BaseBlockCipher: do not use PKCS12 for BCPBEKeys without IV

Also, for such keys, do not create a random IV nor throw an exception
when decrypting, just assume the IV is 0.

(cherry picked from commit 6ba5cb51e71a3b359d6bc5815f3d378336a51cb6)

Bug: 27224566
Bug: 27994930
Bug: 27995180
Change-Id: I57f0bdfc2b354a748dc6f78aaf01ed557732644d
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
index 9fdbafd..fd9b9a9 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
@@ -485,6 +485,14 @@
         }
     }
 
+    // BEGIN android-added
+    // TODO(27995180): This might need to be removed if we drop support for BCPBE keys without IV
+    // in PKCS12
+    private boolean isBCPBEKeyWithoutIV(Key key) {
+        return (key instanceof BCPBEKey) && !(((BCPBEKey)key).getParam() instanceof ParametersWithIV);
+    }
+    // END android-added
+
     protected void engineInit(
         int                     opmode,
         Key                     key,
@@ -518,7 +526,12 @@
         //
         // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it).
         //
-        if (scheme == PKCS12 || key instanceof PKCS12Key)
+        // BEGIN android-changed
+        // Was: if (scheme == PKCS12 || key instanceof PKCS12Key)
+        // If the key is a BCPBE one without an IV, ignore the fact that the scheme is PKCS12.
+        // TODO(27995180): consider whether we want to keep support for these keys and PKCS12.
+        if ((scheme == PKCS12 || key instanceof PKCS12Key) && !isBCPBEKeyWithoutIV(key))
+        // END android-changed
         {
             SecretKey k;
             try
@@ -566,7 +579,13 @@
                 }
                 else
                 {
-                    param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+                    // BEGIN android-changed
+                    // Was: param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+                    // TODO(27995180): consider rejecting such keys for PKCS12
+                    // See above for the android-changed with a TODO for the same bug that makes
+                    // this code unreachable.
+                    // END android-changed
+                    throw new IllegalStateException("Unreachable code");
                 }
             }
             else
@@ -814,18 +833,35 @@
             {
                 ivRandom = new SecureRandom();
             }
-
             if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE))
             {
                 byte[]  iv = new byte[ivLength];
 
-                ivRandom.nextBytes(iv);
+                // BEGIN android-changed
+                // Was: ivRandom.nextBytes(iv);
+                // TODO(27995180): for such keys, consider whether we want to reject them or
+                // allow them if the IV is passed in the parameters
+                if (!isBCPBEKeyWithoutIV(key)) {
+                    ivRandom.nextBytes(iv);
+                }
+                // END android-changed
                 param = new ParametersWithIV(param, iv);
                 ivParam = (ParametersWithIV)param;
             }
             else if (cipher.getUnderlyingCipher().getAlgorithmName().indexOf("PGPCFB") < 0)
             {
-                throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                // BEGIN android-changed
+                // Was: throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                // TODO(27995180): for such keys, consider whether we want to reject them or
+                // allow them if the IV is passed in the parameters
+                if (!isBCPBEKeyWithoutIV(key)) {
+                    throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                } else {
+                    // Mimic behaviour in 1.52 by using an IV of 0's
+                    param = new ParametersWithIV(param, new byte[ivLength]);
+                    ivParam = (ParametersWithIV)param;
+                }
+                // END android-changed
             }
         }