1c380ab9c5d55b5ace5ebefe6969e64d8259c970 - platform/external/bouncycastle

commit	1c380ab9c5d55b5ace5ebefe6969e64d8259c970	[log] [tgz]
author	Kenny Root <kroot@google.com>	Wed Jun 10 15:51:41 2015 -0700
committer	Kenny Root <kroot@google.com>	Wed Jun 10 16:12:17 2015 -0700
tree	183b77cabf6e4ddefd819f855d3413cba2646628
parent	0d5d3541c94c2fc81d1668bb6b0f4e2d3a666746 [diff]

Do not blacklist serial numbers that are too short

Baseline Requirements say the serial number must have 20-bits of
entropy, but some certificates are issued not in compliance. This causes
issues where they are falsely marked as blacklisted. Until there is
issuer + serial number matching, we can just use the pubkey matching for
the certificates that are blacklisted with non-compliant serial numbers.

Bug: 21736046
Change-Id: I66b1e94f2c67ddd3b6fe690331f8fb12e16a8bc0

bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java[diff]
patches/bcprov.patch[diff]

2 files changed

tree: 183b77cabf6e4ddefd819f855d3413cba2646628

bcpkix/
bcprov/
patches/
Android.mk
bouncycastle.config
bouncycastle.version
CleanSpec.mk
import_bouncycastle.sh
jarjar-rules.txt
MODULE_LICENSE_BSD_LIKE
NOTICE
README.android