Merge "Do not accept null password in PKCS12KeyStoreSpi#engineStore." am: 28da8c1313 am: b4d2aa4fad am: 07ef9e0b31
Original change: https://android-review.googlesource.com/c/platform/external/bouncycastle/+/1622887
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I4680afa52638dab0713bcc3bec06a00538698df4
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index 4969e8a..4c3e480 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -1306,6 +1306,14 @@
private void doStore(OutputStream stream, char[] password, boolean useDEREncoding)
throws IOException
{
+ // BEGIN Android-changed: Upstream allows null passwords, but we maintain historical Android
+ // behaviour.
+ // See CtsKeystoreTestCases:android.keystore.cts.KeyStoreTest
+ if (password == null)
+ {
+ throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+ }
+ /*
if (keys.size() == 0)
{
if (password == null)
@@ -1358,6 +1366,9 @@
throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
}
}
+ */
+ // END Android-changed: Upstream allows null passwords, but we maintain historical Android
+ // behaviour.
//
// handle the key
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index f53f8df..fb5f2fd 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -1310,6 +1310,14 @@
private void doStore(OutputStream stream, char[] password, boolean useDEREncoding)
throws IOException
{
+ // BEGIN Android-changed: Upstream allows null passwords, but we maintain historical Android
+ // behaviour.
+ // See CtsKeystoreTestCases:android.keystore.cts.KeyStoreTest
+ if (password == null)
+ {
+ throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+ }
+ /*
if (keys.size() == 0)
{
if (password == null)
@@ -1362,6 +1370,9 @@
throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
}
}
+ */
+ // END Android-changed: Upstream allows null passwords, but we maintain historical Android
+ // behaviour.
//
// handle the key
diff --git a/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index 0b4e2d9..d589795 100644
--- a/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -1310,6 +1310,14 @@
private void doStore(OutputStream stream, char[] password, boolean useDEREncoding)
throws IOException
{
+ // BEGIN Android-changed: Upstream allows null passwords, but we maintain historical Android
+ // behaviour.
+ // See CtsKeystoreTestCases:android.keystore.cts.KeyStoreTest
+ if (password == null)
+ {
+ throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+ }
+ /*
if (keys.size() == 0)
{
if (password == null)
@@ -1362,6 +1370,9 @@
throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
}
}
+ */
+ // END Android-changed: Upstream allows null passwords, but we maintain historical Android
+ // behaviour.
//
// handle the key