commit 5807a4a5f96af3fca8def98793f25fcdad00c6cf
author Kenny Root <kroot@google.com> Mon May 11 17:18:51 2015 -0700
committer Kenny Root <kroot@google.com> Wed May 13 10:46:17 2015 -0700
tree 8ba59018667697d449b7819b1668f8b806ee82ac
parent 367fb0bc4adc380cbe1f1a82c2a975dbf834be4c

Change Bouncycastle default AES key size to 128

The default of 192 bit keys was the worst of all choices. 128-bit
runs faster on mobile devices.

(cherry picked from commit ac2a5751dc9578b1f2a8d99906e435993d36c8d6)

Bug: 21085656
Change-Id: Ie4d15ea35e46a157f8c0d43a91e699135e2c58d1

bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
index 630a3ca..00b80aa 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
@@ -208,7 +208,9 @@
     {
         public KeyGen()
         {
-            this(192);
+            // BEGIN android-changed
+            this(128);
+            // END android-changed
         }
 
         public KeyGen(int keySize)

patches/bcprov.patch

diff --git a/patches/bcprov.patch b/patches/bcprov.patch
index cf0cb72..e4009ac 100644
--- a/patches/bcprov.patch
+++ b/patches/bcprov.patch
@@ -4290,7 +4290,18 @@
  
      /**
       * PBEWithAES-CBC
-@@ -199,32 +217,34 @@
+@@ -190,7 +208,9 @@
+     {
+         public KeyGen()
+         {
+-            this(192);
++            // BEGIN android-changed
++            this(128);
++            // END android-changed
+         }
+ 
+         public KeyGen(int keySize)
+@@ -199,32 +219,34 @@
          }
      }
  
@@ -4351,7 +4362,7 @@
      
      /**
       * PBEWithSHA1And128BitAES-BC
-@@ -334,119 +354,121 @@
+@@ -334,119 +356,121 @@
          }
      }
      
@@ -4586,7 +4597,7 @@
  
      public static class AlgParams
          extends IvAlgorithmParameters
-@@ -545,80 +567,82 @@
+@@ -545,80 +569,82 @@
          }
      }
  
@@ -4743,7 +4754,7 @@
  
      public static class Mappings
          extends SymmetricAlgorithmProvider
-@@ -652,58 +676,63 @@
+@@ -652,58 +678,63 @@
              provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
              provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
              provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
@@ -4849,7 +4860,7 @@
  
              provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM");
              provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
-@@ -711,33 +740,35 @@
+@@ -711,33 +742,35 @@
              provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
  
              provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen");
@@ -4912,7 +4923,7 @@
              
              provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC");
              provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC");
-@@ -816,8 +847,10 @@
+@@ -816,8 +849,10 @@
              provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE");
              provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE");