562 } 3563- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3564- { 3565- return "RIPEMD128"; 3566- } 3567- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3568- { 3569- return "RIPEMD160"; 3570- } 3571- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3572- { 3573- return "RIPEMD256"; 3574- } 3575- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3576- { 3577- return "GOST3411"; 3578- } 3579+ // BEGIN android-removed 3580+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 3581+ // { 3582+ // return "RIPEMD128"; 3583+ // } 3584+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 3585+ // { 3586+ // return "RIPEMD160"; 3587+ // } 3588+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 3589+ // { 3590+ // return "RIPEMD256"; 3591+ // } 3592+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 3593+ // { 3594+ // return "GOST3411"; 3595+ // } 3596+ // END android-removed 3597 else 3598 { 3599 return digestAlgOID.getId(); 3600diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 3601--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java 2015-03-01 12:03:02.000000000 +0000 3602+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 2013-05-25 02:14:15.000000000 +0000 3603@@ -45,17 +45,19 @@ 3604 } 3605 } 3606 3607- /** 3608- * PBEWithHmacSHA 3609- */ 3610- public static class PBEWithMacKeyFactory 3611- extends PBESecretKeyFactory 3612- { 3613- public PBEWithMacKeyFactory() 3614- { 3615- super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3616- } 3617- } 3618+ // BEGIN android-removed 3619+ // /** 3620+ // * PBEWithHmacSHA 3621+ // */ 3622+ // public static class PBEWithMacKeyFactory 3623+ // extends PBESecretKeyFactory 3624+ // { 3625+ // public PBEWithMacKeyFactory() 3626+ // { 3627+ // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); 3628+ // } 3629+ // } 3630+ // END android-removed 3631 3632 /** 3633 * HMACSHA256 3634@@ -84,9 +86,11 @@ 3635 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256"); 3636 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); 3637 3638- provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3639- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3640- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3641+ // BEGIN android-removed 3642+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); 3643+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); 3644+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); 3645+ // END android-removed 3646 3647 addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3648 addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256); 3649diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 3650--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java 2015-03-01 12:03:02.000000000 +0000 3651+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 2013-05-25 02:14:15.000000000 +0000 3652@@ -5,7 +5,9 @@ 3653 import org.bouncycastle.crypto.CipherKeyGenerator; 3654 import org.bouncycastle.crypto.digests.SHA384Digest; 3655 import org.bouncycastle.crypto.macs.HMac; 3656-import org.bouncycastle.crypto.macs.OldHMac; 3657+// BEGIN android-removed 3658+// import org.bouncycastle.crypto.macs.OldHMac; 3659+// END android-removed 3660 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3661 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3662 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3663@@ -57,14 +59,16 @@ 3664 } 3665 } 3666 3667- public static class OldSHA384 3668- extends BaseMac 3669- { 3670- public OldSHA384() 3671- { 3672- super(new OldHMac(new SHA384Digest())); 3673- } 3674- } 3675+ // BEGIN android-removed 3676+ // public static class OldSHA384 3677+ // extends BaseMac 3678+ // { 3679+ // public OldSHA384() 3680+ // { 3681+ // super(new OldHMac(new SHA384Digest())); 3682+ // } 3683+ // } 3684+ // END android-removed 3685 3686 public static class Mappings 3687 extends DigestAlgorithmProvider 3688@@ -80,7 +84,9 @@ 3689 provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest"); 3690 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384"); 3691 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384"); 3692- provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3693+ // BEGIN android-removed 3694+ // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); 3695+ // END android-removed 3696 3697 addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3698 addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384); 3699diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 3700--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java 2015-03-01 12:03:02.000000000 +0000 3701+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 2013-05-25 02:14:15.000000000 +0000 3702@@ -4,9 +4,13 @@ 3703 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 3704 import org.bouncycastle.crypto.CipherKeyGenerator; 3705 import org.bouncycastle.crypto.digests.SHA512Digest; 3706-import org.bouncycastle.crypto.digests.SHA512tDigest; 3707+// BEGIN android-removed 3708+// import org.bouncycastle.crypto.digests.SHA512tDigest; 3709+// END android-removed 3710 import org.bouncycastle.crypto.macs.HMac; 3711-import org.bouncycastle.crypto.macs.OldHMac; 3712+// BEGIN android-removed 3713+// import org.bouncycastle.crypto.macs.OldHMac; 3714+// END android-removed 3715 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 3716 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 3717 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 3718@@ -37,42 +41,44 @@ 3719 } 3720 } 3721 3722- static public class DigestT 3723- extends BCMessageDigest 3724- implements Cloneable 3725- { 3726- public DigestT(int bitLength) 3727- { 3728- super(new SHA512tDigest(bitLength)); 3729- } 3730- 3731- public Object clone() 3732- throws CloneNotSupportedException 3733- { 3734- DigestT d = (DigestT)super.clone(); 3735- d.digest = new SHA512tDigest((SHA512tDigest)digest); 3736- 3737- return d; 3738- } 3739- } 3740- 3741- static public class DigestT224 3742- extends DigestT 3743- { 3744- public DigestT224() 3745- { 3746- super(224); 3747- } 3748- } 3749- 3750- static public class DigestT256 3751- extends DigestT 3752- { 3753- public DigestT256() 3754- { 3755- super(256); 3756- } 3757- } 3758+ // BEGIN android-removed 3759+ // static public class DigestT 3760+ // extends BCMessageDigest 3761+ // implements Cloneable 3762+ // { 3763+ // public DigestT(int bitLength) 3764+ // { 3765+ // super(new SHA512tDigest(bitLength)); 3766+ // } 3767+ // 3768+ // public Object clone() 3769+ // throws CloneNotSupportedException 3770+ // { 3771+ // DigestT d = (DigestT)super.clone(); 3772+ // d.digest = new SHA512tDigest((SHA512tDigest)digest); 3773+ // 3774+ // return d; 3775+ // } 3776+ // } 3777+ // 3778+ // static public class DigestT224 3779+ // extends DigestT 3780+ // { 3781+ // public DigestT224() 3782+ // { 3783+ // super(224); 3784+ // } 3785+ // } 3786+ // 3787+ // static public class DigestT256 3788+ // extends DigestT 3789+ // { 3790+ // public DigestT256() 3791+ // { 3792+ // super(256); 3793+ // } 3794+ // } 3795+ // END android-removed 3796 3797 public static class HashMac 3798 extends BaseMac 3799@@ -83,35 +89,37 @@ 3800 } 3801 } 3802 3803- public static class HashMacT224 3804- extends BaseMac 3805- { 3806- public HashMacT224() 3807- { 3808- super(new HMac(new SHA512tDigest(224))); 3809- } 3810- } 3811- 3812- public static class HashMacT256 3813- extends BaseMac 3814- { 3815- public HashMacT256() 3816- { 3817- super(new HMac(new SHA512tDigest(256))); 3818- } 3819- } 3820- 3821- /** 3822- * SHA-512 HMac 3823- */ 3824- public static class OldSHA512 3825- extends BaseMac 3826- { 3827- public OldSHA512() 3828- { 3829- super(new OldHMac(new SHA512Digest())); 3830- } 3831- } 3832+ // BEGIN android-removed 3833+ // public static class HashMacT224 3834+ // extends BaseMac 3835+ // { 3836+ // public HashMacT224() 3837+ // { 3838+ // super(new HMac(new SHA512tDigest(224))); 3839+ // } 3840+ // } 3841+ // 3842+ // public static class HashMacT256 3843+ // extends BaseMac 3844+ // { 3845+ // public HashMacT256() 3846+ // { 3847+ // super(new HMac(new SHA512tDigest(256))); 3848+ // } 3849+ // } 3850+ // 3851+ // /** 3852+ // * SHA-512 HMac 3853+ // */ 3854+ // public static class OldSHA512 3855+ // extends BaseMac 3856+ // { 3857+ // public OldSHA512() 3858+ // { 3859+ // super(new OldHMac(new SHA512Digest())); 3860+ // } 3861+ // } 3862+ // END android-removed 3863 3864 /** 3865 * HMACSHA512 3866@@ -125,23 +133,25 @@ 3867 } 3868 } 3869 3870- public static class KeyGeneratorT224 3871- extends BaseKeyGenerator 3872- { 3873- public KeyGeneratorT224() 3874- { 3875- super("HMACSHA512/224", 224, new CipherKeyGenerator()); 3876- } 3877- } 3878- 3879- public static class KeyGeneratorT256 3880- extends BaseKeyGenerator 3881- { 3882- public KeyGeneratorT256() 3883- { 3884- super("HMACSHA512/256", 256, new CipherKeyGenerator()); 3885- } 3886- } 3887+ // BEGIN android-removed 3888+ // public static class KeyGeneratorT224 3889+ // extends BaseKeyGenerator 3890+ // { 3891+ // public KeyGeneratorT224() 3892+ // { 3893+ // super("HMACSHA512/224", 224, new CipherKeyGenerator()); 3894+ // } 3895+ // } 3896+ // 3897+ // public static class KeyGeneratorT256 3898+ // extends BaseKeyGenerator 3899+ // { 3900+ // public KeyGeneratorT256() 3901+ // { 3902+ // super("HMACSHA512/256", 256, new CipherKeyGenerator()); 3903+ // } 3904+ // } 3905+ // END android-removed 3906 3907 public static class Mappings 3908 extends DigestAlgorithmProvider 3909@@ -158,21 +168,25 @@ 3910 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512"); 3911 provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); 3912 3913- provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 3914- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 3915- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 3916- 3917- provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 3918- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 3919- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 3920- 3921- provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 3922+ // BEGIN android-removed 3923+ // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); 3924+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); 3925+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); 3926+ // 3927+ // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); 3928+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); 3929+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); 3930+ // 3931+ // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); 3932+ // END android-removed 3933 3934 addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); 3935 addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); 3936 3937- addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 3938- addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 3939+ // BEGIN android-removed 3940+ // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); 3941+ // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); 3942+ // END android-removed 3943 } 3944 } 3945 3946diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 3947--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java 2015-03-01 12:03:02.000000000 +0000 3948+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 2013-05-25 02:14:15.000000000 +0000 3949@@ -17,7 +17,9 @@ 3950 public void configure(ConfigurableProvider provider) 3951 { 3952 provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std"); 3953- provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 3954+ // BEGIN android-removed 3955+ // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); 3956+ // END android-removed 3957 provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore"); 3958 provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle"); 3959 provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); 3960diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 3961--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2015-03-01 12:03:02.000000000 +0000 3962+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2013-05-25 02:14:15.000000000 +0000 3963@@ -17,14 +17,16 @@ 3964 public void configure(ConfigurableProvider provider) 3965 { 3966 provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3967- provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3968- provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3969- 3970- provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3971- provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 3972- 3973- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3974- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 3975+ // BEGIN android-removed 3976+ // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3977+ // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3978+ // 3979+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); 3980+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); 3981+ // 3982+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); 3983+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); 3984+ // END android-removed 3985 } 3986 } 3987 } 3988diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 3989--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-03-01 12:03:02.000000000 +0000 3990+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-04-09 13:10:16.000000000 +0000 3991@@ -62,8 +62,10 @@ 3992 import org.bouncycastle.asn1.DEROutputStream; 3993 import org.bouncycastle.asn1.DERSequence; 3994 import org.bouncycastle.asn1.DERSet; 3995-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3996-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 3997+// BEGIN android-removed 3998+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 3999+// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; 4000+// END android-removed 4001 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 4002 import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; 4003 import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; 4004@@ -89,7 +91,9 @@ 4005 import org.bouncycastle.crypto.digests.SHA1Digest; 4006 import org.bouncycastle.jcajce.PKCS12StoreParameter; 4007 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; 4008-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 4009+// BEGIN android-removed 4010+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 4011+// END android-removed 4012 import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; 4013 import org.bouncycastle.jcajce.util.BCJcaJceHelper; 4014 import org.bouncycastle.jcajce.util.JcaJceHelper; 4015@@ -753,13 +757,15 @@ 4016 { 4017 cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets())); 4018 } 4019- else 4020- { 4021- // TODO: at the moment it's just GOST, but... 4022- GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 4023- 4024- cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 4025- } 4026+ // BEGIN android-removed 4027+ // else 4028+ // { 4029+ // // TODO: at the moment it's just GOST, but... 4030+ // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); 4031+ // 4032+ // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); 4033+ // } 4034+ // END android-removed 4035 return cipher; 4036 } 4037 4038@@ -1680,33 +1686,34 @@ 4039 super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4040 } 4041 } 4042- 4043- public static class BCPKCS12KeyStore3DES 4044- extends PKCS12KeyStoreSpi 4045- { 4046- public BCPKCS12KeyStore3DES() 4047- { 4048- super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4049- } 4050- } 4051- 4052- public static class DefPKCS12KeyStore 4053- extends PKCS12KeyStoreSpi 4054- { 4055- public DefPKCS12KeyStore() 4056- { 4057- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4058- } 4059- } 4060- 4061- public static class DefPKCS12KeyStore3DES 4062- extends PKCS12KeyStoreSpi 4063- { 4064- public DefPKCS12KeyStore3DES() 4065- { 4066- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4067- } 4068- } 4069+ // BEGIN android-removed 4070+ // public static class BCPKCS12KeyStore3DES 4071+ // extends PKCS12KeyStoreSpi 4072+ // { 4073+ // public BCPKCS12KeyStore3DES() 4074+ // { 4075+ // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4076+ // } 4077+ // } 4078+ // 4079+ // public static class DefPKCS12KeyStore 4080+ // extends PKCS12KeyStoreSpi 4081+ // { 4082+ // public DefPKCS12KeyStore() 4083+ // { 4084+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); 4085+ // } 4086+ // } 4087+ // 4088+ // public static class DefPKCS12KeyStore3DES 4089+ // extends PKCS12KeyStoreSpi 4090+ // { 4091+ // public DefPKCS12KeyStore3DES() 4092+ // { 4093+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); 4094+ // } 4095+ // } 4096+ // END android-removed 4097 4098 private static class IgnoresCaseHashtable 4099 { 4100@@ -1779,7 +1786,9 @@ 4101 keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192)); 4102 keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256)); 4103 4104- keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 4105+ // BEGIN android-removed 4106+ // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); 4107+ // END android-removed 4108 4109 KEY_SIZES = Collections.unmodifiableMap(keySizes); 4110 } 4111diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 4112--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-03-01 20:03:02.000000000 +0000 4113+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-05-12 00:19:13.000000000 +0000 4114@@ -3,16 +3,28 @@ 4115 import java.io.IOException; 4116 import java.lang.reflect.Constructor; 4117 import java.lang.reflect.Method; 4118-import java.security.AlgorithmParameters; 4119-import java.security.InvalidAlgorithmParameterException; 4120+// BEGIN android-added 4121+import java.security.NoSuchAlgorithmException; 4122+// END android-added 4123+// BEGIN android-removed 4124+// import java.security.AlgorithmParameters; 4125+// import java.security.InvalidAlgorithmParameterException; 4126+// END android-removed 4127 import java.security.SecureRandom; 4128 import java.security.spec.AlgorithmParameterSpec; 4129 import java.security.spec.InvalidParameterSpecException; 4130 4131-import javax.crypto.spec.IvParameterSpec; 4132- 4133+// BEGIN android-removed 4134+// import javax.crypto.spec.IvParameterSpec; 4135+// END android-removed 4136+ 4137+// BEGIN android-added 4138+import javax.crypto.NoSuchPaddingException; 4139+// END android-added 4140 import org.bouncycastle.asn1.bc.BCObjectIdentifiers; 4141-import org.bouncycastle.asn1.cms.CCMParameters; 4142+// BEGIN android-removed 4143+// import org.bouncycastle.asn1.cms.CCMParameters; 4144+// END android-removed 4145 import org.bouncycastle.asn1.cms.GCMParameters; 4146 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 4147 import org.bouncycastle.crypto.BlockCipher; 4148@@ -20,22 +32,30 @@ 4149 import org.bouncycastle.crypto.CipherKeyGenerator; 4150 import org.bouncycastle.crypto.engines.AESFastEngine; 4151 import org.bouncycastle.crypto.engines.AESWrapEngine; 4152-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4153-import org.bouncycastle.crypto.engines.RFC5649WrapEngine; 4154-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 4155-import org.bouncycastle.crypto.macs.CMac; 4156-import org.bouncycastle.crypto.macs.GMac; 4157+// BEGIN android-removed 4158+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 4159+// import org.bouncycastle.crypto.engines.RFC5649WrapEngine; 4160+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 4161+// import org.bouncycastle.crypto.macs.CMac; 4162+// import org.bouncycastle.crypto.macs.GMac; 4163+// END android-removed 4164 import org.bouncycastle.crypto.modes.CBCBlockCipher; 4165-import org.bouncycastle.crypto.modes.CCMBlockCipher; 4166+// BEGIN android-removed 4167+// import org.bouncycastle.crypto.modes.CCMBlockCipher; 4168+// END android-removed 4169 import org.bouncycastle.crypto.modes.CFBBlockCipher; 4170 import org.bouncycastle.crypto.modes.GCMBlockCipher; 4171 import org.bouncycastle.crypto.modes.OFBBlockCipher; 4172 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 4173-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4174+// BEGIN android-removed 4175+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 4176+// END android-removed 4177 import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 4178 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 4179 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 4180-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4181+// BEGIN android-removed 4182+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 4183+// END android-removed 4184 import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 4185 import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 4186 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 4187@@ -98,53 +118,64 @@ 4188 public GCM() 4189 { 4190 super(new GCMBlockCipher(new AESFastEngine())); 4191+ // BEGIN android-added 4192+ try { 4193+ engineSetMode("GCM"); 4194+ engineSetPadding("NoPadding"); 4195+ } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { 4196+ // this should not be possible 4197+ throw new RuntimeException("Could not set mode or padding for GCM mode", e); 4198+ } 4199+ // END android-added 4200 } 4201 } 4202 4203- static public class CCM 4204- extends BaseBlockCipher 4205- { 4206- public CCM() 4207- { 4208- super(new CCMBlockCipher(new AESFastEngine())); 4209- } 4210- } 4211- 4212- public static class AESCMAC 4213- extends BaseMac 4214- { 4215- public AESCMAC() 4216- { 4217- super(new CMac(new AESFastEngine())); 4218- } 4219- } 4220- 4221- public static class AESGMAC 4222- extends BaseMac 4223- { 4224- public AESGMAC() 4225- { 4226- super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 4227- } 4228- } 4229- 4230- public static class Poly1305 4231- extends BaseMac 4232- { 4233- public Poly1305() 4234- { 4235- super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 4236- } 4237- } 4238- 4239- public static class Poly1305KeyGen 4240- extends BaseKeyGenerator 4241- { 4242- public Poly1305KeyGen() 4243- { 4244- super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 4245- } 4246- } 4247+ // BEGIN android-removed 4248+ // static public class CCM 4249+ // extends BaseBlockCipher 4250+ // { 4251+ // public CCM() 4252+ // { 4253+ // super(new CCMBlockCipher(new AESFastEngine())); 4254+ // } 4255+ // } 4256+ // 4257+ // public static class AESCMAC 4258+ // extends BaseMac 4259+ // { 4260+ // public AESCMAC() 4261+ // { 4262+ // super(new CMac(new AESFastEngine())); 4263+ // } 4264+ // } 4265+ // 4266+ // public static class AESGMAC 4267+ // extends BaseMac 4268+ // { 4269+ // public AESGMAC() 4270+ // { 4271+ // super(new GMac(new GCMBlockCipher(new AESFastEngine()))); 4272+ // } 4273+ // } 4274+ // 4275+ // public static class Poly1305 4276+ // extends BaseMac 4277+ // { 4278+ // public Poly1305() 4279+ // { 4280+ // super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); 4281+ // } 4282+ // } 4283+ // 4284+ // public static class Poly1305KeyGen 4285+ // extends BaseKeyGenerator 4286+ // { 4287+ // public Poly1305KeyGen() 4288+ // { 4289+ // super("Poly1305-AES", 256, new Poly1305KeyGenerator()); 4290+ // } 4291+ // } 4292+ // END android-removed 4293 4294 static public class Wrap 4295 extends BaseWrapCipher 4296@@ -155,23 +186,25 @@ 4297 } 4298 } 4299 4300- public static class RFC3211Wrap 4301- extends BaseWrapCipher 4302- { 4303- public RFC3211Wrap() 4304- { 4305- super(new RFC3211WrapEngine(new AESFastEngine()), 16); 4306- } 4307- } 4308- 4309- public static class RFC5649Wrap 4310- extends BaseWrapCipher 4311- { 4312- public RFC5649Wrap() 4313- { 4314- super(new RFC5649WrapEngine(new AESFastEngine())); 4315- } 4316- } 4317+ // BEGIN android-removed 4318+ // public static class RFC3211Wrap 4319+ // extends BaseWrapCipher 4320+ // { 4321+ // public RFC3211Wrap() 4322+ // { 4323+ // super(new RFC3211WrapEngine(new AESFastEngine()), 16); 4324+ // } 4325+ // } 4326+ // 4327+ // public static class RFC5649Wrap 4328+ // extends BaseWrapCipher 4329+ // { 4330+ // public RFC5649Wrap() 4331+ // { 4332+ // super(new RFC5649WrapEngine(new AESFastEngine())); 4333+ // } 4334+ // } 4335+ // END android-removed 4336 4337 /** 4338 * PBEWithAES-CBC 4339@@ -190,7 +223,9 @@ 4340 { 4341 public KeyGen() 4342 { 4343- this(192); 4344+ // BEGIN android-changed 4345+ this(128); 4346+ // END android-changed 4347 } 4348 4349 public KeyGen(int keySize) 4350@@ -199,32 +234,34 @@ 4351 } 4352 } 4353 4354- public static class KeyGen128 4355- extends KeyGen 4356- { 4357- public KeyGen128() 4358- { 4359- super(128); 4360- } 4361- } 4362- 4363- public static class KeyGen192 4364- extends KeyGen 4365- { 4366- public KeyGen192() 4367- { 4368- super(192); 4369- } 4370- } 4371- 4372- public static class KeyGen256 4373- extends KeyGen 4374- { 4375- public KeyGen256() 4376- { 4377- super(256); 4378- } 4379- } 4380+ // BEGIN android-removed 4381+ // public static class KeyGen128 4382+ // extends KeyGen 4383+ // { 4384+ // public KeyGen128() 4385+ // { 4386+ // super(128); 4387+ // } 4388+ // } 4389+ // 4390+ // public static class KeyGen192 4391+ // extends KeyGen 4392+ // { 4393+ // public KeyGen192() 4394+ // { 4395+ // super(192); 4396+ // } 4397+ // } 4398+ // 4399+ // public static class KeyGen256 4400+ // extends KeyGen 4401+ // { 4402+ // public KeyGen256() 4403+ // { 4404+ // super(256); 4405+ // } 4406+ // } 4407+ // END android-removed 4408 4409 /** 4410 * PBEWithSHA1And128BitAES-BC 4411@@ -334,119 +371,121 @@ 4412 } 4413 } 4414 4415- public static class AlgParamGen 4416- extends BaseAlgorithmParameterGenerator 4417- { 4418- protected void engineInit( 4419- AlgorithmParameterSpec genParamSpec, 4420- SecureRandom random) 4421- throws InvalidAlgorithmParameterException 4422- { 4423- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4424- } 4425- 4426- protected AlgorithmParameters engineGenerateParameters() 4427- { 4428- byte[] iv = new byte[16]; 4429- 4430- if (random == null) 4431- { 4432- random = new SecureRandom(); 4433- } 4434- 4435- random.nextBytes(iv); 4436- 4437- AlgorithmParameters params; 4438- 4439- try 4440- { 4441- params = createParametersInstance("AES"); 4442- params.init(new IvParameterSpec(iv)); 4443- } 4444- catch (Exception e) 4445- { 4446- throw new RuntimeException(e.getMessage()); 4447- } 4448- 4449- return params; 4450- } 4451- } 4452- 4453- public static class AlgParamGenCCM 4454- extends BaseAlgorithmParameterGenerator 4455- { 4456- protected void engineInit( 4457- AlgorithmParameterSpec genParamSpec, 4458- SecureRandom random) 4459- throws InvalidAlgorithmParameterException 4460- { 4461- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4462- } 4463- 4464- protected AlgorithmParameters engineGenerateParameters() 4465- { 4466- byte[] iv = new byte[12]; 4467- 4468- if (random == null) 4469- { 4470- random = new SecureRandom(); 4471- } 4472- 4473- random.nextBytes(iv); 4474- 4475- AlgorithmParameters params; 4476- 4477- try 4478- { 4479- params = createParametersInstance("CCM"); 4480- params.init(new CCMParameters(iv, 12).getEncoded()); 4481- } 4482- catch (Exception e) 4483- { 4484- throw new RuntimeException(e.getMessage()); 4485- } 4486- 4487- return params; 4488- } 4489- } 4490- 4491- public static class AlgParamGenGCM 4492- extends BaseAlgorithmParameterGenerator 4493- { 4494- protected void engineInit( 4495- AlgorithmParameterSpec genParamSpec, 4496- SecureRandom random) 4497- throws InvalidAlgorithmParameterException 4498- { 4499- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4500- } 4501- 4502- protected AlgorithmParameters engineGenerateParameters() 4503- { 4504- byte[] nonce = new byte[12]; 4505- 4506- if (random == null) 4507- { 4508- random = new SecureRandom(); 4509- } 4510- 4511- random.nextBytes(nonce); 4512- 4513- AlgorithmParameters params; 4514- 4515- try 4516- { 4517- params = createParametersInstance("GCM"); 4518- params.init(new GCMParameters(nonce, 12).getEncoded()); 4519- } 4520- catch (Exception e) 4521- { 4522- throw new RuntimeException(e.getMessage()); 4523- } 4524- 4525- return params; 4526- } 4527- } 4528+ // BEGIN android-removed 4529+ // public static class AlgParamGen 4530+ // extends BaseAlgorithmParameterGenerator 4531+ // { 4532+ // protected void engineInit( 4533+ // AlgorithmParameterSpec genParamSpec, 4534+ // SecureRandom random) 4535+ // throws InvalidAlgorithmParameterException 4536+ // { 4537+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4538+ // } 4539+ // 4540+ // protected AlgorithmParameters engineGenerateParameters() 4541+ // { 4542+ // byte[] iv = new byte[16]; 4543+ // 4544+ // if (random == null) 4545+ // { 4546+ // random = new SecureRandom(); 4547+ // } 4548+ // 4549+ // random.nextBytes(iv); 4550+ // 4551+ // AlgorithmParameters params; 4552+ // 4553+ // try 4554+ // { 4555+ // params = createParametersInstance("AES"); 4556+ // params.init(new IvParameterSpec(iv)); 4557+ // } 4558+ // catch (Exception e) 4559+ // { 4560+ // throw new RuntimeException(e.getMessage()); 4561+ // } 4562+ // 4563+ // return params; 4564+ // } 4565+ // } 4566+ // 4567+ // public static class AlgParamGenCCM 4568+ // extends BaseAlgorithmParameterGenerator 4569+ // { 4570+ // protected void engineInit( 4571+ // AlgorithmParameterSpec genParamSpec, 4572+ // SecureRandom random) 4573+ // throws InvalidAlgorithmParameterException 4574+ // { 4575+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4576+ // } 4577+ // 4578+ // protected AlgorithmParameters engineGenerateParameters() 4579+ // { 4580+ // byte[] iv = new byte[12]; 4581+ // 4582+ // if (random == null) 4583+ // { 4584+ // random = new SecureRandom(); 4585+ // } 4586+ // 4587+ // random.nextBytes(iv); 4588+ // 4589+ // AlgorithmParameters params; 4590+ // 4591+ // try 4592+ // { 4593+ // params = createParametersInstance("CCM"); 4594+ // params.init(new CCMParameters(iv, 12).getEncoded()); 4595+ // } 4596+ // catch (Exception e) 4597+ // { 4598+ // throw new RuntimeException(e.getMessage()); 4599+ // } 4600+ // 4601+ // return params; 4602+ // } 4603+ // } 4604+ // 4605+ // public static class AlgParamGenGCM 4606+ // extends BaseAlgorithmParameterGenerator 4607+ // { 4608+ // protected void engineInit( 4609+ // AlgorithmParameterSpec genParamSpec, 4610+ // SecureRandom random) 4611+ // throws InvalidAlgorithmParameterException 4612+ // { 4613+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); 4614+ // } 4615+ // 4616+ // protected AlgorithmParameters engineGenerateParameters() 4617+ // { 4618+ // byte[] nonce = new byte[12]; 4619+ // 4620+ // if (random == null) 4621+ // { 4622+ // random = new SecureRandom(); 4623+ // } 4624+ // 4625+ // random.nextBytes(nonce); 4626+ // 4627+ // AlgorithmParameters params; 4628+ // 4629+ // try 4630+ // { 4631+ // params = createParametersInstance("GCM"); 4632+ // params.init(new GCMParameters(nonce, 12).getEncoded()); 4633+ // } 4634+ // catch (Exception e) 4635+ // { 4636+ // throw new RuntimeException(e.getMessage()); 4637+ // } 4638+ // 4639+ // return params; 4640+ // } 4641+ // } 4642+ // END android-removed 4643 4644 public static class AlgParams 4645 extends IvAlgorithmParameters 4646@@ -545,80 +584,82 @@ 4647 } 4648 } 4649 4650- public static class AlgParamsCCM 4651- extends BaseAlgorithmParameters 4652- { 4653- private CCMParameters ccmParams; 4654- 4655- protected void engineInit(AlgorithmParameterSpec paramSpec) 4656- throws InvalidParameterSpecException 4657- { 4658- throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); 4659- } 4660- 4661- protected void engineInit(byte[] params) 4662- throws IOException 4663- { 4664- ccmParams = CCMParameters.getInstance(params); 4665- } 4666- 4667- protected void engineInit(byte[] params, String format) 4668- throws IOException 4669- { 4670- if (!isASN1FormatString(format)) 4671- { 4672- throw new IOException("unknown format specified"); 4673- } 4674- 4675- ccmParams = CCMParameters.getInstance(params); 4676- } 4677- 4678- protected byte[] engineGetEncoded() 4679- throws IOException 4680- { 4681- return ccmParams.getEncoded(); 4682- } 4683- 4684- protected byte[] engineGetEncoded(String format) 4685- throws IOException 4686- { 4687- if (!isASN1FormatString(format)) 4688- { 4689- throw new IOException("unknown format specified"); 4690- } 4691- 4692- return ccmParams.getEncoded(); 4693- } 4694- 4695- protected String engineToString() 4696- { 4697- return "CCM"; 4698- } 4699- 4700- protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4701- throws InvalidParameterSpecException 4702- { 4703- if (gcmSpecClass != null) 4704- { 4705- try 4706- { 4707- Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); 4708- 4709- return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); 4710- } 4711- catch (NoSuchMethodException e) 4712- { 4713- throw new InvalidParameterSpecException("no constructor found!"); // should never happen 4714- } 4715- catch (Exception e) 4716- { 4717- throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen 4718- } 4719- } 4720- 4721- throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); 4722- } 4723- } 4724+ // BEGIN android-removed 4725+ // public static class AlgParamsCCM 4726+ // extends BaseAlgorithmParameters 4727+ // { 4728+ // private CCMParameters ccmParams; 4729+ // 4730+ // protected void engineInit(AlgorithmParameterSpec paramSpec) 4731+ // throws InvalidParameterSpecException 4732+ // { 4733+ // throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); 4734+ // } 4735+ // 4736+ // protected void engineInit(byte[] params) 4737+ // throws IOException 4738+ // { 4739+ // ccmParams = CCMParameters.getInstance(params); 4740+ // } 4741+ // 4742+ // protected void engineInit(byte[] params, String format) 4743+ // throws IOException 4744+ // { 4745+ // if (!isASN1FormatString(format)) 4746+ // { 4747+ // throw new IOException("unknown format specified"); 4748+ // } 4749+ // 4750+ // ccmParams = CCMParameters.getInstance(params); 4751+ // } 4752+ // 4753+ // protected byte[] engineGetEncoded() 4754+ // throws IOException 4755+ // { 4756+ // return ccmParams.getEncoded(); 4757+ // } 4758+ // 4759+ // protected byte[] engineGetEncoded(String format) 4760+ // throws IOException 4761+ // { 4762+ // if (!isASN1FormatString(format)) 4763+ // { 4764+ // throw new IOException("unknown format specified"); 4765+ // } 4766+ // 4767+ // return ccmParams.getEncoded(); 4768+ // } 4769+ // 4770+ // protected String engineToString() 4771+ // { 4772+ // return "CCM"; 4773+ // } 4774+ // 4775+ // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) 4776+ // throws InvalidParameterSpecException 4777+ // { 4778+ // if (gcmSpecClass != null) 4779+ // { 4780+ // try 4781+ // { 4782+ // Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); 4783+ // 4784+ // return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); 4785+ // } 4786+ // catch (NoSuchMethodException e) 4787+ // { 4788+ // throw new InvalidParameterSpecException("no constructor found!"); // should never happen 4789+ // } 4790+ // catch (Exception e) 4791+ // { 4792+ // throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen 4793+ // } 4794+ // } 4795+ // 4796+ // throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); 4797+ // } 4798+ // } 4799+ // END android-removed 4800 4801 public static class Mappings 4802 extends SymmetricAlgorithmProvider 4803@@ -652,92 +693,101 @@ 4804 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4805 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4806 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4807- 4808- provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); 4809- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4810- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4811- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4812- 4813- provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 4814- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 4815- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 4816- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 4817- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 4818- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 4819- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 4820+ // BEGIN android-removed 4821+ // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); 4822+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4823+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4824+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4825+ // 4826+ // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); 4827+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); 4828+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); 4829+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); 4830+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); 4831+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); 4832+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); 4833+ // END android-removed 4834 4835 provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); 4836 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); 4837 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); 4838 provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); 4839- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 4840- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 4841- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 4842- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 4843- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 4844- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 4845- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 4846- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 4847- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 4848- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 4849- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 4850- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 4851+ // BEGIN android-removed 4852+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); 4853+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); 4854+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); 4855+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); 4856+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); 4857+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); 4858+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); 4859+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); 4860+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); 4861+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); 4862+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); 4863+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); 4864+ // END android-removed 4865 provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); 4866 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); 4867 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); 4868 provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); 4869 4870- provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 4871- provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); 4872- 4873- provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); 4874- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4875- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4876- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4877- 4878- provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); 4879- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4880- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4881- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4882- 4883- provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); 4884- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4885- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4886- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4887- 4888- provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM"); 4889- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4890- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4891- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4892+ // BEGIN android-removed 4893+ // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); 4894+ // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); 4895+ // 4896+ // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); 4897+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4898+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4899+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4900+ // 4901+ // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); 4902+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); 4903+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); 4904+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); 4905+ // 4906+ // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); 4907+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); 4908+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); 4909+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); 4910+ // END android-removed 4911+ 4912+ // BEGIN android-changed 4913+ provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM"); 4914+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING"); 4915+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING"); 4916+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING"); 4917+ // END android-changed 4918 4919 provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); 4920- provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 4921- provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 4922- provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 4923- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 4924- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 4925- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 4926- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 4927- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 4928- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 4929- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 4930- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 4931- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 4932- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 4933- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 4934- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 4935- provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 4936- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 4937- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 4938- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 4939- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); 4940- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); 4941- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); 4942- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); 4943- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); 4944- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); 4945- 4946- provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 4947+ // BEGIN android-removed 4948+ // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); 4949+ // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); 4950+ // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); 4951+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); 4952+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); 4953+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); 4954+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); 4955+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); 4956+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); 4957+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); 4958+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); 4959+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); 4960+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); 4961+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); 4962+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); 4963+ // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); 4964+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); 4965+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); 4966+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); 4967+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); 4968+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); 4969+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); 4970+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); 4971+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); 4972+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); 4973+ // 4974+ // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); 4975+ // END android-removed 4976 4977 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC"); 4978 provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC"); 4979@@ -816,8 +866,10 @@ 4980 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); 4981 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); 4982 4983- addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 4984- addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 4985+ // BEGIN android-removed 4986+ // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); 4987+ // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 4988+ // END android-removed 4989 } 4990 } 4991 4992diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 4993--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2015-03-01 12:03:02.000000000 +0000 4994+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-05-25 02:14:15.000000000 +0000 4995@@ -29,7 +29,9 @@ 4996 { 4997 public KeyGen() 4998 { 4999- super("RC4", 128, new CipherKeyGenerator()); 5000+ // BEGIN android-changed 5001+ super("ARC4", 128, new CipherKeyGenerator()); 5002+ // END android-changed 5003 } 5004 } 5005 5006diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 5007--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2015-03-01 12:03:02.000000000 +0000 5008+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-09-17 23:04:47.000000000 +0000 5009@@ -64,7 +64,9 @@ 5010 { 5011 5012 provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); 5013- provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 5014+ // BEGIN android-removed 5015+ // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); 5016+ // END android-removed 5017 provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); 5018 provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); 5019 provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); 5020diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 5021--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-03-01 12:03:02.000000000 +0000 5022+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-04-09 13:10:16.000000000 +0000 5023@@ -19,12 +19,16 @@ 5024 import org.bouncycastle.crypto.CipherParameters; 5025 import org.bouncycastle.crypto.KeyGenerationParameters; 5026 import org.bouncycastle.crypto.engines.DESEngine; 5027-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5028+// BEGIN android-removed 5029+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5030+// END android-removed 5031 import org.bouncycastle.crypto.generators.DESKeyGenerator; 5032 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5033-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5034-import org.bouncycastle.crypto.macs.CMac; 5035-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5036+// BEGIN android-removed 5037+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5038+// import org.bouncycastle.crypto.macs.CMac; 5039+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; 5040+// END android-removed 5041 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5042 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 5043 import org.bouncycastle.crypto.params.DESParameters; 5044@@ -65,17 +69,19 @@ 5045 } 5046 } 5047 5048- /** 5049- * DES CFB8 5050- */ 5051- public static class DESCFB8 5052- extends BaseMac 5053- { 5054- public DESCFB8() 5055- { 5056- super(new CFBBlockCipherMac(new DESEngine())); 5057- } 5058- } 5059+ // BEGIN android-removed 5060+ // /** 5061+ // * DES CFB8 5062+ // */ 5063+ // public static class DESCFB8 5064+ // extends BaseMac 5065+ // { 5066+ // public DESCFB8() 5067+ // { 5068+ // super(new CFBBlockCipherMac(new DESEngine())); 5069+ // } 5070+ // } 5071+ // END android-removed 5072 5073 /** 5074 * DES64 5075@@ -110,47 +116,49 @@ 5076 } 5077 } 5078 5079- static public class CMAC 5080- extends BaseMac 5081- { 5082- public CMAC() 5083- { 5084- super(new CMac(new DESEngine())); 5085- } 5086- } 5087- 5088- /** 5089- * DES9797Alg3with7816-4Padding 5090- */ 5091- public static class DES9797Alg3with7816d4 5092- extends BaseMac 5093- { 5094- public DES9797Alg3with7816d4() 5095- { 5096- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5097- } 5098- } 5099- 5100- /** 5101- * DES9797Alg3 5102- */ 5103- public static class DES9797Alg3 5104- extends BaseMac 5105- { 5106- public DES9797Alg3() 5107- { 5108- super(new ISO9797Alg3Mac(new DESEngine())); 5109- } 5110- } 5111- 5112- public static class RFC3211 5113- extends BaseWrapCipher 5114- { 5115- public RFC3211() 5116- { 5117- super(new RFC3211WrapEngine(new DESEngine()), 8); 5118- } 5119- } 5120+ // BEGIN android-removed 5121+ // static public class CMAC 5122+ // extends BaseMac 5123+ // { 5124+ // public CMAC() 5125+ // { 5126+ // super(new CMac(new DESEngine())); 5127+ // } 5128+ // } 5129+ // 5130+ // /** 5131+ // * DES9797Alg3with7816-4Padding 5132+ // */ 5133+ // public static class DES9797Alg3with7816d4 5134+ // extends BaseMac 5135+ // { 5136+ // public DES9797Alg3with7816d4() 5137+ // { 5138+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); 5139+ // } 5140+ // } 5141+ // 5142+ // /** 5143+ // * DES9797Alg3 5144+ // */ 5145+ // public static class DES9797Alg3 5146+ // extends BaseMac 5147+ // { 5148+ // public DES9797Alg3() 5149+ // { 5150+ // super(new ISO9797Alg3Mac(new DESEngine())); 5151+ // } 5152+ // } 5153+ // 5154+ // public static class RFC3211 5155+ // extends BaseWrapCipher 5156+ // { 5157+ // public RFC3211() 5158+ // { 5159+ // super(new RFC3211WrapEngine(new DESEngine()), 8); 5160+ // } 5161+ // } 5162+ // END android-removed 5163 5164 public static class AlgParamGen 5165 extends BaseAlgorithmParameterGenerator 5166@@ -350,17 +358,19 @@ 5167 } 5168 } 5169 5170- /** 5171- * PBEWithMD2AndDES 5172- */ 5173- static public class PBEWithMD2KeyFactory 5174- extends DESPBEKeyFactory 5175- { 5176- public PBEWithMD2KeyFactory() 5177- { 5178- super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 5179- } 5180- } 5181+ // BEGIN android-removed 5182+ // /** 5183+ // * PBEWithMD2AndDES 5184+ // */ 5185+ // static public class PBEWithMD2KeyFactory 5186+ // extends DESPBEKeyFactory 5187+ // { 5188+ // public PBEWithMD2KeyFactory() 5189+ // { 5190+ // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); 5191+ // } 5192+ // } 5193+ // END android-removed 5194 5195 /** 5196 * PBEWithMD5AndDES 5197@@ -386,17 +396,19 @@ 5198 } 5199 } 5200 5201- /** 5202- * PBEWithMD2AndDES 5203- */ 5204- static public class PBEWithMD2 5205- extends BaseBlockCipher 5206- { 5207- public PBEWithMD2() 5208- { 5209- super(new CBCBlockCipher(new DESEngine())); 5210- } 5211- } 5212+ // BEGIN android-removed 5213+ // /** 5214+ // * PBEWithMD2AndDES 5215+ // */ 5216+ // static public class PBEWithMD2 5217+ // extends BaseBlockCipher 5218+ // { 5219+ // public PBEWithMD2() 5220+ // { 5221+ // super(new CBCBlockCipher(new DESEngine())); 5222+ // } 5223+ // } 5224+ // END android-removed 5225 5226 /** 5227 * PBEWithMD5AndDES 5228@@ -436,61 +448,75 @@ 5229 { 5230 5231 provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); 5232- provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 5233- 5234- addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 5235- 5236- provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 5237+ // BEGIN android-removed 5238+ // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); 5239+ // 5240+ // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); 5241+ // 5242+ // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); 5243+ // END android-removed 5244 5245 provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); 5246 5247 provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); 5248 5249- provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 5250- provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 5251- provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 5252- 5253- provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 5254- provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 5255- 5256- provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 5257- provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 5258- 5259- provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 5260- provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5261- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5262- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5263- 5264- provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 5265- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 5266- 5267- provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 5268- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 5269- provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 5270- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 5271+ // BEGIN android-removed 5272+ // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); 5273+ // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); 5274+ // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); 5275+ // 5276+ // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); 5277+ // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); 5278+ // 5279+ // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); 5280+ // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); 5281+ // 5282+ // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); 5283+ // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5284+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5285+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); 5286+ // 5287+ // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); 5288+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); 5289+ // 5290+ // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); 5291+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); 5292+ // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); 5293+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); 5294+ // END android-removed 5295 5296 provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); 5297 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); 5298 5299- provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 5300- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 5301- 5302- provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 5303+ // BEGIN android-removed 5304+ // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); 5305+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); 5306+ // 5307+ // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); 5308+ // END android-removed 5309 provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5"); 5310 provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1"); 5311 5312- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5313+ // BEGIN android-removed 5314+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5315+ // END android-removed 5316 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 5317 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 5318 5319- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 5320+ // BEGIN android-removed 5321+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); 5322+ // END android-removed 5323 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory"); 5324 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory"); 5325 5326- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 5327+ // BEGIN android-removed 5328+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); 5329+ // END android-removed 5330 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); 5331 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); 5332- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5333+ // BEGIN android-removed 5334+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); 5335+ // END android-removed 5336 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); 5337 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); 5338 } 5339diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 5340--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-03-01 12:03:02.000000000 +0000 5341+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-04-09 13:10:16.000000000 +0000 5342@@ -1,30 +1,42 @@ 5343 package org.bouncycastle.jcajce.provider.symmetric; 5344 5345-import java.security.AlgorithmParameters; 5346-import java.security.InvalidAlgorithmParameterException; 5347+// BEGIN android-removed 5348+// import java.security.AlgorithmParameters; 5349+// import java.security.InvalidAlgorithmParameterException; 5350+// END android-removed 5351 import java.security.SecureRandom; 5352-import java.security.spec.AlgorithmParameterSpec; 5353+// BEGIN android-removed 5354+// import java.security.spec.AlgorithmParameterSpec; 5355+// END android-removed 5356 import java.security.spec.InvalidKeySpecException; 5357 import java.security.spec.KeySpec; 5358 5359 import javax.crypto.SecretKey; 5360 import javax.crypto.spec.DESedeKeySpec; 5361-import javax.crypto.spec.IvParameterSpec; 5362+// BEGIN android-removed 5363+// import javax.crypto.spec.IvParameterSpec; 5364+// END android-removed 5365 import javax.crypto.spec.SecretKeySpec; 5366 5367 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5368 import org.bouncycastle.crypto.KeyGenerationParameters; 5369 import org.bouncycastle.crypto.engines.DESedeEngine; 5370 import org.bouncycastle.crypto.engines.DESedeWrapEngine; 5371-import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5372+// BEGIN android-removed 5373+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; 5374+// END android-removed 5375 import org.bouncycastle.crypto.generators.DESedeKeyGenerator; 5376 import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5377-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5378-import org.bouncycastle.crypto.macs.CMac; 5379+// BEGIN android-removed 5380+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5381+// import org.bouncycastle.crypto.macs.CMac; 5382+// END android-removed 5383 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5384 import org.bouncycastle.crypto.paddings.ISO7816d4Padding; 5385 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 5386-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5387+// BEGIN android-removed 5388+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5389+// END android-removed 5390 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 5391 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5392 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5393@@ -56,17 +68,19 @@ 5394 } 5395 } 5396 5397- /** 5398- * DESede CFB8 5399- */ 5400- public static class DESedeCFB8 5401- extends BaseMac 5402- { 5403- public DESedeCFB8() 5404- { 5405- super(new CFBBlockCipherMac(new DESedeEngine())); 5406- } 5407- } 5408+ // BEGIN android-removed 5409+ // /** 5410+ // * DESede CFB8 5411+ // */ 5412+ // public static class DESedeCFB8 5413+ // extends BaseMac 5414+ // { 5415+ // public DESedeCFB8() 5416+ // { 5417+ // super(new CFBBlockCipherMac(new DESedeEngine())); 5418+ // } 5419+ // } 5420+ // END android-removed 5421 5422 /** 5423 * DESede64 5424@@ -101,15 +115,17 @@ 5425 } 5426 } 5427 5428- static public class CMAC 5429- extends BaseMac 5430- { 5431- public CMAC() 5432- { 5433- super(new CMac(new DESedeEngine())); 5434- } 5435- } 5436- 5437+ // BEGIN android-removed 5438+ // static public class CMAC 5439+ // extends BaseMac 5440+ // { 5441+ // public CMAC() 5442+ // { 5443+ // super(new CMac(new DESedeEngine())); 5444+ // } 5445+ // } 5446+ // END android-removed 5447+ 5448 public static class Wrap 5449 extends BaseWrapCipher 5450 { 5451@@ -118,15 +134,17 @@ 5452 super(new DESedeWrapEngine()); 5453 } 5454 } 5455- 5456- public static class RFC3211 5457- extends BaseWrapCipher 5458- { 5459- public RFC3211() 5460- { 5461- super(new RFC3211WrapEngine(new DESedeEngine()), 8); 5462- } 5463- } 5464+ 5465+ // BEGIN android-removed 5466+ // public static class RFC3211 5467+ // extends BaseWrapCipher 5468+ // { 5469+ // public RFC3211() 5470+ // { 5471+ // super(new RFC3211WrapEngine(new DESedeEngine()), 8); 5472+ // } 5473+ // } 5474+ // END android-removed 5475 5476 /** 5477 * DESede - the default for this is to generate a key in 5478@@ -240,43 +258,45 @@ 5479 } 5480 } 5481 5482- public static class AlgParamGen 5483- extends BaseAlgorithmParameterGenerator 5484- { 5485- protected void engineInit( 5486- AlgorithmParameterSpec genParamSpec, 5487- SecureRandom random) 5488- throws InvalidAlgorithmParameterException 5489- { 5490- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 5491- } 5492- 5493- protected AlgorithmParameters engineGenerateParameters() 5494- { 5495- byte[] iv = new byte[8]; 5496- 5497- if (random == null) 5498- { 5499- random = new SecureRandom(); 5500- } 5501- 5502- random.nextBytes(iv); 5503- 5504- AlgorithmParameters params; 5505- 5506- try 5507- { 5508- params = createParametersInstance("DES"); 5509- params.init(new IvParameterSpec(iv)); 5510- } 5511- catch (Exception e) 5512- { 5513- throw new RuntimeException(e.getMessage()); 5514- } 5515- 5516- return params; 5517- } 5518- } 5519+ // BEGIN android-removed 5520+ // public static class AlgParamGen 5521+ // extends BaseAlgorithmParameterGenerator 5522+ // { 5523+ // protected void engineInit( 5524+ // AlgorithmParameterSpec genParamSpec, 5525+ // SecureRandom random) 5526+ // throws InvalidAlgorithmParameterException 5527+ // { 5528+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); 5529+ // } 5530+ 5531+ // protected AlgorithmParameters engineGenerateParameters() 5532+ // { 5533+ // byte[] iv = new byte[8]; 5534+ 5535+ // if (random == null) 5536+ // { 5537+ // random = new SecureRandom(); 5538+ // } 5539+ 5540+ // random.nextBytes(iv); 5541+ 5542+ // AlgorithmParameters params; 5543+ 5544+ // try 5545+ // { 5546+ // params = createParametersInstance("DES"); 5547+ // params.init(new IvParameterSpec(iv)); 5548+ // } 5549+ // catch (Exception e) 5550+ // { 5551+ // throw new RuntimeException(e.getMessage()); 5552+ // } 5553+ 5554+ // return params; 5555+ // } 5556+ // } 5557+ // END android-removed 5558 5559 static public class KeyFactory 5560 extends BaseSecretKeyFactory 5561@@ -360,25 +380,37 @@ 5562 public void configure(ConfigurableProvider provider) 5563 { 5564 provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); 5565- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 5566+ // BEGIN android-removed 5567+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); 5568+ // END android-removed 5569 provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); 5570- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap"); 5571- provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 5572+ // BEGIN android-changed 5573+ provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); 5574+ // END android-changed 5575+ // BEGIN android-removed 5576+ // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); 5577+ // END android-removed 5578 5579 provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE"); 5580 provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP"); 5581 provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); 5582 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE"); 5583- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 5584+ // BEGIN android-removed 5585+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); 5586+ // END android-removed 5587 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); 5588 5589 if (provider.hasAlgorithm("MessageDigest", "SHA-1")) 5590 { 5591 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); 5592- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 5593- provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 5594+ // BEGIN android-removed 5595+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); 5596+ // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); 5597+ // END android-removed 5598 provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); 5599- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 5600+ // BEGIN android-removed 5601+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); 5602+ // END android-removed 5603 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 5604 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 5605 provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); 5606@@ -387,31 +419,37 @@ 5607 } 5608 5609 provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); 5610- provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 5611- provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 5612+ // BEGIN android-removed 5613+ // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); 5614+ // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); 5615+ // END android-removed 5616 5617 provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); 5618 5619- provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 5620- provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 5621- provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 5622- 5623- provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 5624- provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 5625- 5626- provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 5627- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 5628- 5629- provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 5630- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5631- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5632- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5633+ // BEGIN android-removed 5634+ // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); 5635+ // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); 5636+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); 5637+ // 5638+ // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); 5639+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); 5640+ // 5641+ // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); 5642+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); 5643+ // 5644+ // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); 5645+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5646+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5647+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); 5648+ // END android-removed 5649 5650 provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); 5651 provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5652 5653- provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 5654- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5655+ // BEGIN android-removed 5656+ // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); 5657+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); 5658+ // END android-removed 5659 5660 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory"); 5661 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory"); 5662diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 5663--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-03-01 12:03:02.000000000 +0000 5664+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-04-09 13:10:16.000000000 +0000 5665@@ -12,20 +12,28 @@ 5666 5667 import org.bouncycastle.asn1.ASN1Primitive; 5668 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 5669-import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 5670-import org.bouncycastle.crypto.CipherKeyGenerator; 5671+// BEGIN android-removed 5672+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; 5673+// import org.bouncycastle.crypto.CipherKeyGenerator; 5674+// END android-removed 5675 import org.bouncycastle.crypto.engines.RC2Engine; 5676-import org.bouncycastle.crypto.engines.RC2WrapEngine; 5677-import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5678-import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5679+// BEGIN android-removed 5680+// import org.bouncycastle.crypto.engines.RC2WrapEngine; 5681+// import org.bouncycastle.crypto.macs.CBCBlockCipherMac; 5682+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; 5683+// END android-removed 5684 import org.bouncycastle.crypto.modes.CBCBlockCipher; 5685 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 5686-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5687-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 5688+// BEGIN android-removed 5689+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; 5690+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; 5691+// END android-removed 5692 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 5693-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5694-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5695-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 5696+// BEGIN android-removed 5697+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 5698+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 5699+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; 5700+// END android-removed 5701 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 5702 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; 5703 import org.bouncycastle.util.Arrays; 5704@@ -36,59 +44,61 @@ 5705 { 5706 } 5707 5708- /** 5709- * RC2 5710- */ 5711- static public class ECB 5712- extends BaseBlockCipher 5713- { 5714- public ECB() 5715- { 5716- super(new RC2Engine()); 5717- } 5718- } 5719- 5720- /** 5721- * RC2CBC 5722- */ 5723- static public class CBC 5724- extends BaseBlockCipher 5725- { 5726- public CBC() 5727- { 5728- super(new CBCBlockCipher(new RC2Engine()), 64); 5729- } 5730- } 5731- 5732- public static class Wrap 5733- extends BaseWrapCipher 5734- { 5735- public Wrap() 5736- { 5737- super(new RC2WrapEngine()); 5738- } 5739- } 5740- 5741- /** 5742- * RC2 5743- */ 5744- public static class CBCMAC 5745- extends BaseMac 5746- { 5747- public CBCMAC() 5748- { 5749- super(new CBCBlockCipherMac(new RC2Engine())); 5750- } 5751- } 5752- 5753- public static class CFB8MAC 5754- extends BaseMac 5755- { 5756- public CFB8MAC() 5757- { 5758- super(new CFBBlockCipherMac(new RC2Engine())); 5759- } 5760- } 5761+ // BEGIN android-removed 5762+ // /** 5763+ // * RC2 5764+ // */ 5765+ // static public class ECB 5766+ // extends BaseBlockCipher 5767+ // { 5768+ // public ECB() 5769+ // { 5770+ // super(new RC2Engine()); 5771+ // } 5772+ // } 5773+ // 5774+ // /** 5775+ // * RC2CBC 5776+ // */ 5777+ // static public class CBC 5778+ // extends BaseBlockCipher 5779+ // { 5780+ // public CBC() 5781+ // { 5782+ // super(new CBCBlockCipher(new RC2Engine()), 64); 5783+ // } 5784+ // } 5785+ // 5786+ // public static class Wrap 5787+ // extends BaseWrapCipher 5788+ // { 5789+ // public Wrap() 5790+ // { 5791+ // super(new RC2WrapEngine()); 5792+ // } 5793+ // } 5794+ // 5795+ // /** 5796+ // * RC2 5797+ // */ 5798+ // public static class CBCMAC 5799+ // extends BaseMac 5800+ // { 5801+ // public CBCMAC() 5802+ // { 5803+ // super(new CBCBlockCipherMac(new RC2Engine())); 5804+ // } 5805+ // } 5806+ // 5807+ // public static class CFB8MAC 5808+ // extends BaseMac 5809+ // { 5810+ // public CFB8MAC() 5811+ // { 5812+ // super(new CFBBlockCipherMac(new RC2Engine())); 5813+ // } 5814+ // } 5815+ // END android-removed 5816 5817 /** 5818 * PBEWithSHA1AndRC2 5819@@ -174,17 +184,19 @@ 5820 } 5821 } 5822 5823- /** 5824- * PBEWithMD2AndRC2 5825- */ 5826- static public class PBEWithMD2KeyFactory 5827- extends PBESecretKeyFactory 5828- { 5829- public PBEWithMD2KeyFactory() 5830- { 5831- super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 5832- } 5833- } 5834+ // BEGIN android-removed 5835+ // /** 5836+ // * PBEWithMD2AndRC2 5837+ // */ 5838+ // static public class PBEWithMD2KeyFactory 5839+ // extends PBESecretKeyFactory 5840+ // { 5841+ // public PBEWithMD2KeyFactory() 5842+ // { 5843+ // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); 5844+ // } 5845+ // } 5846+ // END android-removed 5847 5848 /** 5849 * PBEWithMD5AndRC2 5850@@ -198,247 +210,249 @@ 5851 } 5852 } 5853 5854- public static class AlgParamGen 5855- extends BaseAlgorithmParameterGenerator 5856- { 5857- RC2ParameterSpec spec = null; 5858- 5859- protected void engineInit( 5860- AlgorithmParameterSpec genParamSpec, 5861- SecureRandom random) 5862- throws InvalidAlgorithmParameterException 5863- { 5864- if (genParamSpec instanceof RC2ParameterSpec) 5865- { 5866- spec = (RC2ParameterSpec)genParamSpec; 5867- return; 5868- } 5869- 5870- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 5871- } 5872- 5873- protected AlgorithmParameters engineGenerateParameters() 5874- { 5875- AlgorithmParameters params; 5876- 5877- if (spec == null) 5878- { 5879- byte[] iv = new byte[8]; 5880- 5881- if (random == null) 5882- { 5883- random = new SecureRandom(); 5884- } 5885- 5886- random.nextBytes(iv); 5887- 5888- try 5889- { 5890- params = createParametersInstance("RC2"); 5891- params.init(new IvParameterSpec(iv)); 5892- } 5893- catch (Exception e) 5894- { 5895- throw new RuntimeException(e.getMessage()); 5896- } 5897- } 5898- else 5899- { 5900- try 5901- { 5902- params = createParametersInstance("RC2"); 5903- params.init(spec); 5904- } 5905- catch (Exception e) 5906- { 5907- throw new RuntimeException(e.getMessage()); 5908- } 5909- } 5910- 5911- return params; 5912- } 5913- } 5914- 5915- public static class KeyGenerator 5916- extends BaseKeyGenerator 5917- { 5918- public KeyGenerator() 5919- { 5920- super("RC2", 128, new CipherKeyGenerator()); 5921- } 5922- } 5923- 5924- public static class AlgParams 5925- extends BaseAlgorithmParameters 5926- { 5927- private static final short[] table = { 5928- 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 5929- 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 5930- 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 5931- 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 5932- 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 5933- 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 5934- 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 5935- 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 5936- 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 5937- 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 5938- 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 5939- 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 5940- 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 5941- 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 5942- 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 5943- 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 5944- }; 5945- 5946- private static final short[] ekb = { 5947- 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 5948- 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 5949- 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 5950- 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 5951- 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 5952- 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 5953- 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 5954- 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 5955- 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 5956- 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 5957- 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 5958- 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 5959- 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 5960- 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 5961- 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 5962- 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 5963- }; 5964- 5965- private byte[] iv; 5966- private int parameterVersion = 58; 5967- 5968- protected byte[] engineGetEncoded() 5969- { 5970- return Arrays.clone(iv); 5971- } 5972- 5973- protected byte[] engineGetEncoded( 5974- String format) 5975- throws IOException 5976- { 5977- if (this.isASN1FormatString(format)) 5978- { 5979- if (parameterVersion == -1) 5980- { 5981- return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 5982- } 5983- else 5984- { 5985- return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 5986- } 5987- } 5988- 5989- if (format.equals("RAW")) 5990- { 5991- return engineGetEncoded(); 5992- } 5993- 5994- return null; 5995- } 5996- 5997- protected AlgorithmParameterSpec localEngineGetParameterSpec( 5998- Class paramSpec) 5999- throws InvalidParameterSpecException 6000- { 6001- if (paramSpec == RC2ParameterSpec.class) 6002- { 6003- if (parameterVersion != -1) 6004- { 6005- if (parameterVersion < 256) 6006- { 6007- return new RC2ParameterSpec(ekb[parameterVersion], iv); 6008- } 6009- else 6010- { 6011- return new RC2ParameterSpec(parameterVersion, iv); 6012- } 6013- } 6014- } 6015- 6016- if (paramSpec == IvParameterSpec.class) 6017- { 6018- return new IvParameterSpec(iv); 6019- } 6020- 6021- throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 6022- } 6023- 6024- protected void engineInit( 6025- AlgorithmParameterSpec paramSpec) 6026- throws InvalidParameterSpecException 6027- { 6028- if (paramSpec instanceof IvParameterSpec) 6029- { 6030- this.iv = ((IvParameterSpec)paramSpec).getIV(); 6031- } 6032- else if (paramSpec instanceof RC2ParameterSpec) 6033- { 6034- int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 6035- if (effKeyBits != -1) 6036- { 6037- if (effKeyBits < 256) 6038- { 6039- parameterVersion = table[effKeyBits]; 6040- } 6041- else 6042- { 6043- parameterVersion = effKeyBits; 6044- } 6045- } 6046- 6047- this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 6048- } 6049- else 6050- { 6051- throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 6052- } 6053- } 6054- 6055- protected void engineInit( 6056- byte[] params) 6057- throws IOException 6058- { 6059- this.iv = Arrays.clone(params); 6060- } 6061- 6062- protected void engineInit( 6063- byte[] params, 6064- String format) 6065- throws IOException 6066- { 6067- if (this.isASN1FormatString(format)) 6068- { 6069- RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 6070- 6071- if (p.getRC2ParameterVersion() != null) 6072- { 6073- parameterVersion = p.getRC2ParameterVersion().intValue(); 6074- } 6075- 6076- iv = p.getIV(); 6077- 6078- return; 6079- } 6080- 6081- if (format.equals("RAW")) 6082- { 6083- engineInit(params); 6084- return; 6085- } 6086- 6087- throw new IOException("Unknown parameters format in IV parameters object"); 6088- } 6089- 6090- protected String engineToString() 6091- { 6092- return "RC2 Parameters"; 6093- } 6094- } 6095+ // BEGIN android-removed 6096+ // public static class AlgParamGen 6097+ // extends BaseAlgorithmParameterGenerator 6098+ // { 6099+ // RC2ParameterSpec spec = null; 6100+ // 6101+ // protected void engineInit( 6102+ // AlgorithmParameterSpec genParamSpec, 6103+ // SecureRandom random) 6104+ // throws InvalidAlgorithmParameterException 6105+ // { 6106+ // if (genParamSpec instanceof RC2ParameterSpec) 6107+ // { 6108+ // spec = (RC2ParameterSpec)genParamSpec; 6109+ // return; 6110+ // } 6111+ // 6112+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); 6113+ // } 6114+ // 6115+ // protected AlgorithmParameters engineGenerateParameters() 6116+ // { 6117+ // AlgorithmParameters params; 6118+ // 6119+ // if (spec == null) 6120+ // { 6121+ // byte[] iv = new byte[8]; 6122+ // 6123+ // if (random == null) 6124+ // { 6125+ // random = new SecureRandom(); 6126+ // } 6127+ // 6128+ // random.nextBytes(iv); 6129+ // 6130+ // try 6131+ // { 6132+ // params = createParametersInstance("RC2"); 6133+ // params.init(new IvParameterSpec(iv)); 6134+ // } 6135+ // catch (Exception e) 6136+ // { 6137+ // throw new RuntimeException(e.getMessage()); 6138+ // } 6139+ // } 6140+ // else 6141+ // { 6142+ // try 6143+ // { 6144+ // params = createParametersInstance("RC2"); 6145+ // params.init(spec); 6146+ // } 6147+ // catch (Exception e) 6148+ // { 6149+ // throw new RuntimeException(e.getMessage()); 6150+ // } 6151+ // } 6152+ // 6153+ // return params; 6154+ // } 6155+ // } 6156+ // 6157+ // public static class KeyGenerator 6158+ // extends BaseKeyGenerator 6159+ // { 6160+ // public KeyGenerator() 6161+ // { 6162+ // super("RC2", 128, new CipherKeyGenerator()); 6163+ // } 6164+ // } 6165+ // 6166+ // public static class AlgParams 6167+ // extends BaseAlgorithmParameters 6168+ // { 6169+ // private static final short[] table = { 6170+ // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, 6171+ // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, 6172+ // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, 6173+ // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, 6174+ // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, 6175+ // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, 6176+ // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, 6177+ // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, 6178+ // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, 6179+ // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, 6180+ // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, 6181+ // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, 6182+ // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, 6183+ // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, 6184+ // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, 6185+ // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab 6186+ // }; 6187+ // 6188+ // private static final short[] ekb = { 6189+ // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, 6190+ // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, 6191+ // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, 6192+ // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, 6193+ // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, 6194+ // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, 6195+ // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, 6196+ // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, 6197+ // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, 6198+ // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, 6199+ // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, 6200+ // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, 6201+ // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, 6202+ // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, 6203+ // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, 6204+ // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd 6205+ // }; 6206+ // 6207+ // private byte[] iv; 6208+ // private int parameterVersion = 58; 6209+ // 6210+ // protected byte[] engineGetEncoded() 6211+ // { 6212+ // return Arrays.clone(iv); 6213+ // } 6214+ // 6215+ // protected byte[] engineGetEncoded( 6216+ // String format) 6217+ // throws IOException 6218+ // { 6219+ // if (this.isASN1FormatString(format)) 6220+ // { 6221+ // if (parameterVersion == -1) 6222+ // { 6223+ // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); 6224+ // } 6225+ // else 6226+ // { 6227+ // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); 6228+ // } 6229+ // } 6230+ // 6231+ // if (format.equals("RAW")) 6232+ // { 6233+ // return engineGetEncoded(); 6234+ // } 6235+ // 6236+ // return null; 6237+ // } 6238+ // 6239+ // protected AlgorithmParameterSpec localEngineGetParameterSpec( 6240+ // Class paramSpec) 6241+ // throws InvalidParameterSpecException 6242+ // { 6243+ // if (paramSpec == RC2ParameterSpec.class) 6244+ // { 6245+ // if (parameterVersion != -1) 6246+ // { 6247+ // if (parameterVersion < 256) 6248+ // { 6249+ // return new RC2ParameterSpec(ekb[parameterVersion], iv); 6250+ // } 6251+ // else 6252+ // { 6253+ // return new RC2ParameterSpec(parameterVersion, iv); 6254+ // } 6255+ // } 6256+ // } 6257+ // 6258+ // if (paramSpec == IvParameterSpec.class) 6259+ // { 6260+ // return new IvParameterSpec(iv); 6261+ // } 6262+ // 6263+ // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); 6264+ // } 6265+ // 6266+ // protected void engineInit( 6267+ // AlgorithmParameterSpec paramSpec) 6268+ // throws InvalidParameterSpecException 6269+ // { 6270+ // if (paramSpec instanceof IvParameterSpec) 6271+ // { 6272+ // this.iv = ((IvParameterSpec)paramSpec).getIV(); 6273+ // } 6274+ // else if (paramSpec instanceof RC2ParameterSpec) 6275+ // { 6276+ // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); 6277+ // if (effKeyBits != -1) 6278+ // { 6279+ // if (effKeyBits < 256) 6280+ // { 6281+ // parameterVersion = table[effKeyBits]; 6282+ // } 6283+ // else 6284+ // { 6285+ // parameterVersion = effKeyBits; 6286+ // } 6287+ // } 6288+ // 6289+ // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); 6290+ // } 6291+ // else 6292+ // { 6293+ // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); 6294+ // } 6295+ // } 6296+ // 6297+ // protected void engineInit( 6298+ // byte[] params) 6299+ // throws IOException 6300+ // { 6301+ // this.iv = Arrays.clone(params); 6302+ // } 6303+ // 6304+ // protected void engineInit( 6305+ // byte[] params, 6306+ // String format) 6307+ // throws IOException 6308+ // { 6309+ // if (this.isASN1FormatString(format)) 6310+ // { 6311+ // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); 6312+ // 6313+ // if (p.getRC2ParameterVersion() != null) 6314+ // { 6315+ // parameterVersion = p.getRC2ParameterVersion().intValue(); 6316+ // } 6317+ // 6318+ // iv = p.getIV(); 6319+ // 6320+ // return; 6321+ // } 6322+ // 6323+ // if (format.equals("RAW")) 6324+ // { 6325+ // engineInit(params); 6326+ // return; 6327+ // } 6328+ // 6329+ // throw new IOException("Unknown parameters format in IV parameters object"); 6330+ // } 6331+ // 6332+ // protected String engineToString() 6333+ // { 6334+ // return "RC2 Parameters"; 6335+ // } 6336+ // } 6337+ // END android-removed 6338 6339 public static class Mappings 6340 extends AlgorithmProvider 6341@@ -452,32 +466,36 @@ 6342 public void configure(ConfigurableProvider provider) 6343 { 6344 6345- provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 6346- provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 6347- 6348- provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 6349- provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 6350- 6351- provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 6352- provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 6353- 6354- provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 6355- provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 6356- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 6357- provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 6358- 6359- provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 6360- provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 6361- provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 6362- provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 6363- 6364- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6365+ // BEGIN android-removed 6366+ // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); 6367+ // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); 6368+ // 6369+ // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); 6370+ // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); 6371+ // 6372+ // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); 6373+ // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); 6374+ // 6375+ // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); 6376+ // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); 6377+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); 6378+ // provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); 6379+ // 6380+ // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); 6381+ // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); 6382+ // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); 6383+ // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); 6384+ // 6385+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); 6386+ // END android-removed 6387 6388 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); 6389 6390 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); 6391 6392- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6393+ // BEGIN android-removed 6394+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6395+ // END android-removed 6396 6397 provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6398 6399@@ -485,14 +503,18 @@ 6400 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC"); 6401 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC"); 6402 6403- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 6404+ // BEGIN android-removed 6405+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); 6406+ // END android-removed 6407 provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory"); 6408 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory"); 6409 6410 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory"); 6411 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory"); 6412 6413- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6414+ // BEGIN android-removed 6415+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); 6416+ // END android-removed 6417 6418 provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); 6419 6420diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 6421--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2015-03-01 12:03:02.000000000 +0000 6422+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2013-12-12 00:35:05.000000000 +0000 6423@@ -6,29 +6,31 @@ 6424 abstract class SymmetricAlgorithmProvider 6425 extends AlgorithmProvider 6426 { 6427- protected void addGMacAlgorithm( 6428- ConfigurableProvider provider, 6429- String algorithm, 6430- String algorithmClassName, 6431- String keyGeneratorClassName) 6432- { 6433- provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 6434- provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 6435- 6436- provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 6437- provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 6438- } 6439- 6440- protected void addPoly1305Algorithm(ConfigurableProvider provider, 6441- String algorithm, 6442- String algorithmClassName, 6443- String keyGeneratorClassName) 6444- { 6445- provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 6446- provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 6447- 6448- provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 6449- provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 6450- } 6451+ // BEGIN android-removed 6452+ // protected void addGMacAlgorithm( 6453+ // ConfigurableProvider provider, 6454+ // String algorithm, 6455+ // String algorithmClassName, 6456+ // String keyGeneratorClassName) 6457+ // { 6458+ // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); 6459+ // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); 6460+ // 6461+ // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); 6462+ // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); 6463+ // } 6464+ // 6465+ // protected void addPoly1305Algorithm(ConfigurableProvider provider, 6466+ // String algorithm, 6467+ // String algorithmClassName, 6468+ // String keyGeneratorClassName) 6469+ // { 6470+ // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); 6471+ // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); 6472+ // 6473+ // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); 6474+ // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); 6475+ // } 6476+ // END android-removed 6477 6478 } 6479diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 6480--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2015-03-01 12:03:02.000000000 +0000 6481+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2013-12-12 00:35:05.000000000 +0000 6482@@ -1,18 +1,26 @@ 6483 package org.bouncycastle.jcajce.provider.symmetric; 6484 6485-import org.bouncycastle.crypto.BlockCipher; 6486-import org.bouncycastle.crypto.CipherKeyGenerator; 6487+// BEGIN android-removed 6488+// import org.bouncycastle.crypto.BlockCipher; 6489+// import org.bouncycastle.crypto.CipherKeyGenerator; 6490+// END android-removed 6491 import org.bouncycastle.crypto.engines.TwofishEngine; 6492-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 6493-import org.bouncycastle.crypto.macs.GMac; 6494+// BEGIN android-removed 6495+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; 6496+// import org.bouncycastle.crypto.macs.GMac; 6497+// END android-removed 6498 import org.bouncycastle.crypto.modes.CBCBlockCipher; 6499-import org.bouncycastle.crypto.modes.GCMBlockCipher; 6500+// BEGIN android-removed 6501+// import org.bouncycastle.crypto.modes.GCMBlockCipher; 6502+// END android-removed 6503 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 6504 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; 6505-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 6506-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 6507-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 6508-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 6509+// BEGIN android-removed 6510+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; 6511+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; 6512+// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; 6513+// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; 6514+// END android-removed 6515 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; 6516 6517 public final class Twofish 6518@@ -21,56 +29,58 @@ 6519 { 6520 } 6521 6522- public static class ECB 6523- extends BaseBlockCipher 6524- { 6525- public ECB() 6526- { 6527- super(new BlockCipherProvider() 6528- { 6529- public BlockCipher get() 6530- { 6531- return new TwofishEngine(); 6532- } 6533- }); 6534- } 6535- } 6536- 6537- public static class KeyGen 6538- extends BaseKeyGenerator 6539- { 6540- public KeyGen() 6541- { 6542- super("Twofish", 256, new CipherKeyGenerator()); 6543- } 6544- } 6545- 6546- public static class GMAC 6547- extends BaseMac 6548- { 6549- public GMAC() 6550- { 6551- super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 6552- } 6553- } 6554- 6555- public static class Poly1305 6556- extends BaseMac 6557- { 6558- public Poly1305() 6559- { 6560- super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 6561- } 6562- } 6563- 6564- public static class Poly1305KeyGen 6565- extends BaseKeyGenerator 6566- { 6567- public Poly1305KeyGen() 6568- { 6569- super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 6570- } 6571- } 6572+ // BEGIN android-removed 6573+ // public static class ECB 6574+ // extends BaseBlockCipher 6575+ // { 6576+ // public ECB() 6577+ // { 6578+ // super(new BlockCipherProvider() 6579+ // { 6580+ // public BlockCipher get() 6581+ // { 6582+ // return new TwofishEngine(); 6583+ // } 6584+ // }); 6585+ // } 6586+ // } 6587+ // 6588+ // public static class KeyGen 6589+ // extends BaseKeyGenerator 6590+ // { 6591+ // public KeyGen() 6592+ // { 6593+ // super("Twofish", 256, new CipherKeyGenerator()); 6594+ // } 6595+ // } 6596+ // 6597+ // public static class GMAC 6598+ // extends BaseMac 6599+ // { 6600+ // public GMAC() 6601+ // { 6602+ // super(new GMac(new GCMBlockCipher(new TwofishEngine()))); 6603+ // } 6604+ // } 6605+ // 6606+ // public static class Poly1305 6607+ // extends BaseMac 6608+ // { 6609+ // public Poly1305() 6610+ // { 6611+ // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); 6612+ // } 6613+ // } 6614+ // 6615+ // public static class Poly1305KeyGen 6616+ // extends BaseKeyGenerator 6617+ // { 6618+ // public Poly1305KeyGen() 6619+ // { 6620+ // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); 6621+ // } 6622+ // } 6623+ // END android-removed 6624 6625 /** 6626 * PBEWithSHAAndTwofish-CBC 6627@@ -96,14 +106,16 @@ 6628 } 6629 } 6630 6631- public static class AlgParams 6632- extends IvAlgorithmParameters 6633- { 6634- protected String engineToString() 6635- { 6636- return "Twofish IV"; 6637- } 6638- } 6639+ // BEGIN android-removed 6640+ // public static class AlgParams 6641+ // extends IvAlgorithmParameters 6642+ // { 6643+ // protected String engineToString() 6644+ // { 6645+ // return "Twofish IV"; 6646+ // } 6647+ // } 6648+ // END android-removed 6649 6650 public static class Mappings 6651 extends SymmetricAlgorithmProvider 6652@@ -116,17 +128,21 @@ 6653 6654 public void configure(ConfigurableProvider provider) 6655 { 6656- provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 6657- provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 6658- provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 6659+ // BEGIN android-removed 6660+ // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); 6661+ // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); 6662+ // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); 6663+ // END android-removed 6664 6665 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); 6666 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); 6667 provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA"); 6668 provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory"); 6669 6670- addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 6671- addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 6672+ // BEGIN android-removed 6673+ // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); 6674+ // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); 6675+ // END android-removed 6676 } 6677 } 6678 } 6679diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 6680--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-03-01 12:03:02.000000000 +0000 6681+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-04-09 13:10:16.000000000 +0000 6682@@ -20,8 +20,10 @@ 6683 import javax.crypto.ShortBufferException; 6684 import javax.crypto.spec.IvParameterSpec; 6685 import javax.crypto.spec.PBEParameterSpec; 6686-import javax.crypto.spec.RC2ParameterSpec; 6687-import javax.crypto.spec.RC5ParameterSpec; 6688+// BEGIN android-removed 6689+// import javax.crypto.spec.RC2ParameterSpec; 6690+// import javax.crypto.spec.RC5ParameterSpec; 6691+// END android-removed 6692 6693 import org.bouncycastle.asn1.cms.GCMParameters; 6694 import org.bouncycastle.crypto.BlockCipher; 6695@@ -35,14 +37,20 @@ 6696 import org.bouncycastle.crypto.modes.CCMBlockCipher; 6697 import org.bouncycastle.crypto.modes.CFBBlockCipher; 6698 import org.bouncycastle.crypto.modes.CTSBlockCipher; 6699-import org.bouncycastle.crypto.modes.EAXBlockCipher; 6700-import org.bouncycastle.crypto.modes.GCFBBlockCipher; 6701+// BEGIN android-removed 6702+// import org.bouncycastle.crypto.modes.EAXBlockCipher; 6703+// import org.bouncycastle.crypto.modes.GCFBBlockCipher; 6704+// END android-removed 6705 import org.bouncycastle.crypto.modes.GCMBlockCipher; 6706-import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6707-import org.bouncycastle.crypto.modes.OCBBlockCipher; 6708+// BEGIN android-removed 6709+// import org.bouncycastle.crypto.modes.GOFBBlockCipher; 6710+// import org.bouncycastle.crypto.modes.OCBBlockCipher; 6711+// END android-removed 6712 import org.bouncycastle.crypto.modes.OFBBlockCipher; 6713-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6714-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6715+// BEGIN android-removed 6716+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; 6717+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; 6718+// END android-removed 6719 import org.bouncycastle.crypto.modes.SICBlockCipher; 6720 import org.bouncycastle.crypto.paddings.BlockCipherPadding; 6721 import org.bouncycastle.crypto.paddings.ISO10126d2Padding; 6722@@ -55,11 +63,15 @@ 6723 import org.bouncycastle.crypto.params.KeyParameter; 6724 import org.bouncycastle.crypto.params.ParametersWithIV; 6725 import org.bouncycastle.crypto.params.ParametersWithRandom; 6726-import org.bouncycastle.crypto.params.ParametersWithSBox; 6727+// BEGIN android-removed 6728+// import org.bouncycastle.crypto.params.ParametersWithSBox; 6729+// END android-removed 6730 import org.bouncycastle.crypto.params.RC2Parameters; 6731-import org.bouncycastle.crypto.params.RC5Parameters; 6732-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 6733-import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 6734+// BEGIN android-removed 6735+// import org.bouncycastle.crypto.params.RC5Parameters; 6736+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; 6737+// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; 6738+// END android-removed 6739 import org.bouncycastle.jce.provider.BouncyCastleProvider; 6740 import org.bouncycastle.util.Strings; 6741 6742@@ -74,11 +86,15 @@ 6743 // 6744 private Class[] availableSpecs = 6745 { 6746- RC2ParameterSpec.class, 6747- RC5ParameterSpec.class, 6748+ // BEGIN android-removed 6749+ // RC2ParameterSpec.class, 6750+ // RC5ParameterSpec.class, 6751+ // END android-removed 6752 IvParameterSpec.class, 6753 PBEParameterSpec.class, 6754- GOST28147ParameterSpec.class, 6755+ // BEGIN android-removed 6756+ // GOST28147ParameterSpec.class, 6757+ // END android-removed 6758 gcmSpecClass 6759 }; 6760 6761@@ -284,48 +300,52 @@ 6762 new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); 6763 } 6764 } 6765- else if (modeName.startsWith("PGP")) 6766- { 6767- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6768- 6769- ivLength = baseEngine.getBlockSize(); 6770- cipher = new BufferedGenericBlockCipher( 6771- new PGPCFBBlockCipher(baseEngine, inlineIV)); 6772- } 6773- else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6774- { 6775- ivLength = 0; 6776- cipher = new BufferedGenericBlockCipher( 6777- new OpenPGPCFBBlockCipher(baseEngine)); 6778- } 6779- else if (modeName.startsWith("SIC")) 6780- { 6781- ivLength = baseEngine.getBlockSize(); 6782- if (ivLength < 16) 6783- { 6784- throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6785- } 6786- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6787- new SICBlockCipher(baseEngine))); 6788- } 6789+ // BEGIN android-removed 6790+ // else if (modeName.startsWith("PGP")) 6791+ // { 6792+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); 6793+ // 6794+ // ivLength = baseEngine.getBlockSize(); 6795+ // cipher = new BufferedGenericBlockCipher( 6796+ // new PGPCFBBlockCipher(baseEngine, inlineIV)); 6797+ // } 6798+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) 6799+ // { 6800+ // ivLength = 0; 6801+ // cipher = new BufferedGenericBlockCipher( 6802+ // new OpenPGPCFBBlockCipher(baseEngine)); 6803+ // } 6804+ // else if (modeName.startsWith("SIC")) 6805+ // { 6806+ // ivLength = baseEngine.getBlockSize(); 6807+ // if (ivLength < 16) 6808+ // { 6809+ // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); 6810+ // } 6811+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6812+ // new SICBlockCipher(baseEngine))); 6813+ // } 6814+ // END android-removed 6815 else if (modeName.startsWith("CTR")) 6816 { 6817 ivLength = baseEngine.getBlockSize(); 6818 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6819 new SICBlockCipher(baseEngine))); 6820 } 6821- else if (modeName.startsWith("GOFB")) 6822- { 6823- ivLength = baseEngine.getBlockSize(); 6824- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6825- new GOFBBlockCipher(baseEngine))); 6826- } 6827- else if (modeName.startsWith("GCFB")) 6828- { 6829- ivLength = baseEngine.getBlockSize(); 6830- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6831- new GCFBBlockCipher(baseEngine))); 6832- } 6833+ // BEGIN android-removed 6834+ // else if (modeName.startsWith("GOFB")) 6835+ // { 6836+ // ivLength = baseEngine.getBlockSize(); 6837+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6838+ // new GOFBBlockCipher(baseEngine))); 6839+ // } 6840+ // else if (modeName.startsWith("GCFB")) 6841+ // { 6842+ // ivLength = baseEngine.getBlockSize(); 6843+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( 6844+ // new GCFBBlockCipher(baseEngine))); 6845+ // } 6846+ // END android-removed 6847 else if (modeName.startsWith("CTS")) 6848 { 6849 ivLength = baseEngine.getBlockSize(); 6850@@ -336,26 +356,28 @@ 6851 ivLength = 13; // CCM nonce 7..13 bytes 6852 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); 6853 } 6854- else if (modeName.startsWith("OCB")) 6855- { 6856- if (engineProvider != null) 6857- { 6858- /* 6859- * RFC 7253 4.2. Nonce is a string of no more than 120 bits 6860- */ 6861- ivLength = 15; 6862- cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 6863- } 6864- else 6865- { 6866- throw new NoSuchAlgorithmException("can't support mode " + mode); 6867- } 6868- } 6869- else if (modeName.startsWith("EAX")) 6870- { 6871- ivLength = baseEngine.getBlockSize(); 6872- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6873- } 6874+ // BEGIN android-removed 6875+ // else if (modeName.startsWith("OCB")) 6876+ // { 6877+ // if (engineProvider != null) 6878+ // { 6879+ // /* 6880+ // * RFC 7253 4.2. Nonce is a string of no more than 120 bits 6881+ // */ 6882+ // ivLength = 15; 6883+ // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); 6884+ // } 6885+ // else 6886+ // { 6887+ // throw new NoSuchAlgorithmException("can't support mode " + mode); 6888+ // } 6889+ // } 6890+ // else if (modeName.startsWith("EAX")) 6891+ // { 6892+ // ivLength = baseEngine.getBlockSize(); 6893+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); 6894+ // } 6895+ // END android-removed 6896 else if (modeName.startsWith("GCM")) 6897 { 6898 ivLength = baseEngine.getBlockSize(); 6899@@ -478,18 +500,20 @@ 6900 6901 param = new ParametersWithIV(param, iv.getIV()); 6902 } 6903- else if (params instanceof GOST28147ParameterSpec) 6904- { 6905- // need to pick up IV and SBox. 6906- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6907- 6908- param = new ParametersWithSBox(param, gost28147Param.getSbox()); 6909- 6910- if (gost28147Param.getIV() != null && ivLength != 0) 6911- { 6912- param = new ParametersWithIV(param, gost28147Param.getIV()); 6913- } 6914- } 6915+ // BEGIN android-removed 6916+ // else if (params instanceof GOST28147ParameterSpec) 6917+ // { 6918+ // // need to pick up IV and SBox. 6919+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6920+ // 6921+ // param = new ParametersWithSBox(param, gost28147Param.getSbox()); 6922+ // 6923+ // if (gost28147Param.getIV() != null && ivLength != 0) 6924+ // { 6925+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 6926+ // } 6927+ // } 6928+ // END android-removed 6929 } 6930 else if (params instanceof PBEParameterSpec) 6931 { 6932@@ -521,12 +545,14 @@ 6933 throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long."); 6934 } 6935 6936- if (key instanceof RepeatedSecretKeySpec) 6937- { 6938- param = new ParametersWithIV(null, p.getIV()); 6939- ivParam = (ParametersWithIV)param; 6940- } 6941- else 6942+ // BEGIN android-removed 6943+ // if (key instanceof RepeatedSecretKeySpec) 6944+ // { 6945+ // param = new ParametersWithIV(null, p.getIV()); 6946+ // ivParam = (ParametersWithIV)param; 6947+ // } 6948+ // else 6949+ // END android-removed 6950 { 6951 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), p.getIV()); 6952 ivParam = (ParametersWithIV)param; 6953@@ -542,63 +568,65 @@ 6954 param = new KeyParameter(key.getEncoded()); 6955 } 6956 } 6957- else if (params instanceof GOST28147ParameterSpec) 6958- { 6959- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 6960- 6961- param = new ParametersWithSBox( 6962- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 6963- 6964- if (gost28147Param.getIV() != null && ivLength != 0) 6965- { 6966- param = new ParametersWithIV(param, gost28147Param.getIV()); 6967- ivParam = (ParametersWithIV)param; 6968- } 6969- } 6970- else if (params instanceof RC2ParameterSpec) 6971- { 6972- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 6973- 6974- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 6975- 6976- if (rc2Param.getIV() != null && ivLength != 0) 6977- { 6978- param = new ParametersWithIV(param, rc2Param.getIV()); 6979- ivParam = (ParametersWithIV)param; 6980- } 6981- } 6982- else if (params instanceof RC5ParameterSpec) 6983- { 6984- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 6985- 6986- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 6987- if (baseEngine.getAlgorithmName().startsWith("RC5")) 6988- { 6989- if (baseEngine.getAlgorithmName().equals("RC5-32")) 6990- { 6991- if (rc5Param.getWordSize() != 32) 6992- { 6993- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 6994- } 6995- } 6996- else if (baseEngine.getAlgorithmName().equals("RC5-64")) 6997- { 6998- if (rc5Param.getWordSize() != 64) 6999- { 7000- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7001- } 7002- } 7003- } 7004- else 7005- { 7006- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7007- } 7008- if ((rc5Param.getIV() != null) && (ivLength != 0)) 7009- { 7010- param = new ParametersWithIV(param, rc5Param.getIV()); 7011- ivParam = (ParametersWithIV)param; 7012- } 7013- } 7014+ // BEGIN android-removed 7015+ // else if (params instanceof GOST28147ParameterSpec) 7016+ // { 7017+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; 7018+ // 7019+ // param = new ParametersWithSBox( 7020+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); 7021+ // 7022+ // if (gost28147Param.getIV() != null && ivLength != 0) 7023+ // { 7024+ // param = new ParametersWithIV(param, gost28147Param.getIV()); 7025+ // ivParam = (ParametersWithIV)param; 7026+ // } 7027+ // } 7028+ // else if (params instanceof RC2ParameterSpec) 7029+ // { 7030+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; 7031+ // 7032+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); 7033+ // 7034+ // if (rc2Param.getIV() != null && ivLength != 0) 7035+ // { 7036+ // param = new ParametersWithIV(param, rc2Param.getIV()); 7037+ // ivParam = (ParametersWithIV)param; 7038+ // } 7039+ // } 7040+ // else if (params instanceof RC5ParameterSpec) 7041+ // { 7042+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; 7043+ // 7044+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); 7045+ // if (baseEngine.getAlgorithmName().startsWith("RC5")) 7046+ // { 7047+ // if (baseEngine.getAlgorithmName().equals("RC5-32")) 7048+ // { 7049+ // if (rc5Param.getWordSize() != 32) 7050+ // { 7051+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); 7052+ // } 7053+ // } 7054+ // else if (baseEngine.getAlgorithmName().equals("RC5-64")) 7055+ // { 7056+ // if (rc5Param.getWordSize() != 64) 7057+ // { 7058+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); 7059+ // } 7060+ // } 7061+ // } 7062+ // else 7063+ // { 7064+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); 7065+ // } 7066+ // if ((rc5Param.getIV() != null) && (ivLength != 0)) 7067+ // { 7068+ // param = new ParametersWithIV(param, rc5Param.getIV()); 7069+ // ivParam = (ParametersWithIV)param; 7070+ // } 7071+ // } 7072+ // END android-removed 7073 else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) 7074 { 7075 if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) 7076@@ -611,11 +639,13 @@ 7077 Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]); 7078 Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]); 7079 7080- if (key instanceof RepeatedSecretKeySpec) 7081- { 7082- param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7083- } 7084- else 7085+ // BEGIN android-removed 7086+ // if (key instanceof RepeatedSecretKeySpec) 7087+ // { 7088+ // param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7089+ // } 7090+ // else 7091+ // END android-removed 7092 { 7093 param = aeadParams = new AEADParameters(new KeyParameter(key.getEncoded()), ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); 7094 } 7095@@ -867,7 +897,9 @@ 7096 private boolean isAEADModeName( 7097 String modeName) 7098 { 7099- return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName); 7100+ // BEGIN android-changed 7101+ return "CCM".equals(modeName) || "GCM".equals(modeName); 7102+ // END android-changed 7103 } 7104 7105 /* 7106diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 7107--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2015-03-01 12:03:02.000000000 +0000 7108+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-12-12 00:35:05.000000000 +0000 7109@@ -16,8 +16,10 @@ 7110 import org.bouncycastle.crypto.Mac; 7111 import org.bouncycastle.crypto.params.KeyParameter; 7112 import org.bouncycastle.crypto.params.ParametersWithIV; 7113-import org.bouncycastle.crypto.params.SkeinParameters; 7114-import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 7115+// BEGIN android-removed 7116+// import org.bouncycastle.crypto.params.SkeinParameters; 7117+// import org.bouncycastle.jcajce.spec.SkeinParameterSpec; 7118+// END android-removed 7119 7120 public class BaseMac 7121 extends MacSpi implements PBE 7122@@ -79,10 +81,12 @@ 7123 { 7124 param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV()); 7125 } 7126- else if (params instanceof SkeinParameterSpec) 7127- { 7128- param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 7129- } 7130+ // BEGIN android-removed 7131+ // else if (params instanceof SkeinParameterSpec) 7132+ // { 7133+ // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); 7134+ // } 7135+ // END android-removed 7136 else if (params == null) 7137 { 7138 param = new KeyParameter(key.getEncoded()); 7139diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 7140--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-03-01 12:03:02.000000000 +0000 7141+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-04-09 13:10:16.000000000 +0000 7142@@ -15,8 +15,10 @@ 7143 import javax.crypto.ShortBufferException; 7144 import javax.crypto.spec.IvParameterSpec; 7145 import javax.crypto.spec.PBEParameterSpec; 7146-import javax.crypto.spec.RC2ParameterSpec; 7147-import javax.crypto.spec.RC5ParameterSpec; 7148+// BEGIN android-removed 7149+// import javax.crypto.spec.RC2ParameterSpec; 7150+// import javax.crypto.spec.RC5ParameterSpec; 7151+// END android-removed 7152 7153 import org.bouncycastle.crypto.CipherParameters; 7154 import org.bouncycastle.crypto.DataLengthException; 7155@@ -34,8 +36,10 @@ 7156 // 7157 private Class[] availableSpecs = 7158 { 7159- RC2ParameterSpec.class, 7160- RC5ParameterSpec.class, 7161+ // BEGIN android-removed 7162+ // RC2ParameterSpec.class, 7163+ // RC5ParameterSpec.class, 7164+ // END android-removed 7165 IvParameterSpec.class, 7166 PBEParameterSpec.class 7167 }; 7168diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 7169--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-03-01 12:03:02.000000000 +0000 7170+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-04-09 13:10:16.000000000 +0000 7171@@ -24,8 +24,10 @@ 7172 import javax.crypto.ShortBufferException; 7173 import javax.crypto.spec.IvParameterSpec; 7174 import javax.crypto.spec.PBEParameterSpec; 7175-import javax.crypto.spec.RC2ParameterSpec; 7176-import javax.crypto.spec.RC5ParameterSpec; 7177+// BEGIN android-removed 7178+// import javax.crypto.spec.RC2ParameterSpec; 7179+// import javax.crypto.spec.RC5ParameterSpec; 7180+// END android-removed 7181 import javax.crypto.spec.SecretKeySpec; 7182 7183 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 7184@@ -50,8 +52,10 @@ 7185 { 7186 IvParameterSpec.class, 7187 PBEParameterSpec.class, 7188- RC2ParameterSpec.class, 7189- RC5ParameterSpec.class 7190+ // BEGIN android-removed 7191+ // RC2ParameterSpec.class, 7192+ // RC5ParameterSpec.class 7193+ // END android-removed 7194 }; 7195 7196 protected int pbeType = PKCS12; 7197@@ -276,6 +280,8 @@ 7198 return null; 7199 } 7200 7201+ // BEGIN android-changed 7202+ // added ShortBufferException to throws statement 7203 protected int engineDoFinal( 7204 byte[] input, 7205 int inputOffset, 7206@@ -286,6 +292,7 @@ 7207 { 7208 return 0; 7209 } 7210+ // END android-changed 7211 7212 protected byte[] engineWrap( 7213 Key key) 7214diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 7215--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2015-03-01 12:03:02.000000000 +0000 7216+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-12-12 00:35:05.000000000 +0000 7217@@ -7,13 +7,18 @@ 7218 7219 import org.bouncycastle.crypto.CipherParameters; 7220 import org.bouncycastle.crypto.PBEParametersGenerator; 7221-import org.bouncycastle.crypto.digests.GOST3411Digest; 7222-import org.bouncycastle.crypto.digests.MD2Digest; 7223-import org.bouncycastle.crypto.digests.MD5Digest; 7224-import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7225-import org.bouncycastle.crypto.digests.SHA1Digest; 7226-import org.bouncycastle.crypto.digests.SHA256Digest; 7227-import org.bouncycastle.crypto.digests.TigerDigest; 7228+// BEGIN android-removed 7229+// import org.bouncycastle.crypto.digests.GOST3411Digest; 7230+// import org.bouncycastle.crypto.digests.MD2Digest; 7231+// import org.bouncycastle.crypto.digests.MD5Digest; 7232+// import org.bouncycastle.crypto.digests.RIPEMD160Digest; 7233+// import org.bouncycastle.crypto.digests.SHA1Digest; 7234+// import org.bouncycastle.crypto.digests.SHA256Digest; 7235+// import org.bouncycastle.crypto.digests.TigerDigest; 7236+// END android-removed 7237+// BEGIN android-added 7238+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7239+// END android-added 7240 import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; 7241 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; 7242 import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; 7243@@ -29,11 +34,15 @@ 7244 // 7245 static final int MD5 = 0; 7246 static final int SHA1 = 1; 7247- static final int RIPEMD160 = 2; 7248- static final int TIGER = 3; 7249+ // BEGIN android-removed 7250+ // static final int RIPEMD160 = 2; 7251+ // static final int TIGER = 3; 7252+ // END android-removed 7253 static final int SHA256 = 4; 7254- static final int MD2 = 5; 7255- static final int GOST3411 = 6; 7256+ // BEGIN android-removed 7257+ // static final int MD2 = 5; 7258+ // static final int GOST3411 = 6; 7259+ // END android-removed 7260 7261 static final int PKCS5S1 = 0; 7262 static final int PKCS5S2 = 1; 7263@@ -57,14 +66,20 @@ 7264 { 7265 switch (hash) 7266 { 7267- case MD2: 7268- generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 7269- break; 7270+ // BEGIN android-removed 7271+ // case MD2: 7272+ // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); 7273+ // break; 7274+ // END android-removed 7275 case MD5: 7276- generator = new PKCS5S1ParametersGenerator(new MD5Digest()); 7277+ // BEGIN android-changed 7278+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); 7279+ // END android-changed 7280 break; 7281 case SHA1: 7282- generator = new PKCS5S1ParametersGenerator(new SHA1Digest()); 7283+ // BEGIN android-changed 7284+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); 7285+ // END android-changed 7286 break; 7287 default: 7288 throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); 7289@@ -74,27 +89,39 @@ 7290 { 7291 switch (hash) 7292 { 7293- case MD2: 7294- generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 7295- break; 7296+ // BEGIN android-removed 7297+ // case MD2: 7298+ // generator = new PKCS5S2ParametersGenerator(new MD2Digest()); 7299+ // break; 7300+ // END android-removed 7301 case MD5: 7302- generator = new PKCS5S2ParametersGenerator(new MD5Digest()); 7303+ // BEGIN android-changed 7304+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5()); 7305+ // END android-changed 7306 break; 7307 case SHA1: 7308- generator = new PKCS5S2ParametersGenerator(new SHA1Digest()); 7309- break; 7310- case RIPEMD160: 7311- generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 7312- break; 7313- case TIGER: 7314- generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 7315- break; 7316+ // BEGIN android-changed 7317+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1()); 7318+ // END android-changed 7319+ break; 7320+ // BEGIN android-removed 7321+ // case RIPEMD160: 7322+ // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); 7323+ // break; 7324+ // case TIGER: 7325+ // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); 7326+ // break; 7327+ // END android-removed 7328 case SHA256: 7329- generator = new PKCS5S2ParametersGenerator(new SHA256Digest()); 7330- break; 7331- case GOST3411: 7332- generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 7333- break; 7334+ // BEGIN android-changed 7335+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); 7336+ // END android-changed 7337+ break; 7338+ // BEGIN android-removed 7339+ // case GOST3411: 7340+ // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); 7341+ // break; 7342+ // END android-removed 7343 default: 7344 throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption."); 7345 } 7346@@ -103,27 +130,39 @@ 7347 { 7348 switch (hash) 7349 { 7350- case MD2: 7351- generator = new PKCS12ParametersGenerator(new MD2Digest()); 7352- break; 7353+ // BEGIN android-removed 7354+ // case MD2: 7355+ // generator = new PKCS12ParametersGenerator(new MD2Digest()); 7356+ // break; 7357+ // END android-removed 7358 case MD5: 7359- generator = new PKCS12ParametersGenerator(new MD5Digest()); 7360+ // BEGIN android-changed 7361+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); 7362+ // END android-changed 7363 break; 7364 case SHA1: 7365- generator = new PKCS12ParametersGenerator(new SHA1Digest()); 7366- break; 7367- case RIPEMD160: 7368- generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 7369- break; 7370- case TIGER: 7371- generator = new PKCS12ParametersGenerator(new TigerDigest()); 7372- break; 7373+ // BEGIN android-changed 7374+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); 7375+ // END android-changed 7376+ break; 7377+ // BEGIN android-removed 7378+ // case RIPEMD160: 7379+ // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); 7380+ // break; 7381+ // case TIGER: 7382+ // generator = new PKCS12ParametersGenerator(new TigerDigest()); 7383+ // break; 7384+ // END android-removed 7385 case SHA256: 7386- generator = new PKCS12ParametersGenerator(new SHA256Digest()); 7387- break; 7388- case GOST3411: 7389- generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 7390- break; 7391+ // BEGIN android-changed 7392+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); 7393+ // END android-changed 7394+ break; 7395+ // BEGIN android-removed 7396+ // case GOST3411: 7397+ // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); 7398+ // break; 7399+ // END android-removed 7400 default: 7401 throw new IllegalStateException("unknown digest scheme for PBE encryption."); 7402 } 7403diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 7404--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2015-03-01 12:03:02.000000000 +0000 7405+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-09-26 18:06:21.000000000 +0000 7406@@ -10,12 +10,17 @@ 7407 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7408 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7409 import org.bouncycastle.crypto.Digest; 7410-import org.bouncycastle.crypto.digests.MD5Digest; 7411-import org.bouncycastle.crypto.digests.SHA1Digest; 7412-import org.bouncycastle.crypto.digests.SHA224Digest; 7413-import org.bouncycastle.crypto.digests.SHA256Digest; 7414-import org.bouncycastle.crypto.digests.SHA384Digest; 7415-import org.bouncycastle.crypto.digests.SHA512Digest; 7416+// BEGIN android-removed 7417+// import org.bouncycastle.crypto.digests.MD5Digest; 7418+// import org.bouncycastle.crypto.digests.SHA1Digest; 7419+// import org.bouncycastle.crypto.digests.SHA224Digest; 7420+// import org.bouncycastle.crypto.digests.SHA256Digest; 7421+// import org.bouncycastle.crypto.digests.SHA384Digest; 7422+// import org.bouncycastle.crypto.digests.SHA512Digest; 7423+// END android-removed 7424+// BEGIN android-added 7425+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7426+// END android-added 7427 import org.bouncycastle.util.Strings; 7428 7429 public class DigestFactory 7430@@ -85,27 +90,39 @@ 7431 7432 if (sha1.contains(digestName)) 7433 { 7434- return new SHA1Digest(); 7435+ // BEGIN android-changed 7436+ return AndroidDigestFactory.getSHA1(); 7437+ // END android-changed 7438 } 7439 if (md5.contains(digestName)) 7440 { 7441- return new MD5Digest(); 7442+ // BEGIN android-changed 7443+ return AndroidDigestFactory.getMD5(); 7444+ // END android-changed 7445 } 7446 if (sha224.contains(digestName)) 7447 { 7448- return new SHA224Digest(); 7449+ // BEGIN android-changed 7450+ return AndroidDigestFactory.getSHA224(); 7451+ // END android-changed 7452 } 7453 if (sha256.contains(digestName)) 7454 { 7455- return new SHA256Digest(); 7456+ // BEGIN android-changed 7457+ return AndroidDigestFactory.getSHA256(); 7458+ // END android-changed 7459 } 7460 if (sha384.contains(digestName)) 7461 { 7462- return new SHA384Digest(); 7463+ // BEGIN android-changed 7464+ return AndroidDigestFactory.getSHA384(); 7465+ // END android-changed 7466 } 7467 if (sha512.contains(digestName)) 7468 { 7469- return new SHA512Digest(); 7470+ // BEGIN android-changed 7471+ return AndroidDigestFactory.getSHA512(); 7472+ // END android-changed 7473 } 7474 7475 return null; 7476diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 7477--- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java 2015-03-01 12:03:02.000000000 +0000 7478+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 2014-07-28 19:51:54.000000000 +0000 7479@@ -6,11 +6,15 @@ 7480 import org.bouncycastle.asn1.ASN1Encodable; 7481 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 7482 import org.bouncycastle.asn1.ASN1Primitive; 7483-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7484+// BEGIN android-removed 7485+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7486+// END android-removed 7487 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 7488 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7489 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7490-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7491+// BEGIN android-removed 7492+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7493+// END android-removed 7494 7495 /** 7496 * General JCA/JCE utility methods. 7497@@ -100,22 +104,24 @@ 7498 { 7499 return "SHA512"; 7500 } 7501- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7502- { 7503- return "RIPEMD128"; 7504- } 7505- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7506- { 7507- return "RIPEMD160"; 7508- } 7509- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7510- { 7511- return "RIPEMD256"; 7512- } 7513- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7514- { 7515- return "GOST3411"; 7516- } 7517+ // BEGIN android-removed 7518+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7519+ // { 7520+ // return "RIPEMD128"; 7521+ // } 7522+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7523+ // { 7524+ // return "RIPEMD160"; 7525+ // } 7526+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7527+ // { 7528+ // return "RIPEMD256"; 7529+ // } 7530+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7531+ // { 7532+ // return "GOST3411"; 7533+ // } 7534+ // END android-removed 7535 else 7536 { 7537 return digestAlgOID.getId(); 7538diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 7539--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2015-03-01 12:03:02.000000000 +0000 7540+++ bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 2014-07-28 19:51:54.000000000 +0000 7541@@ -30,14 +30,18 @@ 7542 import org.bouncycastle.asn1.ASN1Set; 7543 import org.bouncycastle.asn1.DERBitString; 7544 import org.bouncycastle.asn1.DERNull; 7545-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7546+// BEGIN android-removed 7547+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 7548+// END android-removed 7549 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 7550 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 7551 import org.bouncycastle.asn1.pkcs.CertificationRequest; 7552 import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; 7553 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 7554 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 7555-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7556+// BEGIN android-removed 7557+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 7558+// END android-removed 7559 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 7560 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 7561 import org.bouncycastle.asn1.x509.X509Name; 7562@@ -81,8 +85,11 @@ 7563 7564 static 7565 { 7566- algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7567- algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7568+ // BEGIN android-removed 7569+ // Dropping MD2 7570+ // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7571+ // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); 7572+ // END android-removed 7573 algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7574 algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7575 algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); 7576@@ -102,12 +109,14 @@ 7577 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 7578 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 7579 algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5")); 7580- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7581- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7582- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7583- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7584- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7585- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7586+ // BEGIN android-removed 7587+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7588+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 7589+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7590+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 7591+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7592+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 7593+ // END android-removed 7594 algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); 7595 algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); 7596 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 7597@@ -120,11 +129,13 @@ 7598 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 7599 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 7600 algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 7601- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7602- algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7603- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7604- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7605- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7606+ // BEGIN android-removed 7607+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7608+ // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7609+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7610+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7611+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7612+ // END android-removed 7613 7614 // 7615 // reverse mappings 7616@@ -134,11 +145,15 @@ 7617 oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); 7618 oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); 7619 oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); 7620- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 7621- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 7622+ // BEGIN android-removed 7623+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 7624+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 7625+ // END android-removed 7626 7627 oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); 7628- oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 7629+ // BEGIN android-removed 7630+ // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 7631+ // END android-removed 7632 oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); 7633 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); 7634 oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 7635@@ -172,8 +187,10 @@ 7636 // 7637 // RFC 4491 7638 // 7639- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7640- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7641+ // BEGIN android-removed 7642+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 7643+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 7644+ // END android-removed 7645 // 7646 // explicit params 7647 // 7648@@ -616,22 +633,24 @@ 7649 { 7650 return "SHA512"; 7651 } 7652- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7653- { 7654- return "RIPEMD128"; 7655- } 7656- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7657- { 7658- return "RIPEMD160"; 7659- } 7660- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7661- { 7662- return "RIPEMD256"; 7663- } 7664- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7665- { 7666- return "GOST3411"; 7667- } 7668+ // BEGIN android-removed 7669+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 7670+ // { 7671+ // return "RIPEMD128"; 7672+ // } 7673+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 7674+ // { 7675+ // return "RIPEMD160"; 7676+ // } 7677+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 7678+ // { 7679+ // return "RIPEMD256"; 7680+ // } 7681+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 7682+ // { 7683+ // return "GOST3411"; 7684+ // } 7685+ // END android-removed 7686 else 7687 { 7688 return digestAlgOID.getId(); 7689diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 7690--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-03-01 12:03:02.000000000 +0000 7691+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-04-09 13:10:16.000000000 +0000 7692@@ -64,15 +64,22 @@ 7693 7694 private static final String[] SYMMETRIC_MACS = 7695 { 7696- "SipHash" 7697+ // BEGIN android-removed 7698+ // "SipHash" 7699+ // END android-removed 7700 }; 7701 7702 private static final String[] SYMMETRIC_CIPHERS = 7703 { 7704- "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 7705- "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 7706- "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 7707- "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 7708+ // BEGIN android-removed 7709+ // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", 7710+ // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", 7711+ // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish", 7712+ // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20" 7713+ // END android-removed 7714+ // BEGIN android-added 7715+ "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish", 7716+ // END android-added 7717 }; 7718 7719 /* 7720@@ -84,12 +91,22 @@ 7721 // later ones configure it. 7722 private static final String[] ASYMMETRIC_GENERIC = 7723 { 7724- "X509", "IES" 7725+ // BEGIN android-removed 7726+ // "X509", "IES" 7727+ // END android-removed 7728+ // BEGIN android-added 7729+ "X509" 7730+ // END android-added 7731 }; 7732 7733 private static final String[] ASYMMETRIC_CIPHERS = 7734 { 7735- "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 7736+ // BEGIN android-removed 7737+ // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145" 7738+ // END android-removed 7739+ // BEGIN android-added 7740+ "DSA", "DH", "EC", "RSA", 7741+ // END android-added 7742 }; 7743 7744 /* 7745@@ -98,7 +115,12 @@ 7746 private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; 7747 private static final String[] DIGESTS = 7748 { 7749- "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 7750+ // BEGIN android-removed 7751+ // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool" 7752+ // END android-removed 7753+ // BEGIN android-added 7754+ "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", 7755+ // END android-added 7756 }; 7757 7758 /* 7759@@ -145,48 +167,52 @@ 7760 7761 loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES); 7762 7763- // 7764- // X509Store 7765- // 7766- put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 7767- put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 7768- put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 7769- put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 7770- 7771- put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 7772- put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 7773- put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 7774- put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 7775- 7776- // 7777- // X509StreamParser 7778- // 7779- put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 7780- put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 7781- put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 7782- put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 7783- 7784- // 7785- // cipher engines 7786- // 7787- put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 7788- 7789- put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 7790- 7791- 7792- put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 7793- 7794- // Certification Path API 7795- put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 7796- put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 7797- put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7798- put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7799+ // BEGIN android-removed 7800+ // // 7801+ // // X509Store 7802+ // // 7803+ // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); 7804+ // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); 7805+ // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); 7806+ // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); 7807+ // 7808+ // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); 7809+ // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); 7810+ // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); 7811+ // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); 7812+ // 7813+ // // 7814+ // // X509StreamParser 7815+ // // 7816+ // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); 7817+ // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); 7818+ // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); 7819+ // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); 7820+ // 7821+ // // 7822+ // // cipher engines 7823+ // // 7824+ // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); 7825+ // 7826+ // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); 7827+ // 7828+ // 7829+ // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); 7830+ // 7831+ // // Certification Path API 7832+ // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); 7833+ // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); 7834+ // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7835+ // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7836+ // END android-removed 7837 put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); 7838 put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); 7839 put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); 7840- put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 7841- put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 7842- put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 7843+ // BEGIN android-removed 7844+ // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); 7845+ // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); 7846+ // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); 7847+ // END android-removed 7848 } 7849 7850 private void loadAlgorithms(String packageName, String[] names) 7851diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 7852--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 7853+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 2015-06-10 22:51:41.000000000 +0000 7854@@ -0,0 +1,233 @@ 7855+/* 7856+ * Copyright (C) 2012 The Android Open Source Project 7857+ * 7858+ * Licensed under the Apache License, Version 2.0 (the "License"); 7859+ * you may not use this file except in compliance with the License. 7860+ * You may obtain a copy of the License at 7861+ * 7862+ * http://www.apache.org/licenses/LICENSE-2.0 7863+ * 7864+ * Unless required by applicable law or agreed to in writing, software 7865+ * distributed under the License is distributed on an "AS IS" BASIS, 7866+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 7867+ * See the License for the specific language governing permissions and 7868+ * limitations under the License. 7869+ */ 7870+ 7871+package org.bouncycastle.jce.provider; 7872+ 7873+import java.io.Closeable; 7874+import java.io.ByteArrayOutputStream; 7875+import java.io.FileNotFoundException; 7876+import java.io.IOException; 7877+import java.io.RandomAccessFile; 7878+import java.math.BigInteger; 7879+import java.security.PublicKey; 7880+import java.util.Arrays; 7881+import java.util.Collections; 7882+import java.util.HashSet; 7883+import java.util.Set; 7884+import java.util.logging.Level; 7885+import java.util.logging.Logger; 7886+import org.bouncycastle.crypto.Digest; 7887+import org.bouncycastle.crypto.digests.AndroidDigestFactory; 7888+import org.bouncycastle.util.encoders.Hex; 7889+ 7890+public class CertBlacklist { 7891+ private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName()); 7892+ 7893+ // public for testing 7894+ public final Set<BigInteger> serialBlacklist; 7895+ public final Set<byte[]> pubkeyBlacklist; 7896+ 7897+ public CertBlacklist() { 7898+ String androidData = System.getenv("ANDROID_DATA"); 7899+ String blacklistRoot = androidData + "/misc/keychain/"; 7900+ String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt"; 7901+ String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt"; 7902+ 7903+ pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath); 7904+ serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath); 7905+ } 7906+ 7907+ /** Test only interface, not for public use */ 7908+ public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) { 7909+ pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath); 7910+ serialBlacklist = readSerialBlackList(serialBlacklistPath); 7911+ } 7912+ 7913+ private static boolean isHex(String value) { 7914+ try { 7915+ new BigInteger(value, 16); 7916+ return true; 7917+ } catch (NumberFormatException e) { 7918+ logger.log(Level.WARNING, "Could not parse hex value " + value, e); 7919+ return false; 7920+ } 7921+ } 7922+ 7923+ private static boolean isPubkeyHash(String value) { 7924+ if (value.length() != 40) { 7925+ logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length()); 7926+ return false; 7927+ } 7928+ return isHex(value); 7929+ } 7930+ 7931+ private static String readBlacklist(String path) { 7932+ try { 7933+ return readFileAsString(path); 7934+ } catch (FileNotFoundException ignored) { 7935+ } catch (IOException e) { 7936+ logger.log(Level.WARNING, "Could not read blacklist", e); 7937+ } 7938+ return ""; 7939+ } 7940+ 7941+ // From IoUtils.readFileAsString 7942+ private static String readFileAsString(String path) throws IOException { 7943+ return readFileAsBytes(path).toString("UTF-8"); 7944+ } 7945+ 7946+ // Based on IoUtils.readFileAsBytes 7947+ private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException { 7948+ RandomAccessFile f = null; 7949+ try { 7950+ f = new RandomAccessFile(path, "r"); 7951+ ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length()); 7952+ byte[] buffer = new byte[8192]; 7953+ while (true) { 7954+ int byteCount = f.read(buffer); 7955+ if (byteCount == -1) { 7956+ return bytes; 7957+ } 7958+ bytes.write(buffer, 0, byteCount); 7959+ } 7960+ } finally { 7961+ closeQuietly(f); 7962+ } 7963+ } 7964+ 7965+ // Base on IoUtils.closeQuietly 7966+ private static void closeQuietly(Closeable closeable) { 7967+ if (closeable != null) { 7968+ try { 7969+ closeable.close(); 7970+ } catch (RuntimeException rethrown) { 7971+ throw rethrown; 7972+ } catch (Exception ignored) { 7973+ } 7974+ } 7975+ } 7976+ 7977+ private static final Set<BigInteger> readSerialBlackList(String path) { 7978+ 7979+ /* Start out with a base set of known bad values. 7980+ * 7981+ * WARNING: Do not add short serials to this list! 7982+ * 7983+ * Since this currently doesn't compare the serial + issuer, you 7984+ * should only add serials that have enough entropy here. Short 7985+ * serials may inadvertently match a certificate that was issued 7986+ * not in compliance with the Baseline Requirements. 7987+ */ 7988+ Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList( 7989+ // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup 7990+ // Not a real certificate. For testing only. 7991+ new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16), 7992+ new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16), 7993+ new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16), 7994+ new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16), 7995+ new BigInteger("9239d5348f40d1695a745470e1f23f43", 16), 7996+ new BigInteger("e9028b9578e415dc1a710a2b88154447", 16), 7997+ new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16), 7998+ new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16), 7999+ new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), 8000+ new BigInteger("3e75ced46b693021218830ae86a82a71", 16) 8001+ )); 8002+ 8003+ // attempt to augment it with values taken from gservices 8004+ String serialBlacklist = readBlacklist(path); 8005+ if (!serialBlacklist.equals("")) { 8006+ for(String value : serialBlacklist.split(",")) { 8007+ try { 8008+ bl.add(new BigInteger(value, 16)); 8009+ } catch (NumberFormatException e) { 8010+ logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e); 8011+ } 8012+ } 8013+ } 8014+ 8015+ // whether that succeeds or fails, send it on its merry way 8016+ return Collections.unmodifiableSet(bl); 8017+ } 8018+ 8019+ private static final Set<byte[]> readPublicKeyBlackList(String path) { 8020+ 8021+ // start out with a base set of known bad values 8022+ Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList( 8023+ // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 8024+ // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl 8025+ "410f36363258f30b347d12ce4863e433437806a8".getBytes(), 8026+ // Subject: CN=DigiNotar Cyber CA 8027+ // Issuer: CN=GTE CyberTrust Global Root 8028+ "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(), 8029+ // Subject: CN=DigiNotar Services 1024 CA 8030+ // Issuer: CN=Entrust.net 8031+ "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(), 8032+ // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 8033+ // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 8034+ "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(), 8035+ // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven 8036+ // Issuer: CN=Staat der Nederlanden Overheid CA 8037+ "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(), 8038+ // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479 8039+ // Subject: O=Digicert Sdn. Bhd. 8040+ // Issuer: CN=GTE CyberTrust Global Root 8041+ "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(), 8042+ // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org 8043+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 8044+ "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), 8045+ // Subject: CN=*.EGO.GOV.TR 93 8046+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri 8047+ "783333c9687df63377efceddd82efa9101913e8e".getBytes(), 8048+ // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL 8049+ // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification 8050+ "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes() 8051+ )); 8052+ 8053+ // attempt to augment it with values taken from gservices 8054+ String pubkeyBlacklist = readBlacklist(path); 8055+ if (!pubkeyBlacklist.equals("")) { 8056+ for (String value : pubkeyBlacklist.split(",")) { 8057+ value = value.trim(); 8058+ if (isPubkeyHash(value)) { 8059+ bl.add(value.getBytes()); 8060+ } else { 8061+ logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value); 8062+ } 8063+ } 8064+ } 8065+ 8066+ return bl; 8067+ } 8068+ 8069+ public boolean isPublicKeyBlackListed(PublicKey publicKey) { 8070+ byte[] encoded = publicKey.getEncoded(); 8071+ Digest digest = AndroidDigestFactory.getSHA1(); 8072+ digest.update(encoded, 0, encoded.length); 8073+ byte[] out = new byte[digest.getDigestSize()]; 8074+ digest.doFinal(out, 0); 8075+ for (byte[] blacklisted : pubkeyBlacklist) { 8076+ if (Arrays.equals(blacklisted, Hex.encode(out))) { 8077+ return true; 8078+ } 8079+ } 8080+ return false; 8081+ } 8082+ 8083+ public boolean isSerialNumberBlackListed(BigInteger serial) { 8084+ return serialBlacklist.contains(serial); 8085+ } 8086+ 8087+} 8088diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 8089--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-03-01 12:03:02.000000000 +0000 8090+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-04-09 13:10:16.000000000 +0000 8091@@ -35,6 +35,7 @@ 8092 import java.util.List; 8093 import java.util.Map; 8094 import java.util.Set; 8095+import javax.security.auth.x500.X500Principal; 8096 8097 import org.bouncycastle.asn1.ASN1Encodable; 8098 import org.bouncycastle.asn1.ASN1Enumerated; 8099@@ -73,7 +74,9 @@ 8100 import org.bouncycastle.util.Store; 8101 import org.bouncycastle.util.StoreException; 8102 import org.bouncycastle.x509.X509AttributeCertificate; 8103-import org.bouncycastle.x509.extension.X509ExtensionUtil; 8104+// BEGIN android-removed 8105+// import org.bouncycastle.x509.extension.X509ExtensionUtil; 8106+// END android-removed 8107 8108 class CertPathValidatorUtilities 8109 { 8110@@ -653,20 +656,22 @@ 8111 { 8112 Object obj = iter.next(); 8113 8114- if (obj instanceof Store) 8115- { 8116- Store certStore = (Store)obj; 8117- try 8118- { 8119- certs.addAll(certStore.getMatches(certSelect)); 8120- } 8121- catch (StoreException e) 8122- { 8123- throw new AnnotatedException( 8124- "Problem while picking certificates from X.509 store.", e); 8125- } 8126- } 8127- else 8128+ // BEGIN android-removed 8129+ // if (obj instanceof X509Store) 8130+ // { 8131+ // X509Store certStore = (X509Store)obj; 8132+ // try 8133+ // { 8134+ // certs.addAll(certStore.getMatches(certSelect)); 8135+ // } 8136+ // catch (StoreException e) 8137+ // { 8138+ // throw new AnnotatedException( 8139+ // "Problem while picking certificates from X.509 store.", e); 8140+ // } 8141+ // } 8142+ // else 8143+ // END android-removed 8144 { 8145 CertStore certStore = (CertStore)obj; 8146 8147@@ -715,7 +720,14 @@ 8148 8149 for (int j = 0; j < genNames.length; j++) 8150 { 8151- PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]); 8152+ // BEGIN android-removed 8153+ // PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]); 8154+ // END android-removed 8155+ // BEGIN android-added 8156+ // Seems like a bug, unless there should be a guarantee that j < i, 8157+ // However, it's breaking the tests. 8158+ PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]); 8159+ // END android-added 8160 if (store != null) 8161 { 8162 stores.add(store); 8163@@ -888,8 +900,20 @@ 8164 { 8165 return; 8166 } 8167- 8168- X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded()); 8169+ // BEGIN android-removed 8170+ // X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded()); 8171+ // END android-removed 8172+ // BEGIN android-added 8173+ // The original code throws null pointer exception for OpenSSLX509CRL, 8174+ // which uses the implementation for getCertificateIssuer() in X509CRL, method 8175+ // whose reference implementation has the following JavaDoc: "If the certificate 8176+ // issuer is also the CRL issuer, this method returns null." 8177+ X500Name certIssuer = null; 8178+ X500Principal certificateIssuerPrincipal = crl_entry.getCertificateIssuer(); 8179+ if (certificateIssuerPrincipal != null) { 8180+ certIssuer = X500Name.getInstance(certificateIssuerPrincipal.getEncoded()); 8181+ } 8182+ // END android-added 8183 8184 if (certIssuer == null) 8185 { 8186diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 8187--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2015-03-01 12:03:02.000000000 +0000 8188+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2014-07-28 19:51:54.000000000 +0000 8189@@ -19,8 +19,10 @@ 8190 import org.bouncycastle.asn1.ASN1Sequence; 8191 import org.bouncycastle.asn1.DERBitString; 8192 import org.bouncycastle.asn1.DERNull; 8193-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8194-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8195+// BEGIN android-removed 8196+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8197+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8198+// END android-removed 8199 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; 8200 import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; 8201 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8202@@ -202,21 +204,23 @@ 8203 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); 8204 X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); 8205 8206- if (ecP == null) // GOST Curve 8207- { 8208- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 8209- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 8210- 8211- ecSpec = new ECNamedCurveSpec( 8212- ECGOST3410NamedCurves.getName(oid), 8213- ellipticCurve, 8214- new ECPoint( 8215- gParam.getG().getAffineXCoord().toBigInteger(), 8216- gParam.getG().getAffineYCoord().toBigInteger()), 8217- gParam.getN(), 8218- gParam.getH()); 8219- } 8220- else 8221+ // BEGIN android-removed 8222+ // if (ecP == null) // GOST Curve 8223+ // { 8224+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); 8225+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); 8226+ // 8227+ // ecSpec = new ECNamedCurveSpec( 8228+ // ECGOST3410NamedCurves.getName(oid), 8229+ // ellipticCurve, 8230+ // new ECPoint( 8231+ // gParam.getG().getAffineXCoord().toBigInteger(), 8232+ // gParam.getG().getAffineYCoord().toBigInteger()), 8233+ // gParam.getN(), 8234+ // gParam.getH()); 8235+ // } 8236+ // else 8237+ // END android-removed 8238 { 8239 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); 8240 8241@@ -330,11 +334,13 @@ 8242 8243 try 8244 { 8245- if (algorithm.equals("ECGOST3410")) 8246- { 8247- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8248- } 8249- else 8250+ // BEGIN android-removed 8251+ // if (algorithm.equals("ECGOST3410")) 8252+ // { 8253+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8254+ // } 8255+ // else 8256+ // END android-removed 8257 { 8258 8259 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); 8260diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 8261--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2015-03-01 12:03:02.000000000 +0000 8262+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 2014-07-28 19:51:54.000000000 +0000 8263@@ -18,9 +18,11 @@ 8264 import org.bouncycastle.asn1.DERBitString; 8265 import org.bouncycastle.asn1.DERNull; 8266 import org.bouncycastle.asn1.DEROctetString; 8267-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8268-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8269-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 8270+// BEGIN android-removed 8271+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8272+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; 8273+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; 8274+// END android-removed 8275 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8276 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 8277 import org.bouncycastle.asn1.x9.X962Parameters; 8278@@ -33,9 +35,13 @@ 8279 import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; 8280 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; 8281 import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; 8282-import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 8283+// BEGIN android-removed 8284+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable; 8285+// END android-removed 8286 import org.bouncycastle.jce.interfaces.ECPointEncoder; 8287-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 8288+// BEGIN android-removed 8289+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; 8290+// END android-removed 8291 import org.bouncycastle.jce.spec.ECNamedCurveSpec; 8292 import org.bouncycastle.math.ec.ECCurve; 8293 import org.bouncycastle.math.ec.custom.sec.SecP256K1Point; 8294@@ -48,7 +54,9 @@ 8295 private org.bouncycastle.math.ec.ECPoint q; 8296 private ECParameterSpec ecSpec; 8297 private boolean withCompression; 8298- private GOST3410PublicKeyAlgParameters gostParams; 8299+ // BEGIN android-removed 8300+ // private GOST3410PublicKeyAlgParameters gostParams; 8301+ // END android-removed 8302 8303 public JCEECPublicKey( 8304 String algorithm, 8305@@ -58,7 +66,9 @@ 8306 this.q = key.q; 8307 this.ecSpec = key.ecSpec; 8308 this.withCompression = key.withCompression; 8309- this.gostParams = key.gostParams; 8310+ // BEGIN android-removed 8311+ // this.gostParams = key.gostParams; 8312+ // END android-removed 8313 } 8314 8315 public JCEECPublicKey( 8316@@ -181,54 +191,55 @@ 8317 8318 private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) 8319 { 8320- if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 8321- { 8322- DERBitString bits = info.getPublicKeyData(); 8323- ASN1OctetString key; 8324- this.algorithm = "ECGOST3410"; 8325- 8326- try 8327- { 8328- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 8329- } 8330- catch (IOException ex) 8331- { 8332- throw new IllegalArgumentException("error recovering public key"); 8333- } 8334- 8335- byte[] keyEnc = key.getOctets(); 8336- byte[] x = new byte[32]; 8337- byte[] y = new byte[32]; 8338- 8339- for (int i = 0; i != x.length; i++) 8340- { 8341- x[i] = keyEnc[32 - 1 - i]; 8342- } 8343- 8344- for (int i = 0; i != y.length; i++) 8345- { 8346- y[i] = keyEnc[64 - 1 - i]; 8347- } 8348- 8349- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 8350- 8351- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 8352- 8353- ECCurve curve = spec.getCurve(); 8354- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 8355- 8356- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 8357- 8358- ecSpec = new ECNamedCurveSpec( 8359- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 8360- ellipticCurve, 8361- new ECPoint( 8362- spec.getG().getAffineXCoord().toBigInteger(), 8363- spec.getG().getAffineYCoord().toBigInteger()), 8364- spec.getN(), spec.getH()); 8365- 8366- } 8367- else 8368+ // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) 8369+ // { 8370+ // DERBitString bits = info.getPublicKeyData(); 8371+ // ASN1OctetString key; 8372+ // this.algorithm = "ECGOST3410"; 8373+ // 8374+ // try 8375+ // { 8376+ // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); 8377+ // } 8378+ // catch (IOException ex) 8379+ // { 8380+ // throw new IllegalArgumentException("error recovering public key"); 8381+ // } 8382+ // 8383+ // byte[] keyEnc = key.getOctets(); 8384+ // byte[] x = new byte[32]; 8385+ // byte[] y = new byte[32]; 8386+ // 8387+ // for (int i = 0; i != x.length; i++) 8388+ // { 8389+ // x[i] = keyEnc[32 - 1 - i]; 8390+ // } 8391+ // 8392+ // for (int i = 0; i != y.length; i++) 8393+ // { 8394+ // y[i] = keyEnc[64 - 1 - i]; 8395+ // } 8396+ // 8397+ // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); 8398+ // 8399+ // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); 8400+ // 8401+ // ECCurve curve = spec.getCurve(); 8402+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); 8403+ // 8404+ // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); 8405+ // 8406+ // ecSpec = new ECNamedCurveSpec( 8407+ // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), 8408+ // ellipticCurve, 8409+ // new ECPoint( 8410+ // spec.getG().getAffineXCoord().toBigInteger(), 8411+ // spec.getG().getAffineYCoord().toBigInteger()), 8412+ // spec.getN(), spec.getH()); 8413+ // 8414+ // } 8415+ // else 8416+ // END android-removed 8417 { 8418 X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); 8419 ECCurve curve; 8420@@ -317,52 +328,54 @@ 8421 ASN1Encodable params; 8422 SubjectPublicKeyInfo info; 8423 8424- if (algorithm.equals("ECGOST3410")) 8425- { 8426- if (gostParams != null) 8427- { 8428- params = gostParams; 8429- } 8430- else 8431- { 8432- if (ecSpec instanceof ECNamedCurveSpec) 8433- { 8434- params = new GOST3410PublicKeyAlgParameters( 8435- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 8436- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 8437- } 8438- else 8439- { // strictly speaking this may not be applicable... 8440- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 8441- 8442- X9ECParameters ecP = new X9ECParameters( 8443- curve, 8444- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 8445- ecSpec.getOrder(), 8446- BigInteger.valueOf(ecSpec.getCofactor()), 8447- ecSpec.getCurve().getSeed()); 8448- 8449- params = new X962Parameters(ecP); 8450- } 8451- } 8452- 8453- BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 8454- BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 8455- byte[] encKey = new byte[64]; 8456- 8457- extractBytes(encKey, 0, bX); 8458- extractBytes(encKey, 32, bY); 8459- 8460- try 8461- { 8462- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 8463- } 8464- catch (IOException e) 8465- { 8466- return null; 8467- } 8468- } 8469- else 8470+ // BEGIN android-removed 8471+ // if (algorithm.equals("ECGOST3410")) 8472+ // { 8473+ // if (gostParams != null) 8474+ // { 8475+ // params = gostParams; 8476+ // } 8477+ // else 8478+ // { 8479+ // if (ecSpec instanceof ECNamedCurveSpec) 8480+ // { 8481+ // params = new GOST3410PublicKeyAlgParameters( 8482+ // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), 8483+ // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); 8484+ // } 8485+ // else 8486+ // { // strictly speaking this may not be applicable... 8487+ // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); 8488+ // 8489+ // X9ECParameters ecP = new X9ECParameters( 8490+ // curve, 8491+ // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), 8492+ // ecSpec.getOrder(), 8493+ // BigInteger.valueOf(ecSpec.getCofactor()), 8494+ // ecSpec.getCurve().getSeed()); 8495+ // 8496+ // params = new X962Parameters(ecP); 8497+ // } 8498+ // } 8499+ // 8500+ // BigInteger bX = this.q.getAffineXCoord().toBigInteger(); 8501+ // BigInteger bY = this.q.getAffineYCoord().toBigInteger(); 8502+ // byte[] encKey = new byte[64]; 8503+ // 8504+ // extractBytes(encKey, 0, bX); 8505+ // extractBytes(encKey, 32, bY); 8506+ // 8507+ // try 8508+ // { 8509+ // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); 8510+ // } 8511+ // catch (IOException e) 8512+ // { 8513+ // return null; 8514+ // } 8515+ // } 8516+ // else 8517+ // END android-removed 8518 { 8519 if (ecSpec instanceof ECNamedCurveSpec) 8520 { 8521diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 8522--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-03-01 12:03:02.000000000 +0000 8523+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-04-09 13:10:16.000000000 +0000 8524@@ -88,22 +88,24 @@ 8525 { 8526 Object obj = iter.next(); 8527 8528- if (obj instanceof Store) 8529- { 8530- Store store = (Store)obj; 8531+ // BEGIN android-removed 8532+ // if (obj instanceof Store) 8533+ // { 8534+ // Store store = (Store)obj; 8535 8536- try 8537- { 8538- crls.addAll(store.getMatches(crlSelect)); 8539- foundValidStore = true; 8540- } 8541- catch (StoreException e) 8542- { 8543- lastException = new AnnotatedException( 8544- "Exception searching in X.509 CRL store.", e); 8545- } 8546- } 8547- else 8548+ // try 8549+ // { 8550+ // crls.addAll(store.getMatches(crlSelect)); 8551+ // foundValidStore = true; 8552+ // } 8553+ // catch (StoreException e) 8554+ // { 8555+ // lastException = new AnnotatedException( 8556+ // "Exception searching in X.509 CRL store.", e); 8557+ // } 8558+ // } 8559+ // else 8560+ // END android-removed 8561 { 8562 CertStore store = (CertStore)obj; 8563 8564diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 8565--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-03-01 12:03:02.000000000 +0000 8566+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-04-24 13:59:41.000000000 +0000 8567@@ -1,5 +1,8 @@ 8568 package org.bouncycastle.jce.provider; 8569 8570+// BEGIN android-added 8571+import java.math.BigInteger; 8572+// END android-added 8573 import java.security.InvalidAlgorithmParameterException; 8574 import java.security.PublicKey; 8575 import java.security.cert.CertPath; 8576@@ -41,6 +44,11 @@ 8577 public PKIXCertPathValidatorSpi() 8578 { 8579 } 8580+ // BEGIN android-added 8581+ private static class NoPreloadHolder { 8582+ private final static CertBlacklist blacklist = new CertBlacklist(); 8583+ } 8584+ // END android-added 8585 8586 public CertPathValidatorResult engineValidate( 8587 CertPath certPath, 8588@@ -73,10 +81,18 @@ 8589 { 8590 paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters(); 8591 } 8592- else 8593+ // BEGIN android-changed 8594+ // else 8595+ else if (params instanceof PKIXExtendedParameters) 8596+ // END android-changed 8597 { 8598 paramsPKIX = (PKIXExtendedParameters)params; 8599 } 8600+ // BEGIN android-added 8601+ else { 8602+ throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters"); 8603+ } 8604+ // END android-added 8605 8606 if (paramsPKIX.getTrustAnchors() == null) 8607 { 8608@@ -98,6 +114,22 @@ 8609 { 8610 throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); 8611 } 8612+ // BEGIN android-added 8613+ { 8614+ X509Certificate cert = (X509Certificate) certs.get(0); 8615+ 8616+ if (cert != null) { 8617+ BigInteger serial = cert.getSerialNumber(); 8618+ if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) { 8619+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8620+ String message = "Certificate revocation of serial 0x" + serial.toString(16); 8621+ System.out.println(message); 8622+ AnnotatedException e = new AnnotatedException(message); 8623+ throw new CertPathValidatorException(e.getMessage(), e, certPath, 0); 8624+ } 8625+ } 8626+ } 8627+ // END android-added 8628 8629 // 8630 // (b) 8631@@ -277,6 +309,15 @@ 8632 8633 for (index = certs.size() - 1; index >= 0; index--) 8634 { 8635+ // BEGIN android-added 8636+ if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { 8637+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs 8638+ String message = "Certificate revocation of public key " + workingPublicKey; 8639+ System.out.println(message); 8640+ AnnotatedException e = new AnnotatedException(message); 8641+ throw new CertPathValidatorException(e.getMessage(), e, certPath, index); 8642+ } 8643+ // END android-added 8644 // try 8645 // { 8646 // 8647diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 8648--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000 8649+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-31 02:26:40.000000000 +0000 8650@@ -57,6 +57,9 @@ 8651 import org.bouncycastle.asn1.x509.Extensions; 8652 import org.bouncycastle.asn1.x509.GeneralName; 8653 import org.bouncycastle.asn1.x509.KeyUsage; 8654+// BEGIN android-added 8655+import org.bouncycastle.asn1.x509.X509Name; 8656+// END android-added 8657 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 8658 import org.bouncycastle.jce.X509Principal; 8659 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 8660@@ -562,12 +565,20 @@ 8661 } 8662 } 8663 8664+ // BEGIN android-changed 8665+ private byte[] encoded; 8666+ // END android-changed 8667 public byte[] getEncoded() 8668 throws CertificateEncodingException 8669 { 8670 try 8671 { 8672- return c.getEncoded(ASN1Encoding.DER); 8673+ // BEGIN android-changed 8674+ if (encoded == null) { 8675+ encoded = c.getEncoded(ASN1Encoding.DER); 8676+ } 8677+ return encoded; 8678+ // END android-changed 8679 } 8680 catch (IOException e) 8681 { 8682@@ -858,7 +869,9 @@ 8683 list.add(genName.getEncoded()); 8684 break; 8685 case GeneralName.directoryName: 8686- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); 8687+ // BEGIN android-changed 8688+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 8689+ // END android-changed 8690 break; 8691 case GeneralName.dNSName: 8692 case GeneralName.rfc822Name: 8693diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 8694--- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000 8695+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 2014-07-28 19:51:54.000000000 +0000 8696@@ -14,7 +14,9 @@ 8697 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 8698 import org.bouncycastle.asn1.ASN1Sequence; 8699 import org.bouncycastle.asn1.DERNull; 8700-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8701+// BEGIN android-removed 8702+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8703+// END android-removed 8704 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8705 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8706 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8707@@ -66,12 +68,14 @@ 8708 8709 if (params != null && !derNull.equals(params)) 8710 { 8711- if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8712- { 8713- RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8714- 8715- return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 8716- } 8717+ // BEGIN android-removed 8718+ // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 8719+ // { 8720+ // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 8721+ // 8722+ // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 8723+ // } 8724+ // END android-removed 8725 if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 8726 { 8727 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 8728@@ -114,22 +118,24 @@ 8729 { 8730 return "SHA512"; 8731 } 8732- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8733- { 8734- return "RIPEMD128"; 8735- } 8736- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8737- { 8738- return "RIPEMD160"; 8739- } 8740- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8741- { 8742- return "RIPEMD256"; 8743- } 8744- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8745- { 8746- return "GOST3411"; 8747- } 8748+ // BEGIN android-removed 8749+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 8750+ // { 8751+ // return "RIPEMD128"; 8752+ // } 8753+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 8754+ // { 8755+ // return "RIPEMD160"; 8756+ // } 8757+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 8758+ // { 8759+ // return "RIPEMD256"; 8760+ // } 8761+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 8762+ // { 8763+ // return "GOST3411"; 8764+ // } 8765+ // END android-removed 8766 else 8767 { 8768 return digestAlgOID.getId(); 8769diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 8770--- bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java 2015-03-01 12:03:02.000000000 +0000 8771+++ bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 2014-07-28 19:51:54.000000000 +0000 8772@@ -25,12 +25,16 @@ 8773 import org.bouncycastle.asn1.ASN1Integer; 8774 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 8775 import org.bouncycastle.asn1.DERNull; 8776-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8777+// BEGIN android-removed 8778+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 8779+// END android-removed 8780 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 8781 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 8782 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 8783 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 8784-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8785+// BEGIN android-removed 8786+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 8787+// END android-removed 8788 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 8789 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 8790 import org.bouncycastle.jce.X509Principal; 8791@@ -44,8 +48,10 @@ 8792 8793 static 8794 { 8795- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8796- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8797+ // BEGIN android-removed 8798+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); 8799+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); 8800+ // END android-removed 8801 algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); 8802 algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); 8803 algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); 8804@@ -63,12 +69,14 @@ 8805 algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8806 algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8807 algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 8808- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8809- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8810- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8811- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8812- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8813- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8814+ // BEGIN android-removed 8815+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8816+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); 8817+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8818+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); 8819+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8820+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); 8821+ // END android-removed 8822 algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); 8823 algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); 8824 algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 8825@@ -81,11 +89,13 @@ 8826 algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 8827 algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 8828 algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 8829- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8830- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8831- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8832- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8833- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8834+ // BEGIN android-removed 8835+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8836+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8837+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8838+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8839+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8840+ // END android-removed 8841 8842 // 8843 // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 8844@@ -105,8 +115,10 @@ 8845 // 8846 // RFC 4491 8847 // 8848- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8849- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8850+ // BEGIN android-removed 8851+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 8852+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 8853+ // END android-removed 8854 8855 // 8856 // explicit params 8857